summaryrefslogtreecommitdiff
path: root/test/results/flow-info/WebattackXSS.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/WebattackXSS.pcap.out')
-rw-r--r--test/results/flow-info/WebattackXSS.pcap.out1492
1 files changed, 746 insertions, 746 deletions
diff --git a/test/results/flow-info/WebattackXSS.pcap.out b/test/results/flow-info/WebattackXSS.pcap.out
index 659a93532..45eb25526 100644
--- a/test/results/flow-info/WebattackXSS.pcap.out
+++ b/test/results/flow-info/WebattackXSS.pcap.out
@@ -2,18 +2,18 @@
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [.....172.16.0.1][52098] -> [..192.168.10.50][...80]
- detected: [.....1] [ip4][..tcp] [.....172.16.0.1][52098] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [.....1] [ip4][..tcp] [.....172.16.0.1][52098] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [.....2] [ip4][..tcp] [.....172.16.0.1][52100] -> [..192.168.10.50][...80]
new: [.....3] [ip4][..tcp] [.....172.16.0.1][52118] -> [..192.168.10.50][...80]
new: [.....4] [ip4][..tcp] [.....172.16.0.1][52120] -> [..192.168.10.50][...80]
new: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80]
- detected: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [.....6] [ip4][..tcp] [.....172.16.0.1][52202] -> [..192.168.10.50][...80]
new: [.....7] [ip4][..tcp] [.....172.16.0.1][52220] -> [..192.168.10.50][...80]
new: [.....8] [ip4][..tcp] [.....172.16.0.1][52222] -> [..192.168.10.50][...80]
- analyse: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.805| 0.259| 0.699| 488344.093| 2.400]
[PKTLEN......: 52.000| 7978.000| 572.000| 1374.100| 1888110.000| 3.400]
@@ -24,12 +24,12 @@
[PKTLENS.....: 60,60,52,361,52,564,52,394,1184,417,793,440,1500,7978,52,52,52,52,363,557,52,393,557,52,611,415,52,409,573,52,52,52]
[ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,5.8,4.9,6.0,7.5,6.0,7.3,5.9,7.6,8.0,4.9,4.9,4.9,4.9,6.0,5.8,5.0,6.0,5.8,4.9,5.9,5.7,4.9,6.0,5.8,5.0,5.1,4.9]
new: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80]
- detected: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80]
new: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80]
new: [....12] [ip4][..tcp] [.....172.16.0.1][52320] -> [..192.168.10.50][...80]
- analyse: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.856| 0.080| 0.207| 42651.251| 2.700]
[PKTLEN......: 52.000| 4396.000| 613.000| 1050.300| 1103191.500| 3.700]
@@ -39,10 +39,10 @@
[IATS(ms)....: 0.2,0.9,0.0,0.9,1.5,2.1,20.7,25.9,42.5,6.0,44.4,1.3,0.2,1.3,0.1,0.1,1.2,0.3,0.4,68.6,70.5,37.8,60.4,98.3,1.1,851.7,856.3,4.6,109.7,139.3,29.5]
[PKTLENS.....: 60,60,52,361,52,564,52,394,1186,52,417,793,52,440,4396,4396,738,52,52,52,363,557,52,393,557,52,611,415,52,435,1856,52]
[ENTROPIES...: 4.6,5.1,4.9,5.9,4.8,5.7,4.9,5.9,7.4,4.9,5.9,7.2,4.9,5.9,7.9,7.9,7.7,4.9,4.9,4.8,5.9,5.8,4.8,5.9,5.8,4.8,5.9,5.7,4.9,5.9,7.8,5.0]
- detected: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
- detected: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ detected: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [....13] [ip4][..tcp] [.....172.16.0.1][52386] -> [..192.168.10.50][...80]
new: [....14] [ip4][..tcp] [.....172.16.0.1][52400] -> [..192.168.10.50][...80]
new: [....15] [ip4][..tcp] [.....172.16.0.1][52414] -> [..192.168.10.50][...80]
@@ -74,12 +74,12 @@
new: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80]
new: [....42] [ip4][..tcp] [.....172.16.0.1][52924] -> [..192.168.10.50][...80]
new: [....43] [ip4][..tcp] [.....172.16.0.1][52938] -> [..192.168.10.50][...80]
- detected: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [....44] [ip4][..tcp] [.....172.16.0.1][52964] -> [..192.168.10.50][...80]
new: [....45] [ip4][..tcp] [.....172.16.0.1][52978] -> [..192.168.10.50][...80]
new: [....46] [ip4][..tcp] [.....172.16.0.1][53004] -> [..192.168.10.50][...80]
- analyse: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.809| 0.610| 0.941| 885441.823| 3.700]
[PKTLEN......: 52.000| 1921.000| 716.800| 755.700| 571022.900| 4.200]
@@ -103,13 +103,13 @@
new: [....58] [ip4][..tcp] [.....172.16.0.1][53220] -> [..192.168.10.50][...80]
new: [....59] [ip4][..tcp] [.....172.16.0.1][53246] -> [..192.168.10.50][...80]
new: [....60] [ip4][..tcp] [.....172.16.0.1][53260] -> [..192.168.10.50][...80]
- end: [.....1] [ip4][..tcp] [.....172.16.0.1][52098] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [.....2] [ip4][..tcp] [.....172.16.0.1][52100] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [.....1] [ip4][..tcp] [.....172.16.0.1][52098] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [.....2] [ip4][..tcp] [.....172.16.0.1][52100] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....2] [ip4][..tcp] [.....172.16.0.1][52100] -> [..192.168.10.50][...80]
- guessed: [.....3] [ip4][..tcp] [.....172.16.0.1][52118] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [.....3] [ip4][..tcp] [.....172.16.0.1][52118] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....3] [ip4][..tcp] [.....172.16.0.1][52118] -> [..192.168.10.50][...80]
- guessed: [.....4] [ip4][..tcp] [.....172.16.0.1][52120] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [.....4] [ip4][..tcp] [.....172.16.0.1][52120] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....4] [ip4][..tcp] [.....172.16.0.1][52120] -> [..192.168.10.50][...80]
new: [....61] [ip4][..tcp] [.....172.16.0.1][53286] -> [..192.168.10.50][...80]
new: [....62] [ip4][..tcp] [.....172.16.0.1][53300] -> [..192.168.10.50][...80]
@@ -124,13 +124,13 @@
new: [....71] [ip4][..tcp] [.....172.16.0.1][53450] -> [..192.168.10.50][...80]
new: [....72] [ip4][..tcp] [.....172.16.0.1][53476] -> [..192.168.10.50][...80]
new: [....73] [ip4][..tcp] [.....172.16.0.1][53490] -> [..192.168.10.50][...80]
- end: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [.....6] [ip4][..tcp] [.....172.16.0.1][52202] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [.....5] [ip4][..tcp] [.....172.16.0.1][52200] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [.....6] [ip4][..tcp] [.....172.16.0.1][52202] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....6] [ip4][..tcp] [.....172.16.0.1][52202] -> [..192.168.10.50][...80]
- guessed: [.....7] [ip4][..tcp] [.....172.16.0.1][52220] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [.....7] [ip4][..tcp] [.....172.16.0.1][52220] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....7] [ip4][..tcp] [.....172.16.0.1][52220] -> [..192.168.10.50][...80]
- guessed: [.....8] [ip4][..tcp] [.....172.16.0.1][52222] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [.....8] [ip4][..tcp] [.....172.16.0.1][52222] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....8] [ip4][..tcp] [.....172.16.0.1][52222] -> [..192.168.10.50][...80]
new: [....74] [ip4][..tcp] [.....172.16.0.1][53516] -> [..192.168.10.50][...80]
new: [....75] [ip4][..tcp] [.....172.16.0.1][53530] -> [..192.168.10.50][...80]
@@ -139,13 +139,13 @@
new: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80]
new: [....79] [ip4][..tcp] [.....172.16.0.1][53598] -> [..192.168.10.50][...80]
new: [....80] [ip4][..tcp] [.....172.16.0.1][53624] -> [..192.168.10.50][...80]
- detected: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [....81] [ip4][..tcp] [.....172.16.0.1][53638] -> [..192.168.10.50][...80]
new: [....82] [ip4][..tcp] [.....172.16.0.1][53664] -> [..192.168.10.50][...80]
new: [....83] [ip4][..tcp] [.....172.16.0.1][53678] -> [..192.168.10.50][...80]
new: [....84] [ip4][..tcp] [.....172.16.0.1][53692] -> [..192.168.10.50][...80]
- analyse: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 4.899| 0.653| 1.186| 1406566.662| 3.500]
[PKTLEN......: 52.000| 1920.000| 713.700| 750.900| 563862.500| 4.200]
@@ -155,13 +155,13 @@
[IATS(ms)....: 0.1,0.7,4897.8,4898.5,8.6,9.4,243.2,246.7,3.6,1041.2,1044.8,3.8,241.2,245.3,4.0,1005.5,1009.5,4.0,241.0,244.6,3.6,1008.9,1012.5,3.7,268.3,273.7,5.3,1005.6,1009.6,4.1,266.0]
[PKTLENS.....: 60,60,52,435,52,1823,52,637,1919,52,435,1822,52,637,1920,52,435,1822,52,637,1918,52,435,1822,52,637,1919,52,435,1822,52,637]
[ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0]
- end: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- end: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [....12] [ip4][..tcp] [.....172.16.0.1][52320] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [....10] [ip4][..tcp] [.....172.16.0.1][52300] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ end: [....11] [ip4][..tcp] [.....172.16.0.1][52318] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [....12] [ip4][..tcp] [.....172.16.0.1][52320] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....12] [ip4][..tcp] [.....172.16.0.1][52320] -> [..192.168.10.50][...80]
- guessed: [....13] [ip4][..tcp] [.....172.16.0.1][52386] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....13] [ip4][..tcp] [.....172.16.0.1][52386] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....13] [ip4][..tcp] [.....172.16.0.1][52386] -> [..192.168.10.50][...80]
new: [....85] [ip4][..tcp] [.....172.16.0.1][53718] -> [..192.168.10.50][...80]
new: [....86] [ip4][..tcp] [.....172.16.0.1][53732] -> [..192.168.10.50][...80]
@@ -169,17 +169,17 @@
new: [....88] [ip4][..tcp] [.....172.16.0.1][53772] -> [..192.168.10.50][...80]
new: [....89] [ip4][..tcp] [.....172.16.0.1][53786] -> [..192.168.10.50][...80]
new: [....90] [ip4][..tcp] [.....172.16.0.1][53812] -> [..192.168.10.50][...80]
- guessed: [....14] [ip4][..tcp] [.....172.16.0.1][52400] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....14] [ip4][..tcp] [.....172.16.0.1][52400] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....14] [ip4][..tcp] [.....172.16.0.1][52400] -> [..192.168.10.50][...80]
- guessed: [....15] [ip4][..tcp] [.....172.16.0.1][52414] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....15] [ip4][..tcp] [.....172.16.0.1][52414] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....15] [ip4][..tcp] [.....172.16.0.1][52414] -> [..192.168.10.50][...80]
- guessed: [....16] [ip4][..tcp] [.....172.16.0.1][52440] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....16] [ip4][..tcp] [.....172.16.0.1][52440] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....16] [ip4][..tcp] [.....172.16.0.1][52440] -> [..192.168.10.50][...80]
- guessed: [....17] [ip4][..tcp] [.....172.16.0.1][52454] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....17] [ip4][..tcp] [.....172.16.0.1][52454] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....17] [ip4][..tcp] [.....172.16.0.1][52454] -> [..192.168.10.50][...80]
- guessed: [....18] [ip4][..tcp] [.....172.16.0.1][52480] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....18] [ip4][..tcp] [.....172.16.0.1][52480] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....18] [ip4][..tcp] [.....172.16.0.1][52480] -> [..192.168.10.50][...80]
- guessed: [....19] [ip4][..tcp] [.....172.16.0.1][52494] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....19] [ip4][..tcp] [.....172.16.0.1][52494] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....19] [ip4][..tcp] [.....172.16.0.1][52494] -> [..192.168.10.50][...80]
new: [....91] [ip4][..tcp] [.....172.16.0.1][53826] -> [..192.168.10.50][...80]
new: [....92] [ip4][..tcp] [.....172.16.0.1][53852] -> [..192.168.10.50][...80]
@@ -187,32 +187,32 @@
new: [....94] [ip4][..tcp] [.....172.16.0.1][53880] -> [..192.168.10.50][...80]
new: [....95] [ip4][..tcp] [.....172.16.0.1][53906] -> [..192.168.10.50][...80]
new: [....96] [ip4][..tcp] [.....172.16.0.1][53920] -> [..192.168.10.50][...80]
- guessed: [....20] [ip4][..tcp] [.....172.16.0.1][52508] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....20] [ip4][..tcp] [.....172.16.0.1][52508] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....20] [ip4][..tcp] [.....172.16.0.1][52508] -> [..192.168.10.50][...80]
- guessed: [....21] [ip4][..tcp] [.....172.16.0.1][52534] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....21] [ip4][..tcp] [.....172.16.0.1][52534] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....21] [ip4][..tcp] [.....172.16.0.1][52534] -> [..192.168.10.50][...80]
- guessed: [....22] [ip4][..tcp] [.....172.16.0.1][52548] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....22] [ip4][..tcp] [.....172.16.0.1][52548] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....22] [ip4][..tcp] [.....172.16.0.1][52548] -> [..192.168.10.50][...80]
- guessed: [....23] [ip4][..tcp] [.....172.16.0.1][52574] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....23] [ip4][..tcp] [.....172.16.0.1][52574] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....23] [ip4][..tcp] [.....172.16.0.1][52574] -> [..192.168.10.50][...80]
- guessed: [....24] [ip4][..tcp] [.....172.16.0.1][52588] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....24] [ip4][..tcp] [.....172.16.0.1][52588] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....24] [ip4][..tcp] [.....172.16.0.1][52588] -> [..192.168.10.50][...80]
- guessed: [....25] [ip4][..tcp] [.....172.16.0.1][52602] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....25] [ip4][..tcp] [.....172.16.0.1][52602] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....25] [ip4][..tcp] [.....172.16.0.1][52602] -> [..192.168.10.50][...80]
new: [....97] [ip4][..tcp] [.....172.16.0.1][53946] -> [..192.168.10.50][...80]
new: [....98] [ip4][..tcp] [.....172.16.0.1][53960] -> [..192.168.10.50][...80]
new: [....99] [ip4][..tcp] [.....172.16.0.1][53974] -> [..192.168.10.50][...80]
new: [...100] [ip4][..tcp] [.....172.16.0.1][54000] -> [..192.168.10.50][...80]
new: [...101] [ip4][..tcp] [.....172.16.0.1][54014] -> [..192.168.10.50][...80]
- guessed: [....26] [ip4][..tcp] [.....172.16.0.1][52628] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....26] [ip4][..tcp] [.....172.16.0.1][52628] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....26] [ip4][..tcp] [.....172.16.0.1][52628] -> [..192.168.10.50][...80]
- guessed: [....27] [ip4][..tcp] [.....172.16.0.1][52642] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....27] [ip4][..tcp] [.....172.16.0.1][52642] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....27] [ip4][..tcp] [.....172.16.0.1][52642] -> [..192.168.10.50][...80]
- guessed: [....28] [ip4][..tcp] [.....172.16.0.1][52668] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....28] [ip4][..tcp] [.....172.16.0.1][52668] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....28] [ip4][..tcp] [.....172.16.0.1][52668] -> [..192.168.10.50][...80]
- guessed: [....29] [ip4][..tcp] [.....172.16.0.1][52682] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....29] [ip4][..tcp] [.....172.16.0.1][52682] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....29] [ip4][..tcp] [.....172.16.0.1][52682] -> [..192.168.10.50][...80]
- guessed: [....30] [ip4][..tcp] [.....172.16.0.1][52696] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....30] [ip4][..tcp] [.....172.16.0.1][52696] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....30] [ip4][..tcp] [.....172.16.0.1][52696] -> [..192.168.10.50][...80]
new: [...102] [ip4][..tcp] [.....172.16.0.1][54040] -> [..192.168.10.50][...80]
new: [...103] [ip4][..tcp] [.....172.16.0.1][54054] -> [..192.168.10.50][...80]
@@ -220,17 +220,17 @@
new: [...105] [ip4][..tcp] [.....172.16.0.1][54094] -> [..192.168.10.50][...80]
new: [...106] [ip4][..tcp] [.....172.16.0.1][54108] -> [..192.168.10.50][...80]
new: [...107] [ip4][..tcp] [.....172.16.0.1][54134] -> [..192.168.10.50][...80]
- guessed: [....36] [ip4][..tcp] [.....172.16.0.1][52816] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....36] [ip4][..tcp] [.....172.16.0.1][52816] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....36] [ip4][..tcp] [.....172.16.0.1][52816] -> [..192.168.10.50][...80]
- guessed: [....31] [ip4][..tcp] [.....172.16.0.1][52722] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....31] [ip4][..tcp] [.....172.16.0.1][52722] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....31] [ip4][..tcp] [.....172.16.0.1][52722] -> [..192.168.10.50][...80]
- guessed: [....32] [ip4][..tcp] [.....172.16.0.1][52736] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....32] [ip4][..tcp] [.....172.16.0.1][52736] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....32] [ip4][..tcp] [.....172.16.0.1][52736] -> [..192.168.10.50][...80]
- guessed: [....33] [ip4][..tcp] [.....172.16.0.1][52750] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....33] [ip4][..tcp] [.....172.16.0.1][52750] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....33] [ip4][..tcp] [.....172.16.0.1][52750] -> [..192.168.10.50][...80]
- guessed: [....34] [ip4][..tcp] [.....172.16.0.1][52776] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....34] [ip4][..tcp] [.....172.16.0.1][52776] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....34] [ip4][..tcp] [.....172.16.0.1][52776] -> [..192.168.10.50][...80]
- guessed: [....35] [ip4][..tcp] [.....172.16.0.1][52790] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....35] [ip4][..tcp] [.....172.16.0.1][52790] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....35] [ip4][..tcp] [.....172.16.0.1][52790] -> [..192.168.10.50][...80]
new: [...108] [ip4][..tcp] [.....172.16.0.1][54148] -> [..192.168.10.50][...80]
new: [...109] [ip4][..tcp] [.....172.16.0.1][54162] -> [..192.168.10.50][...80]
@@ -238,39 +238,39 @@
new: [...111] [ip4][..tcp] [.....172.16.0.1][54202] -> [..192.168.10.50][...80]
new: [...112] [ip4][..tcp] [.....172.16.0.1][54228] -> [..192.168.10.50][...80]
new: [...113] [ip4][..tcp] [.....172.16.0.1][54242] -> [..192.168.10.50][...80]
- guessed: [....37] [ip4][..tcp] [.....172.16.0.1][52830] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....37] [ip4][..tcp] [.....172.16.0.1][52830] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....37] [ip4][..tcp] [.....172.16.0.1][52830] -> [..192.168.10.50][...80]
- guessed: [....38] [ip4][..tcp] [.....172.16.0.1][52856] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....38] [ip4][..tcp] [.....172.16.0.1][52856] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....38] [ip4][..tcp] [.....172.16.0.1][52856] -> [..192.168.10.50][...80]
- guessed: [....39] [ip4][..tcp] [.....172.16.0.1][52870] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....39] [ip4][..tcp] [.....172.16.0.1][52870] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....39] [ip4][..tcp] [.....172.16.0.1][52870] -> [..192.168.10.50][...80]
- guessed: [....40] [ip4][..tcp] [.....172.16.0.1][52884] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....40] [ip4][..tcp] [.....172.16.0.1][52884] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....40] [ip4][..tcp] [.....172.16.0.1][52884] -> [..192.168.10.50][...80]
- guessed: [....42] [ip4][..tcp] [.....172.16.0.1][52924] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....42] [ip4][..tcp] [.....172.16.0.1][52924] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....42] [ip4][..tcp] [.....172.16.0.1][52924] -> [..192.168.10.50][...80]
- end: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
+ end: [.....9] [ip4][..tcp] [.....172.16.0.1][52298] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80]
new: [...115] [ip4][..tcp] [.....172.16.0.1][54282] -> [..192.168.10.50][...80]
new: [...116] [ip4][..tcp] [.....172.16.0.1][54296] -> [..192.168.10.50][...80]
- detected: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...117] [ip4][..tcp] [.....172.16.0.1][54322] -> [..192.168.10.50][...80]
new: [...118] [ip4][..tcp] [.....172.16.0.1][54336] -> [..192.168.10.50][...80]
- guessed: [....43] [ip4][..tcp] [.....172.16.0.1][52938] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....43] [ip4][..tcp] [.....172.16.0.1][52938] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....43] [ip4][..tcp] [.....172.16.0.1][52938] -> [..192.168.10.50][...80]
- guessed: [....44] [ip4][..tcp] [.....172.16.0.1][52964] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....44] [ip4][..tcp] [.....172.16.0.1][52964] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....44] [ip4][..tcp] [.....172.16.0.1][52964] -> [..192.168.10.50][...80]
- guessed: [....45] [ip4][..tcp] [.....172.16.0.1][52978] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....45] [ip4][..tcp] [.....172.16.0.1][52978] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....45] [ip4][..tcp] [.....172.16.0.1][52978] -> [..192.168.10.50][...80]
- guessed: [....46] [ip4][..tcp] [.....172.16.0.1][53004] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....46] [ip4][..tcp] [.....172.16.0.1][53004] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....46] [ip4][..tcp] [.....172.16.0.1][53004] -> [..192.168.10.50][...80]
- guessed: [....47] [ip4][..tcp] [.....172.16.0.1][53018] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....47] [ip4][..tcp] [.....172.16.0.1][53018] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....47] [ip4][..tcp] [.....172.16.0.1][53018] -> [..192.168.10.50][...80]
- guessed: [....48] [ip4][..tcp] [.....172.16.0.1][53032] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....48] [ip4][..tcp] [.....172.16.0.1][53032] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....48] [ip4][..tcp] [.....172.16.0.1][53032] -> [..192.168.10.50][...80]
new: [...119] [ip4][..tcp] [.....172.16.0.1][54362] -> [..192.168.10.50][...80]
- analyse: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.827| 0.609| 0.943| 889903.972| 3.700]
[PKTLEN......: 52.000| 1921.000| 716.800| 755.600| 570947.800| 4.200]
@@ -285,15 +285,15 @@
new: [...122] [ip4][..tcp] [.....172.16.0.1][54416] -> [..192.168.10.50][...80]
new: [...123] [ip4][..tcp] [.....172.16.0.1][54430] -> [..192.168.10.50][...80]
new: [...124] [ip4][..tcp] [.....172.16.0.1][54456] -> [..192.168.10.50][...80]
- guessed: [....49] [ip4][..tcp] [.....172.16.0.1][53058] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....49] [ip4][..tcp] [.....172.16.0.1][53058] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....49] [ip4][..tcp] [.....172.16.0.1][53058] -> [..192.168.10.50][...80]
- guessed: [....50] [ip4][..tcp] [.....172.16.0.1][53072] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....50] [ip4][..tcp] [.....172.16.0.1][53072] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....50] [ip4][..tcp] [.....172.16.0.1][53072] -> [..192.168.10.50][...80]
- guessed: [....51] [ip4][..tcp] [.....172.16.0.1][53098] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....51] [ip4][..tcp] [.....172.16.0.1][53098] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....51] [ip4][..tcp] [.....172.16.0.1][53098] -> [..192.168.10.50][...80]
- guessed: [....52] [ip4][..tcp] [.....172.16.0.1][53112] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....52] [ip4][..tcp] [.....172.16.0.1][53112] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....52] [ip4][..tcp] [.....172.16.0.1][53112] -> [..192.168.10.50][...80]
- guessed: [....53] [ip4][..tcp] [.....172.16.0.1][53126] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....53] [ip4][..tcp] [.....172.16.0.1][53126] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....53] [ip4][..tcp] [.....172.16.0.1][53126] -> [..192.168.10.50][...80]
new: [...125] [ip4][..tcp] [.....172.16.0.1][54470] -> [..192.168.10.50][...80]
new: [...126] [ip4][..tcp] [.....172.16.0.1][54484] -> [..192.168.10.50][...80]
@@ -302,19 +302,19 @@
new: [...129] [ip4][..tcp] [.....172.16.0.1][54538] -> [..192.168.10.50][...80]
new: [...130] [ip4][..tcp] [.....172.16.0.1][54552] -> [..192.168.10.50][...80]
new: [...131] [ip4][..tcp] [.....172.16.0.1][54566] -> [..192.168.10.50][...80]
- guessed: [....54] [ip4][..tcp] [.....172.16.0.1][53152] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....54] [ip4][..tcp] [.....172.16.0.1][53152] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....54] [ip4][..tcp] [.....172.16.0.1][53152] -> [..192.168.10.50][...80]
- guessed: [....55] [ip4][..tcp] [.....172.16.0.1][53166] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....55] [ip4][..tcp] [.....172.16.0.1][53166] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....55] [ip4][..tcp] [.....172.16.0.1][53166] -> [..192.168.10.50][...80]
- guessed: [....56] [ip4][..tcp] [.....172.16.0.1][53192] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....56] [ip4][..tcp] [.....172.16.0.1][53192] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....56] [ip4][..tcp] [.....172.16.0.1][53192] -> [..192.168.10.50][...80]
- guessed: [....57] [ip4][..tcp] [.....172.16.0.1][53206] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....57] [ip4][..tcp] [.....172.16.0.1][53206] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....57] [ip4][..tcp] [.....172.16.0.1][53206] -> [..192.168.10.50][...80]
- guessed: [....58] [ip4][..tcp] [.....172.16.0.1][53220] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....58] [ip4][..tcp] [.....172.16.0.1][53220] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....58] [ip4][..tcp] [.....172.16.0.1][53220] -> [..192.168.10.50][...80]
- guessed: [....59] [ip4][..tcp] [.....172.16.0.1][53246] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....59] [ip4][..tcp] [.....172.16.0.1][53246] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....59] [ip4][..tcp] [.....172.16.0.1][53246] -> [..192.168.10.50][...80]
- guessed: [....60] [ip4][..tcp] [.....172.16.0.1][53260] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....60] [ip4][..tcp] [.....172.16.0.1][53260] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....60] [ip4][..tcp] [.....172.16.0.1][53260] -> [..192.168.10.50][...80]
new: [...132] [ip4][..tcp] [.....172.16.0.1][54580] -> [..192.168.10.50][...80]
new: [...133] [ip4][..tcp] [.....172.16.0.1][54606] -> [..192.168.10.50][...80]
@@ -322,15 +322,15 @@
new: [...135] [ip4][..tcp] [.....172.16.0.1][54634] -> [..192.168.10.50][...80]
new: [...136] [ip4][..tcp] [.....172.16.0.1][54660] -> [..192.168.10.50][...80]
new: [...137] [ip4][..tcp] [.....172.16.0.1][54674] -> [..192.168.10.50][...80]
- guessed: [....61] [ip4][..tcp] [.....172.16.0.1][53286] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....61] [ip4][..tcp] [.....172.16.0.1][53286] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....61] [ip4][..tcp] [.....172.16.0.1][53286] -> [..192.168.10.50][...80]
- guessed: [....62] [ip4][..tcp] [.....172.16.0.1][53300] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....62] [ip4][..tcp] [.....172.16.0.1][53300] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....62] [ip4][..tcp] [.....172.16.0.1][53300] -> [..192.168.10.50][...80]
- guessed: [....63] [ip4][..tcp] [.....172.16.0.1][53314] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....63] [ip4][..tcp] [.....172.16.0.1][53314] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....63] [ip4][..tcp] [.....172.16.0.1][53314] -> [..192.168.10.50][...80]
- guessed: [....64] [ip4][..tcp] [.....172.16.0.1][53340] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....64] [ip4][..tcp] [.....172.16.0.1][53340] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....64] [ip4][..tcp] [.....172.16.0.1][53340] -> [..192.168.10.50][...80]
- guessed: [....65] [ip4][..tcp] [.....172.16.0.1][53354] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....65] [ip4][..tcp] [.....172.16.0.1][53354] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....65] [ip4][..tcp] [.....172.16.0.1][53354] -> [..192.168.10.50][...80]
new: [...138] [ip4][..tcp] [.....172.16.0.1][54688] -> [..192.168.10.50][...80]
new: [...139] [ip4][..tcp] [.....172.16.0.1][54714] -> [..192.168.10.50][...80]
@@ -338,17 +338,17 @@
new: [...141] [ip4][..tcp] [.....172.16.0.1][54742] -> [..192.168.10.50][...80]
new: [...142] [ip4][..tcp] [.....172.16.0.1][54768] -> [..192.168.10.50][...80]
new: [...143] [ip4][..tcp] [.....172.16.0.1][54782] -> [..192.168.10.50][...80]
- guessed: [....66] [ip4][..tcp] [.....172.16.0.1][53380] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....66] [ip4][..tcp] [.....172.16.0.1][53380] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....66] [ip4][..tcp] [.....172.16.0.1][53380] -> [..192.168.10.50][...80]
- guessed: [....67] [ip4][..tcp] [.....172.16.0.1][53394] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....67] [ip4][..tcp] [.....172.16.0.1][53394] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....67] [ip4][..tcp] [.....172.16.0.1][53394] -> [..192.168.10.50][...80]
- guessed: [....68] [ip4][..tcp] [.....172.16.0.1][53408] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....68] [ip4][..tcp] [.....172.16.0.1][53408] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....68] [ip4][..tcp] [.....172.16.0.1][53408] -> [..192.168.10.50][...80]
- guessed: [....69] [ip4][..tcp] [.....172.16.0.1][53422] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....69] [ip4][..tcp] [.....172.16.0.1][53422] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....69] [ip4][..tcp] [.....172.16.0.1][53422] -> [..192.168.10.50][...80]
- guessed: [....70] [ip4][..tcp] [.....172.16.0.1][53436] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....70] [ip4][..tcp] [.....172.16.0.1][53436] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....70] [ip4][..tcp] [.....172.16.0.1][53436] -> [..192.168.10.50][...80]
- guessed: [....71] [ip4][..tcp] [.....172.16.0.1][53450] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....71] [ip4][..tcp] [.....172.16.0.1][53450] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....71] [ip4][..tcp] [.....172.16.0.1][53450] -> [..192.168.10.50][...80]
new: [...144] [ip4][..tcp] [.....172.16.0.1][54808] -> [..192.168.10.50][...80]
new: [...145] [ip4][..tcp] [.....172.16.0.1][54822] -> [..192.168.10.50][...80]
@@ -356,41 +356,41 @@
new: [...147] [ip4][..tcp] [.....172.16.0.1][54862] -> [..192.168.10.50][...80]
new: [...148] [ip4][..tcp] [.....172.16.0.1][54876] -> [..192.168.10.50][...80]
new: [...149] [ip4][..tcp] [.....172.16.0.1][54890] -> [..192.168.10.50][...80]
- end: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
- guessed: [....72] [ip4][..tcp] [.....172.16.0.1][53476] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [....41] [ip4][..tcp] [.....172.16.0.1][52910] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [....72] [ip4][..tcp] [.....172.16.0.1][53476] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....72] [ip4][..tcp] [.....172.16.0.1][53476] -> [..192.168.10.50][...80]
- guessed: [....73] [ip4][..tcp] [.....172.16.0.1][53490] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....73] [ip4][..tcp] [.....172.16.0.1][53490] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....73] [ip4][..tcp] [.....172.16.0.1][53490] -> [..192.168.10.50][...80]
- guessed: [....74] [ip4][..tcp] [.....172.16.0.1][53516] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....74] [ip4][..tcp] [.....172.16.0.1][53516] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....74] [ip4][..tcp] [.....172.16.0.1][53516] -> [..192.168.10.50][...80]
- guessed: [....75] [ip4][..tcp] [.....172.16.0.1][53530] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....75] [ip4][..tcp] [.....172.16.0.1][53530] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....75] [ip4][..tcp] [.....172.16.0.1][53530] -> [..192.168.10.50][...80]
- guessed: [....76] [ip4][..tcp] [.....172.16.0.1][53544] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....76] [ip4][..tcp] [.....172.16.0.1][53544] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....76] [ip4][..tcp] [.....172.16.0.1][53544] -> [..192.168.10.50][...80]
- guessed: [....77] [ip4][..tcp] [.....172.16.0.1][53570] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....77] [ip4][..tcp] [.....172.16.0.1][53570] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....77] [ip4][..tcp] [.....172.16.0.1][53570] -> [..192.168.10.50][...80]
new: [...150] [ip4][..tcp] [.....172.16.0.1][54916] -> [..192.168.10.50][...80]
new: [...151] [ip4][..tcp] [.....172.16.0.1][54930] -> [..192.168.10.50][...80]
new: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80]
new: [...153] [ip4][..tcp] [.....172.16.0.1][54970] -> [..192.168.10.50][...80]
new: [...154] [ip4][..tcp] [.....172.16.0.1][54984] -> [..192.168.10.50][...80]
- detected: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
- guessed: [....79] [ip4][..tcp] [.....172.16.0.1][53598] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ detected: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [....79] [ip4][..tcp] [.....172.16.0.1][53598] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....79] [ip4][..tcp] [.....172.16.0.1][53598] -> [..192.168.10.50][...80]
- guessed: [....80] [ip4][..tcp] [.....172.16.0.1][53624] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....80] [ip4][..tcp] [.....172.16.0.1][53624] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....80] [ip4][..tcp] [.....172.16.0.1][53624] -> [..192.168.10.50][...80]
- guessed: [....81] [ip4][..tcp] [.....172.16.0.1][53638] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....81] [ip4][..tcp] [.....172.16.0.1][53638] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....81] [ip4][..tcp] [.....172.16.0.1][53638] -> [..192.168.10.50][...80]
- guessed: [....82] [ip4][..tcp] [.....172.16.0.1][53664] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....82] [ip4][..tcp] [.....172.16.0.1][53664] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....82] [ip4][..tcp] [.....172.16.0.1][53664] -> [..192.168.10.50][...80]
- guessed: [....83] [ip4][..tcp] [.....172.16.0.1][53678] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....83] [ip4][..tcp] [.....172.16.0.1][53678] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....83] [ip4][..tcp] [.....172.16.0.1][53678] -> [..192.168.10.50][...80]
new: [...155] [ip4][..tcp] [.....172.16.0.1][55010] -> [..192.168.10.50][...80]
new: [...156] [ip4][..tcp] [.....172.16.0.1][55024] -> [..192.168.10.50][...80]
new: [...157] [ip4][..tcp] [.....172.16.0.1][55038] -> [..192.168.10.50][...80]
- analyse: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.643| 0.568| 0.904| 816455.025| 3.600]
[PKTLEN......: 52.000| 1921.000| 713.700| 750.800| 563712.500| 4.200]
@@ -403,15 +403,15 @@
new: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80]
new: [...159] [ip4][..tcp] [.....172.16.0.1][55078] -> [..192.168.10.50][...80]
new: [...160] [ip4][..tcp] [.....172.16.0.1][55092] -> [..192.168.10.50][...80]
- guessed: [....84] [ip4][..tcp] [.....172.16.0.1][53692] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....84] [ip4][..tcp] [.....172.16.0.1][53692] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....84] [ip4][..tcp] [.....172.16.0.1][53692] -> [..192.168.10.50][...80]
- guessed: [....85] [ip4][..tcp] [.....172.16.0.1][53718] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....85] [ip4][..tcp] [.....172.16.0.1][53718] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....85] [ip4][..tcp] [.....172.16.0.1][53718] -> [..192.168.10.50][...80]
- guessed: [....86] [ip4][..tcp] [.....172.16.0.1][53732] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....86] [ip4][..tcp] [.....172.16.0.1][53732] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....86] [ip4][..tcp] [.....172.16.0.1][53732] -> [..192.168.10.50][...80]
- guessed: [....87] [ip4][..tcp] [.....172.16.0.1][53758] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....87] [ip4][..tcp] [.....172.16.0.1][53758] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....87] [ip4][..tcp] [.....172.16.0.1][53758] -> [..192.168.10.50][...80]
- guessed: [....88] [ip4][..tcp] [.....172.16.0.1][53772] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....88] [ip4][..tcp] [.....172.16.0.1][53772] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....88] [ip4][..tcp] [.....172.16.0.1][53772] -> [..192.168.10.50][...80]
new: [...161] [ip4][..tcp] [.....172.16.0.1][55118] -> [..192.168.10.50][...80]
new: [...162] [ip4][..tcp] [.....172.16.0.1][55132] -> [..192.168.10.50][...80]
@@ -419,17 +419,17 @@
new: [...164] [ip4][..tcp] [.....172.16.0.1][55172] -> [..192.168.10.50][...80]
new: [...165] [ip4][..tcp] [.....172.16.0.1][55186] -> [..192.168.10.50][...80]
new: [...166] [ip4][..tcp] [.....172.16.0.1][55212] -> [..192.168.10.50][...80]
- guessed: [....89] [ip4][..tcp] [.....172.16.0.1][53786] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....89] [ip4][..tcp] [.....172.16.0.1][53786] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....89] [ip4][..tcp] [.....172.16.0.1][53786] -> [..192.168.10.50][...80]
- guessed: [....90] [ip4][..tcp] [.....172.16.0.1][53812] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....90] [ip4][..tcp] [.....172.16.0.1][53812] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....90] [ip4][..tcp] [.....172.16.0.1][53812] -> [..192.168.10.50][...80]
- guessed: [....91] [ip4][..tcp] [.....172.16.0.1][53826] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....91] [ip4][..tcp] [.....172.16.0.1][53826] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....91] [ip4][..tcp] [.....172.16.0.1][53826] -> [..192.168.10.50][...80]
- guessed: [....92] [ip4][..tcp] [.....172.16.0.1][53852] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....92] [ip4][..tcp] [.....172.16.0.1][53852] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....92] [ip4][..tcp] [.....172.16.0.1][53852] -> [..192.168.10.50][...80]
- guessed: [....93] [ip4][..tcp] [.....172.16.0.1][53866] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....93] [ip4][..tcp] [.....172.16.0.1][53866] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....93] [ip4][..tcp] [.....172.16.0.1][53866] -> [..192.168.10.50][...80]
- guessed: [....94] [ip4][..tcp] [.....172.16.0.1][53880] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....94] [ip4][..tcp] [.....172.16.0.1][53880] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....94] [ip4][..tcp] [.....172.16.0.1][53880] -> [..192.168.10.50][...80]
new: [...167] [ip4][..tcp] [.....172.16.0.1][55226] -> [..192.168.10.50][...80]
new: [...168] [ip4][..tcp] [.....172.16.0.1][55240] -> [..192.168.10.50][...80]
@@ -437,17 +437,17 @@
new: [...170] [ip4][..tcp] [.....172.16.0.1][55280] -> [..192.168.10.50][...80]
new: [...171] [ip4][..tcp] [.....172.16.0.1][55294] -> [..192.168.10.50][...80]
new: [...172] [ip4][..tcp] [.....172.16.0.1][55320] -> [..192.168.10.50][...80]
- guessed: [....95] [ip4][..tcp] [.....172.16.0.1][53906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....95] [ip4][..tcp] [.....172.16.0.1][53906] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....95] [ip4][..tcp] [.....172.16.0.1][53906] -> [..192.168.10.50][...80]
- guessed: [....96] [ip4][..tcp] [.....172.16.0.1][53920] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....96] [ip4][..tcp] [.....172.16.0.1][53920] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....96] [ip4][..tcp] [.....172.16.0.1][53920] -> [..192.168.10.50][...80]
- guessed: [....97] [ip4][..tcp] [.....172.16.0.1][53946] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....97] [ip4][..tcp] [.....172.16.0.1][53946] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....97] [ip4][..tcp] [.....172.16.0.1][53946] -> [..192.168.10.50][...80]
- guessed: [....98] [ip4][..tcp] [.....172.16.0.1][53960] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....98] [ip4][..tcp] [.....172.16.0.1][53960] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....98] [ip4][..tcp] [.....172.16.0.1][53960] -> [..192.168.10.50][...80]
- guessed: [....99] [ip4][..tcp] [.....172.16.0.1][53974] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [....99] [ip4][..tcp] [.....172.16.0.1][53974] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....99] [ip4][..tcp] [.....172.16.0.1][53974] -> [..192.168.10.50][...80]
- guessed: [...100] [ip4][..tcp] [.....172.16.0.1][54000] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...100] [ip4][..tcp] [.....172.16.0.1][54000] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...100] [ip4][..tcp] [.....172.16.0.1][54000] -> [..192.168.10.50][...80]
new: [...173] [ip4][..tcp] [.....172.16.0.1][55334] -> [..192.168.10.50][...80]
new: [...174] [ip4][..tcp] [.....172.16.0.1][55348] -> [..192.168.10.50][...80]
@@ -456,17 +456,17 @@
new: [...177] [ip4][..tcp] [.....172.16.0.1][55390] -> [..192.168.10.50][...80]
new: [...178] [ip4][..tcp] [.....172.16.0.1][55416] -> [..192.168.10.50][...80]
new: [...179] [ip4][..tcp] [.....172.16.0.1][55430] -> [..192.168.10.50][...80]
- guessed: [...101] [ip4][..tcp] [.....172.16.0.1][54014] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...101] [ip4][..tcp] [.....172.16.0.1][54014] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...101] [ip4][..tcp] [.....172.16.0.1][54014] -> [..192.168.10.50][...80]
- guessed: [...102] [ip4][..tcp] [.....172.16.0.1][54040] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...102] [ip4][..tcp] [.....172.16.0.1][54040] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...102] [ip4][..tcp] [.....172.16.0.1][54040] -> [..192.168.10.50][...80]
- guessed: [...103] [ip4][..tcp] [.....172.16.0.1][54054] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...103] [ip4][..tcp] [.....172.16.0.1][54054] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...103] [ip4][..tcp] [.....172.16.0.1][54054] -> [..192.168.10.50][...80]
- guessed: [...104] [ip4][..tcp] [.....172.16.0.1][54068] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...104] [ip4][..tcp] [.....172.16.0.1][54068] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...104] [ip4][..tcp] [.....172.16.0.1][54068] -> [..192.168.10.50][...80]
- guessed: [...105] [ip4][..tcp] [.....172.16.0.1][54094] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...105] [ip4][..tcp] [.....172.16.0.1][54094] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...105] [ip4][..tcp] [.....172.16.0.1][54094] -> [..192.168.10.50][...80]
- guessed: [...106] [ip4][..tcp] [.....172.16.0.1][54108] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...106] [ip4][..tcp] [.....172.16.0.1][54108] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...106] [ip4][..tcp] [.....172.16.0.1][54108] -> [..192.168.10.50][...80]
new: [...180] [ip4][..tcp] [.....172.16.0.1][55444] -> [..192.168.10.50][...80]
new: [...181] [ip4][..tcp] [.....172.16.0.1][55470] -> [..192.168.10.50][...80]
@@ -474,15 +474,15 @@
new: [...183] [ip4][..tcp] [.....172.16.0.1][55510] -> [..192.168.10.50][...80]
new: [...184] [ip4][..tcp] [.....172.16.0.1][55524] -> [..192.168.10.50][...80]
new: [...185] [ip4][..tcp] [.....172.16.0.1][55538] -> [..192.168.10.50][...80]
- guessed: [...107] [ip4][..tcp] [.....172.16.0.1][54134] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...107] [ip4][..tcp] [.....172.16.0.1][54134] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...107] [ip4][..tcp] [.....172.16.0.1][54134] -> [..192.168.10.50][...80]
- guessed: [...108] [ip4][..tcp] [.....172.16.0.1][54148] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...108] [ip4][..tcp] [.....172.16.0.1][54148] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...108] [ip4][..tcp] [.....172.16.0.1][54148] -> [..192.168.10.50][...80]
- guessed: [...109] [ip4][..tcp] [.....172.16.0.1][54162] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...109] [ip4][..tcp] [.....172.16.0.1][54162] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...109] [ip4][..tcp] [.....172.16.0.1][54162] -> [..192.168.10.50][...80]
- guessed: [...110] [ip4][..tcp] [.....172.16.0.1][54188] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...110] [ip4][..tcp] [.....172.16.0.1][54188] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...110] [ip4][..tcp] [.....172.16.0.1][54188] -> [..192.168.10.50][...80]
- guessed: [...111] [ip4][..tcp] [.....172.16.0.1][54202] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...111] [ip4][..tcp] [.....172.16.0.1][54202] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...111] [ip4][..tcp] [.....172.16.0.1][54202] -> [..192.168.10.50][...80]
new: [...186] [ip4][..tcp] [.....172.16.0.1][55564] -> [..192.168.10.50][...80]
new: [...187] [ip4][..tcp] [.....172.16.0.1][55578] -> [..192.168.10.50][...80]
@@ -490,23 +490,23 @@
new: [...189] [ip4][..tcp] [.....172.16.0.1][55618] -> [..192.168.10.50][...80]
new: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80]
new: [...191] [ip4][..tcp] [.....172.16.0.1][55646] -> [..192.168.10.50][...80]
- end: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [...112] [ip4][..tcp] [.....172.16.0.1][54228] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [....78] [ip4][..tcp] [.....172.16.0.1][53584] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...112] [ip4][..tcp] [.....172.16.0.1][54228] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...112] [ip4][..tcp] [.....172.16.0.1][54228] -> [..192.168.10.50][...80]
- guessed: [...113] [ip4][..tcp] [.....172.16.0.1][54242] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...113] [ip4][..tcp] [.....172.16.0.1][54242] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...113] [ip4][..tcp] [.....172.16.0.1][54242] -> [..192.168.10.50][...80]
- guessed: [...115] [ip4][..tcp] [.....172.16.0.1][54282] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...115] [ip4][..tcp] [.....172.16.0.1][54282] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...115] [ip4][..tcp] [.....172.16.0.1][54282] -> [..192.168.10.50][...80]
- guessed: [...116] [ip4][..tcp] [.....172.16.0.1][54296] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...116] [ip4][..tcp] [.....172.16.0.1][54296] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...116] [ip4][..tcp] [.....172.16.0.1][54296] -> [..192.168.10.50][...80]
new: [...192] [ip4][..tcp] [.....172.16.0.1][55672] -> [..192.168.10.50][...80]
- detected: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...193] [ip4][..tcp] [.....172.16.0.1][55686] -> [..192.168.10.50][...80]
new: [...194] [ip4][..tcp] [.....172.16.0.1][55700] -> [..192.168.10.50][...80]
new: [...195] [ip4][..tcp] [.....172.16.0.1][55726] -> [..192.168.10.50][...80]
- analyse: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.785| 0.602| 0.936| 875951.489| 3.700]
[PKTLEN......: 52.000| 1921.000| 716.900| 755.900| 571323.500| 4.200]
@@ -517,19 +517,19 @@
[PKTLENS.....: 60,60,52,637,52,1921,52,435,1822,52,637,1920,52,435,1822,52,637,1921,52,435,1822,52,637,1920,52,435,1822,52,637,1920,52,435]
[ENTROPIES...: 4.6,5.0,4.9,6.0,4.9,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.1,7.8,5.0,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...196] [ip4][..tcp] [.....172.16.0.1][55740] -> [..192.168.10.50][...80]
- guessed: [...117] [ip4][..tcp] [.....172.16.0.1][54322] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...117] [ip4][..tcp] [.....172.16.0.1][54322] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...117] [ip4][..tcp] [.....172.16.0.1][54322] -> [..192.168.10.50][...80]
- guessed: [...118] [ip4][..tcp] [.....172.16.0.1][54336] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...118] [ip4][..tcp] [.....172.16.0.1][54336] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...118] [ip4][..tcp] [.....172.16.0.1][54336] -> [..192.168.10.50][...80]
- guessed: [...119] [ip4][..tcp] [.....172.16.0.1][54362] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...119] [ip4][..tcp] [.....172.16.0.1][54362] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...119] [ip4][..tcp] [.....172.16.0.1][54362] -> [..192.168.10.50][...80]
- guessed: [...120] [ip4][..tcp] [.....172.16.0.1][54376] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...120] [ip4][..tcp] [.....172.16.0.1][54376] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...120] [ip4][..tcp] [.....172.16.0.1][54376] -> [..192.168.10.50][...80]
- guessed: [...121] [ip4][..tcp] [.....172.16.0.1][54390] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...121] [ip4][..tcp] [.....172.16.0.1][54390] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...121] [ip4][..tcp] [.....172.16.0.1][54390] -> [..192.168.10.50][...80]
- guessed: [...122] [ip4][..tcp] [.....172.16.0.1][54416] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...122] [ip4][..tcp] [.....172.16.0.1][54416] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...122] [ip4][..tcp] [.....172.16.0.1][54416] -> [..192.168.10.50][...80]
- guessed: [...123] [ip4][..tcp] [.....172.16.0.1][54430] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...123] [ip4][..tcp] [.....172.16.0.1][54430] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...123] [ip4][..tcp] [.....172.16.0.1][54430] -> [..192.168.10.50][...80]
new: [...197] [ip4][..tcp] [.....172.16.0.1][55766] -> [..192.168.10.50][...80]
new: [...198] [ip4][..tcp] [.....172.16.0.1][55780] -> [..192.168.10.50][...80]
@@ -537,15 +537,15 @@
new: [...200] [ip4][..tcp] [.....172.16.0.1][55820] -> [..192.168.10.50][...80]
new: [...201] [ip4][..tcp] [.....172.16.0.1][55834] -> [..192.168.10.50][...80]
new: [...202] [ip4][..tcp] [.....172.16.0.1][55860] -> [..192.168.10.50][...80]
- guessed: [...124] [ip4][..tcp] [.....172.16.0.1][54456] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...124] [ip4][..tcp] [.....172.16.0.1][54456] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...124] [ip4][..tcp] [.....172.16.0.1][54456] -> [..192.168.10.50][...80]
- guessed: [...125] [ip4][..tcp] [.....172.16.0.1][54470] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...125] [ip4][..tcp] [.....172.16.0.1][54470] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...125] [ip4][..tcp] [.....172.16.0.1][54470] -> [..192.168.10.50][...80]
- guessed: [...126] [ip4][..tcp] [.....172.16.0.1][54484] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...126] [ip4][..tcp] [.....172.16.0.1][54484] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...126] [ip4][..tcp] [.....172.16.0.1][54484] -> [..192.168.10.50][...80]
- guessed: [...127] [ip4][..tcp] [.....172.16.0.1][54510] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...127] [ip4][..tcp] [.....172.16.0.1][54510] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...127] [ip4][..tcp] [.....172.16.0.1][54510] -> [..192.168.10.50][...80]
- guessed: [...128] [ip4][..tcp] [.....172.16.0.1][54524] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...128] [ip4][..tcp] [.....172.16.0.1][54524] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...128] [ip4][..tcp] [.....172.16.0.1][54524] -> [..192.168.10.50][...80]
new: [...203] [ip4][..tcp] [.....172.16.0.1][55874] -> [..192.168.10.50][...80]
new: [...204] [ip4][..tcp] [.....172.16.0.1][55888] -> [..192.168.10.50][...80]
@@ -553,19 +553,19 @@
new: [...206] [ip4][..tcp] [.....172.16.0.1][55928] -> [..192.168.10.50][...80]
new: [...207] [ip4][..tcp] [.....172.16.0.1][55942] -> [..192.168.10.50][...80]
new: [...208] [ip4][..tcp] [.....172.16.0.1][55968] -> [..192.168.10.50][...80]
- guessed: [...129] [ip4][..tcp] [.....172.16.0.1][54538] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...129] [ip4][..tcp] [.....172.16.0.1][54538] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...129] [ip4][..tcp] [.....172.16.0.1][54538] -> [..192.168.10.50][...80]
- guessed: [...130] [ip4][..tcp] [.....172.16.0.1][54552] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...130] [ip4][..tcp] [.....172.16.0.1][54552] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...130] [ip4][..tcp] [.....172.16.0.1][54552] -> [..192.168.10.50][...80]
- guessed: [...131] [ip4][..tcp] [.....172.16.0.1][54566] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...131] [ip4][..tcp] [.....172.16.0.1][54566] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...131] [ip4][..tcp] [.....172.16.0.1][54566] -> [..192.168.10.50][...80]
- guessed: [...132] [ip4][..tcp] [.....172.16.0.1][54580] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...132] [ip4][..tcp] [.....172.16.0.1][54580] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...132] [ip4][..tcp] [.....172.16.0.1][54580] -> [..192.168.10.50][...80]
- guessed: [...133] [ip4][..tcp] [.....172.16.0.1][54606] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...133] [ip4][..tcp] [.....172.16.0.1][54606] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...133] [ip4][..tcp] [.....172.16.0.1][54606] -> [..192.168.10.50][...80]
- guessed: [...134] [ip4][..tcp] [.....172.16.0.1][54620] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...134] [ip4][..tcp] [.....172.16.0.1][54620] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...134] [ip4][..tcp] [.....172.16.0.1][54620] -> [..192.168.10.50][...80]
- guessed: [...135] [ip4][..tcp] [.....172.16.0.1][54634] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...135] [ip4][..tcp] [.....172.16.0.1][54634] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...135] [ip4][..tcp] [.....172.16.0.1][54634] -> [..192.168.10.50][...80]
new: [...209] [ip4][..tcp] [.....172.16.0.1][55982] -> [..192.168.10.50][...80]
new: [...210] [ip4][..tcp] [.....172.16.0.1][55996] -> [..192.168.10.50][...80]
@@ -573,17 +573,17 @@
new: [...212] [ip4][..tcp] [.....172.16.0.1][56036] -> [..192.168.10.50][...80]
new: [...213] [ip4][..tcp] [.....172.16.0.1][56062] -> [..192.168.10.50][...80]
new: [...214] [ip4][..tcp] [.....172.16.0.1][56076] -> [..192.168.10.50][...80]
- guessed: [...136] [ip4][..tcp] [.....172.16.0.1][54660] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...136] [ip4][..tcp] [.....172.16.0.1][54660] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...136] [ip4][..tcp] [.....172.16.0.1][54660] -> [..192.168.10.50][...80]
- guessed: [...137] [ip4][..tcp] [.....172.16.0.1][54674] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...137] [ip4][..tcp] [.....172.16.0.1][54674] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...137] [ip4][..tcp] [.....172.16.0.1][54674] -> [..192.168.10.50][...80]
- guessed: [...138] [ip4][..tcp] [.....172.16.0.1][54688] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...138] [ip4][..tcp] [.....172.16.0.1][54688] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...138] [ip4][..tcp] [.....172.16.0.1][54688] -> [..192.168.10.50][...80]
- guessed: [...139] [ip4][..tcp] [.....172.16.0.1][54714] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...139] [ip4][..tcp] [.....172.16.0.1][54714] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...139] [ip4][..tcp] [.....172.16.0.1][54714] -> [..192.168.10.50][...80]
- guessed: [...140] [ip4][..tcp] [.....172.16.0.1][54728] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...140] [ip4][..tcp] [.....172.16.0.1][54728] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...140] [ip4][..tcp] [.....172.16.0.1][54728] -> [..192.168.10.50][...80]
- guessed: [...141] [ip4][..tcp] [.....172.16.0.1][54742] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...141] [ip4][..tcp] [.....172.16.0.1][54742] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...141] [ip4][..tcp] [.....172.16.0.1][54742] -> [..192.168.10.50][...80]
new: [...215] [ip4][..tcp] [.....172.16.0.1][56090] -> [..192.168.10.50][...80]
new: [...216] [ip4][..tcp] [.....172.16.0.1][56116] -> [..192.168.10.50][...80]
@@ -592,54 +592,54 @@
new: [...219] [ip4][..tcp] [.....172.16.0.1][56158] -> [..192.168.10.50][...80]
new: [...220] [ip4][..tcp] [.....172.16.0.1][56172] -> [..192.168.10.50][...80]
new: [...221] [ip4][..tcp] [.....172.16.0.1][56186] -> [..192.168.10.50][...80]
- guessed: [...142] [ip4][..tcp] [.....172.16.0.1][54768] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...142] [ip4][..tcp] [.....172.16.0.1][54768] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...142] [ip4][..tcp] [.....172.16.0.1][54768] -> [..192.168.10.50][...80]
- guessed: [...143] [ip4][..tcp] [.....172.16.0.1][54782] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...143] [ip4][..tcp] [.....172.16.0.1][54782] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...143] [ip4][..tcp] [.....172.16.0.1][54782] -> [..192.168.10.50][...80]
- guessed: [...144] [ip4][..tcp] [.....172.16.0.1][54808] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...144] [ip4][..tcp] [.....172.16.0.1][54808] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...144] [ip4][..tcp] [.....172.16.0.1][54808] -> [..192.168.10.50][...80]
- guessed: [...145] [ip4][..tcp] [.....172.16.0.1][54822] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...145] [ip4][..tcp] [.....172.16.0.1][54822] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...145] [ip4][..tcp] [.....172.16.0.1][54822] -> [..192.168.10.50][...80]
- guessed: [...146] [ip4][..tcp] [.....172.16.0.1][54836] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...146] [ip4][..tcp] [.....172.16.0.1][54836] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...146] [ip4][..tcp] [.....172.16.0.1][54836] -> [..192.168.10.50][...80]
new: [...222] [ip4][..tcp] [.....172.16.0.1][56212] -> [..192.168.10.50][...80]
new: [...223] [ip4][..tcp] [.....172.16.0.1][56226] -> [..192.168.10.50][...80]
new: [...224] [ip4][..tcp] [.....172.16.0.1][56240] -> [..192.168.10.50][...80]
new: [...225] [ip4][..tcp] [.....172.16.0.1][56266] -> [..192.168.10.50][...80]
new: [...226] [ip4][..tcp] [.....172.16.0.1][56280] -> [..192.168.10.50][...80]
- guessed: [...147] [ip4][..tcp] [.....172.16.0.1][54862] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...147] [ip4][..tcp] [.....172.16.0.1][54862] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...147] [ip4][..tcp] [.....172.16.0.1][54862] -> [..192.168.10.50][...80]
- guessed: [...148] [ip4][..tcp] [.....172.16.0.1][54876] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...148] [ip4][..tcp] [.....172.16.0.1][54876] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...148] [ip4][..tcp] [.....172.16.0.1][54876] -> [..192.168.10.50][...80]
- guessed: [...149] [ip4][..tcp] [.....172.16.0.1][54890] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...149] [ip4][..tcp] [.....172.16.0.1][54890] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...149] [ip4][..tcp] [.....172.16.0.1][54890] -> [..192.168.10.50][...80]
- guessed: [...150] [ip4][..tcp] [.....172.16.0.1][54916] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...150] [ip4][..tcp] [.....172.16.0.1][54916] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...150] [ip4][..tcp] [.....172.16.0.1][54916] -> [..192.168.10.50][...80]
- guessed: [...151] [ip4][..tcp] [.....172.16.0.1][54930] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...151] [ip4][..tcp] [.....172.16.0.1][54930] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...151] [ip4][..tcp] [.....172.16.0.1][54930] -> [..192.168.10.50][...80]
- end: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
+ end: [...114] [ip4][..tcp] [.....172.16.0.1][54268] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
new: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80]
new: [...228] [ip4][..tcp] [.....172.16.0.1][56320] -> [..192.168.10.50][...80]
new: [...229] [ip4][..tcp] [.....172.16.0.1][56334] -> [..192.168.10.50][...80]
- detected: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...230] [ip4][..tcp] [.....172.16.0.1][56360] -> [..192.168.10.50][...80]
new: [...231] [ip4][..tcp] [.....172.16.0.1][56374] -> [..192.168.10.50][...80]
new: [...232] [ip4][..tcp] [.....172.16.0.1][56400] -> [..192.168.10.50][...80]
- guessed: [...153] [ip4][..tcp] [.....172.16.0.1][54970] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...153] [ip4][..tcp] [.....172.16.0.1][54970] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...153] [ip4][..tcp] [.....172.16.0.1][54970] -> [..192.168.10.50][...80]
- guessed: [...154] [ip4][..tcp] [.....172.16.0.1][54984] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...154] [ip4][..tcp] [.....172.16.0.1][54984] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...154] [ip4][..tcp] [.....172.16.0.1][54984] -> [..192.168.10.50][...80]
- guessed: [...155] [ip4][..tcp] [.....172.16.0.1][55010] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...155] [ip4][..tcp] [.....172.16.0.1][55010] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...155] [ip4][..tcp] [.....172.16.0.1][55010] -> [..192.168.10.50][...80]
- guessed: [...156] [ip4][..tcp] [.....172.16.0.1][55024] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...156] [ip4][..tcp] [.....172.16.0.1][55024] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...156] [ip4][..tcp] [.....172.16.0.1][55024] -> [..192.168.10.50][...80]
- guessed: [...157] [ip4][..tcp] [.....172.16.0.1][55038] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...157] [ip4][..tcp] [.....172.16.0.1][55038] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...157] [ip4][..tcp] [.....172.16.0.1][55038] -> [..192.168.10.50][...80]
- guessed: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...158] [ip4][..tcp] [.....172.16.0.1][55064] -> [..192.168.10.50][...80]
- analyse: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 4.805| 0.635| 1.170| 1368332.173| 3.400]
[PKTLEN......: 52.000| 1920.000| 695.600| 708.000| 501313.900| 4.200]
@@ -655,19 +655,19 @@
new: [...236] [ip4][..tcp] [.....172.16.0.1][56468] -> [..192.168.10.50][...80]
new: [...237] [ip4][..tcp] [.....172.16.0.1][56482] -> [..192.168.10.50][...80]
new: [...238] [ip4][..tcp] [.....172.16.0.1][56508] -> [..192.168.10.50][...80]
- guessed: [...159] [ip4][..tcp] [.....172.16.0.1][55078] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...159] [ip4][..tcp] [.....172.16.0.1][55078] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...159] [ip4][..tcp] [.....172.16.0.1][55078] -> [..192.168.10.50][...80]
- guessed: [...160] [ip4][..tcp] [.....172.16.0.1][55092] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...160] [ip4][..tcp] [.....172.16.0.1][55092] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...160] [ip4][..tcp] [.....172.16.0.1][55092] -> [..192.168.10.50][...80]
- guessed: [...161] [ip4][..tcp] [.....172.16.0.1][55118] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...161] [ip4][..tcp] [.....172.16.0.1][55118] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...161] [ip4][..tcp] [.....172.16.0.1][55118] -> [..192.168.10.50][...80]
- guessed: [...162] [ip4][..tcp] [.....172.16.0.1][55132] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...162] [ip4][..tcp] [.....172.16.0.1][55132] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...162] [ip4][..tcp] [.....172.16.0.1][55132] -> [..192.168.10.50][...80]
- guessed: [...163] [ip4][..tcp] [.....172.16.0.1][55158] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...163] [ip4][..tcp] [.....172.16.0.1][55158] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...163] [ip4][..tcp] [.....172.16.0.1][55158] -> [..192.168.10.50][...80]
- guessed: [...164] [ip4][..tcp] [.....172.16.0.1][55172] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...164] [ip4][..tcp] [.....172.16.0.1][55172] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...164] [ip4][..tcp] [.....172.16.0.1][55172] -> [..192.168.10.50][...80]
- guessed: [...165] [ip4][..tcp] [.....172.16.0.1][55186] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...165] [ip4][..tcp] [.....172.16.0.1][55186] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...165] [ip4][..tcp] [.....172.16.0.1][55186] -> [..192.168.10.50][...80]
new: [...239] [ip4][..tcp] [.....172.16.0.1][56522] -> [..192.168.10.50][...80]
new: [...240] [ip4][..tcp] [.....172.16.0.1][56536] -> [..192.168.10.50][...80]
@@ -675,15 +675,15 @@
new: [...242] [ip4][..tcp] [.....172.16.0.1][56576] -> [..192.168.10.50][...80]
new: [...243] [ip4][..tcp] [.....172.16.0.1][56590] -> [..192.168.10.50][...80]
new: [...244] [ip4][..tcp] [.....172.16.0.1][56616] -> [..192.168.10.50][...80]
- guessed: [...166] [ip4][..tcp] [.....172.16.0.1][55212] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...166] [ip4][..tcp] [.....172.16.0.1][55212] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...166] [ip4][..tcp] [.....172.16.0.1][55212] -> [..192.168.10.50][...80]
- guessed: [...167] [ip4][..tcp] [.....172.16.0.1][55226] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...167] [ip4][..tcp] [.....172.16.0.1][55226] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...167] [ip4][..tcp] [.....172.16.0.1][55226] -> [..192.168.10.50][...80]
- guessed: [...168] [ip4][..tcp] [.....172.16.0.1][55240] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...168] [ip4][..tcp] [.....172.16.0.1][55240] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...168] [ip4][..tcp] [.....172.16.0.1][55240] -> [..192.168.10.50][...80]
- guessed: [...169] [ip4][..tcp] [.....172.16.0.1][55266] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...169] [ip4][..tcp] [.....172.16.0.1][55266] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...169] [ip4][..tcp] [.....172.16.0.1][55266] -> [..192.168.10.50][...80]
- guessed: [...170] [ip4][..tcp] [.....172.16.0.1][55280] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...170] [ip4][..tcp] [.....172.16.0.1][55280] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...170] [ip4][..tcp] [.....172.16.0.1][55280] -> [..192.168.10.50][...80]
new: [...245] [ip4][..tcp] [.....172.16.0.1][56630] -> [..192.168.10.50][...80]
new: [...246] [ip4][..tcp] [.....172.16.0.1][56644] -> [..192.168.10.50][...80]
@@ -691,19 +691,19 @@
new: [...248] [ip4][..tcp] [.....172.16.0.1][56684] -> [..192.168.10.50][...80]
new: [...249] [ip4][..tcp] [.....172.16.0.1][56710] -> [..192.168.10.50][...80]
new: [...250] [ip4][..tcp] [.....172.16.0.1][56724] -> [..192.168.10.50][...80]
- guessed: [...171] [ip4][..tcp] [.....172.16.0.1][55294] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...171] [ip4][..tcp] [.....172.16.0.1][55294] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...171] [ip4][..tcp] [.....172.16.0.1][55294] -> [..192.168.10.50][...80]
- guessed: [...172] [ip4][..tcp] [.....172.16.0.1][55320] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...172] [ip4][..tcp] [.....172.16.0.1][55320] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...172] [ip4][..tcp] [.....172.16.0.1][55320] -> [..192.168.10.50][...80]
- guessed: [...173] [ip4][..tcp] [.....172.16.0.1][55334] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...173] [ip4][..tcp] [.....172.16.0.1][55334] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...173] [ip4][..tcp] [.....172.16.0.1][55334] -> [..192.168.10.50][...80]
- guessed: [...174] [ip4][..tcp] [.....172.16.0.1][55348] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...174] [ip4][..tcp] [.....172.16.0.1][55348] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...174] [ip4][..tcp] [.....172.16.0.1][55348] -> [..192.168.10.50][...80]
- guessed: [...175] [ip4][..tcp] [.....172.16.0.1][55362] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...175] [ip4][..tcp] [.....172.16.0.1][55362] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...175] [ip4][..tcp] [.....172.16.0.1][55362] -> [..192.168.10.50][...80]
- guessed: [...176] [ip4][..tcp] [.....172.16.0.1][55376] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...176] [ip4][..tcp] [.....172.16.0.1][55376] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...176] [ip4][..tcp] [.....172.16.0.1][55376] -> [..192.168.10.50][...80]
- guessed: [...177] [ip4][..tcp] [.....172.16.0.1][55390] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...177] [ip4][..tcp] [.....172.16.0.1][55390] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...177] [ip4][..tcp] [.....172.16.0.1][55390] -> [..192.168.10.50][...80]
new: [...251] [ip4][..tcp] [.....172.16.0.1][56738] -> [..192.168.10.50][...80]
new: [...252] [ip4][..tcp] [.....172.16.0.1][56764] -> [..192.168.10.50][...80]
@@ -711,15 +711,15 @@
new: [...254] [ip4][..tcp] [.....172.16.0.1][56792] -> [..192.168.10.50][...80]
new: [...255] [ip4][..tcp] [.....172.16.0.1][56818] -> [..192.168.10.50][...80]
new: [...256] [ip4][..tcp] [.....172.16.0.1][56832] -> [..192.168.10.50][...80]
- guessed: [...178] [ip4][..tcp] [.....172.16.0.1][55416] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...178] [ip4][..tcp] [.....172.16.0.1][55416] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...178] [ip4][..tcp] [.....172.16.0.1][55416] -> [..192.168.10.50][...80]
- guessed: [...179] [ip4][..tcp] [.....172.16.0.1][55430] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...179] [ip4][..tcp] [.....172.16.0.1][55430] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...179] [ip4][..tcp] [.....172.16.0.1][55430] -> [..192.168.10.50][...80]
- guessed: [...180] [ip4][..tcp] [.....172.16.0.1][55444] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...180] [ip4][..tcp] [.....172.16.0.1][55444] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...180] [ip4][..tcp] [.....172.16.0.1][55444] -> [..192.168.10.50][...80]
- guessed: [...181] [ip4][..tcp] [.....172.16.0.1][55470] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...181] [ip4][..tcp] [.....172.16.0.1][55470] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...181] [ip4][..tcp] [.....172.16.0.1][55470] -> [..192.168.10.50][...80]
- guessed: [...182] [ip4][..tcp] [.....172.16.0.1][55484] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...182] [ip4][..tcp] [.....172.16.0.1][55484] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...182] [ip4][..tcp] [.....172.16.0.1][55484] -> [..192.168.10.50][...80]
new: [...257] [ip4][..tcp] [.....172.16.0.1][56858] -> [..192.168.10.50][...80]
new: [...258] [ip4][..tcp] [.....172.16.0.1][56872] -> [..192.168.10.50][...80]
@@ -727,17 +727,17 @@
new: [...260] [ip4][..tcp] [.....172.16.0.1][56912] -> [..192.168.10.50][...80]
new: [...261] [ip4][..tcp] [.....172.16.0.1][56926] -> [..192.168.10.50][...80]
new: [...262] [ip4][..tcp] [.....172.16.0.1][56940] -> [..192.168.10.50][...80]
- guessed: [...183] [ip4][..tcp] [.....172.16.0.1][55510] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...183] [ip4][..tcp] [.....172.16.0.1][55510] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...183] [ip4][..tcp] [.....172.16.0.1][55510] -> [..192.168.10.50][...80]
- guessed: [...184] [ip4][..tcp] [.....172.16.0.1][55524] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...184] [ip4][..tcp] [.....172.16.0.1][55524] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...184] [ip4][..tcp] [.....172.16.0.1][55524] -> [..192.168.10.50][...80]
- guessed: [...185] [ip4][..tcp] [.....172.16.0.1][55538] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...185] [ip4][..tcp] [.....172.16.0.1][55538] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...185] [ip4][..tcp] [.....172.16.0.1][55538] -> [..192.168.10.50][...80]
- guessed: [...186] [ip4][..tcp] [.....172.16.0.1][55564] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...186] [ip4][..tcp] [.....172.16.0.1][55564] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...186] [ip4][..tcp] [.....172.16.0.1][55564] -> [..192.168.10.50][...80]
- guessed: [...187] [ip4][..tcp] [.....172.16.0.1][55578] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...187] [ip4][..tcp] [.....172.16.0.1][55578] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...187] [ip4][..tcp] [.....172.16.0.1][55578] -> [..192.168.10.50][...80]
- guessed: [...188] [ip4][..tcp] [.....172.16.0.1][55592] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...188] [ip4][..tcp] [.....172.16.0.1][55592] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...188] [ip4][..tcp] [.....172.16.0.1][55592] -> [..192.168.10.50][...80]
new: [...263] [ip4][..tcp] [.....172.16.0.1][56966] -> [..192.168.10.50][...80]
new: [...264] [ip4][..tcp] [.....172.16.0.1][56980] -> [..192.168.10.50][...80]
@@ -745,24 +745,24 @@
new: [...266] [ip4][..tcp] [.....172.16.0.1][57008] -> [..192.168.10.50][...80]
new: [...267] [ip4][..tcp] [.....172.16.0.1][57022] -> [..192.168.10.50][...80]
new: [...268] [ip4][..tcp] [.....172.16.0.1][57036] -> [..192.168.10.50][...80]
- detected: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
- end: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [...189] [ip4][..tcp] [.....172.16.0.1][55618] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ detected: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ end: [...152] [ip4][..tcp] [.....172.16.0.1][54956] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...189] [ip4][..tcp] [.....172.16.0.1][55618] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...189] [ip4][..tcp] [.....172.16.0.1][55618] -> [..192.168.10.50][...80]
- guessed: [...191] [ip4][..tcp] [.....172.16.0.1][55646] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...191] [ip4][..tcp] [.....172.16.0.1][55646] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...191] [ip4][..tcp] [.....172.16.0.1][55646] -> [..192.168.10.50][...80]
- guessed: [...192] [ip4][..tcp] [.....172.16.0.1][55672] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...192] [ip4][..tcp] [.....172.16.0.1][55672] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...192] [ip4][..tcp] [.....172.16.0.1][55672] -> [..192.168.10.50][...80]
- guessed: [...193] [ip4][..tcp] [.....172.16.0.1][55686] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...193] [ip4][..tcp] [.....172.16.0.1][55686] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...193] [ip4][..tcp] [.....172.16.0.1][55686] -> [..192.168.10.50][...80]
- guessed: [...194] [ip4][..tcp] [.....172.16.0.1][55700] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...194] [ip4][..tcp] [.....172.16.0.1][55700] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...194] [ip4][..tcp] [.....172.16.0.1][55700] -> [..192.168.10.50][...80]
new: [...269] [ip4][..tcp] [.....172.16.0.1][57062] -> [..192.168.10.50][...80]
new: [...270] [ip4][..tcp] [.....172.16.0.1][57076] -> [..192.168.10.50][...80]
new: [...271] [ip4][..tcp] [.....172.16.0.1][57090] -> [..192.168.10.50][...80]
- analyse: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.819| 0.606| 0.944| 891595.915| 3.700]
[PKTLEN......: 52.000| 1920.000| 716.700| 755.500| 570797.200| 4.200]
@@ -775,17 +775,17 @@
new: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80]
new: [...273] [ip4][..tcp] [.....172.16.0.1][57130] -> [..192.168.10.50][...80]
new: [...274] [ip4][..tcp] [.....172.16.0.1][57144] -> [..192.168.10.50][...80]
- guessed: [...195] [ip4][..tcp] [.....172.16.0.1][55726] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...195] [ip4][..tcp] [.....172.16.0.1][55726] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...195] [ip4][..tcp] [.....172.16.0.1][55726] -> [..192.168.10.50][...80]
- guessed: [...196] [ip4][..tcp] [.....172.16.0.1][55740] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...196] [ip4][..tcp] [.....172.16.0.1][55740] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...196] [ip4][..tcp] [.....172.16.0.1][55740] -> [..192.168.10.50][...80]
- guessed: [...197] [ip4][..tcp] [.....172.16.0.1][55766] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...197] [ip4][..tcp] [.....172.16.0.1][55766] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...197] [ip4][..tcp] [.....172.16.0.1][55766] -> [..192.168.10.50][...80]
- guessed: [...198] [ip4][..tcp] [.....172.16.0.1][55780] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...198] [ip4][..tcp] [.....172.16.0.1][55780] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...198] [ip4][..tcp] [.....172.16.0.1][55780] -> [..192.168.10.50][...80]
- guessed: [...199] [ip4][..tcp] [.....172.16.0.1][55794] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...199] [ip4][..tcp] [.....172.16.0.1][55794] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...199] [ip4][..tcp] [.....172.16.0.1][55794] -> [..192.168.10.50][...80]
- guessed: [...200] [ip4][..tcp] [.....172.16.0.1][55820] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...200] [ip4][..tcp] [.....172.16.0.1][55820] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...200] [ip4][..tcp] [.....172.16.0.1][55820] -> [..192.168.10.50][...80]
new: [...275] [ip4][..tcp] [.....172.16.0.1][57170] -> [..192.168.10.50][...80]
new: [...276] [ip4][..tcp] [.....172.16.0.1][57184] -> [..192.168.10.50][...80]
@@ -793,17 +793,17 @@
new: [...278] [ip4][..tcp] [.....172.16.0.1][57224] -> [..192.168.10.50][...80]
new: [...279] [ip4][..tcp] [.....172.16.0.1][57238] -> [..192.168.10.50][...80]
new: [...280] [ip4][..tcp] [.....172.16.0.1][57264] -> [..192.168.10.50][...80]
- guessed: [...201] [ip4][..tcp] [.....172.16.0.1][55834] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...201] [ip4][..tcp] [.....172.16.0.1][55834] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...201] [ip4][..tcp] [.....172.16.0.1][55834] -> [..192.168.10.50][...80]
- guessed: [...202] [ip4][..tcp] [.....172.16.0.1][55860] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...202] [ip4][..tcp] [.....172.16.0.1][55860] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...202] [ip4][..tcp] [.....172.16.0.1][55860] -> [..192.168.10.50][...80]
- guessed: [...203] [ip4][..tcp] [.....172.16.0.1][55874] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...203] [ip4][..tcp] [.....172.16.0.1][55874] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...203] [ip4][..tcp] [.....172.16.0.1][55874] -> [..192.168.10.50][...80]
- guessed: [...204] [ip4][..tcp] [.....172.16.0.1][55888] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...204] [ip4][..tcp] [.....172.16.0.1][55888] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...204] [ip4][..tcp] [.....172.16.0.1][55888] -> [..192.168.10.50][...80]
- guessed: [...205] [ip4][..tcp] [.....172.16.0.1][55914] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...205] [ip4][..tcp] [.....172.16.0.1][55914] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...205] [ip4][..tcp] [.....172.16.0.1][55914] -> [..192.168.10.50][...80]
- guessed: [...206] [ip4][..tcp] [.....172.16.0.1][55928] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...206] [ip4][..tcp] [.....172.16.0.1][55928] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...206] [ip4][..tcp] [.....172.16.0.1][55928] -> [..192.168.10.50][...80]
new: [...281] [ip4][..tcp] [.....172.16.0.1][57278] -> [..192.168.10.50][...80]
new: [...282] [ip4][..tcp] [.....172.16.0.1][57292] -> [..192.168.10.50][...80]
@@ -811,17 +811,17 @@
new: [...284] [ip4][..tcp] [.....172.16.0.1][57332] -> [..192.168.10.50][...80]
new: [...285] [ip4][..tcp] [.....172.16.0.1][57346] -> [..192.168.10.50][...80]
new: [...286] [ip4][..tcp] [.....172.16.0.1][57372] -> [..192.168.10.50][...80]
- guessed: [...207] [ip4][..tcp] [.....172.16.0.1][55942] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...207] [ip4][..tcp] [.....172.16.0.1][55942] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...207] [ip4][..tcp] [.....172.16.0.1][55942] -> [..192.168.10.50][...80]
- guessed: [...208] [ip4][..tcp] [.....172.16.0.1][55968] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...208] [ip4][..tcp] [.....172.16.0.1][55968] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...208] [ip4][..tcp] [.....172.16.0.1][55968] -> [..192.168.10.50][...80]
- guessed: [...209] [ip4][..tcp] [.....172.16.0.1][55982] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...209] [ip4][..tcp] [.....172.16.0.1][55982] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...209] [ip4][..tcp] [.....172.16.0.1][55982] -> [..192.168.10.50][...80]
- guessed: [...210] [ip4][..tcp] [.....172.16.0.1][55996] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...210] [ip4][..tcp] [.....172.16.0.1][55996] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...210] [ip4][..tcp] [.....172.16.0.1][55996] -> [..192.168.10.50][...80]
- guessed: [...211] [ip4][..tcp] [.....172.16.0.1][56022] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...211] [ip4][..tcp] [.....172.16.0.1][56022] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...211] [ip4][..tcp] [.....172.16.0.1][56022] -> [..192.168.10.50][...80]
- guessed: [...212] [ip4][..tcp] [.....172.16.0.1][56036] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...212] [ip4][..tcp] [.....172.16.0.1][56036] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...212] [ip4][..tcp] [.....172.16.0.1][56036] -> [..192.168.10.50][...80]
new: [...287] [ip4][..tcp] [.....172.16.0.1][57386] -> [..192.168.10.50][...80]
new: [...288] [ip4][..tcp] [.....172.16.0.1][57400] -> [..192.168.10.50][...80]
@@ -829,17 +829,17 @@
new: [...290] [ip4][..tcp] [.....172.16.0.1][57440] -> [..192.168.10.50][...80]
new: [...291] [ip4][..tcp] [.....172.16.0.1][57454] -> [..192.168.10.50][...80]
new: [...292] [ip4][..tcp] [.....172.16.0.1][57480] -> [..192.168.10.50][...80]
- guessed: [...213] [ip4][..tcp] [.....172.16.0.1][56062] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...213] [ip4][..tcp] [.....172.16.0.1][56062] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...213] [ip4][..tcp] [.....172.16.0.1][56062] -> [..192.168.10.50][...80]
- guessed: [...214] [ip4][..tcp] [.....172.16.0.1][56076] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...214] [ip4][..tcp] [.....172.16.0.1][56076] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...214] [ip4][..tcp] [.....172.16.0.1][56076] -> [..192.168.10.50][...80]
- guessed: [...215] [ip4][..tcp] [.....172.16.0.1][56090] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...215] [ip4][..tcp] [.....172.16.0.1][56090] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...215] [ip4][..tcp] [.....172.16.0.1][56090] -> [..192.168.10.50][...80]
- guessed: [...216] [ip4][..tcp] [.....172.16.0.1][56116] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...216] [ip4][..tcp] [.....172.16.0.1][56116] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...216] [ip4][..tcp] [.....172.16.0.1][56116] -> [..192.168.10.50][...80]
- guessed: [...217] [ip4][..tcp] [.....172.16.0.1][56130] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...217] [ip4][..tcp] [.....172.16.0.1][56130] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...217] [ip4][..tcp] [.....172.16.0.1][56130] -> [..192.168.10.50][...80]
- guessed: [...218] [ip4][..tcp] [.....172.16.0.1][56144] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...218] [ip4][..tcp] [.....172.16.0.1][56144] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...218] [ip4][..tcp] [.....172.16.0.1][56144] -> [..192.168.10.50][...80]
new: [...293] [ip4][..tcp] [.....172.16.0.1][57494] -> [..192.168.10.50][...80]
new: [...294] [ip4][..tcp] [.....172.16.0.1][57508] -> [..192.168.10.50][...80]
@@ -848,17 +848,17 @@
new: [...297] [ip4][..tcp] [.....172.16.0.1][57550] -> [..192.168.10.50][...80]
new: [...298] [ip4][..tcp] [.....172.16.0.1][57576] -> [..192.168.10.50][...80]
new: [...299] [ip4][..tcp] [.....172.16.0.1][57590] -> [..192.168.10.50][...80]
- guessed: [...219] [ip4][..tcp] [.....172.16.0.1][56158] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...219] [ip4][..tcp] [.....172.16.0.1][56158] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...219] [ip4][..tcp] [.....172.16.0.1][56158] -> [..192.168.10.50][...80]
- guessed: [...220] [ip4][..tcp] [.....172.16.0.1][56172] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...220] [ip4][..tcp] [.....172.16.0.1][56172] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...220] [ip4][..tcp] [.....172.16.0.1][56172] -> [..192.168.10.50][...80]
- guessed: [...221] [ip4][..tcp] [.....172.16.0.1][56186] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...221] [ip4][..tcp] [.....172.16.0.1][56186] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...221] [ip4][..tcp] [.....172.16.0.1][56186] -> [..192.168.10.50][...80]
- guessed: [...222] [ip4][..tcp] [.....172.16.0.1][56212] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...222] [ip4][..tcp] [.....172.16.0.1][56212] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...222] [ip4][..tcp] [.....172.16.0.1][56212] -> [..192.168.10.50][...80]
- guessed: [...223] [ip4][..tcp] [.....172.16.0.1][56226] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...223] [ip4][..tcp] [.....172.16.0.1][56226] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...223] [ip4][..tcp] [.....172.16.0.1][56226] -> [..192.168.10.50][...80]
- guessed: [...224] [ip4][..tcp] [.....172.16.0.1][56240] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...224] [ip4][..tcp] [.....172.16.0.1][56240] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...224] [ip4][..tcp] [.....172.16.0.1][56240] -> [..192.168.10.50][...80]
new: [...300] [ip4][..tcp] [.....172.16.0.1][57604] -> [..192.168.10.50][...80]
new: [...301] [ip4][..tcp] [.....172.16.0.1][57630] -> [..192.168.10.50][...80]
@@ -866,25 +866,25 @@
new: [...303] [ip4][..tcp] [.....172.16.0.1][57658] -> [..192.168.10.50][...80]
new: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80]
new: [...305] [ip4][..tcp] [.....172.16.0.1][57698] -> [..192.168.10.50][...80]
- end: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
- guessed: [...225] [ip4][..tcp] [.....172.16.0.1][56266] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...190] [ip4][..tcp] [.....172.16.0.1][55632] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...225] [ip4][..tcp] [.....172.16.0.1][56266] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...225] [ip4][..tcp] [.....172.16.0.1][56266] -> [..192.168.10.50][...80]
- guessed: [...226] [ip4][..tcp] [.....172.16.0.1][56280] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...226] [ip4][..tcp] [.....172.16.0.1][56280] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...226] [ip4][..tcp] [.....172.16.0.1][56280] -> [..192.168.10.50][...80]
- guessed: [...228] [ip4][..tcp] [.....172.16.0.1][56320] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...228] [ip4][..tcp] [.....172.16.0.1][56320] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...228] [ip4][..tcp] [.....172.16.0.1][56320] -> [..192.168.10.50][...80]
- guessed: [...229] [ip4][..tcp] [.....172.16.0.1][56334] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...229] [ip4][..tcp] [.....172.16.0.1][56334] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...229] [ip4][..tcp] [.....172.16.0.1][56334] -> [..192.168.10.50][...80]
- guessed: [...230] [ip4][..tcp] [.....172.16.0.1][56360] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...230] [ip4][..tcp] [.....172.16.0.1][56360] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...230] [ip4][..tcp] [.....172.16.0.1][56360] -> [..192.168.10.50][...80]
new: [...306] [ip4][..tcp] [.....172.16.0.1][57712] -> [..192.168.10.50][...80]
- detected: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...307] [ip4][..tcp] [.....172.16.0.1][57738] -> [..192.168.10.50][...80]
new: [...308] [ip4][..tcp] [.....172.16.0.1][57752] -> [..192.168.10.50][...80]
new: [...309] [ip4][..tcp] [.....172.16.0.1][57778] -> [..192.168.10.50][...80]
- analyse: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.536| 0.567| 0.877| 769788.412| 3.700]
[PKTLEN......: 52.000| 1920.000| 713.700| 750.900| 563862.500| 4.200]
@@ -896,17 +896,17 @@
[ENTROPIES...: 4.6,5.0,4.8,5.9,4.8,7.7,4.6,6.0,7.8,4.8,5.9,7.7,4.8,6.0,7.8,4.9,5.9,7.7,4.8,6.0,7.8,4.8,5.9,7.7,4.8,6.0,7.8,4.8,5.9,7.7,4.8,6.0]
new: [...310] [ip4][..tcp] [.....172.16.0.1][57792] -> [..192.168.10.50][...80]
new: [...311] [ip4][..tcp] [.....172.16.0.1][57806] -> [..192.168.10.50][...80]
- guessed: [...231] [ip4][..tcp] [.....172.16.0.1][56374] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...231] [ip4][..tcp] [.....172.16.0.1][56374] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...231] [ip4][..tcp] [.....172.16.0.1][56374] -> [..192.168.10.50][...80]
- guessed: [...232] [ip4][..tcp] [.....172.16.0.1][56400] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...232] [ip4][..tcp] [.....172.16.0.1][56400] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...232] [ip4][..tcp] [.....172.16.0.1][56400] -> [..192.168.10.50][...80]
- guessed: [...233] [ip4][..tcp] [.....172.16.0.1][56414] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...233] [ip4][..tcp] [.....172.16.0.1][56414] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...233] [ip4][..tcp] [.....172.16.0.1][56414] -> [..192.168.10.50][...80]
- guessed: [...234] [ip4][..tcp] [.....172.16.0.1][56428] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...234] [ip4][..tcp] [.....172.16.0.1][56428] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...234] [ip4][..tcp] [.....172.16.0.1][56428] -> [..192.168.10.50][...80]
- guessed: [...235] [ip4][..tcp] [.....172.16.0.1][56454] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...235] [ip4][..tcp] [.....172.16.0.1][56454] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...235] [ip4][..tcp] [.....172.16.0.1][56454] -> [..192.168.10.50][...80]
- guessed: [...236] [ip4][..tcp] [.....172.16.0.1][56468] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...236] [ip4][..tcp] [.....172.16.0.1][56468] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...236] [ip4][..tcp] [.....172.16.0.1][56468] -> [..192.168.10.50][...80]
new: [...312] [ip4][..tcp] [.....172.16.0.1][57832] -> [..192.168.10.50][...80]
new: [...313] [ip4][..tcp] [.....172.16.0.1][57846] -> [..192.168.10.50][...80]
@@ -914,34 +914,34 @@
new: [...315] [ip4][..tcp] [.....172.16.0.1][57886] -> [..192.168.10.50][...80]
new: [...316] [ip4][..tcp] [.....172.16.0.1][57900] -> [..192.168.10.50][...80]
new: [...317] [ip4][..tcp] [.....172.16.0.1][57914] -> [..192.168.10.50][...80]
- guessed: [...237] [ip4][..tcp] [.....172.16.0.1][56482] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...237] [ip4][..tcp] [.....172.16.0.1][56482] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...237] [ip4][..tcp] [.....172.16.0.1][56482] -> [..192.168.10.50][...80]
- guessed: [...238] [ip4][..tcp] [.....172.16.0.1][56508] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...238] [ip4][..tcp] [.....172.16.0.1][56508] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...238] [ip4][..tcp] [.....172.16.0.1][56508] -> [..192.168.10.50][...80]
- guessed: [...239] [ip4][..tcp] [.....172.16.0.1][56522] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...239] [ip4][..tcp] [.....172.16.0.1][56522] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...239] [ip4][..tcp] [.....172.16.0.1][56522] -> [..192.168.10.50][...80]
- guessed: [...240] [ip4][..tcp] [.....172.16.0.1][56536] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...240] [ip4][..tcp] [.....172.16.0.1][56536] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...240] [ip4][..tcp] [.....172.16.0.1][56536] -> [..192.168.10.50][...80]
- guessed: [...241] [ip4][..tcp] [.....172.16.0.1][56562] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...241] [ip4][..tcp] [.....172.16.0.1][56562] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...241] [ip4][..tcp] [.....172.16.0.1][56562] -> [..192.168.10.50][...80]
- guessed: [...242] [ip4][..tcp] [.....172.16.0.1][56576] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...242] [ip4][..tcp] [.....172.16.0.1][56576] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...242] [ip4][..tcp] [.....172.16.0.1][56576] -> [..192.168.10.50][...80]
new: [...318] [ip4][..tcp] [.....172.16.0.1][57940] -> [..192.168.10.50][...80]
new: [...319] [ip4][..tcp] [.....172.16.0.1][57954] -> [..192.168.10.50][...80]
new: [...320] [ip4][..tcp] [.....172.16.0.1][57980] -> [..192.168.10.50][...80]
new: [...321] [ip4][..tcp] [.....172.16.0.1][57994] -> [..192.168.10.50][...80]
new: [...322] [ip4][..tcp] [.....172.16.0.1][58008] -> [..192.168.10.50][...80]
- guessed: [...243] [ip4][..tcp] [.....172.16.0.1][56590] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...243] [ip4][..tcp] [.....172.16.0.1][56590] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...243] [ip4][..tcp] [.....172.16.0.1][56590] -> [..192.168.10.50][...80]
- guessed: [...244] [ip4][..tcp] [.....172.16.0.1][56616] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...244] [ip4][..tcp] [.....172.16.0.1][56616] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...244] [ip4][..tcp] [.....172.16.0.1][56616] -> [..192.168.10.50][...80]
- guessed: [...245] [ip4][..tcp] [.....172.16.0.1][56630] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...245] [ip4][..tcp] [.....172.16.0.1][56630] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...245] [ip4][..tcp] [.....172.16.0.1][56630] -> [..192.168.10.50][...80]
- guessed: [...246] [ip4][..tcp] [.....172.16.0.1][56644] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...246] [ip4][..tcp] [.....172.16.0.1][56644] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...246] [ip4][..tcp] [.....172.16.0.1][56644] -> [..192.168.10.50][...80]
- guessed: [...247] [ip4][..tcp] [.....172.16.0.1][56670] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...247] [ip4][..tcp] [.....172.16.0.1][56670] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...247] [ip4][..tcp] [.....172.16.0.1][56670] -> [..192.168.10.50][...80]
- guessed: [...248] [ip4][..tcp] [.....172.16.0.1][56684] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...248] [ip4][..tcp] [.....172.16.0.1][56684] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...248] [ip4][..tcp] [.....172.16.0.1][56684] -> [..192.168.10.50][...80]
new: [...323] [ip4][..tcp] [.....172.16.0.1][58034] -> [..192.168.10.50][...80]
new: [...324] [ip4][..tcp] [.....172.16.0.1][58048] -> [..192.168.10.50][...80]
@@ -950,15 +950,15 @@
new: [...327] [ip4][..tcp] [.....172.16.0.1][58102] -> [..192.168.10.50][...80]
new: [...328] [ip4][..tcp] [.....172.16.0.1][58116] -> [..192.168.10.50][...80]
new: [...329] [ip4][..tcp] [.....172.16.0.1][58130] -> [..192.168.10.50][...80]
- guessed: [...249] [ip4][..tcp] [.....172.16.0.1][56710] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...249] [ip4][..tcp] [.....172.16.0.1][56710] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...249] [ip4][..tcp] [.....172.16.0.1][56710] -> [..192.168.10.50][...80]
- guessed: [...250] [ip4][..tcp] [.....172.16.0.1][56724] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...250] [ip4][..tcp] [.....172.16.0.1][56724] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...250] [ip4][..tcp] [.....172.16.0.1][56724] -> [..192.168.10.50][...80]
- guessed: [...251] [ip4][..tcp] [.....172.16.0.1][56738] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...251] [ip4][..tcp] [.....172.16.0.1][56738] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...251] [ip4][..tcp] [.....172.16.0.1][56738] -> [..192.168.10.50][...80]
- guessed: [...252] [ip4][..tcp] [.....172.16.0.1][56764] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...252] [ip4][..tcp] [.....172.16.0.1][56764] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...252] [ip4][..tcp] [.....172.16.0.1][56764] -> [..192.168.10.50][...80]
- guessed: [...253] [ip4][..tcp] [.....172.16.0.1][56778] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...253] [ip4][..tcp] [.....172.16.0.1][56778] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...253] [ip4][..tcp] [.....172.16.0.1][56778] -> [..192.168.10.50][...80]
new: [...330] [ip4][..tcp] [.....172.16.0.1][58144] -> [..192.168.10.50][...80]
new: [...331] [ip4][..tcp] [.....172.16.0.1][58158] -> [..192.168.10.50][...80]
@@ -968,17 +968,17 @@
DAEMON-EVENT: [Processed: 4739 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 82 / 334|skipped: 0|!detected: 0|guessed: 242|detection-updates: 0|updates: 0]
new: [...335] [ip4][..tcp] [.....172.16.0.1][58238] -> [..192.168.10.50][...80]
- guessed: [...254] [ip4][..tcp] [.....172.16.0.1][56792] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...254] [ip4][..tcp] [.....172.16.0.1][56792] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...254] [ip4][..tcp] [.....172.16.0.1][56792] -> [..192.168.10.50][...80]
- guessed: [...255] [ip4][..tcp] [.....172.16.0.1][56818] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...255] [ip4][..tcp] [.....172.16.0.1][56818] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...255] [ip4][..tcp] [.....172.16.0.1][56818] -> [..192.168.10.50][...80]
- guessed: [...256] [ip4][..tcp] [.....172.16.0.1][56832] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...256] [ip4][..tcp] [.....172.16.0.1][56832] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...256] [ip4][..tcp] [.....172.16.0.1][56832] -> [..192.168.10.50][...80]
- guessed: [...257] [ip4][..tcp] [.....172.16.0.1][56858] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...257] [ip4][..tcp] [.....172.16.0.1][56858] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...257] [ip4][..tcp] [.....172.16.0.1][56858] -> [..192.168.10.50][...80]
- guessed: [...258] [ip4][..tcp] [.....172.16.0.1][56872] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...258] [ip4][..tcp] [.....172.16.0.1][56872] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...258] [ip4][..tcp] [.....172.16.0.1][56872] -> [..192.168.10.50][...80]
- guessed: [...259] [ip4][..tcp] [.....172.16.0.1][56886] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...259] [ip4][..tcp] [.....172.16.0.1][56886] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...259] [ip4][..tcp] [.....172.16.0.1][56886] -> [..192.168.10.50][...80]
new: [...336] [ip4][..tcp] [.....172.16.0.1][58252] -> [..192.168.10.50][...80]
new: [...337] [ip4][..tcp] [.....172.16.0.1][58278] -> [..192.168.10.50][...80]
@@ -986,41 +986,41 @@
new: [...339] [ip4][..tcp] [.....172.16.0.1][58306] -> [..192.168.10.50][...80]
new: [...340] [ip4][..tcp] [.....172.16.0.1][58332] -> [..192.168.10.50][...80]
new: [...341] [ip4][..tcp] [.....172.16.0.1][58346] -> [..192.168.10.50][...80]
- guessed: [...260] [ip4][..tcp] [.....172.16.0.1][56912] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...260] [ip4][..tcp] [.....172.16.0.1][56912] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...260] [ip4][..tcp] [.....172.16.0.1][56912] -> [..192.168.10.50][...80]
- guessed: [...261] [ip4][..tcp] [.....172.16.0.1][56926] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...261] [ip4][..tcp] [.....172.16.0.1][56926] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...261] [ip4][..tcp] [.....172.16.0.1][56926] -> [..192.168.10.50][...80]
- guessed: [...262] [ip4][..tcp] [.....172.16.0.1][56940] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...262] [ip4][..tcp] [.....172.16.0.1][56940] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...262] [ip4][..tcp] [.....172.16.0.1][56940] -> [..192.168.10.50][...80]
- guessed: [...263] [ip4][..tcp] [.....172.16.0.1][56966] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...263] [ip4][..tcp] [.....172.16.0.1][56966] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...263] [ip4][..tcp] [.....172.16.0.1][56966] -> [..192.168.10.50][...80]
- guessed: [...264] [ip4][..tcp] [.....172.16.0.1][56980] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...264] [ip4][..tcp] [.....172.16.0.1][56980] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...264] [ip4][..tcp] [.....172.16.0.1][56980] -> [..192.168.10.50][...80]
- guessed: [...266] [ip4][..tcp] [.....172.16.0.1][57008] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...266] [ip4][..tcp] [.....172.16.0.1][57008] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...266] [ip4][..tcp] [.....172.16.0.1][57008] -> [..192.168.10.50][...80]
- end: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
+ end: [...227] [ip4][..tcp] [.....172.16.0.1][56306] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80]
new: [...343] [ip4][..tcp] [.....172.16.0.1][58386] -> [..192.168.10.50][...80]
new: [...344] [ip4][..tcp] [.....172.16.0.1][58400] -> [..192.168.10.50][...80]
- detected: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...345] [ip4][..tcp] [.....172.16.0.1][58414] -> [..192.168.10.50][...80]
new: [...346] [ip4][..tcp] [.....172.16.0.1][58440] -> [..192.168.10.50][...80]
new: [...347] [ip4][..tcp] [.....172.16.0.1][58454] -> [..192.168.10.50][...80]
- guessed: [...267] [ip4][..tcp] [.....172.16.0.1][57022] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...267] [ip4][..tcp] [.....172.16.0.1][57022] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...267] [ip4][..tcp] [.....172.16.0.1][57022] -> [..192.168.10.50][...80]
- guessed: [...268] [ip4][..tcp] [.....172.16.0.1][57036] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...268] [ip4][..tcp] [.....172.16.0.1][57036] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...268] [ip4][..tcp] [.....172.16.0.1][57036] -> [..192.168.10.50][...80]
- guessed: [...269] [ip4][..tcp] [.....172.16.0.1][57062] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...269] [ip4][..tcp] [.....172.16.0.1][57062] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...269] [ip4][..tcp] [.....172.16.0.1][57062] -> [..192.168.10.50][...80]
- guessed: [...270] [ip4][..tcp] [.....172.16.0.1][57076] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...270] [ip4][..tcp] [.....172.16.0.1][57076] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...270] [ip4][..tcp] [.....172.16.0.1][57076] -> [..192.168.10.50][...80]
- guessed: [...271] [ip4][..tcp] [.....172.16.0.1][57090] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...271] [ip4][..tcp] [.....172.16.0.1][57090] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...271] [ip4][..tcp] [.....172.16.0.1][57090] -> [..192.168.10.50][...80]
- guessed: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...272] [ip4][..tcp] [.....172.16.0.1][57116] -> [..192.168.10.50][...80]
- analyse: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.810| 0.603| 0.941| 884966.883| 3.700]
[PKTLEN......: 52.000| 1921.000| 716.800| 755.700| 571097.900| 4.200]
@@ -1037,34 +1037,34 @@
new: [...352] [ip4][..tcp] [.....172.16.0.1][58536] -> [..192.168.10.50][...80]
new: [...353] [ip4][..tcp] [.....172.16.0.1][58550] -> [..192.168.10.50][...80]
new: [...354] [ip4][..tcp] [.....172.16.0.1][58564] -> [..192.168.10.50][...80]
- guessed: [...273] [ip4][..tcp] [.....172.16.0.1][57130] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...273] [ip4][..tcp] [.....172.16.0.1][57130] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...273] [ip4][..tcp] [.....172.16.0.1][57130] -> [..192.168.10.50][...80]
- guessed: [...274] [ip4][..tcp] [.....172.16.0.1][57144] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...274] [ip4][..tcp] [.....172.16.0.1][57144] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...274] [ip4][..tcp] [.....172.16.0.1][57144] -> [..192.168.10.50][...80]
- guessed: [...275] [ip4][..tcp] [.....172.16.0.1][57170] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...275] [ip4][..tcp] [.....172.16.0.1][57170] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...275] [ip4][..tcp] [.....172.16.0.1][57170] -> [..192.168.10.50][...80]
- guessed: [...276] [ip4][..tcp] [.....172.16.0.1][57184] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...276] [ip4][..tcp] [.....172.16.0.1][57184] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...276] [ip4][..tcp] [.....172.16.0.1][57184] -> [..192.168.10.50][...80]
- guessed: [...277] [ip4][..tcp] [.....172.16.0.1][57210] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...277] [ip4][..tcp] [.....172.16.0.1][57210] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...277] [ip4][..tcp] [.....172.16.0.1][57210] -> [..192.168.10.50][...80]
- guessed: [...278] [ip4][..tcp] [.....172.16.0.1][57224] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...278] [ip4][..tcp] [.....172.16.0.1][57224] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...278] [ip4][..tcp] [.....172.16.0.1][57224] -> [..192.168.10.50][...80]
new: [...355] [ip4][..tcp] [.....172.16.0.1][58590] -> [..192.168.10.50][...80]
new: [...356] [ip4][..tcp] [.....172.16.0.1][58604] -> [..192.168.10.50][...80]
new: [...357] [ip4][..tcp] [.....172.16.0.1][58630] -> [..192.168.10.50][...80]
new: [...358] [ip4][..tcp] [.....172.16.0.1][58650] -> [..192.168.10.50][...80]
new: [...359] [ip4][..tcp] [.....172.16.0.1][58664] -> [..192.168.10.50][...80]
- guessed: [...279] [ip4][..tcp] [.....172.16.0.1][57238] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...279] [ip4][..tcp] [.....172.16.0.1][57238] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...279] [ip4][..tcp] [.....172.16.0.1][57238] -> [..192.168.10.50][...80]
- guessed: [...280] [ip4][..tcp] [.....172.16.0.1][57264] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...280] [ip4][..tcp] [.....172.16.0.1][57264] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...280] [ip4][..tcp] [.....172.16.0.1][57264] -> [..192.168.10.50][...80]
- guessed: [...281] [ip4][..tcp] [.....172.16.0.1][57278] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...281] [ip4][..tcp] [.....172.16.0.1][57278] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...281] [ip4][..tcp] [.....172.16.0.1][57278] -> [..192.168.10.50][...80]
- guessed: [...282] [ip4][..tcp] [.....172.16.0.1][57292] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...282] [ip4][..tcp] [.....172.16.0.1][57292] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...282] [ip4][..tcp] [.....172.16.0.1][57292] -> [..192.168.10.50][...80]
- guessed: [...283] [ip4][..tcp] [.....172.16.0.1][57318] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...283] [ip4][..tcp] [.....172.16.0.1][57318] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...283] [ip4][..tcp] [.....172.16.0.1][57318] -> [..192.168.10.50][...80]
- guessed: [...284] [ip4][..tcp] [.....172.16.0.1][57332] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...284] [ip4][..tcp] [.....172.16.0.1][57332] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...284] [ip4][..tcp] [.....172.16.0.1][57332] -> [..192.168.10.50][...80]
new: [...360] [ip4][..tcp] [.....172.16.0.1][58690] -> [..192.168.10.50][...80]
new: [...361] [ip4][..tcp] [.....172.16.0.1][58704] -> [..192.168.10.50][...80]
@@ -1072,17 +1072,17 @@
new: [...363] [ip4][..tcp] [.....172.16.0.1][58744] -> [..192.168.10.50][...80]
new: [...364] [ip4][..tcp] [.....172.16.0.1][58758] -> [..192.168.10.50][...80]
new: [...365] [ip4][..tcp] [.....172.16.0.1][58772] -> [..192.168.10.50][...80]
- guessed: [...285] [ip4][..tcp] [.....172.16.0.1][57346] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...285] [ip4][..tcp] [.....172.16.0.1][57346] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...285] [ip4][..tcp] [.....172.16.0.1][57346] -> [..192.168.10.50][...80]
- guessed: [...286] [ip4][..tcp] [.....172.16.0.1][57372] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...286] [ip4][..tcp] [.....172.16.0.1][57372] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...286] [ip4][..tcp] [.....172.16.0.1][57372] -> [..192.168.10.50][...80]
- guessed: [...287] [ip4][..tcp] [.....172.16.0.1][57386] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...287] [ip4][..tcp] [.....172.16.0.1][57386] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...287] [ip4][..tcp] [.....172.16.0.1][57386] -> [..192.168.10.50][...80]
- guessed: [...288] [ip4][..tcp] [.....172.16.0.1][57400] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...288] [ip4][..tcp] [.....172.16.0.1][57400] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...288] [ip4][..tcp] [.....172.16.0.1][57400] -> [..192.168.10.50][...80]
- guessed: [...289] [ip4][..tcp] [.....172.16.0.1][57426] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...289] [ip4][..tcp] [.....172.16.0.1][57426] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...289] [ip4][..tcp] [.....172.16.0.1][57426] -> [..192.168.10.50][...80]
- guessed: [...290] [ip4][..tcp] [.....172.16.0.1][57440] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...290] [ip4][..tcp] [.....172.16.0.1][57440] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...290] [ip4][..tcp] [.....172.16.0.1][57440] -> [..192.168.10.50][...80]
new: [...366] [ip4][..tcp] [.....172.16.0.1][58798] -> [..192.168.10.50][...80]
new: [...367] [ip4][..tcp] [.....172.16.0.1][58812] -> [..192.168.10.50][...80]
@@ -1090,19 +1090,19 @@
new: [...369] [ip4][..tcp] [.....172.16.0.1][58852] -> [..192.168.10.50][...80]
new: [...370] [ip4][..tcp] [.....172.16.0.1][58866] -> [..192.168.10.50][...80]
new: [...371] [ip4][..tcp] [.....172.16.0.1][58892] -> [..192.168.10.50][...80]
- guessed: [...291] [ip4][..tcp] [.....172.16.0.1][57454] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...291] [ip4][..tcp] [.....172.16.0.1][57454] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...291] [ip4][..tcp] [.....172.16.0.1][57454] -> [..192.168.10.50][...80]
- guessed: [...292] [ip4][..tcp] [.....172.16.0.1][57480] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...292] [ip4][..tcp] [.....172.16.0.1][57480] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...292] [ip4][..tcp] [.....172.16.0.1][57480] -> [..192.168.10.50][...80]
- guessed: [...293] [ip4][..tcp] [.....172.16.0.1][57494] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...293] [ip4][..tcp] [.....172.16.0.1][57494] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...293] [ip4][..tcp] [.....172.16.0.1][57494] -> [..192.168.10.50][...80]
- guessed: [...294] [ip4][..tcp] [.....172.16.0.1][57508] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...294] [ip4][..tcp] [.....172.16.0.1][57508] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...294] [ip4][..tcp] [.....172.16.0.1][57508] -> [..192.168.10.50][...80]
- guessed: [...295] [ip4][..tcp] [.....172.16.0.1][57522] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...295] [ip4][..tcp] [.....172.16.0.1][57522] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...295] [ip4][..tcp] [.....172.16.0.1][57522] -> [..192.168.10.50][...80]
- guessed: [...296] [ip4][..tcp] [.....172.16.0.1][57536] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...296] [ip4][..tcp] [.....172.16.0.1][57536] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...296] [ip4][..tcp] [.....172.16.0.1][57536] -> [..192.168.10.50][...80]
- guessed: [...297] [ip4][..tcp] [.....172.16.0.1][57550] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...297] [ip4][..tcp] [.....172.16.0.1][57550] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...297] [ip4][..tcp] [.....172.16.0.1][57550] -> [..192.168.10.50][...80]
new: [...372] [ip4][..tcp] [.....172.16.0.1][58906] -> [..192.168.10.50][...80]
new: [...373] [ip4][..tcp] [.....172.16.0.1][58920] -> [..192.168.10.50][...80]
@@ -1111,38 +1111,38 @@
new: [...376] [ip4][..tcp] [.....172.16.0.1][58974] -> [..192.168.10.50][...80]
new: [...377] [ip4][..tcp] [.....172.16.0.1][58988] -> [..192.168.10.50][...80]
new: [...378] [ip4][..tcp] [.....172.16.0.1][59002] -> [..192.168.10.50][...80]
- end: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
- guessed: [...298] [ip4][..tcp] [.....172.16.0.1][57576] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...265] [ip4][..tcp] [.....172.16.0.1][56994] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...298] [ip4][..tcp] [.....172.16.0.1][57576] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...298] [ip4][..tcp] [.....172.16.0.1][57576] -> [..192.168.10.50][...80]
- guessed: [...299] [ip4][..tcp] [.....172.16.0.1][57590] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...299] [ip4][..tcp] [.....172.16.0.1][57590] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...299] [ip4][..tcp] [.....172.16.0.1][57590] -> [..192.168.10.50][...80]
- guessed: [...300] [ip4][..tcp] [.....172.16.0.1][57604] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...300] [ip4][..tcp] [.....172.16.0.1][57604] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...300] [ip4][..tcp] [.....172.16.0.1][57604] -> [..192.168.10.50][...80]
- guessed: [...301] [ip4][..tcp] [.....172.16.0.1][57630] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...301] [ip4][..tcp] [.....172.16.0.1][57630] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...301] [ip4][..tcp] [.....172.16.0.1][57630] -> [..192.168.10.50][...80]
- guessed: [...302] [ip4][..tcp] [.....172.16.0.1][57644] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...302] [ip4][..tcp] [.....172.16.0.1][57644] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...302] [ip4][..tcp] [.....172.16.0.1][57644] -> [..192.168.10.50][...80]
- guessed: [...303] [ip4][..tcp] [.....172.16.0.1][57658] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...303] [ip4][..tcp] [.....172.16.0.1][57658] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...303] [ip4][..tcp] [.....172.16.0.1][57658] -> [..192.168.10.50][...80]
new: [...379] [ip4][..tcp] [.....172.16.0.1][59016] -> [..192.168.10.50][...80]
new: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80]
new: [...381] [ip4][..tcp] [.....172.16.0.1][59056] -> [..192.168.10.50][...80]
new: [...382] [ip4][..tcp] [.....172.16.0.1][59070] -> [..192.168.10.50][...80]
- detected: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...383] [ip4][..tcp] [.....172.16.0.1][59096] -> [..192.168.10.50][...80]
new: [...384] [ip4][..tcp] [.....172.16.0.1][59110] -> [..192.168.10.50][...80]
- guessed: [...305] [ip4][..tcp] [.....172.16.0.1][57698] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...305] [ip4][..tcp] [.....172.16.0.1][57698] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...305] [ip4][..tcp] [.....172.16.0.1][57698] -> [..192.168.10.50][...80]
- guessed: [...306] [ip4][..tcp] [.....172.16.0.1][57712] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...306] [ip4][..tcp] [.....172.16.0.1][57712] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...306] [ip4][..tcp] [.....172.16.0.1][57712] -> [..192.168.10.50][...80]
- guessed: [...307] [ip4][..tcp] [.....172.16.0.1][57738] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...307] [ip4][..tcp] [.....172.16.0.1][57738] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...307] [ip4][..tcp] [.....172.16.0.1][57738] -> [..192.168.10.50][...80]
- guessed: [...308] [ip4][..tcp] [.....172.16.0.1][57752] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...308] [ip4][..tcp] [.....172.16.0.1][57752] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...308] [ip4][..tcp] [.....172.16.0.1][57752] -> [..192.168.10.50][...80]
new: [...385] [ip4][..tcp] [.....172.16.0.1][59124] -> [..192.168.10.50][...80]
- analyse: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 4.823| 0.637| 1.173| 1374936.236| 3.400]
[PKTLEN......: 52.000| 1921.000| 695.600| 759.800| 577334.100| 4.100]
@@ -1158,17 +1158,17 @@
new: [...389] [ip4][..tcp] [.....172.16.0.1][59192] -> [..192.168.10.50][...80]
new: [...390] [ip4][..tcp] [.....172.16.0.1][59206] -> [..192.168.10.50][...80]
new: [...391] [ip4][..tcp] [.....172.16.0.1][59220] -> [..192.168.10.50][...80]
- guessed: [...309] [ip4][..tcp] [.....172.16.0.1][57778] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...309] [ip4][..tcp] [.....172.16.0.1][57778] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...309] [ip4][..tcp] [.....172.16.0.1][57778] -> [..192.168.10.50][...80]
- guessed: [...310] [ip4][..tcp] [.....172.16.0.1][57792] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...310] [ip4][..tcp] [.....172.16.0.1][57792] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...310] [ip4][..tcp] [.....172.16.0.1][57792] -> [..192.168.10.50][...80]
- guessed: [...311] [ip4][..tcp] [.....172.16.0.1][57806] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...311] [ip4][..tcp] [.....172.16.0.1][57806] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...311] [ip4][..tcp] [.....172.16.0.1][57806] -> [..192.168.10.50][...80]
- guessed: [...312] [ip4][..tcp] [.....172.16.0.1][57832] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...312] [ip4][..tcp] [.....172.16.0.1][57832] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...312] [ip4][..tcp] [.....172.16.0.1][57832] -> [..192.168.10.50][...80]
- guessed: [...313] [ip4][..tcp] [.....172.16.0.1][57846] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...313] [ip4][..tcp] [.....172.16.0.1][57846] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...313] [ip4][..tcp] [.....172.16.0.1][57846] -> [..192.168.10.50][...80]
- guessed: [...314] [ip4][..tcp] [.....172.16.0.1][57860] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...314] [ip4][..tcp] [.....172.16.0.1][57860] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...314] [ip4][..tcp] [.....172.16.0.1][57860] -> [..192.168.10.50][...80]
new: [...392] [ip4][..tcp] [.....172.16.0.1][59246] -> [..192.168.10.50][...80]
new: [...393] [ip4][..tcp] [.....172.16.0.1][59260] -> [..192.168.10.50][...80]
@@ -1176,17 +1176,17 @@
new: [...395] [ip4][..tcp] [.....172.16.0.1][59300] -> [..192.168.10.50][...80]
new: [...396] [ip4][..tcp] [.....172.16.0.1][59314] -> [..192.168.10.50][...80]
new: [...397] [ip4][..tcp] [.....172.16.0.1][59328] -> [..192.168.10.50][...80]
- guessed: [...315] [ip4][..tcp] [.....172.16.0.1][57886] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...315] [ip4][..tcp] [.....172.16.0.1][57886] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...315] [ip4][..tcp] [.....172.16.0.1][57886] -> [..192.168.10.50][...80]
- guessed: [...316] [ip4][..tcp] [.....172.16.0.1][57900] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...316] [ip4][..tcp] [.....172.16.0.1][57900] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...316] [ip4][..tcp] [.....172.16.0.1][57900] -> [..192.168.10.50][...80]
- guessed: [...317] [ip4][..tcp] [.....172.16.0.1][57914] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...317] [ip4][..tcp] [.....172.16.0.1][57914] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...317] [ip4][..tcp] [.....172.16.0.1][57914] -> [..192.168.10.50][...80]
- guessed: [...318] [ip4][..tcp] [.....172.16.0.1][57940] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...318] [ip4][..tcp] [.....172.16.0.1][57940] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...318] [ip4][..tcp] [.....172.16.0.1][57940] -> [..192.168.10.50][...80]
- guessed: [...319] [ip4][..tcp] [.....172.16.0.1][57954] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...319] [ip4][..tcp] [.....172.16.0.1][57954] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...319] [ip4][..tcp] [.....172.16.0.1][57954] -> [..192.168.10.50][...80]
- guessed: [...320] [ip4][..tcp] [.....172.16.0.1][57980] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...320] [ip4][..tcp] [.....172.16.0.1][57980] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...320] [ip4][..tcp] [.....172.16.0.1][57980] -> [..192.168.10.50][...80]
new: [...398] [ip4][..tcp] [.....172.16.0.1][59354] -> [..192.168.10.50][...80]
new: [...399] [ip4][..tcp] [.....172.16.0.1][59368] -> [..192.168.10.50][...80]
@@ -1194,36 +1194,36 @@
new: [...401] [ip4][..tcp] [.....172.16.0.1][59408] -> [..192.168.10.50][...80]
new: [...402] [ip4][..tcp] [.....172.16.0.1][59422] -> [..192.168.10.50][...80]
new: [...403] [ip4][..tcp] [.....172.16.0.1][59436] -> [..192.168.10.50][...80]
- guessed: [...321] [ip4][..tcp] [.....172.16.0.1][57994] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...321] [ip4][..tcp] [.....172.16.0.1][57994] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...321] [ip4][..tcp] [.....172.16.0.1][57994] -> [..192.168.10.50][...80]
- guessed: [...322] [ip4][..tcp] [.....172.16.0.1][58008] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...322] [ip4][..tcp] [.....172.16.0.1][58008] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...322] [ip4][..tcp] [.....172.16.0.1][58008] -> [..192.168.10.50][...80]
- guessed: [...323] [ip4][..tcp] [.....172.16.0.1][58034] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...323] [ip4][..tcp] [.....172.16.0.1][58034] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...323] [ip4][..tcp] [.....172.16.0.1][58034] -> [..192.168.10.50][...80]
- guessed: [...324] [ip4][..tcp] [.....172.16.0.1][58048] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...324] [ip4][..tcp] [.....172.16.0.1][58048] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...324] [ip4][..tcp] [.....172.16.0.1][58048] -> [..192.168.10.50][...80]
- guessed: [...325] [ip4][..tcp] [.....172.16.0.1][58062] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...325] [ip4][..tcp] [.....172.16.0.1][58062] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...325] [ip4][..tcp] [.....172.16.0.1][58062] -> [..192.168.10.50][...80]
- guessed: [...326] [ip4][..tcp] [.....172.16.0.1][58088] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...326] [ip4][..tcp] [.....172.16.0.1][58088] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...326] [ip4][..tcp] [.....172.16.0.1][58088] -> [..192.168.10.50][...80]
new: [...404] [ip4][..tcp] [.....172.16.0.1][59462] -> [..192.168.10.50][...80]
new: [...405] [ip4][..tcp] [.....172.16.0.1][59476] -> [..192.168.10.50][...80]
new: [...406] [ip4][..tcp] [.....172.16.0.1][59502] -> [..192.168.10.50][...80]
new: [...407] [ip4][..tcp] [.....172.16.0.1][59516] -> [..192.168.10.50][...80]
new: [...408] [ip4][..tcp] [.....172.16.0.1][59530] -> [..192.168.10.50][...80]
- guessed: [...327] [ip4][..tcp] [.....172.16.0.1][58102] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...327] [ip4][..tcp] [.....172.16.0.1][58102] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...327] [ip4][..tcp] [.....172.16.0.1][58102] -> [..192.168.10.50][...80]
- guessed: [...328] [ip4][..tcp] [.....172.16.0.1][58116] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...328] [ip4][..tcp] [.....172.16.0.1][58116] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...328] [ip4][..tcp] [.....172.16.0.1][58116] -> [..192.168.10.50][...80]
- guessed: [...329] [ip4][..tcp] [.....172.16.0.1][58130] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...329] [ip4][..tcp] [.....172.16.0.1][58130] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...329] [ip4][..tcp] [.....172.16.0.1][58130] -> [..192.168.10.50][...80]
- guessed: [...330] [ip4][..tcp] [.....172.16.0.1][58144] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...330] [ip4][..tcp] [.....172.16.0.1][58144] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...330] [ip4][..tcp] [.....172.16.0.1][58144] -> [..192.168.10.50][...80]
- guessed: [...331] [ip4][..tcp] [.....172.16.0.1][58158] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...331] [ip4][..tcp] [.....172.16.0.1][58158] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...331] [ip4][..tcp] [.....172.16.0.1][58158] -> [..192.168.10.50][...80]
- guessed: [...332] [ip4][..tcp] [.....172.16.0.1][58184] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...332] [ip4][..tcp] [.....172.16.0.1][58184] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...332] [ip4][..tcp] [.....172.16.0.1][58184] -> [..192.168.10.50][...80]
- guessed: [...333] [ip4][..tcp] [.....172.16.0.1][58198] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...333] [ip4][..tcp] [.....172.16.0.1][58198] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...333] [ip4][..tcp] [.....172.16.0.1][58198] -> [..192.168.10.50][...80]
new: [...409] [ip4][..tcp] [.....172.16.0.1][59556] -> [..192.168.10.50][...80]
new: [...410] [ip4][..tcp] [.....172.16.0.1][59570] -> [..192.168.10.50][...80]
@@ -1231,17 +1231,17 @@
new: [...412] [ip4][..tcp] [.....172.16.0.1][59610] -> [..192.168.10.50][...80]
new: [...413] [ip4][..tcp] [.....172.16.0.1][59624] -> [..192.168.10.50][...80]
new: [...414] [ip4][..tcp] [.....172.16.0.1][59650] -> [..192.168.10.50][...80]
- guessed: [...334] [ip4][..tcp] [.....172.16.0.1][58224] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...334] [ip4][..tcp] [.....172.16.0.1][58224] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...334] [ip4][..tcp] [.....172.16.0.1][58224] -> [..192.168.10.50][...80]
- guessed: [...335] [ip4][..tcp] [.....172.16.0.1][58238] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...335] [ip4][..tcp] [.....172.16.0.1][58238] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...335] [ip4][..tcp] [.....172.16.0.1][58238] -> [..192.168.10.50][...80]
- guessed: [...336] [ip4][..tcp] [.....172.16.0.1][58252] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...336] [ip4][..tcp] [.....172.16.0.1][58252] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...336] [ip4][..tcp] [.....172.16.0.1][58252] -> [..192.168.10.50][...80]
- guessed: [...337] [ip4][..tcp] [.....172.16.0.1][58278] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...337] [ip4][..tcp] [.....172.16.0.1][58278] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...337] [ip4][..tcp] [.....172.16.0.1][58278] -> [..192.168.10.50][...80]
- guessed: [...338] [ip4][..tcp] [.....172.16.0.1][58292] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...338] [ip4][..tcp] [.....172.16.0.1][58292] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...338] [ip4][..tcp] [.....172.16.0.1][58292] -> [..192.168.10.50][...80]
- guessed: [...339] [ip4][..tcp] [.....172.16.0.1][58306] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...339] [ip4][..tcp] [.....172.16.0.1][58306] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...339] [ip4][..tcp] [.....172.16.0.1][58306] -> [..192.168.10.50][...80]
new: [...415] [ip4][..tcp] [.....172.16.0.1][59664] -> [..192.168.10.50][...80]
new: [...416] [ip4][..tcp] [.....172.16.0.1][59678] -> [..192.168.10.50][...80]
@@ -1249,25 +1249,25 @@
new: [...418] [ip4][..tcp] [.....172.16.0.1][59718] -> [..192.168.10.50][...80]
new: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80]
new: [...420] [ip4][..tcp] [.....172.16.0.1][59758] -> [..192.168.10.50][...80]
- end: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [...340] [ip4][..tcp] [.....172.16.0.1][58332] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...304] [ip4][..tcp] [.....172.16.0.1][57684] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...340] [ip4][..tcp] [.....172.16.0.1][58332] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...340] [ip4][..tcp] [.....172.16.0.1][58332] -> [..192.168.10.50][...80]
- guessed: [...341] [ip4][..tcp] [.....172.16.0.1][58346] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...341] [ip4][..tcp] [.....172.16.0.1][58346] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...341] [ip4][..tcp] [.....172.16.0.1][58346] -> [..192.168.10.50][...80]
- guessed: [...343] [ip4][..tcp] [.....172.16.0.1][58386] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...343] [ip4][..tcp] [.....172.16.0.1][58386] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...343] [ip4][..tcp] [.....172.16.0.1][58386] -> [..192.168.10.50][...80]
- guessed: [...344] [ip4][..tcp] [.....172.16.0.1][58400] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...344] [ip4][..tcp] [.....172.16.0.1][58400] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...344] [ip4][..tcp] [.....172.16.0.1][58400] -> [..192.168.10.50][...80]
- guessed: [...345] [ip4][..tcp] [.....172.16.0.1][58414] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...345] [ip4][..tcp] [.....172.16.0.1][58414] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...345] [ip4][..tcp] [.....172.16.0.1][58414] -> [..192.168.10.50][...80]
new: [...421] [ip4][..tcp] [.....172.16.0.1][59772] -> [..192.168.10.50][...80]
- detected: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...422] [ip4][..tcp] [.....172.16.0.1][59786] -> [..192.168.10.50][...80]
new: [...423] [ip4][..tcp] [.....172.16.0.1][59812] -> [..192.168.10.50][...80]
new: [...424] [ip4][..tcp] [.....172.16.0.1][59826] -> [..192.168.10.50][...80]
- analyse: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.767| 0.604| 0.933| 871184.138| 3.700]
[PKTLEN......: 52.000| 1921.000| 716.800| 755.700| 571022.900| 4.200]
@@ -1279,17 +1279,17 @@
[ENTROPIES...: 4.6,5.1,4.9,6.0,4.9,7.8,4.9,5.9,7.7,5.0,6.0,7.8,4.8,5.9,7.7,4.9,6.0,7.8,4.8,5.9,7.7,4.9,6.0,7.8,4.8,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...425] [ip4][..tcp] [.....172.16.0.1][59852] -> [..192.168.10.50][...80]
new: [...426] [ip4][..tcp] [.....172.16.0.1][59866] -> [..192.168.10.50][...80]
- guessed: [...346] [ip4][..tcp] [.....172.16.0.1][58440] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...346] [ip4][..tcp] [.....172.16.0.1][58440] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...346] [ip4][..tcp] [.....172.16.0.1][58440] -> [..192.168.10.50][...80]
- guessed: [...347] [ip4][..tcp] [.....172.16.0.1][58454] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...347] [ip4][..tcp] [.....172.16.0.1][58454] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...347] [ip4][..tcp] [.....172.16.0.1][58454] -> [..192.168.10.50][...80]
- guessed: [...348] [ip4][..tcp] [.....172.16.0.1][58468] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...348] [ip4][..tcp] [.....172.16.0.1][58468] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...348] [ip4][..tcp] [.....172.16.0.1][58468] -> [..192.168.10.50][...80]
- guessed: [...349] [ip4][..tcp] [.....172.16.0.1][58482] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...349] [ip4][..tcp] [.....172.16.0.1][58482] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...349] [ip4][..tcp] [.....172.16.0.1][58482] -> [..192.168.10.50][...80]
- guessed: [...350] [ip4][..tcp] [.....172.16.0.1][58496] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...350] [ip4][..tcp] [.....172.16.0.1][58496] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...350] [ip4][..tcp] [.....172.16.0.1][58496] -> [..192.168.10.50][...80]
- guessed: [...351] [ip4][..tcp] [.....172.16.0.1][58510] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...351] [ip4][..tcp] [.....172.16.0.1][58510] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...351] [ip4][..tcp] [.....172.16.0.1][58510] -> [..192.168.10.50][...80]
new: [...427] [ip4][..tcp] [.....172.16.0.1][59880] -> [..192.168.10.50][...80]
new: [...428] [ip4][..tcp] [.....172.16.0.1][59906] -> [..192.168.10.50][...80]
@@ -1297,17 +1297,17 @@
new: [...430] [ip4][..tcp] [.....172.16.0.1][59934] -> [..192.168.10.50][...80]
new: [...431] [ip4][..tcp] [.....172.16.0.1][59960] -> [..192.168.10.50][...80]
new: [...432] [ip4][..tcp] [.....172.16.0.1][59974] -> [..192.168.10.50][...80]
- guessed: [...352] [ip4][..tcp] [.....172.16.0.1][58536] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...352] [ip4][..tcp] [.....172.16.0.1][58536] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...352] [ip4][..tcp] [.....172.16.0.1][58536] -> [..192.168.10.50][...80]
- guessed: [...353] [ip4][..tcp] [.....172.16.0.1][58550] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...353] [ip4][..tcp] [.....172.16.0.1][58550] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...353] [ip4][..tcp] [.....172.16.0.1][58550] -> [..192.168.10.50][...80]
- guessed: [...354] [ip4][..tcp] [.....172.16.0.1][58564] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...354] [ip4][..tcp] [.....172.16.0.1][58564] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...354] [ip4][..tcp] [.....172.16.0.1][58564] -> [..192.168.10.50][...80]
- guessed: [...355] [ip4][..tcp] [.....172.16.0.1][58590] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...355] [ip4][..tcp] [.....172.16.0.1][58590] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...355] [ip4][..tcp] [.....172.16.0.1][58590] -> [..192.168.10.50][...80]
- guessed: [...356] [ip4][..tcp] [.....172.16.0.1][58604] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...356] [ip4][..tcp] [.....172.16.0.1][58604] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...356] [ip4][..tcp] [.....172.16.0.1][58604] -> [..192.168.10.50][...80]
- guessed: [...357] [ip4][..tcp] [.....172.16.0.1][58630] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...357] [ip4][..tcp] [.....172.16.0.1][58630] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...357] [ip4][..tcp] [.....172.16.0.1][58630] -> [..192.168.10.50][...80]
new: [...433] [ip4][..tcp] [.....172.16.0.1][59988] -> [..192.168.10.50][...80]
new: [...434] [ip4][..tcp] [.....172.16.0.1][60014] -> [..192.168.10.50][...80]
@@ -1315,17 +1315,17 @@
new: [...436] [ip4][..tcp] [.....172.16.0.1][60042] -> [..192.168.10.50][...80]
new: [...437] [ip4][..tcp] [.....172.16.0.1][60056] -> [..192.168.10.50][...80]
new: [...438] [ip4][..tcp] [.....172.16.0.1][60084] -> [..192.168.10.50][...80]
- guessed: [...358] [ip4][..tcp] [.....172.16.0.1][58650] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...358] [ip4][..tcp] [.....172.16.0.1][58650] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...358] [ip4][..tcp] [.....172.16.0.1][58650] -> [..192.168.10.50][...80]
- guessed: [...359] [ip4][..tcp] [.....172.16.0.1][58664] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...359] [ip4][..tcp] [.....172.16.0.1][58664] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...359] [ip4][..tcp] [.....172.16.0.1][58664] -> [..192.168.10.50][...80]
- guessed: [...360] [ip4][..tcp] [.....172.16.0.1][58690] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...360] [ip4][..tcp] [.....172.16.0.1][58690] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...360] [ip4][..tcp] [.....172.16.0.1][58690] -> [..192.168.10.50][...80]
- guessed: [...361] [ip4][..tcp] [.....172.16.0.1][58704] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...361] [ip4][..tcp] [.....172.16.0.1][58704] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...361] [ip4][..tcp] [.....172.16.0.1][58704] -> [..192.168.10.50][...80]
- guessed: [...362] [ip4][..tcp] [.....172.16.0.1][58718] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...362] [ip4][..tcp] [.....172.16.0.1][58718] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...362] [ip4][..tcp] [.....172.16.0.1][58718] -> [..192.168.10.50][...80]
- guessed: [...363] [ip4][..tcp] [.....172.16.0.1][58744] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...363] [ip4][..tcp] [.....172.16.0.1][58744] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...363] [ip4][..tcp] [.....172.16.0.1][58744] -> [..192.168.10.50][...80]
new: [...439] [ip4][..tcp] [.....172.16.0.1][60134] -> [..192.168.10.50][...80]
new: [...440] [ip4][..tcp] [.....172.16.0.1][60136] -> [..192.168.10.50][...80]
@@ -1333,19 +1333,19 @@
new: [...442] [ip4][..tcp] [.....172.16.0.1][60180] -> [..192.168.10.50][...80]
new: [...443] [ip4][..tcp] [.....172.16.0.1][60194] -> [..192.168.10.50][...80]
new: [...444] [ip4][..tcp] [.....172.16.0.1][60220] -> [..192.168.10.50][...80]
- guessed: [...364] [ip4][..tcp] [.....172.16.0.1][58758] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...364] [ip4][..tcp] [.....172.16.0.1][58758] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...364] [ip4][..tcp] [.....172.16.0.1][58758] -> [..192.168.10.50][...80]
- guessed: [...365] [ip4][..tcp] [.....172.16.0.1][58772] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...365] [ip4][..tcp] [.....172.16.0.1][58772] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...365] [ip4][..tcp] [.....172.16.0.1][58772] -> [..192.168.10.50][...80]
- guessed: [...366] [ip4][..tcp] [.....172.16.0.1][58798] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...366] [ip4][..tcp] [.....172.16.0.1][58798] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...366] [ip4][..tcp] [.....172.16.0.1][58798] -> [..192.168.10.50][...80]
- guessed: [...367] [ip4][..tcp] [.....172.16.0.1][58812] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...367] [ip4][..tcp] [.....172.16.0.1][58812] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...367] [ip4][..tcp] [.....172.16.0.1][58812] -> [..192.168.10.50][...80]
- guessed: [...368] [ip4][..tcp] [.....172.16.0.1][58838] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...368] [ip4][..tcp] [.....172.16.0.1][58838] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...368] [ip4][..tcp] [.....172.16.0.1][58838] -> [..192.168.10.50][...80]
- guessed: [...369] [ip4][..tcp] [.....172.16.0.1][58852] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...369] [ip4][..tcp] [.....172.16.0.1][58852] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...369] [ip4][..tcp] [.....172.16.0.1][58852] -> [..192.168.10.50][...80]
- guessed: [...370] [ip4][..tcp] [.....172.16.0.1][58866] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...370] [ip4][..tcp] [.....172.16.0.1][58866] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...370] [ip4][..tcp] [.....172.16.0.1][58866] -> [..192.168.10.50][...80]
new: [...445] [ip4][..tcp] [.....172.16.0.1][60234] -> [..192.168.10.50][...80]
new: [...446] [ip4][..tcp] [.....172.16.0.1][60260] -> [..192.168.10.50][...80]
@@ -1353,17 +1353,17 @@
new: [...448] [ip4][..tcp] [.....172.16.0.1][60288] -> [..192.168.10.50][...80]
new: [...449] [ip4][..tcp] [.....172.16.0.1][60314] -> [..192.168.10.50][...80]
new: [...450] [ip4][..tcp] [.....172.16.0.1][60328] -> [..192.168.10.50][...80]
- guessed: [...374] [ip4][..tcp] [.....172.16.0.1][58946] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...374] [ip4][..tcp] [.....172.16.0.1][58946] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...374] [ip4][..tcp] [.....172.16.0.1][58946] -> [..192.168.10.50][...80]
- guessed: [...375] [ip4][..tcp] [.....172.16.0.1][58960] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...375] [ip4][..tcp] [.....172.16.0.1][58960] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...375] [ip4][..tcp] [.....172.16.0.1][58960] -> [..192.168.10.50][...80]
- guessed: [...376] [ip4][..tcp] [.....172.16.0.1][58974] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...376] [ip4][..tcp] [.....172.16.0.1][58974] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...376] [ip4][..tcp] [.....172.16.0.1][58974] -> [..192.168.10.50][...80]
- guessed: [...371] [ip4][..tcp] [.....172.16.0.1][58892] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...371] [ip4][..tcp] [.....172.16.0.1][58892] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...371] [ip4][..tcp] [.....172.16.0.1][58892] -> [..192.168.10.50][...80]
- guessed: [...372] [ip4][..tcp] [.....172.16.0.1][58906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...372] [ip4][..tcp] [.....172.16.0.1][58906] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...372] [ip4][..tcp] [.....172.16.0.1][58906] -> [..192.168.10.50][...80]
- guessed: [...373] [ip4][..tcp] [.....172.16.0.1][58920] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...373] [ip4][..tcp] [.....172.16.0.1][58920] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...373] [ip4][..tcp] [.....172.16.0.1][58920] -> [..192.168.10.50][...80]
new: [...451] [ip4][..tcp] [.....172.16.0.1][60342] -> [..192.168.10.50][...80]
new: [...452] [ip4][..tcp] [.....172.16.0.1][60356] -> [..192.168.10.50][...80]
@@ -1372,41 +1372,41 @@
new: [...455] [ip4][..tcp] [.....172.16.0.1][60410] -> [..192.168.10.50][...80]
new: [...456] [ip4][..tcp] [.....172.16.0.1][60424] -> [..192.168.10.50][...80]
new: [...457] [ip4][..tcp] [.....172.16.0.1][60438] -> [..192.168.10.50][...80]
- guessed: [...377] [ip4][..tcp] [.....172.16.0.1][58988] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...377] [ip4][..tcp] [.....172.16.0.1][58988] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...377] [ip4][..tcp] [.....172.16.0.1][58988] -> [..192.168.10.50][...80]
- guessed: [...378] [ip4][..tcp] [.....172.16.0.1][59002] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...378] [ip4][..tcp] [.....172.16.0.1][59002] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...378] [ip4][..tcp] [.....172.16.0.1][59002] -> [..192.168.10.50][...80]
- guessed: [...379] [ip4][..tcp] [.....172.16.0.1][59016] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...379] [ip4][..tcp] [.....172.16.0.1][59016] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...379] [ip4][..tcp] [.....172.16.0.1][59016] -> [..192.168.10.50][...80]
- guessed: [...381] [ip4][..tcp] [.....172.16.0.1][59056] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...381] [ip4][..tcp] [.....172.16.0.1][59056] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...381] [ip4][..tcp] [.....172.16.0.1][59056] -> [..192.168.10.50][...80]
- guessed: [...382] [ip4][..tcp] [.....172.16.0.1][59070] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...382] [ip4][..tcp] [.....172.16.0.1][59070] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...382] [ip4][..tcp] [.....172.16.0.1][59070] -> [..192.168.10.50][...80]
- end: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
+ end: [...342] [ip4][..tcp] [.....172.16.0.1][58360] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
new: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80]
new: [...459] [ip4][..tcp] [.....172.16.0.1][60478] -> [..192.168.10.50][...80]
- detected: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...460] [ip4][..tcp] [.....172.16.0.1][60504] -> [..192.168.10.50][...80]
new: [...461] [ip4][..tcp] [.....172.16.0.1][60518] -> [..192.168.10.50][...80]
new: [...462] [ip4][..tcp] [.....172.16.0.1][60532] -> [..192.168.10.50][...80]
- guessed: [...383] [ip4][..tcp] [.....172.16.0.1][59096] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...383] [ip4][..tcp] [.....172.16.0.1][59096] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...383] [ip4][..tcp] [.....172.16.0.1][59096] -> [..192.168.10.50][...80]
- guessed: [...384] [ip4][..tcp] [.....172.16.0.1][59110] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...384] [ip4][..tcp] [.....172.16.0.1][59110] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...384] [ip4][..tcp] [.....172.16.0.1][59110] -> [..192.168.10.50][...80]
- guessed: [...385] [ip4][..tcp] [.....172.16.0.1][59124] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...385] [ip4][..tcp] [.....172.16.0.1][59124] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...385] [ip4][..tcp] [.....172.16.0.1][59124] -> [..192.168.10.50][...80]
- guessed: [...386] [ip4][..tcp] [.....172.16.0.1][59150] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...386] [ip4][..tcp] [.....172.16.0.1][59150] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...386] [ip4][..tcp] [.....172.16.0.1][59150] -> [..192.168.10.50][...80]
- guessed: [...387] [ip4][..tcp] [.....172.16.0.1][59164] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...387] [ip4][..tcp] [.....172.16.0.1][59164] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...387] [ip4][..tcp] [.....172.16.0.1][59164] -> [..192.168.10.50][...80]
- guessed: [...388] [ip4][..tcp] [.....172.16.0.1][59178] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...388] [ip4][..tcp] [.....172.16.0.1][59178] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...388] [ip4][..tcp] [.....172.16.0.1][59178] -> [..192.168.10.50][...80]
- guessed: [...389] [ip4][..tcp] [.....172.16.0.1][59192] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...389] [ip4][..tcp] [.....172.16.0.1][59192] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...389] [ip4][..tcp] [.....172.16.0.1][59192] -> [..192.168.10.50][...80]
new: [...463] [ip4][..tcp] [.....172.16.0.1][60558] -> [..192.168.10.50][...80]
- analyse: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.582| 0.571| 0.887| 786468.045| 3.700]
[PKTLEN......: 52.000| 1920.000| 713.700| 750.900| 563862.600| 4.200]
@@ -1421,19 +1421,19 @@
new: [...466] [ip4][..tcp] [.....172.16.0.1][60612] -> [..192.168.10.50][...80]
new: [...467] [ip4][..tcp] [.....172.16.0.1][60626] -> [..192.168.10.50][...80]
new: [...468] [ip4][..tcp] [.....172.16.0.1][60652] -> [..192.168.10.50][...80]
- guessed: [...390] [ip4][..tcp] [.....172.16.0.1][59206] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...390] [ip4][..tcp] [.....172.16.0.1][59206] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...390] [ip4][..tcp] [.....172.16.0.1][59206] -> [..192.168.10.50][...80]
- guessed: [...391] [ip4][..tcp] [.....172.16.0.1][59220] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...391] [ip4][..tcp] [.....172.16.0.1][59220] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...391] [ip4][..tcp] [.....172.16.0.1][59220] -> [..192.168.10.50][...80]
- guessed: [...392] [ip4][..tcp] [.....172.16.0.1][59246] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...392] [ip4][..tcp] [.....172.16.0.1][59246] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...392] [ip4][..tcp] [.....172.16.0.1][59246] -> [..192.168.10.50][...80]
- guessed: [...393] [ip4][..tcp] [.....172.16.0.1][59260] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...393] [ip4][..tcp] [.....172.16.0.1][59260] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...393] [ip4][..tcp] [.....172.16.0.1][59260] -> [..192.168.10.50][...80]
- guessed: [...394] [ip4][..tcp] [.....172.16.0.1][59274] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...394] [ip4][..tcp] [.....172.16.0.1][59274] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...394] [ip4][..tcp] [.....172.16.0.1][59274] -> [..192.168.10.50][...80]
- guessed: [...395] [ip4][..tcp] [.....172.16.0.1][59300] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...395] [ip4][..tcp] [.....172.16.0.1][59300] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...395] [ip4][..tcp] [.....172.16.0.1][59300] -> [..192.168.10.50][...80]
- guessed: [...396] [ip4][..tcp] [.....172.16.0.1][59314] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...396] [ip4][..tcp] [.....172.16.0.1][59314] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...396] [ip4][..tcp] [.....172.16.0.1][59314] -> [..192.168.10.50][...80]
new: [...469] [ip4][..tcp] [.....172.16.0.1][60666] -> [..192.168.10.50][...80]
new: [...470] [ip4][..tcp] [.....172.16.0.1][60692] -> [..192.168.10.50][...80]
@@ -1442,34 +1442,34 @@
new: [...473] [ip4][..tcp] [.....172.16.0.1][60734] -> [..192.168.10.50][...80]
new: [...474] [ip4][..tcp] [.....172.16.0.1][60748] -> [..192.168.10.50][...80]
new: [...475] [ip4][..tcp] [.....172.16.0.1][60762] -> [..192.168.10.50][...80]
- guessed: [...397] [ip4][..tcp] [.....172.16.0.1][59328] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...397] [ip4][..tcp] [.....172.16.0.1][59328] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...397] [ip4][..tcp] [.....172.16.0.1][59328] -> [..192.168.10.50][...80]
- guessed: [...398] [ip4][..tcp] [.....172.16.0.1][59354] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...398] [ip4][..tcp] [.....172.16.0.1][59354] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...398] [ip4][..tcp] [.....172.16.0.1][59354] -> [..192.168.10.50][...80]
- guessed: [...399] [ip4][..tcp] [.....172.16.0.1][59368] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...399] [ip4][..tcp] [.....172.16.0.1][59368] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...399] [ip4][..tcp] [.....172.16.0.1][59368] -> [..192.168.10.50][...80]
- guessed: [...400] [ip4][..tcp] [.....172.16.0.1][59382] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...400] [ip4][..tcp] [.....172.16.0.1][59382] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...400] [ip4][..tcp] [.....172.16.0.1][59382] -> [..192.168.10.50][...80]
- guessed: [...401] [ip4][..tcp] [.....172.16.0.1][59408] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...401] [ip4][..tcp] [.....172.16.0.1][59408] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...401] [ip4][..tcp] [.....172.16.0.1][59408] -> [..192.168.10.50][...80]
- guessed: [...402] [ip4][..tcp] [.....172.16.0.1][59422] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...402] [ip4][..tcp] [.....172.16.0.1][59422] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...402] [ip4][..tcp] [.....172.16.0.1][59422] -> [..192.168.10.50][...80]
new: [...476] [ip4][..tcp] [.....172.16.0.1][60788] -> [..192.168.10.50][...80]
new: [...477] [ip4][..tcp] [.....172.16.0.1][60802] -> [..192.168.10.50][...80]
new: [...478] [ip4][..tcp] [.....172.16.0.1][60816] -> [..192.168.10.50][...80]
new: [...479] [ip4][..tcp] [.....172.16.0.1][60842] -> [..192.168.10.50][...80]
new: [...480] [ip4][..tcp] [.....172.16.0.1][60856] -> [..192.168.10.50][...80]
- guessed: [...403] [ip4][..tcp] [.....172.16.0.1][59436] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...403] [ip4][..tcp] [.....172.16.0.1][59436] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...403] [ip4][..tcp] [.....172.16.0.1][59436] -> [..192.168.10.50][...80]
- guessed: [...404] [ip4][..tcp] [.....172.16.0.1][59462] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...404] [ip4][..tcp] [.....172.16.0.1][59462] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...404] [ip4][..tcp] [.....172.16.0.1][59462] -> [..192.168.10.50][...80]
- guessed: [...405] [ip4][..tcp] [.....172.16.0.1][59476] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...405] [ip4][..tcp] [.....172.16.0.1][59476] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...405] [ip4][..tcp] [.....172.16.0.1][59476] -> [..192.168.10.50][...80]
- guessed: [...406] [ip4][..tcp] [.....172.16.0.1][59502] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...406] [ip4][..tcp] [.....172.16.0.1][59502] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...406] [ip4][..tcp] [.....172.16.0.1][59502] -> [..192.168.10.50][...80]
- guessed: [...407] [ip4][..tcp] [.....172.16.0.1][59516] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...407] [ip4][..tcp] [.....172.16.0.1][59516] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...407] [ip4][..tcp] [.....172.16.0.1][59516] -> [..192.168.10.50][...80]
- guessed: [...408] [ip4][..tcp] [.....172.16.0.1][59530] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...408] [ip4][..tcp] [.....172.16.0.1][59530] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...408] [ip4][..tcp] [.....172.16.0.1][59530] -> [..192.168.10.50][...80]
new: [...481] [ip4][..tcp] [.....172.16.0.1][60882] -> [..192.168.10.50][...80]
new: [...482] [ip4][..tcp] [.....172.16.0.1][60896] -> [..192.168.10.50][...80]
@@ -1477,15 +1477,15 @@
new: [...484] [ip4][..tcp] [.....172.16.0.1][60936] -> [..192.168.10.50][...80]
new: [...485] [ip4][..tcp] [.....172.16.0.1][60950] -> [..192.168.10.50][...80]
new: [...486] [ip4][..tcp] [.....172.16.0.1][60976] -> [..192.168.10.50][...80]
- guessed: [...409] [ip4][..tcp] [.....172.16.0.1][59556] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...409] [ip4][..tcp] [.....172.16.0.1][59556] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...409] [ip4][..tcp] [.....172.16.0.1][59556] -> [..192.168.10.50][...80]
- guessed: [...410] [ip4][..tcp] [.....172.16.0.1][59570] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...410] [ip4][..tcp] [.....172.16.0.1][59570] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...410] [ip4][..tcp] [.....172.16.0.1][59570] -> [..192.168.10.50][...80]
- guessed: [...411] [ip4][..tcp] [.....172.16.0.1][59584] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...411] [ip4][..tcp] [.....172.16.0.1][59584] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...411] [ip4][..tcp] [.....172.16.0.1][59584] -> [..192.168.10.50][...80]
- guessed: [...412] [ip4][..tcp] [.....172.16.0.1][59610] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...412] [ip4][..tcp] [.....172.16.0.1][59610] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...412] [ip4][..tcp] [.....172.16.0.1][59610] -> [..192.168.10.50][...80]
- guessed: [...413] [ip4][..tcp] [.....172.16.0.1][59624] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...413] [ip4][..tcp] [.....172.16.0.1][59624] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...413] [ip4][..tcp] [.....172.16.0.1][59624] -> [..192.168.10.50][...80]
new: [...487] [ip4][..tcp] [.....172.16.0.1][60990] -> [..192.168.10.50][...80]
new: [...488] [ip4][..tcp] [.....172.16.0.1][32784] -> [..192.168.10.50][...80]
@@ -1493,40 +1493,40 @@
new: [...490] [ip4][..tcp] [.....172.16.0.1][32812] -> [..192.168.10.50][...80]
new: [...491] [ip4][..tcp] [.....172.16.0.1][32838] -> [..192.168.10.50][...80]
new: [...492] [ip4][..tcp] [.....172.16.0.1][32852] -> [..192.168.10.50][...80]
- end: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [...414] [ip4][..tcp] [.....172.16.0.1][59650] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...380] [ip4][..tcp] [.....172.16.0.1][59042] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...414] [ip4][..tcp] [.....172.16.0.1][59650] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...414] [ip4][..tcp] [.....172.16.0.1][59650] -> [..192.168.10.50][...80]
- guessed: [...415] [ip4][..tcp] [.....172.16.0.1][59664] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...415] [ip4][..tcp] [.....172.16.0.1][59664] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...415] [ip4][..tcp] [.....172.16.0.1][59664] -> [..192.168.10.50][...80]
- guessed: [...416] [ip4][..tcp] [.....172.16.0.1][59678] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...416] [ip4][..tcp] [.....172.16.0.1][59678] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...416] [ip4][..tcp] [.....172.16.0.1][59678] -> [..192.168.10.50][...80]
- guessed: [...417] [ip4][..tcp] [.....172.16.0.1][59704] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...417] [ip4][..tcp] [.....172.16.0.1][59704] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...417] [ip4][..tcp] [.....172.16.0.1][59704] -> [..192.168.10.50][...80]
- guessed: [...418] [ip4][..tcp] [.....172.16.0.1][59718] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...418] [ip4][..tcp] [.....172.16.0.1][59718] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...418] [ip4][..tcp] [.....172.16.0.1][59718] -> [..192.168.10.50][...80]
new: [...493] [ip4][..tcp] [.....172.16.0.1][32878] -> [..192.168.10.50][...80]
new: [...494] [ip4][..tcp] [.....172.16.0.1][32892] -> [..192.168.10.50][...80]
new: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80]
new: [...496] [ip4][..tcp] [.....172.16.0.1][32932] -> [..192.168.10.50][...80]
new: [...497] [ip4][..tcp] [.....172.16.0.1][32946] -> [..192.168.10.50][...80]
- detected: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...498] [ip4][..tcp] [.....172.16.0.1][32960] -> [..192.168.10.50][...80]
- guessed: [...420] [ip4][..tcp] [.....172.16.0.1][59758] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...420] [ip4][..tcp] [.....172.16.0.1][59758] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...420] [ip4][..tcp] [.....172.16.0.1][59758] -> [..192.168.10.50][...80]
- guessed: [...421] [ip4][..tcp] [.....172.16.0.1][59772] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...421] [ip4][..tcp] [.....172.16.0.1][59772] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...421] [ip4][..tcp] [.....172.16.0.1][59772] -> [..192.168.10.50][...80]
- guessed: [...422] [ip4][..tcp] [.....172.16.0.1][59786] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...422] [ip4][..tcp] [.....172.16.0.1][59786] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...422] [ip4][..tcp] [.....172.16.0.1][59786] -> [..192.168.10.50][...80]
- guessed: [...423] [ip4][..tcp] [.....172.16.0.1][59812] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...423] [ip4][..tcp] [.....172.16.0.1][59812] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...423] [ip4][..tcp] [.....172.16.0.1][59812] -> [..192.168.10.50][...80]
- guessed: [...424] [ip4][..tcp] [.....172.16.0.1][59826] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...424] [ip4][..tcp] [.....172.16.0.1][59826] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...424] [ip4][..tcp] [.....172.16.0.1][59826] -> [..192.168.10.50][...80]
new: [...499] [ip4][..tcp] [.....172.16.0.1][32974] -> [..192.168.10.50][...80]
new: [...500] [ip4][..tcp] [.....172.16.0.1][32988] -> [..192.168.10.50][...80]
new: [...501] [ip4][..tcp] [.....172.16.0.1][33002] -> [..192.168.10.50][...80]
- analyse: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.862| 0.614| 0.953| 908128.223| 3.700]
[PKTLEN......: 52.000| 1921.000| 716.800| 755.600| 570948.000| 4.200]
@@ -1539,19 +1539,19 @@
new: [...502] [ip4][..tcp] [.....172.16.0.1][33028] -> [..192.168.10.50][...80]
new: [...503] [ip4][..tcp] [.....172.16.0.1][33042] -> [..192.168.10.50][...80]
new: [...504] [ip4][..tcp] [.....172.16.0.1][33068] -> [..192.168.10.50][...80]
- guessed: [...425] [ip4][..tcp] [.....172.16.0.1][59852] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...425] [ip4][..tcp] [.....172.16.0.1][59852] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...425] [ip4][..tcp] [.....172.16.0.1][59852] -> [..192.168.10.50][...80]
- guessed: [...426] [ip4][..tcp] [.....172.16.0.1][59866] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...426] [ip4][..tcp] [.....172.16.0.1][59866] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...426] [ip4][..tcp] [.....172.16.0.1][59866] -> [..192.168.10.50][...80]
- guessed: [...427] [ip4][..tcp] [.....172.16.0.1][59880] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...427] [ip4][..tcp] [.....172.16.0.1][59880] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...427] [ip4][..tcp] [.....172.16.0.1][59880] -> [..192.168.10.50][...80]
- guessed: [...428] [ip4][..tcp] [.....172.16.0.1][59906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...428] [ip4][..tcp] [.....172.16.0.1][59906] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...428] [ip4][..tcp] [.....172.16.0.1][59906] -> [..192.168.10.50][...80]
- guessed: [...429] [ip4][..tcp] [.....172.16.0.1][59920] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...429] [ip4][..tcp] [.....172.16.0.1][59920] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...429] [ip4][..tcp] [.....172.16.0.1][59920] -> [..192.168.10.50][...80]
- guessed: [...430] [ip4][..tcp] [.....172.16.0.1][59934] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...430] [ip4][..tcp] [.....172.16.0.1][59934] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...430] [ip4][..tcp] [.....172.16.0.1][59934] -> [..192.168.10.50][...80]
- guessed: [...431] [ip4][..tcp] [.....172.16.0.1][59960] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...431] [ip4][..tcp] [.....172.16.0.1][59960] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...431] [ip4][..tcp] [.....172.16.0.1][59960] -> [..192.168.10.50][...80]
new: [...505] [ip4][..tcp] [.....172.16.0.1][33082] -> [..192.168.10.50][...80]
new: [...506] [ip4][..tcp] [.....172.16.0.1][33096] -> [..192.168.10.50][...80]
@@ -1559,34 +1559,34 @@
new: [...508] [ip4][..tcp] [.....172.16.0.1][33136] -> [..192.168.10.50][...80]
new: [...509] [ip4][..tcp] [.....172.16.0.1][33162] -> [..192.168.10.50][...80]
new: [...510] [ip4][..tcp] [.....172.16.0.1][33176] -> [..192.168.10.50][...80]
- guessed: [...432] [ip4][..tcp] [.....172.16.0.1][59974] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...432] [ip4][..tcp] [.....172.16.0.1][59974] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...432] [ip4][..tcp] [.....172.16.0.1][59974] -> [..192.168.10.50][...80]
- guessed: [...433] [ip4][..tcp] [.....172.16.0.1][59988] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...433] [ip4][..tcp] [.....172.16.0.1][59988] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...433] [ip4][..tcp] [.....172.16.0.1][59988] -> [..192.168.10.50][...80]
- guessed: [...434] [ip4][..tcp] [.....172.16.0.1][60014] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...434] [ip4][..tcp] [.....172.16.0.1][60014] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...434] [ip4][..tcp] [.....172.16.0.1][60014] -> [..192.168.10.50][...80]
- guessed: [...435] [ip4][..tcp] [.....172.16.0.1][60028] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...435] [ip4][..tcp] [.....172.16.0.1][60028] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...435] [ip4][..tcp] [.....172.16.0.1][60028] -> [..192.168.10.50][...80]
- guessed: [...436] [ip4][..tcp] [.....172.16.0.1][60042] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...436] [ip4][..tcp] [.....172.16.0.1][60042] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...436] [ip4][..tcp] [.....172.16.0.1][60042] -> [..192.168.10.50][...80]
- guessed: [...437] [ip4][..tcp] [.....172.16.0.1][60056] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...437] [ip4][..tcp] [.....172.16.0.1][60056] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...437] [ip4][..tcp] [.....172.16.0.1][60056] -> [..192.168.10.50][...80]
new: [...511] [ip4][..tcp] [.....172.16.0.1][33202] -> [..192.168.10.50][...80]
new: [...512] [ip4][..tcp] [.....172.16.0.1][33216] -> [..192.168.10.50][...80]
new: [...513] [ip4][..tcp] [.....172.16.0.1][33230] -> [..192.168.10.50][...80]
new: [...514] [ip4][..tcp] [.....172.16.0.1][33256] -> [..192.168.10.50][...80]
new: [...515] [ip4][..tcp] [.....172.16.0.1][33270] -> [..192.168.10.50][...80]
- guessed: [...438] [ip4][..tcp] [.....172.16.0.1][60084] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...438] [ip4][..tcp] [.....172.16.0.1][60084] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...438] [ip4][..tcp] [.....172.16.0.1][60084] -> [..192.168.10.50][...80]
- guessed: [...439] [ip4][..tcp] [.....172.16.0.1][60134] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...439] [ip4][..tcp] [.....172.16.0.1][60134] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...439] [ip4][..tcp] [.....172.16.0.1][60134] -> [..192.168.10.50][...80]
- guessed: [...440] [ip4][..tcp] [.....172.16.0.1][60136] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...440] [ip4][..tcp] [.....172.16.0.1][60136] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...440] [ip4][..tcp] [.....172.16.0.1][60136] -> [..192.168.10.50][...80]
- guessed: [...441] [ip4][..tcp] [.....172.16.0.1][60154] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...441] [ip4][..tcp] [.....172.16.0.1][60154] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...441] [ip4][..tcp] [.....172.16.0.1][60154] -> [..192.168.10.50][...80]
- guessed: [...442] [ip4][..tcp] [.....172.16.0.1][60180] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...442] [ip4][..tcp] [.....172.16.0.1][60180] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...442] [ip4][..tcp] [.....172.16.0.1][60180] -> [..192.168.10.50][...80]
- guessed: [...443] [ip4][..tcp] [.....172.16.0.1][60194] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...443] [ip4][..tcp] [.....172.16.0.1][60194] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...443] [ip4][..tcp] [.....172.16.0.1][60194] -> [..192.168.10.50][...80]
new: [...516] [ip4][..tcp] [.....172.16.0.1][33296] -> [..192.168.10.50][...80]
new: [...517] [ip4][..tcp] [.....172.16.0.1][33310] -> [..192.168.10.50][...80]
@@ -1594,15 +1594,15 @@
new: [...519] [ip4][..tcp] [.....172.16.0.1][33350] -> [..192.168.10.50][...80]
new: [...520] [ip4][..tcp] [.....172.16.0.1][33364] -> [..192.168.10.50][...80]
new: [...521] [ip4][..tcp] [.....172.16.0.1][33378] -> [..192.168.10.50][...80]
- guessed: [...444] [ip4][..tcp] [.....172.16.0.1][60220] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...444] [ip4][..tcp] [.....172.16.0.1][60220] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...444] [ip4][..tcp] [.....172.16.0.1][60220] -> [..192.168.10.50][...80]
- guessed: [...445] [ip4][..tcp] [.....172.16.0.1][60234] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...445] [ip4][..tcp] [.....172.16.0.1][60234] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...445] [ip4][..tcp] [.....172.16.0.1][60234] -> [..192.168.10.50][...80]
- guessed: [...446] [ip4][..tcp] [.....172.16.0.1][60260] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...446] [ip4][..tcp] [.....172.16.0.1][60260] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...446] [ip4][..tcp] [.....172.16.0.1][60260] -> [..192.168.10.50][...80]
- guessed: [...447] [ip4][..tcp] [.....172.16.0.1][60274] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...447] [ip4][..tcp] [.....172.16.0.1][60274] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...447] [ip4][..tcp] [.....172.16.0.1][60274] -> [..192.168.10.50][...80]
- guessed: [...448] [ip4][..tcp] [.....172.16.0.1][60288] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...448] [ip4][..tcp] [.....172.16.0.1][60288] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...448] [ip4][..tcp] [.....172.16.0.1][60288] -> [..192.168.10.50][...80]
new: [...522] [ip4][..tcp] [.....172.16.0.1][33404] -> [..192.168.10.50][...80]
new: [...523] [ip4][..tcp] [.....172.16.0.1][33418] -> [..192.168.10.50][...80]
@@ -1611,21 +1611,21 @@
new: [...526] [ip4][..tcp] [.....172.16.0.1][33472] -> [..192.168.10.50][...80]
new: [...527] [ip4][..tcp] [.....172.16.0.1][33486] -> [..192.168.10.50][...80]
new: [...528] [ip4][..tcp] [.....172.16.0.1][33500] -> [..192.168.10.50][...80]
- guessed: [...449] [ip4][..tcp] [.....172.16.0.1][60314] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...449] [ip4][..tcp] [.....172.16.0.1][60314] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...449] [ip4][..tcp] [.....172.16.0.1][60314] -> [..192.168.10.50][...80]
- guessed: [...450] [ip4][..tcp] [.....172.16.0.1][60328] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...450] [ip4][..tcp] [.....172.16.0.1][60328] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...450] [ip4][..tcp] [.....172.16.0.1][60328] -> [..192.168.10.50][...80]
- guessed: [...451] [ip4][..tcp] [.....172.16.0.1][60342] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...451] [ip4][..tcp] [.....172.16.0.1][60342] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...451] [ip4][..tcp] [.....172.16.0.1][60342] -> [..192.168.10.50][...80]
- guessed: [...452] [ip4][..tcp] [.....172.16.0.1][60356] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...452] [ip4][..tcp] [.....172.16.0.1][60356] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...452] [ip4][..tcp] [.....172.16.0.1][60356] -> [..192.168.10.50][...80]
- guessed: [...453] [ip4][..tcp] [.....172.16.0.1][60370] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...453] [ip4][..tcp] [.....172.16.0.1][60370] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...453] [ip4][..tcp] [.....172.16.0.1][60370] -> [..192.168.10.50][...80]
- guessed: [...454] [ip4][..tcp] [.....172.16.0.1][60384] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...454] [ip4][..tcp] [.....172.16.0.1][60384] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...454] [ip4][..tcp] [.....172.16.0.1][60384] -> [..192.168.10.50][...80]
- guessed: [...455] [ip4][..tcp] [.....172.16.0.1][60410] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...455] [ip4][..tcp] [.....172.16.0.1][60410] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...455] [ip4][..tcp] [.....172.16.0.1][60410] -> [..192.168.10.50][...80]
- guessed: [...456] [ip4][..tcp] [.....172.16.0.1][60424] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...456] [ip4][..tcp] [.....172.16.0.1][60424] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...456] [ip4][..tcp] [.....172.16.0.1][60424] -> [..192.168.10.50][...80]
new: [...529] [ip4][..tcp] [.....172.16.0.1][33526] -> [..192.168.10.50][...80]
new: [...530] [ip4][..tcp] [.....172.16.0.1][33540] -> [..192.168.10.50][...80]
@@ -1633,24 +1633,24 @@
new: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80]
new: [...533] [ip4][..tcp] [.....172.16.0.1][33594] -> [..192.168.10.50][...80]
new: [...534] [ip4][..tcp] [.....172.16.0.1][33608] -> [..192.168.10.50][...80]
- end: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
- guessed: [...457] [ip4][..tcp] [.....172.16.0.1][60438] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...419] [ip4][..tcp] [.....172.16.0.1][59732] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...457] [ip4][..tcp] [.....172.16.0.1][60438] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...457] [ip4][..tcp] [.....172.16.0.1][60438] -> [..192.168.10.50][...80]
- guessed: [...459] [ip4][..tcp] [.....172.16.0.1][60478] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...459] [ip4][..tcp] [.....172.16.0.1][60478] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...459] [ip4][..tcp] [.....172.16.0.1][60478] -> [..192.168.10.50][...80]
- guessed: [...460] [ip4][..tcp] [.....172.16.0.1][60504] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...460] [ip4][..tcp] [.....172.16.0.1][60504] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...460] [ip4][..tcp] [.....172.16.0.1][60504] -> [..192.168.10.50][...80]
- guessed: [...461] [ip4][..tcp] [.....172.16.0.1][60518] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...461] [ip4][..tcp] [.....172.16.0.1][60518] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...461] [ip4][..tcp] [.....172.16.0.1][60518] -> [..192.168.10.50][...80]
- guessed: [...462] [ip4][..tcp] [.....172.16.0.1][60532] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...462] [ip4][..tcp] [.....172.16.0.1][60532] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...462] [ip4][..tcp] [.....172.16.0.1][60532] -> [..192.168.10.50][...80]
- detected: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...535] [ip4][..tcp] [.....172.16.0.1][33634] -> [..192.168.10.50][...80]
new: [...536] [ip4][..tcp] [.....172.16.0.1][33648] -> [..192.168.10.50][...80]
new: [...537] [ip4][..tcp] [.....172.16.0.1][33674] -> [..192.168.10.50][...80]
- analyse: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 4.841| 0.651| 1.171| 1372280.717| 3.500]
[PKTLEN......: 52.000| 1921.000| 713.800| 751.000| 564013.300| 4.200]
@@ -1662,15 +1662,15 @@
[ENTROPIES...: 4.6,5.1,4.9,5.9,4.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,5.0,6.0]
new: [...538] [ip4][..tcp] [.....172.16.0.1][33688] -> [..192.168.10.50][...80]
new: [...539] [ip4][..tcp] [.....172.16.0.1][33702] -> [..192.168.10.50][...80]
- guessed: [...463] [ip4][..tcp] [.....172.16.0.1][60558] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...463] [ip4][..tcp] [.....172.16.0.1][60558] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...463] [ip4][..tcp] [.....172.16.0.1][60558] -> [..192.168.10.50][...80]
- guessed: [...464] [ip4][..tcp] [.....172.16.0.1][60572] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...464] [ip4][..tcp] [.....172.16.0.1][60572] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...464] [ip4][..tcp] [.....172.16.0.1][60572] -> [..192.168.10.50][...80]
- guessed: [...465] [ip4][..tcp] [.....172.16.0.1][60598] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...465] [ip4][..tcp] [.....172.16.0.1][60598] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...465] [ip4][..tcp] [.....172.16.0.1][60598] -> [..192.168.10.50][...80]
- guessed: [...466] [ip4][..tcp] [.....172.16.0.1][60612] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...466] [ip4][..tcp] [.....172.16.0.1][60612] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...466] [ip4][..tcp] [.....172.16.0.1][60612] -> [..192.168.10.50][...80]
- guessed: [...467] [ip4][..tcp] [.....172.16.0.1][60626] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...467] [ip4][..tcp] [.....172.16.0.1][60626] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...467] [ip4][..tcp] [.....172.16.0.1][60626] -> [..192.168.10.50][...80]
new: [...540] [ip4][..tcp] [.....172.16.0.1][33728] -> [..192.168.10.50][...80]
new: [...541] [ip4][..tcp] [.....172.16.0.1][33742] -> [..192.168.10.50][...80]
@@ -1678,19 +1678,19 @@
new: [...543] [ip4][..tcp] [.....172.16.0.1][33782] -> [..192.168.10.50][...80]
new: [...544] [ip4][..tcp] [.....172.16.0.1][33808] -> [..192.168.10.50][...80]
new: [...545] [ip4][..tcp] [.....172.16.0.1][33822] -> [..192.168.10.50][...80]
- guessed: [...468] [ip4][..tcp] [.....172.16.0.1][60652] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...468] [ip4][..tcp] [.....172.16.0.1][60652] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...468] [ip4][..tcp] [.....172.16.0.1][60652] -> [..192.168.10.50][...80]
- guessed: [...469] [ip4][..tcp] [.....172.16.0.1][60666] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...469] [ip4][..tcp] [.....172.16.0.1][60666] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...469] [ip4][..tcp] [.....172.16.0.1][60666] -> [..192.168.10.50][...80]
- guessed: [...470] [ip4][..tcp] [.....172.16.0.1][60692] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...470] [ip4][..tcp] [.....172.16.0.1][60692] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...470] [ip4][..tcp] [.....172.16.0.1][60692] -> [..192.168.10.50][...80]
- guessed: [...471] [ip4][..tcp] [.....172.16.0.1][60706] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...471] [ip4][..tcp] [.....172.16.0.1][60706] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...471] [ip4][..tcp] [.....172.16.0.1][60706] -> [..192.168.10.50][...80]
- guessed: [...472] [ip4][..tcp] [.....172.16.0.1][60720] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...472] [ip4][..tcp] [.....172.16.0.1][60720] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...472] [ip4][..tcp] [.....172.16.0.1][60720] -> [..192.168.10.50][...80]
- guessed: [...473] [ip4][..tcp] [.....172.16.0.1][60734] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...473] [ip4][..tcp] [.....172.16.0.1][60734] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...473] [ip4][..tcp] [.....172.16.0.1][60734] -> [..192.168.10.50][...80]
- guessed: [...474] [ip4][..tcp] [.....172.16.0.1][60748] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...474] [ip4][..tcp] [.....172.16.0.1][60748] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...474] [ip4][..tcp] [.....172.16.0.1][60748] -> [..192.168.10.50][...80]
new: [...546] [ip4][..tcp] [.....172.16.0.1][33836] -> [..192.168.10.50][...80]
new: [...547] [ip4][..tcp] [.....172.16.0.1][33862] -> [..192.168.10.50][...80]
@@ -1698,32 +1698,32 @@
new: [...549] [ip4][..tcp] [.....172.16.0.1][33902] -> [..192.168.10.50][...80]
new: [...550] [ip4][..tcp] [.....172.16.0.1][33916] -> [..192.168.10.50][...80]
new: [...551] [ip4][..tcp] [.....172.16.0.1][33930] -> [..192.168.10.50][...80]
- guessed: [...475] [ip4][..tcp] [.....172.16.0.1][60762] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...475] [ip4][..tcp] [.....172.16.0.1][60762] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...475] [ip4][..tcp] [.....172.16.0.1][60762] -> [..192.168.10.50][...80]
- guessed: [...476] [ip4][..tcp] [.....172.16.0.1][60788] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...476] [ip4][..tcp] [.....172.16.0.1][60788] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...476] [ip4][..tcp] [.....172.16.0.1][60788] -> [..192.168.10.50][...80]
- guessed: [...477] [ip4][..tcp] [.....172.16.0.1][60802] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...477] [ip4][..tcp] [.....172.16.0.1][60802] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...477] [ip4][..tcp] [.....172.16.0.1][60802] -> [..192.168.10.50][...80]
- guessed: [...478] [ip4][..tcp] [.....172.16.0.1][60816] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...478] [ip4][..tcp] [.....172.16.0.1][60816] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...478] [ip4][..tcp] [.....172.16.0.1][60816] -> [..192.168.10.50][...80]
- guessed: [...479] [ip4][..tcp] [.....172.16.0.1][60842] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...479] [ip4][..tcp] [.....172.16.0.1][60842] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...479] [ip4][..tcp] [.....172.16.0.1][60842] -> [..192.168.10.50][...80]
- guessed: [...480] [ip4][..tcp] [.....172.16.0.1][60856] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...480] [ip4][..tcp] [.....172.16.0.1][60856] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...480] [ip4][..tcp] [.....172.16.0.1][60856] -> [..192.168.10.50][...80]
new: [...552] [ip4][..tcp] [.....172.16.0.1][33956] -> [..192.168.10.50][...80]
new: [...553] [ip4][..tcp] [.....172.16.0.1][33970] -> [..192.168.10.50][...80]
new: [...554] [ip4][..tcp] [.....172.16.0.1][33996] -> [..192.168.10.50][...80]
new: [...555] [ip4][..tcp] [.....172.16.0.1][34010] -> [..192.168.10.50][...80]
new: [...556] [ip4][..tcp] [.....172.16.0.1][34024] -> [..192.168.10.50][...80]
- guessed: [...481] [ip4][..tcp] [.....172.16.0.1][60882] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...481] [ip4][..tcp] [.....172.16.0.1][60882] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...481] [ip4][..tcp] [.....172.16.0.1][60882] -> [..192.168.10.50][...80]
- guessed: [...482] [ip4][..tcp] [.....172.16.0.1][60896] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...482] [ip4][..tcp] [.....172.16.0.1][60896] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...482] [ip4][..tcp] [.....172.16.0.1][60896] -> [..192.168.10.50][...80]
- guessed: [...483] [ip4][..tcp] [.....172.16.0.1][60922] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...483] [ip4][..tcp] [.....172.16.0.1][60922] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...483] [ip4][..tcp] [.....172.16.0.1][60922] -> [..192.168.10.50][...80]
- guessed: [...484] [ip4][..tcp] [.....172.16.0.1][60936] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...484] [ip4][..tcp] [.....172.16.0.1][60936] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...484] [ip4][..tcp] [.....172.16.0.1][60936] -> [..192.168.10.50][...80]
- guessed: [...485] [ip4][..tcp] [.....172.16.0.1][60950] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...485] [ip4][..tcp] [.....172.16.0.1][60950] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...485] [ip4][..tcp] [.....172.16.0.1][60950] -> [..192.168.10.50][...80]
new: [...557] [ip4][..tcp] [.....172.16.0.1][34050] -> [..192.168.10.50][...80]
new: [...558] [ip4][..tcp] [.....172.16.0.1][34064] -> [..192.168.10.50][...80]
@@ -1731,17 +1731,17 @@
new: [...560] [ip4][..tcp] [.....172.16.0.1][34104] -> [..192.168.10.50][...80]
new: [...561] [ip4][..tcp] [.....172.16.0.1][34118] -> [..192.168.10.50][...80]
new: [...562] [ip4][..tcp] [.....172.16.0.1][34144] -> [..192.168.10.50][...80]
- guessed: [...487] [ip4][..tcp] [.....172.16.0.1][60990] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...487] [ip4][..tcp] [.....172.16.0.1][60990] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...487] [ip4][..tcp] [.....172.16.0.1][60990] -> [..192.168.10.50][...80]
- guessed: [...488] [ip4][..tcp] [.....172.16.0.1][32784] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...488] [ip4][..tcp] [.....172.16.0.1][32784] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...488] [ip4][..tcp] [.....172.16.0.1][32784] -> [..192.168.10.50][...80]
- guessed: [...489] [ip4][..tcp] [.....172.16.0.1][32798] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...489] [ip4][..tcp] [.....172.16.0.1][32798] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...489] [ip4][..tcp] [.....172.16.0.1][32798] -> [..192.168.10.50][...80]
- guessed: [...490] [ip4][..tcp] [.....172.16.0.1][32812] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...490] [ip4][..tcp] [.....172.16.0.1][32812] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...490] [ip4][..tcp] [.....172.16.0.1][32812] -> [..192.168.10.50][...80]
- guessed: [...491] [ip4][..tcp] [.....172.16.0.1][32838] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...491] [ip4][..tcp] [.....172.16.0.1][32838] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...491] [ip4][..tcp] [.....172.16.0.1][32838] -> [..192.168.10.50][...80]
- guessed: [...486] [ip4][..tcp] [.....172.16.0.1][60976] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...486] [ip4][..tcp] [.....172.16.0.1][60976] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...486] [ip4][..tcp] [.....172.16.0.1][60976] -> [..192.168.10.50][...80]
new: [...563] [ip4][..tcp] [.....172.16.0.1][34158] -> [..192.168.10.50][...80]
new: [...564] [ip4][..tcp] [.....172.16.0.1][34184] -> [..192.168.10.50][...80]
@@ -1749,26 +1749,26 @@
new: [...566] [ip4][..tcp] [.....172.16.0.1][34224] -> [..192.168.10.50][...80]
new: [...567] [ip4][..tcp] [.....172.16.0.1][34238] -> [..192.168.10.50][...80]
new: [...568] [ip4][..tcp] [.....172.16.0.1][34252] -> [..192.168.10.50][...80]
- guessed: [...492] [ip4][..tcp] [.....172.16.0.1][32852] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...492] [ip4][..tcp] [.....172.16.0.1][32852] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...492] [ip4][..tcp] [.....172.16.0.1][32852] -> [..192.168.10.50][...80]
- guessed: [...493] [ip4][..tcp] [.....172.16.0.1][32878] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...493] [ip4][..tcp] [.....172.16.0.1][32878] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...493] [ip4][..tcp] [.....172.16.0.1][32878] -> [..192.168.10.50][...80]
- guessed: [...494] [ip4][..tcp] [.....172.16.0.1][32892] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...494] [ip4][..tcp] [.....172.16.0.1][32892] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...494] [ip4][..tcp] [.....172.16.0.1][32892] -> [..192.168.10.50][...80]
- guessed: [...496] [ip4][..tcp] [.....172.16.0.1][32932] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...496] [ip4][..tcp] [.....172.16.0.1][32932] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...496] [ip4][..tcp] [.....172.16.0.1][32932] -> [..192.168.10.50][...80]
- guessed: [...497] [ip4][..tcp] [.....172.16.0.1][32946] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...497] [ip4][..tcp] [.....172.16.0.1][32946] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...497] [ip4][..tcp] [.....172.16.0.1][32946] -> [..192.168.10.50][...80]
- end: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
+ end: [...458] [ip4][..tcp] [.....172.16.0.1][60464] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80]
new: [...570] [ip4][..tcp] [.....172.16.0.1][34292] -> [..192.168.10.50][...80]
- detected: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...571] [ip4][..tcp] [.....172.16.0.1][34318] -> [..192.168.10.50][...80]
new: [...572] [ip4][..tcp] [.....172.16.0.1][34332] -> [..192.168.10.50][...80]
new: [...573] [ip4][..tcp] [.....172.16.0.1][34346] -> [..192.168.10.50][...80]
- analyse: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.588| 0.498| 0.689| 474371.129| 3.700]
[PKTLEN......: 52.000| 1920.000| 704.700| 762.800| 581830.000| 4.100]
@@ -1778,17 +1778,17 @@
[IATS(ms)....: 0.2,0.7,2587.7,2588.4,3.7,4.5,1020.5,1024.9,4.4,244.7,248.4,3.7,1042.3,1047.0,4.6,242.3,246.0,3.7,1031.2,1034.9,3.7,241.4,245.1,3.6,0.5,1025.2,1029.3,3.8,251.3,255.5,4.2]
[PKTLENS.....: 60,60,52,637,52,1918,52,435,1822,52,637,1918,52,435,1822,52,637,1919,52,435,1822,52,637,1920,52,52,435,1822,52,637,1918,52]
[ENTROPIES...: 4.6,5.0,5.0,6.0,4.9,7.8,4.9,5.9,7.7,4.9,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9,7.7,4.9,6.0,7.8,4.9,4.9,5.9,7.7,4.8,6.0,7.7,4.9]
- guessed: [...498] [ip4][..tcp] [.....172.16.0.1][32960] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...498] [ip4][..tcp] [.....172.16.0.1][32960] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...498] [ip4][..tcp] [.....172.16.0.1][32960] -> [..192.168.10.50][...80]
- guessed: [...499] [ip4][..tcp] [.....172.16.0.1][32974] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...499] [ip4][..tcp] [.....172.16.0.1][32974] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...499] [ip4][..tcp] [.....172.16.0.1][32974] -> [..192.168.10.50][...80]
- guessed: [...500] [ip4][..tcp] [.....172.16.0.1][32988] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...500] [ip4][..tcp] [.....172.16.0.1][32988] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...500] [ip4][..tcp] [.....172.16.0.1][32988] -> [..192.168.10.50][...80]
- guessed: [...501] [ip4][..tcp] [.....172.16.0.1][33002] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...501] [ip4][..tcp] [.....172.16.0.1][33002] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...501] [ip4][..tcp] [.....172.16.0.1][33002] -> [..192.168.10.50][...80]
- guessed: [...502] [ip4][..tcp] [.....172.16.0.1][33028] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...502] [ip4][..tcp] [.....172.16.0.1][33028] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...502] [ip4][..tcp] [.....172.16.0.1][33028] -> [..192.168.10.50][...80]
- guessed: [...503] [ip4][..tcp] [.....172.16.0.1][33042] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...503] [ip4][..tcp] [.....172.16.0.1][33042] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...503] [ip4][..tcp] [.....172.16.0.1][33042] -> [..192.168.10.50][...80]
new: [...574] [ip4][..tcp] [.....172.16.0.1][34372] -> [..192.168.10.50][...80]
new: [...575] [ip4][..tcp] [.....172.16.0.1][34386] -> [..192.168.10.50][...80]
@@ -1796,17 +1796,17 @@
new: [...577] [ip4][..tcp] [.....172.16.0.1][34426] -> [..192.168.10.50][...80]
new: [...578] [ip4][..tcp] [.....172.16.0.1][34440] -> [..192.168.10.50][...80]
new: [...579] [ip4][..tcp] [.....172.16.0.1][34466] -> [..192.168.10.50][...80]
- guessed: [...504] [ip4][..tcp] [.....172.16.0.1][33068] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...504] [ip4][..tcp] [.....172.16.0.1][33068] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...504] [ip4][..tcp] [.....172.16.0.1][33068] -> [..192.168.10.50][...80]
- guessed: [...505] [ip4][..tcp] [.....172.16.0.1][33082] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...505] [ip4][..tcp] [.....172.16.0.1][33082] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...505] [ip4][..tcp] [.....172.16.0.1][33082] -> [..192.168.10.50][...80]
- guessed: [...506] [ip4][..tcp] [.....172.16.0.1][33096] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...506] [ip4][..tcp] [.....172.16.0.1][33096] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...506] [ip4][..tcp] [.....172.16.0.1][33096] -> [..192.168.10.50][...80]
- guessed: [...507] [ip4][..tcp] [.....172.16.0.1][33122] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...507] [ip4][..tcp] [.....172.16.0.1][33122] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...507] [ip4][..tcp] [.....172.16.0.1][33122] -> [..192.168.10.50][...80]
- guessed: [...508] [ip4][..tcp] [.....172.16.0.1][33136] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...508] [ip4][..tcp] [.....172.16.0.1][33136] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...508] [ip4][..tcp] [.....172.16.0.1][33136] -> [..192.168.10.50][...80]
- guessed: [...509] [ip4][..tcp] [.....172.16.0.1][33162] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...509] [ip4][..tcp] [.....172.16.0.1][33162] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...509] [ip4][..tcp] [.....172.16.0.1][33162] -> [..192.168.10.50][...80]
new: [...580] [ip4][..tcp] [.....172.16.0.1][34480] -> [..192.168.10.50][...80]
new: [...581] [ip4][..tcp] [.....172.16.0.1][34506] -> [..192.168.10.50][...80]
@@ -1815,34 +1815,34 @@
new: [...584] [ip4][..tcp] [.....172.16.0.1][34548] -> [..192.168.10.50][...80]
new: [...585] [ip4][..tcp] [.....172.16.0.1][34562] -> [..192.168.10.50][...80]
new: [...586] [ip4][..tcp] [.....172.16.0.1][34576] -> [..192.168.10.50][...80]
- guessed: [...510] [ip4][..tcp] [.....172.16.0.1][33176] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...510] [ip4][..tcp] [.....172.16.0.1][33176] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...510] [ip4][..tcp] [.....172.16.0.1][33176] -> [..192.168.10.50][...80]
- guessed: [...511] [ip4][..tcp] [.....172.16.0.1][33202] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...511] [ip4][..tcp] [.....172.16.0.1][33202] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...511] [ip4][..tcp] [.....172.16.0.1][33202] -> [..192.168.10.50][...80]
- guessed: [...512] [ip4][..tcp] [.....172.16.0.1][33216] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...512] [ip4][..tcp] [.....172.16.0.1][33216] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...512] [ip4][..tcp] [.....172.16.0.1][33216] -> [..192.168.10.50][...80]
- guessed: [...513] [ip4][..tcp] [.....172.16.0.1][33230] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...513] [ip4][..tcp] [.....172.16.0.1][33230] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...513] [ip4][..tcp] [.....172.16.0.1][33230] -> [..192.168.10.50][...80]
- guessed: [...514] [ip4][..tcp] [.....172.16.0.1][33256] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...514] [ip4][..tcp] [.....172.16.0.1][33256] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...514] [ip4][..tcp] [.....172.16.0.1][33256] -> [..192.168.10.50][...80]
- guessed: [...515] [ip4][..tcp] [.....172.16.0.1][33270] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...515] [ip4][..tcp] [.....172.16.0.1][33270] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...515] [ip4][..tcp] [.....172.16.0.1][33270] -> [..192.168.10.50][...80]
new: [...587] [ip4][..tcp] [.....172.16.0.1][34602] -> [..192.168.10.50][...80]
new: [...588] [ip4][..tcp] [.....172.16.0.1][34616] -> [..192.168.10.50][...80]
new: [...589] [ip4][..tcp] [.....172.16.0.1][34642] -> [..192.168.10.50][...80]
new: [...590] [ip4][..tcp] [.....172.16.0.1][34656] -> [..192.168.10.50][...80]
new: [...591] [ip4][..tcp] [.....172.16.0.1][34670] -> [..192.168.10.50][...80]
- guessed: [...516] [ip4][..tcp] [.....172.16.0.1][33296] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...516] [ip4][..tcp] [.....172.16.0.1][33296] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...516] [ip4][..tcp] [.....172.16.0.1][33296] -> [..192.168.10.50][...80]
- guessed: [...517] [ip4][..tcp] [.....172.16.0.1][33310] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...517] [ip4][..tcp] [.....172.16.0.1][33310] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...517] [ip4][..tcp] [.....172.16.0.1][33310] -> [..192.168.10.50][...80]
- guessed: [...518] [ip4][..tcp] [.....172.16.0.1][33324] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...518] [ip4][..tcp] [.....172.16.0.1][33324] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...518] [ip4][..tcp] [.....172.16.0.1][33324] -> [..192.168.10.50][...80]
- guessed: [...519] [ip4][..tcp] [.....172.16.0.1][33350] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...519] [ip4][..tcp] [.....172.16.0.1][33350] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...519] [ip4][..tcp] [.....172.16.0.1][33350] -> [..192.168.10.50][...80]
- guessed: [...520] [ip4][..tcp] [.....172.16.0.1][33364] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...520] [ip4][..tcp] [.....172.16.0.1][33364] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...520] [ip4][..tcp] [.....172.16.0.1][33364] -> [..192.168.10.50][...80]
- guessed: [...521] [ip4][..tcp] [.....172.16.0.1][33378] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...521] [ip4][..tcp] [.....172.16.0.1][33378] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...521] [ip4][..tcp] [.....172.16.0.1][33378] -> [..192.168.10.50][...80]
new: [...592] [ip4][..tcp] [.....172.16.0.1][34696] -> [..192.168.10.50][...80]
new: [...593] [ip4][..tcp] [.....172.16.0.1][34710] -> [..192.168.10.50][...80]
@@ -1851,17 +1851,17 @@
new: [...596] [ip4][..tcp] [.....172.16.0.1][34752] -> [..192.168.10.50][...80]
new: [...597] [ip4][..tcp] [.....172.16.0.1][34766] -> [..192.168.10.50][...80]
new: [...598] [ip4][..tcp] [.....172.16.0.1][34792] -> [..192.168.10.50][...80]
- guessed: [...522] [ip4][..tcp] [.....172.16.0.1][33404] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...522] [ip4][..tcp] [.....172.16.0.1][33404] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...522] [ip4][..tcp] [.....172.16.0.1][33404] -> [..192.168.10.50][...80]
- guessed: [...523] [ip4][..tcp] [.....172.16.0.1][33418] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...523] [ip4][..tcp] [.....172.16.0.1][33418] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...523] [ip4][..tcp] [.....172.16.0.1][33418] -> [..192.168.10.50][...80]
- guessed: [...524] [ip4][..tcp] [.....172.16.0.1][33444] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...524] [ip4][..tcp] [.....172.16.0.1][33444] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...524] [ip4][..tcp] [.....172.16.0.1][33444] -> [..192.168.10.50][...80]
- guessed: [...525] [ip4][..tcp] [.....172.16.0.1][33458] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...525] [ip4][..tcp] [.....172.16.0.1][33458] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...525] [ip4][..tcp] [.....172.16.0.1][33458] -> [..192.168.10.50][...80]
- guessed: [...526] [ip4][..tcp] [.....172.16.0.1][33472] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...526] [ip4][..tcp] [.....172.16.0.1][33472] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...526] [ip4][..tcp] [.....172.16.0.1][33472] -> [..192.168.10.50][...80]
- guessed: [...527] [ip4][..tcp] [.....172.16.0.1][33486] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...527] [ip4][..tcp] [.....172.16.0.1][33486] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...527] [ip4][..tcp] [.....172.16.0.1][33486] -> [..192.168.10.50][...80]
new: [...599] [ip4][..tcp] [.....172.16.0.1][34806] -> [..192.168.10.50][...80]
new: [...600] [ip4][..tcp] [.....172.16.0.1][34832] -> [..192.168.10.50][...80]
@@ -1869,41 +1869,41 @@
new: [...602] [ip4][..tcp] [.....172.16.0.1][34860] -> [..192.168.10.50][...80]
new: [...603] [ip4][..tcp] [.....172.16.0.1][34886] -> [..192.168.10.50][...80]
new: [...604] [ip4][..tcp] [.....172.16.0.1][34900] -> [..192.168.10.50][...80]
- end: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
- guessed: [...528] [ip4][..tcp] [.....172.16.0.1][33500] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...495] [ip4][..tcp] [.....172.16.0.1][32906] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...528] [ip4][..tcp] [.....172.16.0.1][33500] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...528] [ip4][..tcp] [.....172.16.0.1][33500] -> [..192.168.10.50][...80]
- guessed: [...529] [ip4][..tcp] [.....172.16.0.1][33526] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...529] [ip4][..tcp] [.....172.16.0.1][33526] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...529] [ip4][..tcp] [.....172.16.0.1][33526] -> [..192.168.10.50][...80]
- guessed: [...530] [ip4][..tcp] [.....172.16.0.1][33540] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...530] [ip4][..tcp] [.....172.16.0.1][33540] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...530] [ip4][..tcp] [.....172.16.0.1][33540] -> [..192.168.10.50][...80]
- guessed: [...531] [ip4][..tcp] [.....172.16.0.1][33554] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...531] [ip4][..tcp] [.....172.16.0.1][33554] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...531] [ip4][..tcp] [.....172.16.0.1][33554] -> [..192.168.10.50][...80]
- guessed: [...533] [ip4][..tcp] [.....172.16.0.1][33594] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...533] [ip4][..tcp] [.....172.16.0.1][33594] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...533] [ip4][..tcp] [.....172.16.0.1][33594] -> [..192.168.10.50][...80]
new: [...605] [ip4][..tcp] [.....172.16.0.1][34926] -> [..192.168.10.50][...80]
new: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80]
new: [...607] [ip4][..tcp] [.....172.16.0.1][34954] -> [..192.168.10.50][...80]
new: [...608] [ip4][..tcp] [.....172.16.0.1][34980] -> [..192.168.10.50][...80]
- detected: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...609] [ip4][..tcp] [.....172.16.0.1][34994] -> [..192.168.10.50][...80]
- guessed: [...534] [ip4][..tcp] [.....172.16.0.1][33608] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...534] [ip4][..tcp] [.....172.16.0.1][33608] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...534] [ip4][..tcp] [.....172.16.0.1][33608] -> [..192.168.10.50][...80]
- guessed: [...535] [ip4][..tcp] [.....172.16.0.1][33634] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...535] [ip4][..tcp] [.....172.16.0.1][33634] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...535] [ip4][..tcp] [.....172.16.0.1][33634] -> [..192.168.10.50][...80]
- guessed: [...536] [ip4][..tcp] [.....172.16.0.1][33648] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...536] [ip4][..tcp] [.....172.16.0.1][33648] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...536] [ip4][..tcp] [.....172.16.0.1][33648] -> [..192.168.10.50][...80]
- guessed: [...537] [ip4][..tcp] [.....172.16.0.1][33674] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...537] [ip4][..tcp] [.....172.16.0.1][33674] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...537] [ip4][..tcp] [.....172.16.0.1][33674] -> [..192.168.10.50][...80]
- guessed: [...538] [ip4][..tcp] [.....172.16.0.1][33688] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...538] [ip4][..tcp] [.....172.16.0.1][33688] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...538] [ip4][..tcp] [.....172.16.0.1][33688] -> [..192.168.10.50][...80]
- guessed: [...539] [ip4][..tcp] [.....172.16.0.1][33702] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...539] [ip4][..tcp] [.....172.16.0.1][33702] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...539] [ip4][..tcp] [.....172.16.0.1][33702] -> [..192.168.10.50][...80]
new: [...610] [ip4][..tcp] [.....172.16.0.1][35020] -> [..192.168.10.50][...80]
new: [...611] [ip4][..tcp] [.....172.16.0.1][35034] -> [..192.168.10.50][...80]
new: [...612] [ip4][..tcp] [.....172.16.0.1][35048] -> [..192.168.10.50][...80]
- analyse: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 4.897| 0.655| 1.187| 1408178.323| 3.500]
[PKTLEN......: 52.000| 1920.000| 713.800| 751.000| 564013.200| 4.200]
@@ -1916,13 +1916,13 @@
new: [...613] [ip4][..tcp] [.....172.16.0.1][35074] -> [..192.168.10.50][...80]
new: [...614] [ip4][..tcp] [.....172.16.0.1][35088] -> [..192.168.10.50][...80]
new: [...615] [ip4][..tcp] [.....172.16.0.1][35114] -> [..192.168.10.50][...80]
- guessed: [...540] [ip4][..tcp] [.....172.16.0.1][33728] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...540] [ip4][..tcp] [.....172.16.0.1][33728] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...540] [ip4][..tcp] [.....172.16.0.1][33728] -> [..192.168.10.50][...80]
- guessed: [...541] [ip4][..tcp] [.....172.16.0.1][33742] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...541] [ip4][..tcp] [.....172.16.0.1][33742] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...541] [ip4][..tcp] [.....172.16.0.1][33742] -> [..192.168.10.50][...80]
- guessed: [...542] [ip4][..tcp] [.....172.16.0.1][33768] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...542] [ip4][..tcp] [.....172.16.0.1][33768] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...542] [ip4][..tcp] [.....172.16.0.1][33768] -> [..192.168.10.50][...80]
- guessed: [...543] [ip4][..tcp] [.....172.16.0.1][33782] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...543] [ip4][..tcp] [.....172.16.0.1][33782] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...543] [ip4][..tcp] [.....172.16.0.1][33782] -> [..192.168.10.50][...80]
new: [...616] [ip4][..tcp] [.....172.16.0.1][35128] -> [..192.168.10.50][...80]
new: [...617] [ip4][..tcp] [.....172.16.0.1][35142] -> [..192.168.10.50][...80]
@@ -1930,36 +1930,36 @@
new: [...619] [ip4][..tcp] [.....172.16.0.1][35182] -> [..192.168.10.50][...80]
new: [...620] [ip4][..tcp] [.....172.16.0.1][35208] -> [..192.168.10.50][...80]
new: [...621] [ip4][..tcp] [.....172.16.0.1][35222] -> [..192.168.10.50][...80]
- guessed: [...544] [ip4][..tcp] [.....172.16.0.1][33808] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...544] [ip4][..tcp] [.....172.16.0.1][33808] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...544] [ip4][..tcp] [.....172.16.0.1][33808] -> [..192.168.10.50][...80]
- guessed: [...545] [ip4][..tcp] [.....172.16.0.1][33822] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...545] [ip4][..tcp] [.....172.16.0.1][33822] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...545] [ip4][..tcp] [.....172.16.0.1][33822] -> [..192.168.10.50][...80]
- guessed: [...546] [ip4][..tcp] [.....172.16.0.1][33836] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...546] [ip4][..tcp] [.....172.16.0.1][33836] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...546] [ip4][..tcp] [.....172.16.0.1][33836] -> [..192.168.10.50][...80]
- guessed: [...547] [ip4][..tcp] [.....172.16.0.1][33862] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...547] [ip4][..tcp] [.....172.16.0.1][33862] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...547] [ip4][..tcp] [.....172.16.0.1][33862] -> [..192.168.10.50][...80]
- guessed: [...548] [ip4][..tcp] [.....172.16.0.1][33876] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...548] [ip4][..tcp] [.....172.16.0.1][33876] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...548] [ip4][..tcp] [.....172.16.0.1][33876] -> [..192.168.10.50][...80]
- guessed: [...549] [ip4][..tcp] [.....172.16.0.1][33902] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...549] [ip4][..tcp] [.....172.16.0.1][33902] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...549] [ip4][..tcp] [.....172.16.0.1][33902] -> [..192.168.10.50][...80]
- guessed: [...550] [ip4][..tcp] [.....172.16.0.1][33916] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...550] [ip4][..tcp] [.....172.16.0.1][33916] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...550] [ip4][..tcp] [.....172.16.0.1][33916] -> [..192.168.10.50][...80]
new: [...622] [ip4][..tcp] [.....172.16.0.1][35236] -> [..192.168.10.50][...80]
new: [...623] [ip4][..tcp] [.....172.16.0.1][35262] -> [..192.168.10.50][...80]
new: [...624] [ip4][..tcp] [.....172.16.0.1][35276] -> [..192.168.10.50][...80]
new: [...625] [ip4][..tcp] [.....172.16.0.1][35302] -> [..192.168.10.50][...80]
new: [...626] [ip4][..tcp] [.....172.16.0.1][35316] -> [..192.168.10.50][...80]
- guessed: [...551] [ip4][..tcp] [.....172.16.0.1][33930] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...551] [ip4][..tcp] [.....172.16.0.1][33930] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...551] [ip4][..tcp] [.....172.16.0.1][33930] -> [..192.168.10.50][...80]
- guessed: [...552] [ip4][..tcp] [.....172.16.0.1][33956] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...552] [ip4][..tcp] [.....172.16.0.1][33956] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...552] [ip4][..tcp] [.....172.16.0.1][33956] -> [..192.168.10.50][...80]
- guessed: [...553] [ip4][..tcp] [.....172.16.0.1][33970] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...553] [ip4][..tcp] [.....172.16.0.1][33970] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...553] [ip4][..tcp] [.....172.16.0.1][33970] -> [..192.168.10.50][...80]
- guessed: [...554] [ip4][..tcp] [.....172.16.0.1][33996] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...554] [ip4][..tcp] [.....172.16.0.1][33996] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...554] [ip4][..tcp] [.....172.16.0.1][33996] -> [..192.168.10.50][...80]
- guessed: [...555] [ip4][..tcp] [.....172.16.0.1][34010] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...555] [ip4][..tcp] [.....172.16.0.1][34010] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...555] [ip4][..tcp] [.....172.16.0.1][34010] -> [..192.168.10.50][...80]
- guessed: [...556] [ip4][..tcp] [.....172.16.0.1][34024] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...556] [ip4][..tcp] [.....172.16.0.1][34024] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...556] [ip4][..tcp] [.....172.16.0.1][34024] -> [..192.168.10.50][...80]
new: [...627] [ip4][..tcp] [.....172.16.0.1][35342] -> [..192.168.10.50][...80]
new: [...628] [ip4][..tcp] [.....172.16.0.1][35356] -> [..192.168.10.50][...80]
@@ -1967,15 +1967,15 @@
new: [...630] [ip4][..tcp] [.....172.16.0.1][35396] -> [..192.168.10.50][...80]
new: [...631] [ip4][..tcp] [.....172.16.0.1][35410] -> [..192.168.10.50][...80]
new: [...632] [ip4][..tcp] [.....172.16.0.1][35436] -> [..192.168.10.50][...80]
- guessed: [...557] [ip4][..tcp] [.....172.16.0.1][34050] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...557] [ip4][..tcp] [.....172.16.0.1][34050] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...557] [ip4][..tcp] [.....172.16.0.1][34050] -> [..192.168.10.50][...80]
- guessed: [...558] [ip4][..tcp] [.....172.16.0.1][34064] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...558] [ip4][..tcp] [.....172.16.0.1][34064] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...558] [ip4][..tcp] [.....172.16.0.1][34064] -> [..192.168.10.50][...80]
- guessed: [...559] [ip4][..tcp] [.....172.16.0.1][34090] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...559] [ip4][..tcp] [.....172.16.0.1][34090] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...559] [ip4][..tcp] [.....172.16.0.1][34090] -> [..192.168.10.50][...80]
- guessed: [...560] [ip4][..tcp] [.....172.16.0.1][34104] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...560] [ip4][..tcp] [.....172.16.0.1][34104] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...560] [ip4][..tcp] [.....172.16.0.1][34104] -> [..192.168.10.50][...80]
- guessed: [...561] [ip4][..tcp] [.....172.16.0.1][34118] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...561] [ip4][..tcp] [.....172.16.0.1][34118] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...561] [ip4][..tcp] [.....172.16.0.1][34118] -> [..192.168.10.50][...80]
new: [...633] [ip4][..tcp] [.....172.16.0.1][35450] -> [..192.168.10.50][...80]
new: [...634] [ip4][..tcp] [.....172.16.0.1][35464] -> [..192.168.10.50][...80]
@@ -1984,17 +1984,17 @@
new: [...637] [ip4][..tcp] [.....172.16.0.1][35518] -> [..192.168.10.50][...80]
new: [...638] [ip4][..tcp] [.....172.16.0.1][35532] -> [..192.168.10.50][...80]
new: [...639] [ip4][..tcp] [.....172.16.0.1][35546] -> [..192.168.10.50][...80]
- guessed: [...562] [ip4][..tcp] [.....172.16.0.1][34144] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...562] [ip4][..tcp] [.....172.16.0.1][34144] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...562] [ip4][..tcp] [.....172.16.0.1][34144] -> [..192.168.10.50][...80]
- guessed: [...563] [ip4][..tcp] [.....172.16.0.1][34158] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...563] [ip4][..tcp] [.....172.16.0.1][34158] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...563] [ip4][..tcp] [.....172.16.0.1][34158] -> [..192.168.10.50][...80]
- guessed: [...564] [ip4][..tcp] [.....172.16.0.1][34184] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...564] [ip4][..tcp] [.....172.16.0.1][34184] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...564] [ip4][..tcp] [.....172.16.0.1][34184] -> [..192.168.10.50][...80]
- guessed: [...565] [ip4][..tcp] [.....172.16.0.1][34198] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...565] [ip4][..tcp] [.....172.16.0.1][34198] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...565] [ip4][..tcp] [.....172.16.0.1][34198] -> [..192.168.10.50][...80]
- guessed: [...566] [ip4][..tcp] [.....172.16.0.1][34224] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...566] [ip4][..tcp] [.....172.16.0.1][34224] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...566] [ip4][..tcp] [.....172.16.0.1][34224] -> [..192.168.10.50][...80]
- guessed: [...567] [ip4][..tcp] [.....172.16.0.1][34238] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...567] [ip4][..tcp] [.....172.16.0.1][34238] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...567] [ip4][..tcp] [.....172.16.0.1][34238] -> [..192.168.10.50][...80]
new: [...640] [ip4][..tcp] [.....172.16.0.1][35560] -> [..192.168.10.50][...80]
new: [...641] [ip4][..tcp] [.....172.16.0.1][35586] -> [..192.168.10.50][...80]
@@ -2002,25 +2002,25 @@
new: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80]
new: [...644] [ip4][..tcp] [.....172.16.0.1][35640] -> [..192.168.10.50][...80]
new: [...645] [ip4][..tcp] [.....172.16.0.1][35654] -> [..192.168.10.50][...80]
- end: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [...568] [ip4][..tcp] [.....172.16.0.1][34252] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...532] [ip4][..tcp] [.....172.16.0.1][33580] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...568] [ip4][..tcp] [.....172.16.0.1][34252] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...568] [ip4][..tcp] [.....172.16.0.1][34252] -> [..192.168.10.50][...80]
- guessed: [...570] [ip4][..tcp] [.....172.16.0.1][34292] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...570] [ip4][..tcp] [.....172.16.0.1][34292] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...570] [ip4][..tcp] [.....172.16.0.1][34292] -> [..192.168.10.50][...80]
- guessed: [...571] [ip4][..tcp] [.....172.16.0.1][34318] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...571] [ip4][..tcp] [.....172.16.0.1][34318] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...571] [ip4][..tcp] [.....172.16.0.1][34318] -> [..192.168.10.50][...80]
- guessed: [...572] [ip4][..tcp] [.....172.16.0.1][34332] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...572] [ip4][..tcp] [.....172.16.0.1][34332] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...572] [ip4][..tcp] [.....172.16.0.1][34332] -> [..192.168.10.50][...80]
- guessed: [...573] [ip4][..tcp] [.....172.16.0.1][34346] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...573] [ip4][..tcp] [.....172.16.0.1][34346] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...573] [ip4][..tcp] [.....172.16.0.1][34346] -> [..192.168.10.50][...80]
new: [...646] [ip4][..tcp] [.....172.16.0.1][35668] -> [..192.168.10.50][...80]
- detected: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][205.174.165.68]
- RISK: HTTP Numeric IP Address
+ detected: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][205.174.165.68]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
new: [...647] [ip4][..tcp] [.....172.16.0.1][35682] -> [..192.168.10.50][...80]
new: [...648] [ip4][..tcp] [.....172.16.0.1][35696] -> [..192.168.10.50][...80]
new: [...649] [ip4][..tcp] [.....172.16.0.1][35722] -> [..192.168.10.50][...80]
- analyse: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+ analyse: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.954| 0.620| 0.972| 945707.024| 3.700]
[PKTLEN......: 52.000| 1920.000| 716.700| 755.500| 570797.200| 4.200]
@@ -2032,15 +2032,15 @@
[ENTROPIES...: 4.6,5.1,5.0,6.0,4.9,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,5.0,6.0,7.8,5.0,5.9,7.7,4.9,6.0,7.8,4.9,5.9]
new: [...650] [ip4][..tcp] [.....172.16.0.1][35736] -> [..192.168.10.50][...80]
new: [...651] [ip4][..tcp] [.....172.16.0.1][35762] -> [..192.168.10.50][...80]
- guessed: [...574] [ip4][..tcp] [.....172.16.0.1][34372] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...574] [ip4][..tcp] [.....172.16.0.1][34372] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...574] [ip4][..tcp] [.....172.16.0.1][34372] -> [..192.168.10.50][...80]
- guessed: [...575] [ip4][..tcp] [.....172.16.0.1][34386] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...575] [ip4][..tcp] [.....172.16.0.1][34386] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...575] [ip4][..tcp] [.....172.16.0.1][34386] -> [..192.168.10.50][...80]
- guessed: [...576] [ip4][..tcp] [.....172.16.0.1][34412] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...576] [ip4][..tcp] [.....172.16.0.1][34412] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...576] [ip4][..tcp] [.....172.16.0.1][34412] -> [..192.168.10.50][...80]
- guessed: [...577] [ip4][..tcp] [.....172.16.0.1][34426] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...577] [ip4][..tcp] [.....172.16.0.1][34426] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...577] [ip4][..tcp] [.....172.16.0.1][34426] -> [..192.168.10.50][...80]
- guessed: [...578] [ip4][..tcp] [.....172.16.0.1][34440] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...578] [ip4][..tcp] [.....172.16.0.1][34440] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...578] [ip4][..tcp] [.....172.16.0.1][34440] -> [..192.168.10.50][...80]
new: [...652] [ip4][..tcp] [.....172.16.0.1][35776] -> [..192.168.10.50][...80]
new: [...653] [ip4][..tcp] [.....172.16.0.1][35790] -> [..192.168.10.50][...80]
@@ -2048,176 +2048,176 @@
new: [...655] [ip4][..tcp] [.....172.16.0.1][35830] -> [..192.168.10.50][...80]
new: [...656] [ip4][..tcp] [.....172.16.0.1][35856] -> [..192.168.10.50][...80]
new: [...657] [ip4][..tcp] [.....172.16.0.1][35870] -> [..192.168.10.50][...80]
- guessed: [...579] [ip4][..tcp] [.....172.16.0.1][34466] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...579] [ip4][..tcp] [.....172.16.0.1][34466] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...579] [ip4][..tcp] [.....172.16.0.1][34466] -> [..192.168.10.50][...80]
- guessed: [...580] [ip4][..tcp] [.....172.16.0.1][34480] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...580] [ip4][..tcp] [.....172.16.0.1][34480] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...580] [ip4][..tcp] [.....172.16.0.1][34480] -> [..192.168.10.50][...80]
- guessed: [...581] [ip4][..tcp] [.....172.16.0.1][34506] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...581] [ip4][..tcp] [.....172.16.0.1][34506] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...581] [ip4][..tcp] [.....172.16.0.1][34506] -> [..192.168.10.50][...80]
- guessed: [...582] [ip4][..tcp] [.....172.16.0.1][34520] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...582] [ip4][..tcp] [.....172.16.0.1][34520] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...582] [ip4][..tcp] [.....172.16.0.1][34520] -> [..192.168.10.50][...80]
- guessed: [...583] [ip4][..tcp] [.....172.16.0.1][34534] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...583] [ip4][..tcp] [.....172.16.0.1][34534] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...583] [ip4][..tcp] [.....172.16.0.1][34534] -> [..192.168.10.50][...80]
- guessed: [...584] [ip4][..tcp] [.....172.16.0.1][34548] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...584] [ip4][..tcp] [.....172.16.0.1][34548] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...584] [ip4][..tcp] [.....172.16.0.1][34548] -> [..192.168.10.50][...80]
- guessed: [...585] [ip4][..tcp] [.....172.16.0.1][34562] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...585] [ip4][..tcp] [.....172.16.0.1][34562] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...585] [ip4][..tcp] [.....172.16.0.1][34562] -> [..192.168.10.50][...80]
new: [...658] [ip4][..tcp] [.....172.16.0.1][35884] -> [..192.168.10.50][...80]
new: [...659] [ip4][..tcp] [.....172.16.0.1][35910] -> [..192.168.10.50][...80]
new: [...660] [ip4][..tcp] [.....172.16.0.1][35924] -> [..192.168.10.50][...80]
new: [...661] [ip4][..tcp] [.....172.16.0.1][35950] -> [..192.168.10.50][...80]
- guessed: [...586] [ip4][..tcp] [.....172.16.0.1][34576] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...586] [ip4][..tcp] [.....172.16.0.1][34576] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...586] [ip4][..tcp] [.....172.16.0.1][34576] -> [..192.168.10.50][...80]
- guessed: [...587] [ip4][..tcp] [.....172.16.0.1][34602] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...587] [ip4][..tcp] [.....172.16.0.1][34602] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...587] [ip4][..tcp] [.....172.16.0.1][34602] -> [..192.168.10.50][...80]
- guessed: [...588] [ip4][..tcp] [.....172.16.0.1][34616] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...588] [ip4][..tcp] [.....172.16.0.1][34616] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...588] [ip4][..tcp] [.....172.16.0.1][34616] -> [..192.168.10.50][...80]
- guessed: [...589] [ip4][..tcp] [.....172.16.0.1][34642] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...589] [ip4][..tcp] [.....172.16.0.1][34642] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...589] [ip4][..tcp] [.....172.16.0.1][34642] -> [..192.168.10.50][...80]
- guessed: [...590] [ip4][..tcp] [.....172.16.0.1][34656] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...590] [ip4][..tcp] [.....172.16.0.1][34656] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...590] [ip4][..tcp] [.....172.16.0.1][34656] -> [..192.168.10.50][...80]
- guessed: [...591] [ip4][..tcp] [.....172.16.0.1][34670] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...591] [ip4][..tcp] [.....172.16.0.1][34670] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...591] [ip4][..tcp] [.....172.16.0.1][34670] -> [..192.168.10.50][...80]
- guessed: [...592] [ip4][..tcp] [.....172.16.0.1][34696] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...592] [ip4][..tcp] [.....172.16.0.1][34696] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...592] [ip4][..tcp] [.....172.16.0.1][34696] -> [..192.168.10.50][...80]
- guessed: [...593] [ip4][..tcp] [.....172.16.0.1][34710] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...593] [ip4][..tcp] [.....172.16.0.1][34710] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...593] [ip4][..tcp] [.....172.16.0.1][34710] -> [..192.168.10.50][...80]
- guessed: [...594] [ip4][..tcp] [.....172.16.0.1][34724] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...594] [ip4][..tcp] [.....172.16.0.1][34724] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...594] [ip4][..tcp] [.....172.16.0.1][34724] -> [..192.168.10.50][...80]
- guessed: [...595] [ip4][..tcp] [.....172.16.0.1][34738] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...595] [ip4][..tcp] [.....172.16.0.1][34738] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...595] [ip4][..tcp] [.....172.16.0.1][34738] -> [..192.168.10.50][...80]
- guessed: [...596] [ip4][..tcp] [.....172.16.0.1][34752] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...596] [ip4][..tcp] [.....172.16.0.1][34752] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...596] [ip4][..tcp] [.....172.16.0.1][34752] -> [..192.168.10.50][...80]
- guessed: [...597] [ip4][..tcp] [.....172.16.0.1][34766] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...597] [ip4][..tcp] [.....172.16.0.1][34766] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...597] [ip4][..tcp] [.....172.16.0.1][34766] -> [..192.168.10.50][...80]
- guessed: [...598] [ip4][..tcp] [.....172.16.0.1][34792] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...598] [ip4][..tcp] [.....172.16.0.1][34792] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...598] [ip4][..tcp] [.....172.16.0.1][34792] -> [..192.168.10.50][...80]
- guessed: [...599] [ip4][..tcp] [.....172.16.0.1][34806] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...599] [ip4][..tcp] [.....172.16.0.1][34806] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...599] [ip4][..tcp] [.....172.16.0.1][34806] -> [..192.168.10.50][...80]
- guessed: [...600] [ip4][..tcp] [.....172.16.0.1][34832] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...600] [ip4][..tcp] [.....172.16.0.1][34832] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...600] [ip4][..tcp] [.....172.16.0.1][34832] -> [..192.168.10.50][...80]
- guessed: [...601] [ip4][..tcp] [.....172.16.0.1][34846] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...601] [ip4][..tcp] [.....172.16.0.1][34846] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...601] [ip4][..tcp] [.....172.16.0.1][34846] -> [..192.168.10.50][...80]
- guessed: [...602] [ip4][..tcp] [.....172.16.0.1][34860] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...602] [ip4][..tcp] [.....172.16.0.1][34860] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...602] [ip4][..tcp] [.....172.16.0.1][34860] -> [..192.168.10.50][...80]
- guessed: [...603] [ip4][..tcp] [.....172.16.0.1][34886] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...603] [ip4][..tcp] [.....172.16.0.1][34886] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...603] [ip4][..tcp] [.....172.16.0.1][34886] -> [..192.168.10.50][...80]
- guessed: [...604] [ip4][..tcp] [.....172.16.0.1][34900] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...604] [ip4][..tcp] [.....172.16.0.1][34900] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...604] [ip4][..tcp] [.....172.16.0.1][34900] -> [..192.168.10.50][...80]
- guessed: [...605] [ip4][..tcp] [.....172.16.0.1][34926] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...605] [ip4][..tcp] [.....172.16.0.1][34926] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...605] [ip4][..tcp] [.....172.16.0.1][34926] -> [..192.168.10.50][...80]
- end: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: HTTP Numeric IP Address
- guessed: [...607] [ip4][..tcp] [.....172.16.0.1][34954] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ end: [...606] [ip4][..tcp] [.....172.16.0.1][34940] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...607] [ip4][..tcp] [.....172.16.0.1][34954] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...607] [ip4][..tcp] [.....172.16.0.1][34954] -> [..192.168.10.50][...80]
- guessed: [...608] [ip4][..tcp] [.....172.16.0.1][34980] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...608] [ip4][..tcp] [.....172.16.0.1][34980] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...608] [ip4][..tcp] [.....172.16.0.1][34980] -> [..192.168.10.50][...80]
- guessed: [...609] [ip4][..tcp] [.....172.16.0.1][34994] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...609] [ip4][..tcp] [.....172.16.0.1][34994] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...609] [ip4][..tcp] [.....172.16.0.1][34994] -> [..192.168.10.50][...80]
- guessed: [...610] [ip4][..tcp] [.....172.16.0.1][35020] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...610] [ip4][..tcp] [.....172.16.0.1][35020] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...610] [ip4][..tcp] [.....172.16.0.1][35020] -> [..192.168.10.50][...80]
- guessed: [...611] [ip4][..tcp] [.....172.16.0.1][35034] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...611] [ip4][..tcp] [.....172.16.0.1][35034] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...611] [ip4][..tcp] [.....172.16.0.1][35034] -> [..192.168.10.50][...80]
- guessed: [...612] [ip4][..tcp] [.....172.16.0.1][35048] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...612] [ip4][..tcp] [.....172.16.0.1][35048] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...612] [ip4][..tcp] [.....172.16.0.1][35048] -> [..192.168.10.50][...80]
- guessed: [...613] [ip4][..tcp] [.....172.16.0.1][35074] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...613] [ip4][..tcp] [.....172.16.0.1][35074] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...613] [ip4][..tcp] [.....172.16.0.1][35074] -> [..192.168.10.50][...80]
- guessed: [...614] [ip4][..tcp] [.....172.16.0.1][35088] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...614] [ip4][..tcp] [.....172.16.0.1][35088] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...614] [ip4][..tcp] [.....172.16.0.1][35088] -> [..192.168.10.50][...80]
- guessed: [...615] [ip4][..tcp] [.....172.16.0.1][35114] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...615] [ip4][..tcp] [.....172.16.0.1][35114] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...615] [ip4][..tcp] [.....172.16.0.1][35114] -> [..192.168.10.50][...80]
- guessed: [...616] [ip4][..tcp] [.....172.16.0.1][35128] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...616] [ip4][..tcp] [.....172.16.0.1][35128] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...616] [ip4][..tcp] [.....172.16.0.1][35128] -> [..192.168.10.50][...80]
- guessed: [...617] [ip4][..tcp] [.....172.16.0.1][35142] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...617] [ip4][..tcp] [.....172.16.0.1][35142] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...617] [ip4][..tcp] [.....172.16.0.1][35142] -> [..192.168.10.50][...80]
- guessed: [...618] [ip4][..tcp] [.....172.16.0.1][35168] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...618] [ip4][..tcp] [.....172.16.0.1][35168] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...618] [ip4][..tcp] [.....172.16.0.1][35168] -> [..192.168.10.50][...80]
- guessed: [...619] [ip4][..tcp] [.....172.16.0.1][35182] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...619] [ip4][..tcp] [.....172.16.0.1][35182] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...619] [ip4][..tcp] [.....172.16.0.1][35182] -> [..192.168.10.50][...80]
- guessed: [...620] [ip4][..tcp] [.....172.16.0.1][35208] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...620] [ip4][..tcp] [.....172.16.0.1][35208] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...620] [ip4][..tcp] [.....172.16.0.1][35208] -> [..192.168.10.50][...80]
- guessed: [...621] [ip4][..tcp] [.....172.16.0.1][35222] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...621] [ip4][..tcp] [.....172.16.0.1][35222] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...621] [ip4][..tcp] [.....172.16.0.1][35222] -> [..192.168.10.50][...80]
- guessed: [...622] [ip4][..tcp] [.....172.16.0.1][35236] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...622] [ip4][..tcp] [.....172.16.0.1][35236] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...622] [ip4][..tcp] [.....172.16.0.1][35236] -> [..192.168.10.50][...80]
- guessed: [...623] [ip4][..tcp] [.....172.16.0.1][35262] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...623] [ip4][..tcp] [.....172.16.0.1][35262] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...623] [ip4][..tcp] [.....172.16.0.1][35262] -> [..192.168.10.50][...80]
- guessed: [...624] [ip4][..tcp] [.....172.16.0.1][35276] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...624] [ip4][..tcp] [.....172.16.0.1][35276] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...624] [ip4][..tcp] [.....172.16.0.1][35276] -> [..192.168.10.50][...80]
- guessed: [...625] [ip4][..tcp] [.....172.16.0.1][35302] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...625] [ip4][..tcp] [.....172.16.0.1][35302] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...625] [ip4][..tcp] [.....172.16.0.1][35302] -> [..192.168.10.50][...80]
- guessed: [...626] [ip4][..tcp] [.....172.16.0.1][35316] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...626] [ip4][..tcp] [.....172.16.0.1][35316] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...626] [ip4][..tcp] [.....172.16.0.1][35316] -> [..192.168.10.50][...80]
- guessed: [...627] [ip4][..tcp] [.....172.16.0.1][35342] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...627] [ip4][..tcp] [.....172.16.0.1][35342] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...627] [ip4][..tcp] [.....172.16.0.1][35342] -> [..192.168.10.50][...80]
- guessed: [...628] [ip4][..tcp] [.....172.16.0.1][35356] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...628] [ip4][..tcp] [.....172.16.0.1][35356] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...628] [ip4][..tcp] [.....172.16.0.1][35356] -> [..192.168.10.50][...80]
- guessed: [...629] [ip4][..tcp] [.....172.16.0.1][35370] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...629] [ip4][..tcp] [.....172.16.0.1][35370] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...629] [ip4][..tcp] [.....172.16.0.1][35370] -> [..192.168.10.50][...80]
- guessed: [...630] [ip4][..tcp] [.....172.16.0.1][35396] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...630] [ip4][..tcp] [.....172.16.0.1][35396] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...630] [ip4][..tcp] [.....172.16.0.1][35396] -> [..192.168.10.50][...80]
- guessed: [...631] [ip4][..tcp] [.....172.16.0.1][35410] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...631] [ip4][..tcp] [.....172.16.0.1][35410] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...631] [ip4][..tcp] [.....172.16.0.1][35410] -> [..192.168.10.50][...80]
- guessed: [...632] [ip4][..tcp] [.....172.16.0.1][35436] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...632] [ip4][..tcp] [.....172.16.0.1][35436] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...632] [ip4][..tcp] [.....172.16.0.1][35436] -> [..192.168.10.50][...80]
- guessed: [...633] [ip4][..tcp] [.....172.16.0.1][35450] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...633] [ip4][..tcp] [.....172.16.0.1][35450] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...633] [ip4][..tcp] [.....172.16.0.1][35450] -> [..192.168.10.50][...80]
- guessed: [...634] [ip4][..tcp] [.....172.16.0.1][35464] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...634] [ip4][..tcp] [.....172.16.0.1][35464] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...634] [ip4][..tcp] [.....172.16.0.1][35464] -> [..192.168.10.50][...80]
- guessed: [...635] [ip4][..tcp] [.....172.16.0.1][35490] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...635] [ip4][..tcp] [.....172.16.0.1][35490] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...635] [ip4][..tcp] [.....172.16.0.1][35490] -> [..192.168.10.50][...80]
- guessed: [...636] [ip4][..tcp] [.....172.16.0.1][35504] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...636] [ip4][..tcp] [.....172.16.0.1][35504] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...636] [ip4][..tcp] [.....172.16.0.1][35504] -> [..192.168.10.50][...80]
- guessed: [...637] [ip4][..tcp] [.....172.16.0.1][35518] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...637] [ip4][..tcp] [.....172.16.0.1][35518] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...637] [ip4][..tcp] [.....172.16.0.1][35518] -> [..192.168.10.50][...80]
- guessed: [...638] [ip4][..tcp] [.....172.16.0.1][35532] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...638] [ip4][..tcp] [.....172.16.0.1][35532] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...638] [ip4][..tcp] [.....172.16.0.1][35532] -> [..192.168.10.50][...80]
- guessed: [...639] [ip4][..tcp] [.....172.16.0.1][35546] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...639] [ip4][..tcp] [.....172.16.0.1][35546] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...639] [ip4][..tcp] [.....172.16.0.1][35546] -> [..192.168.10.50][...80]
- guessed: [...640] [ip4][..tcp] [.....172.16.0.1][35560] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...640] [ip4][..tcp] [.....172.16.0.1][35560] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...640] [ip4][..tcp] [.....172.16.0.1][35560] -> [..192.168.10.50][...80]
- guessed: [...641] [ip4][..tcp] [.....172.16.0.1][35586] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...641] [ip4][..tcp] [.....172.16.0.1][35586] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...641] [ip4][..tcp] [.....172.16.0.1][35586] -> [..192.168.10.50][...80]
- guessed: [...642] [ip4][..tcp] [.....172.16.0.1][35600] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...642] [ip4][..tcp] [.....172.16.0.1][35600] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...642] [ip4][..tcp] [.....172.16.0.1][35600] -> [..192.168.10.50][...80]
- idle: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
- guessed: [...644] [ip4][..tcp] [.....172.16.0.1][35640] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ idle: [...643] [ip4][..tcp] [.....172.16.0.1][35626] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
+ guessed: [...644] [ip4][..tcp] [.....172.16.0.1][35640] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...644] [ip4][..tcp] [.....172.16.0.1][35640] -> [..192.168.10.50][...80]
- guessed: [...645] [ip4][..tcp] [.....172.16.0.1][35654] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...645] [ip4][..tcp] [.....172.16.0.1][35654] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...645] [ip4][..tcp] [.....172.16.0.1][35654] -> [..192.168.10.50][...80]
- guessed: [...646] [ip4][..tcp] [.....172.16.0.1][35668] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...646] [ip4][..tcp] [.....172.16.0.1][35668] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...646] [ip4][..tcp] [.....172.16.0.1][35668] -> [..192.168.10.50][...80]
- guessed: [...647] [ip4][..tcp] [.....172.16.0.1][35682] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...647] [ip4][..tcp] [.....172.16.0.1][35682] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...647] [ip4][..tcp] [.....172.16.0.1][35682] -> [..192.168.10.50][...80]
- guessed: [...648] [ip4][..tcp] [.....172.16.0.1][35696] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...648] [ip4][..tcp] [.....172.16.0.1][35696] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...648] [ip4][..tcp] [.....172.16.0.1][35696] -> [..192.168.10.50][...80]
- guessed: [...649] [ip4][..tcp] [.....172.16.0.1][35722] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...649] [ip4][..tcp] [.....172.16.0.1][35722] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...649] [ip4][..tcp] [.....172.16.0.1][35722] -> [..192.168.10.50][...80]
- guessed: [...650] [ip4][..tcp] [.....172.16.0.1][35736] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...650] [ip4][..tcp] [.....172.16.0.1][35736] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...650] [ip4][..tcp] [.....172.16.0.1][35736] -> [..192.168.10.50][...80]
- guessed: [...651] [ip4][..tcp] [.....172.16.0.1][35762] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...651] [ip4][..tcp] [.....172.16.0.1][35762] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...651] [ip4][..tcp] [.....172.16.0.1][35762] -> [..192.168.10.50][...80]
- guessed: [...652] [ip4][..tcp] [.....172.16.0.1][35776] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...652] [ip4][..tcp] [.....172.16.0.1][35776] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...652] [ip4][..tcp] [.....172.16.0.1][35776] -> [..192.168.10.50][...80]
- guessed: [...653] [ip4][..tcp] [.....172.16.0.1][35790] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...653] [ip4][..tcp] [.....172.16.0.1][35790] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...653] [ip4][..tcp] [.....172.16.0.1][35790] -> [..192.168.10.50][...80]
- guessed: [...654] [ip4][..tcp] [.....172.16.0.1][35816] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...654] [ip4][..tcp] [.....172.16.0.1][35816] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...654] [ip4][..tcp] [.....172.16.0.1][35816] -> [..192.168.10.50][...80]
- guessed: [...655] [ip4][..tcp] [.....172.16.0.1][35830] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...655] [ip4][..tcp] [.....172.16.0.1][35830] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...655] [ip4][..tcp] [.....172.16.0.1][35830] -> [..192.168.10.50][...80]
- guessed: [...656] [ip4][..tcp] [.....172.16.0.1][35856] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...656] [ip4][..tcp] [.....172.16.0.1][35856] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...656] [ip4][..tcp] [.....172.16.0.1][35856] -> [..192.168.10.50][...80]
- guessed: [...657] [ip4][..tcp] [.....172.16.0.1][35870] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...657] [ip4][..tcp] [.....172.16.0.1][35870] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...657] [ip4][..tcp] [.....172.16.0.1][35870] -> [..192.168.10.50][...80]
- guessed: [...658] [ip4][..tcp] [.....172.16.0.1][35884] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...658] [ip4][..tcp] [.....172.16.0.1][35884] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
end: [...658] [ip4][..tcp] [.....172.16.0.1][35884] -> [..192.168.10.50][...80]
- guessed: [...659] [ip4][..tcp] [.....172.16.0.1][35910] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...659] [ip4][..tcp] [.....172.16.0.1][35910] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
idle: [...659] [ip4][..tcp] [.....172.16.0.1][35910] -> [..192.168.10.50][...80]
- guessed: [...660] [ip4][..tcp] [.....172.16.0.1][35924] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...660] [ip4][..tcp] [.....172.16.0.1][35924] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
idle: [...660] [ip4][..tcp] [.....172.16.0.1][35924] -> [..192.168.10.50][...80]
- guessed: [...661] [ip4][..tcp] [.....172.16.0.1][35950] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable][]
+ guessed: [...661] [ip4][..tcp] [.....172.16.0.1][35950] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable][]
idle: [...661] [ip4][..tcp] [.....172.16.0.1][35950] -> [..192.168.10.50][...80]
- end: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
- RISK: XSS Attack, HTTP Numeric IP Address
+ end: [...569] [ip4][..tcp] [.....172.16.0.1][34278] -> [..192.168.10.50][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: XSS Attack, HTTP Numeric IP Address, HTTP Suspicious Header
DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.