tests/cfgs/default/result/tls_torrent.pcapng.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

DPI Packets (TCP):	7	(7.00 pkts/flow)
Confidence DPI              : 1 (flows)
Num dissector calls: 1 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
LRU cache fpc_dns:    0/1/0 (insert/search/found)
Automa host:          1/1 (search/found)
Automa domain:        1/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   2/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

BitTorrent	7	6308	1

Acceptable                       7 6308          1            

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 10.10.10.1               	 1      


	1	TCP 10.10.10.1:443 <-> 192.168.0.1:58842 [proto: 91.37/TLS.BitTorrent][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: Download/7][6 pkts/5922 bytes <-> 1 pkts/386 bytes][Goodput ratio: 94/86][0.16 sec][Hostname/SNI: web.utorrent.com][bytes ratio: 0.878 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/0 147/0 58/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/386 987/386 1454/386 651/0][Risk: ** TLS (probably) Not Carrying HTTPS **** Malicious JA3 Fingerp. **][Risk Score: 60][Risk Info: fd80fa9c6120cdeea8520510f3c644ac / No ALPN][TLSv1.2][JA3C: fd80fa9c6120cdeea8520510f3c644ac][JA4: t12d860600_e18388e7f3a3_a1e935682795][ServerNames: *.utorrent.com,utorrent.com][JA3S: 6f84bbe9810ec4ea9061cc1a02eaf83c][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: CN=*.utorrent.com][Certificate SHA-1: E4:8F:E4:15:C7:D0:B7:EA:E6:F6:B1:B4:40:F0:13:D1:5E:7F:64:E8][Firefox][Validity: 2021-09-27 07:16:05 - 2022-09-24 22:26:57][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,60,0,0,0,0]