DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] new: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] detected: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] new: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] detected: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] new: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][android-1c1335ec95a27318] new: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] detected: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable][] new: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] detected: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] new: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] detected: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] detection-update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] new: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] detected: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] detection-update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] new: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80] detected: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80] [HTTP.Google][Google][ConnCheck][Acceptable][connectivitycheck.android.com] new: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] detected: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] new: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] detected: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] detection-update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] detection-update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] new: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] detected: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable][mtalk.google.com] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS detection-update: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable][mtalk.google.com] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS new: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] detected: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] detection-update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] new: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80] detected: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80] [HTTP.Google][Google][ConnCheck][Acceptable][connectivitycheck.android.com] new: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] detected: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy new: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] detected: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] detection-update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] new: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] detected: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] RISK: TLS (probably) Not Carrying HTTPS new: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] detected: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] detection-update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] new: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] detected: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][mads.amazon-adsystem.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][mads.amazon-adsystem.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][mads.amazon-adsystem.com] RISK: TLS (probably) Not Carrying HTTPS new: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] detected: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] detection-update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] new: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] detected: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][firs-ta-g7g.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][firs-ta-g7g.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][firs-ta-g7g.amazon.com] RISK: TLS (probably) Not Carrying HTTPS new: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] detected: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] detection-update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] new: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80] detected: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] new: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] detected: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] new: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] detected: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][cognito-identity.us-east-1.amazonaws.com] detection-update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][cognito-identity.us-east-1.amazonaws.com] new: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] detected: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] detection-update: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] detection-update: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] new: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] detected: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] detection-update: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] new: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] detected: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] detection-update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] new: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] detected: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] new: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] new: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080] new: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080] detected: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080] new: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] detected: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] detected: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] detection-update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] detection-update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] new: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] new: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] detected: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detected: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] new: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443] detected: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] analyse: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.091| 0.022| 0.031| 964.249| 3.600] [PKTLEN......: 52.000| 1500.000| 580.300| 637.000| 405792.100| 4.100] [BINS(c->s)..: 11,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,1,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,9,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,1,1,1,1,1,1,1,0,0,0] [IATS(ms)....: 47.0,53.0,0.3,73.2,0.1,18.9,0.4,0.3,0.4,88.2,0.3,0.7,0.2,8.1,32.8,75.3,63.7,49.4,70.9,0.8,90.5,2.0,0.4,0.5,0.4,0.5,0.7,0.0,5.3,0.3,1.1] [PKTLENS.....: 60,60,52,254,52,52,1500,1500,1500,819,52,52,52,52,178,1082,294,52,52,1500,1500,52,1500,1500,1500,450,1500,1112,86,52,52,52] [ENTROPIES...: 4.6,5.3,5.1,5.6,5.0,5.0,6.9,7.2,7.5,7.6,5.0,5.0,5.0,5.0,6.3,7.8,7.0,5.1,5.0,7.9,7.9,5.0,7.9,7.9,7.9,7.5,7.9,7.8,5.8,5.0,5.0,4.9] detection-update: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] detected: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] ERROR-EVENT: Unknown packet type [1/16] analyse: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.016| 0.161| 0.286| 81844.249| 3.400] [PKTLEN......: 40.000| 1500.000| 366.200| 485.100| 235358.500| 3.900] [BINS(c->s)..: 12,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,1,1,0,0,1,0,1,0] [IATS(ms)....: 55.7,59.3,1.4,66.6,0.4,0.1,64.1,4.8,0.3,2.7,66.9,3.1,100.8,8.3,108.4,5.9,66.9,500.8,354.1,941.1,3.0,88.7,111.8,176.5,0.2,64.7,9.2,104.2,1015.9,966.5,45.6] [PKTLENS.....: 60,48,40,247,1500,1500,385,40,40,40,366,46,99,40,1122,46,941,40,1106,1106,46,493,40,1154,46,877,40,40,46,40,46,40] [ENTROPIES...: 4.6,5.1,4.8,5.5,6.8,7.3,7.4,4.8,4.8,4.7,7.3,4.7,6.0,4.9,7.8,4.5,7.8,4.8,7.8,7.8,4.6,7.6,4.8,7.8,4.6,7.7,4.9,4.9,4.5,4.8,4.5,4.8] detection-update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] new: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] new: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] detected: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detected: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] new: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] new: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] detected: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] new: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] new: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] new: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] new: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] detected: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] detected: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] RISK: Error Code analyse: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.836| 0.167| 0.244| 59552.047| 3.700] [PKTLEN......: 40.000| 1500.000| 387.000| 534.600| 285800.000| 3.900] [BINS(c->s)..: 10,0,0,1,0,0,3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,2,0,0] [BINS(s->c)..: 7,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0] [DIRECTIONS..: 0,1,0,0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,1,0] [IATS(ms)....: 54.2,55.4,0.5,50.3,258.9,520.1,785.3,3.8,0.2,0.1,0.0,60.8,0.3,0.1,0.1,52.1,11.0,287.0,223.9,2.7,139.2,0.2,171.9,179.9,0.1,402.7,22.4,216.5,783.8,835.9,50.5] [PKTLENS.....: 60,48,40,245,46,245,245,46,1500,1500,1500,674,40,40,40,40,166,1500,91,468,46,46,466,40,1500,1196,46,343,40,40,46,40] [ENTROPIES...: 4.6,5.1,4.9,5.6,4.5,5.6,5.6,4.6,7.1,7.3,7.4,7.6,4.8,4.9,4.8,4.8,6.3,7.9,5.9,7.5,4.6,4.6,7.5,4.8,7.9,7.8,4.6,7.4,4.9,4.9,4.6,4.9] new: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] detected: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] new: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] detected: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] detected: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detected: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] new: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] detected: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detected: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] analyse: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.352| 0.044| 0.079| 6215.196| 3.500] [PKTLEN......: 40.000| 1500.000| 643.200| 676.900| 458225.800| 4.100] [BINS(c->s)..: 4,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,11,0,0] [BINS(s->c)..: 11,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,1,1,0,1,1,0,0,1,1,0] [IATS(ms)....: 57.0,58.6,1.8,56.8,4.8,0.1,59.3,0.3,22.9,80.0,5.9,71.8,0.3,0.1,0.6,0.3,0.2,1.4,0.3,0.1,67.8,34.8,23.9,352.1,295.3,0.1,57.7,0.7,60.6,0.1,59.8] [PKTLENS.....: 60,48,40,299,46,46,196,40,91,806,46,550,1500,1425,1500,1500,1500,1500,1500,1500,69,46,46,46,1500,46,46,1500,1500,46,46,1500] [ENTROPIES...: 4.7,5.1,4.8,6.0,4.6,4.5,6.4,4.8,5.3,7.7,4.6,7.6,7.9,7.9,7.8,7.9,7.9,7.9,7.9,7.9,5.7,4.5,4.5,4.5,7.9,4.6,4.6,7.9,7.9,4.6,4.6,7.9] new: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] detected: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] ERROR-EVENT: Unknown packet type [2/16] new: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] detected: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] detected: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] new: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] detected: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] detected: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] new: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] new: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] detected: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] detected: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] new: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] detection-update: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detected: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] new: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] detected: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][api.amazon.com] detection-update: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][api.amazon.com] new: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] detected: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][api.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][api.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][api.amazon.com] RISK: TLS (probably) Not Carrying HTTPS analyse: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 2.897| 0.237| 0.560| 313730.662| 2.800] [PKTLEN......: 52.000| 1500.000| 603.100| 665.400| 442821.700| 4.100] [BINS(c->s)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,4,0,0] [BINS(s->c)..: 7,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,5,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,1] [IATS(ms)....: 52.9,67.2,1.0,63.2,9.6,59.8,0.3,20.9,0.5,0.2,0.2,1.1,0.2,97.5,0.1,7.3,15.9,484.6,0.2,0.2,116.0,306.3,538.3,1116.6,2896.8,0.3,0.2,0.1,0.1,583.2,913.8] [PKTLENS.....: 60,60,52,569,52,208,52,103,1500,1500,125,1500,1500,1481,52,52,52,52,1500,1500,1209,1209,1500,1500,1500,52,64,64,64,64,52,52] [ENTROPIES...: 4.7,5.3,5.0,6.1,5.0,6.6,5.1,5.6,7.9,7.9,6.4,7.9,7.9,7.9,5.0,5.0,5.0,4.9,7.9,7.9,7.8,7.8,7.9,7.9,7.9,4.9,5.0,5.1,5.1,5.1,5.1,5.0] analyse: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.486| 0.102| 0.138| 19130.661| 3.700] [PKTLEN......: 40.000| 1500.000| 686.300| 682.000| 465082.800| 4.200] [BINS(c->s)..: 6,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [BINS(s->c)..: 6,1,0,0,0,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,1,0,0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1] [IATS(ms)....: 92.4,95.4,2.4,97.4,1.9,14.1,0.3,0.1,113.4,0.3,0.2,49.6,132.6,83.3,183.9,0.3,326.1,293.1,272.4,0.1,443.7,0.4,0.5,0.0,276.5,199.2,0.5,0.0,0.7,486.1,0.4] [PKTLENS.....: 60,48,40,261,46,46,1500,1500,450,40,40,40,166,91,40,1500,533,46,1500,46,46,1500,1500,1500,211,1500,1500,1500,211,1500,1500,1500] [ENTROPIES...: 4.7,5.1,4.7,5.4,4.6,4.6,7.2,7.3,7.4,4.8,4.8,4.8,6.6,5.8,4.7,7.9,7.6,4.7,7.9,4.5,4.5,7.8,7.9,7.9,7.0,7.8,7.9,7.9,7.0,7.8,7.8,7.9] new: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] new: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] new: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] new: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] detected: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] detected: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] new: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] detected: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] new: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] new: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] detection-update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] new: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] detection-update: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detected: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detected: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn new: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] detected: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][android-1c1335ec95a27318] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] new: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] detected: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) detection-update: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80] detected: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] new: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] detected: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] detection-update: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] detection-update: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][cognito-identity.us-east-1.amazonaws.com] new: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] new: [....79] [ip4][..tcp] [..172.16.42.216][34054] -> [..54.239.24.186][..443] detected: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][cognito-identity.us-east-1.amazonaws.com] new: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] new: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] new: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] new: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] new: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] new: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080] detected: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detected: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] new: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] detected: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] new: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] new: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] new: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] new: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] new: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] new: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] detection-update: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detected: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] analyse: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.570| 0.289| 0.417| 173871.694| 3.700] [PKTLEN......: 40.000| 1500.000| 371.100| 516.000| 266233.000| 3.900] [BINS(c->s)..: 8,1,0,0,2,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0] [BINS(s->c)..: 7,1,1,0,0,0,0,0,0,0,0,0,0,0,0,2,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,1,1,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0] [IATS(ms)....: 325.4,332.9,0.3,247.7,0.2,241.3,0.3,0.3,23.8,0.3,429.9,0.1,1569.5,1485.9,353.0,706.9,73.8,0.3,358.8,0.4,256.6,3.7,0.2,956.2,948.6,95.3,235.6,1.1,0.1,275.4,23.7] [PKTLENS.....: 60,48,40,279,125,93,40,40,99,1500,174,46,46,174,46,717,40,1500,238,46,525,40,1500,206,525,40,1500,46,557,46,40,1500] [ENTROPIES...: 4.7,5.2,4.8,5.8,6.1,6.1,4.8,4.8,5.9,7.9,6.9,4.6,4.5,6.9,4.6,7.7,4.8,7.9,7.1,4.7,7.6,4.8,7.9,7.0,7.6,4.8,7.9,4.7,7.6,4.7,4.7,7.9] detection-update: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] RISK: Error Code new: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] detected: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] detected: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][s3-external-2.amazonaws.com] detection-update: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][s3-external-2.amazonaws.com] new: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] new: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] detected: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] analyse: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.192| 0.160| 0.282| 79548.359| 3.500] [PKTLEN......: 40.000| 1500.000| 343.000| 486.700| 236894.100| 3.900] [BINS(c->s)..: 4,1,0,1,1,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0] [BINS(s->c)..: 10,1,1,0,1,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,0,1,1,1,0,1,1,0,0,0,1,0,1,1,1,0,0,1,1,0,0,0,1,1,1,0,0,1] [IATS(ms)....: 214.4,219.1,3.7,1161.8,1191.6,0.1,0.0,75.9,170.4,0.4,119.0,9.7,7.9,105.5,90.0,79.1,135.4,22.4,255.4,0.3,202.3,1.2,199.7,0.1,0.1,204.8,0.0,11.4,221.9,0.1,253.2] [PKTLENS.....: 60,48,40,279,279,46,125,93,40,46,178,40,99,1500,46,206,46,46,1133,1500,254,46,541,1500,270,162,46,46,525,1500,190,46] [ENTROPIES...: 4.7,5.1,4.8,5.9,5.9,4.6,6.1,6.0,4.7,4.6,6.5,4.7,5.9,7.9,4.6,6.9,4.6,4.6,7.8,7.9,7.1,4.6,7.5,7.9,7.2,6.6,4.5,4.6,7.6,7.9,6.8,4.6] detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] analyse: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.080| 0.209| 0.303| 92031.574| 3.700] [PKTLEN......: 40.000| 1500.000| 360.500| 516.500| 266795.300| 3.800] [BINS(c->s)..: 7,1,0,0,0,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0] [BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,1,0,0,1,0,1,1,0,0,0,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,0,1,0,1] [IATS(ms)....: 1005.7,1080.3,210.2,18.7,169.7,18.0,105.0,0.1,107.2,0.3,11.7,34.8,0.1,215.2,0.3,0.1,21.7,195.6,0.3,202.8,0.7,212.9,0.3,205.8,11.0,236.3,754.7,0.3,888.9,405.4,377.3] [PKTLENS.....: 60,60,48,40,279,48,40,125,93,40,40,99,1500,254,46,46,46,541,1500,206,46,701,1500,238,46,557,40,1500,206,46,1500,46] [ENTROPIES...: 4.7,4.6,5.1,4.8,5.9,5.1,4.9,6.0,6.1,4.8,4.9,5.8,7.9,7.2,4.7,4.6,4.6,7.6,7.9,7.0,4.7,7.7,7.9,7.1,4.6,7.6,4.9,7.9,6.9,4.5,7.9,4.5] new: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] detected: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][dp-gw-na-js.amazon.com] detection-update: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][dp-gw-na-js.amazon.com] new: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] detected: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][dp-gw-na-js.amazon.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][dp-gw-na-js.amazon.com] RISK: TLS (probably) Not Carrying HTTPS ERROR-EVENT: Unknown packet type [1/16] update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] detection-update: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443] new: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] new: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] detected: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detected: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] detection-update: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] detection-update: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] new: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] detected: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][skills-store.amazon.com] detection-update: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][skills-store.amazon.com] new: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] new: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] new: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443] new: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] detected: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] detected: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] detected: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] detection-update: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher detection-update: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher detection-update: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher analyse: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.326| 0.037| 0.075| 5555.152| 3.000] [PKTLEN......: 40.000| 1500.000| 545.400| 489.800| 239933.900| 4.400] [BINS(c->s)..: 7,0,0,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [BINS(s->c)..: 3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,3,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,1,0,1] [IATS(ms)....: 55.9,57.4,1.4,113.3,0.4,112.3,0.1,3.2,65.7,1.4,70.0,0.2,85.3,246.6,0.1,0.0,0.1,325.6,0.3,3.8,0.8,0.2,0.3,0.1,0.3,0.3,0.6,0.4,1.1,6.7,1.2] [PKTLENS.....: 60,48,40,251,1500,1275,40,40,366,46,99,1500,270,46,1021,589,589,589,40,40,1500,1500,741,1101,589,589,589,589,589,589,40,589] [ENTROPIES...: 4.6,5.2,4.8,5.6,7.3,7.3,4.9,4.9,7.3,4.6,6.1,7.9,7.2,4.6,7.8,7.7,7.6,7.6,4.9,4.8,7.9,7.9,7.7,7.8,7.6,7.6,7.7,7.6,7.6,7.6,4.9,7.7] analyse: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.933| 0.089| 0.198| 39194.591| 3.000] [PKTLEN......: 40.000| 1500.000| 450.100| 541.500| 293230.800| 4.000] [BINS(c->s)..: 11,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0] [BINS(s->c)..: 4,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,1,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0] [IATS(ms)....: 109.9,111.6,1.6,102.0,0.2,101.6,0.3,1.9,56.2,0.1,87.5,19.1,7.6,147.9,304.1,639.4,932.7,32.7,0.1,0.0,0.7,0.1,0.0,0.3,0.6,110.7,0.2,1.8,0.2,0.1,0.1] [PKTLENS.....: 60,48,40,251,1500,1275,40,40,366,46,99,40,1500,254,46,1500,1500,46,1021,589,589,589,589,589,1469,77,40,40,40,40,40,40] [ENTROPIES...: 4.7,5.2,4.8,5.6,7.2,7.3,4.8,4.8,7.3,4.7,6.1,4.9,7.9,7.2,4.5,7.9,7.9,4.7,7.8,7.6,7.7,7.7,7.6,7.6,7.9,5.7,4.8,4.8,4.9,4.8,4.9,4.9] analyse: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 9.247| 1.357| 2.197| 4827473.510| 3.500] [PKTLEN......: 40.000| 1500.000| 425.800| 556.200| 309356.400| 3.900] [BINS(c->s)..: 9,1,0,0,0,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,5,0,0] [BINS(s->c)..: 7,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,1,1,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,1,0,1,1,0,0,0,1,1,0,0,1] [IATS(ms)....: 992.4,1100.5,1.1,243.6,0.8,17.2,3008.6,6019.8,9247.0,0.1,67.2,0.3,0.3,66.7,669.5,0.3,275.2,528.0,1079.9,2835.2,350.0,114.6,72.1,219.3,5051.1,0.3,5193.9,65.0,174.2,2275.4,2411.2] [PKTLENS.....: 60,60,48,48,40,40,279,279,279,125,93,40,40,99,46,1500,1118,1500,1500,1500,46,1118,46,941,40,1500,222,46,845,40,40,46] [ENTROPIES...: 4.7,4.7,5.2,5.1,4.9,4.9,5.8,5.8,5.8,6.0,5.9,4.7,4.8,6.0,4.6,7.9,7.8,7.9,7.9,7.9,4.6,7.8,4.6,7.8,4.7,7.9,6.9,4.7,7.7,4.9,4.9,4.5] analyse: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 19.096| 0.770| 3.358| 11273140.961| 1.400] [PKTLEN......: 40.000| 1500.000| 267.500| 412.900| 170449.200| 3.900] [BINS(c->s)..: 7,0,1,1,0,0,5,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [BINS(s->c)..: 8,1,0,0,1,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,0,0,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,0,0] [IATS(ms)....: 123.6,128.0,5.4,470.5,0.6,0.6,0.0,1232.5,1.5,5.0,0.7,0.7,10.0,973.2,0.5,0.1,0.0,190.9,73.2,0.3,171.9,0.1,117.0,408.2,413.7,66.7,140.9,83.3,0.1,166.3,19096.2] [PKTLENS.....: 60,48,40,232,46,1500,1500,522,232,232,40,40,40,166,46,46,46,85,40,1500,276,46,198,104,278,233,232,46,46,258,40,342] [ENTROPIES...: 4.7,5.1,4.8,5.5,4.6,7.2,7.3,7.6,5.5,5.5,4.8,4.9,4.7,6.3,4.5,4.5,4.8,5.6,4.8,7.9,7.2,4.5,6.8,6.0,7.1,7.0,6.9,4.5,4.6,7.0,4.8,7.3] new: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] detected: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] detection-update: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] new: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] new: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] new: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] new: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] new: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] detected: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] detected: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] new: [...116] [ip4][..tcp] [..172.16.42.216][37552] -> [..54.239.24.180][..443] detected: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] update: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][api.amazon.com] update: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] detection-update: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][android-1c1335ec95a27318] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] new: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] detected: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] detection-update: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher new: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] detected: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][ecx.images-amazon.com] detection-update: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][ecx.images-amazon.com] new: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80] new: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] new: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] new: [...122] [ip4][..tcp] [..172.16.42.216][51988] -> [....52.84.63.56][...80] new: [...123] [ip4][..tcp] [..172.16.42.216][51989] -> [....52.84.63.56][...80] new: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80] detected: [...123] [ip4][..tcp] [..172.16.42.216][51989] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...122] [ip4][..tcp] [..172.16.42.216][51988] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] analyse: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.295| 0.052| 0.098| 9533.209| 3.000] [PKTLEN......: 52.000| 1500.000| 597.000| 635.800| 404189.900| 4.100] [BINS(c->s)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,1,1,1,0,0] [IATS(ms)....: 58.0,60.3,1.6,154.7,0.4,0.4,0.4,0.5,0.5,0.2,0.4,156.7,0.3,4.1,0.1,3.4,0.2,0.1,0.2,0.1,0.1,0.1,7.0,268.3,295.2,18.3,286.3,0.5,0.4,286.6,4.3] [PKTLENS.....: 60,60,52,599,52,1500,1500,1500,1500,1500,1500,1500,52,52,1500,427,52,52,52,52,52,52,52,599,599,427,64,592,1500,1500,52,52] [ENTROPIES...: 4.7,5.2,5.0,6.0,5.1,7.1,7.8,7.8,7.9,7.8,7.8,7.8,5.0,5.0,7.8,6.5,5.0,5.0,5.0,5.0,5.0,5.0,5.0,6.0,6.0,6.5,5.0,5.9,7.5,7.8,5.0,5.0] new: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] detected: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] detection-update: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher analyse: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.107| 0.141| 0.257| 65864.266| 3.200] [PKTLEN......: 40.000| 1500.000| 430.000| 555.400| 308431.600| 4.000] [BINS(c->s)..: 7,1,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0] [BINS(s->c)..: 6,2,2,1,0,0,0,0,0,0,0,0,1,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,1,1,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1] [IATS(ms)....: 111.1,112.4,0.8,179.9,0.1,0.0,179.9,2.9,0.3,3.3,0.5,135.1,0.2,170.2,502.2,1107.1,16.8,0.2,0.2,0.0,0.0,0.0,706.6,0.4,9.7,355.9,0.3,629.2,147.8,0.1,0.1] [PKTLENS.....: 60,48,40,283,46,125,93,40,40,99,1500,286,46,46,1500,1500,46,1500,121,1500,153,429,77,40,40,40,1500,318,46,1021,589,589] [ENTROPIES...: 4.7,5.1,4.8,5.9,4.5,6.2,6.0,4.8,4.9,6.0,7.9,7.1,4.5,4.6,7.9,7.9,4.6,7.9,6.4,7.9,6.6,7.5,5.8,4.8,4.8,4.7,7.9,7.3,4.6,7.8,7.6,7.7] new: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] new: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80] new: [...128] [ip4][..tcp] [..172.16.42.216][51994] -> [....52.84.63.56][...80] new: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] new: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80] new: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80] detected: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...128] [ip4][..tcp] [..172.16.42.216][51994] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] detected: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] analyse: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.179| 0.023| 0.044| 1924.322| 3.100] [PKTLEN......: 52.000| 1500.000| 743.400| 681.300| 464196.800| 4.300] [BINS(c->s)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,1,0,0,0,0,12,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,0,0,1,1,0,1,1,1,1,0] [IATS(ms)....: 31.3,34.1,0.6,113.4,46.4,0.0,0.0,0.1,0.0,0.0,11.2,1.6,7.2,179.1,0.1,0.1,0.1,0.1,0.1,3.4,0.3,0.4,4.5,99.2,0.3,120.8,46.9,0.2,0.3,0.8,17.5] [PKTLENS.....: 60,60,52,599,52,1500,1500,1500,1500,1500,1500,1500,1223,1223,52,52,52,52,52,52,52,52,64,599,1500,1500,52,1500,1336,1500,1500,52] [ENTROPIES...: 4.7,5.3,4.8,6.0,5.0,7.1,7.7,7.6,7.6,7.7,7.7,7.7,7.5,7.5,5.1,5.0,5.1,5.1,5.1,5.1,5.1,5.1,5.2,6.0,7.1,7.8,5.1,7.8,7.8,7.8,7.8,5.0] update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy update: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][s3-external-2.amazonaws.com] update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] update: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][dp-gw-na-js.amazon.com] update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][cognito-identity.us-east-1.amazonaws.com] analyse: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.511| 0.042| 0.110| 12114.281| 2.500] [PKTLEN......: 52.000| 1500.000| 679.600| 671.900| 451493.000| 4.200] [BINS(c->s)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,11,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,1,1] [IATS(ms)....: 25.0,26.3,0.4,110.2,0.1,0.2,0.3,0.4,0.4,1.1,0.5,0.4,0.4,114.9,0.2,0.1,0.1,3.5,0.1,26.3,0.3,0.1,0.1,0.1,0.2,4.7,62.5,45.1,368.8,510.9,0.4] [PKTLENS.....: 60,60,52,599,52,52,1500,1500,1500,1500,1500,1500,1500,1500,52,52,52,52,1500,1295,52,52,52,52,52,52,599,1295,64,599,1500,1500] [ENTROPIES...: 4.7,5.2,5.1,6.0,5.0,5.0,7.1,7.8,7.8,7.8,7.8,7.8,7.8,7.8,5.0,5.0,4.9,5.0,7.8,7.6,5.0,5.0,5.0,5.0,5.0,5.0,6.0,7.6,5.2,6.0,7.1,7.8] new: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] detected: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] detection-update: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher new: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] detected: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher idle: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] analyse: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 120.003| 3.968| 21.185| 448816230.695| 0.300] [PKTLEN......: 52.000| 1500.000| 436.500| 570.000| 324877.800| 3.900] [BINS(c->s)..: 9,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1,0,0] [BINS(s->c)..: 7,3,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,3,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,0,0,1,1,1,1,1,0,0,0,0,1,1,1,1,0,1,1] [IATS(ms)....: 77.1,79.5,13.2,60.9,0.4,0.6,0.1,48.6,1.8,3.6,177.8,227.4,44.5,20.0,267.2,445.6,122.6,0.1,0.0,0.0,282.5,8.7,270.5,1.6,407.0,0.1,164.1,0.1,290.0,120002.8,0.1] [PKTLENS.....: 60,60,52,273,52,1500,1500,626,52,52,52,178,294,52,1416,1416,52,1500,300,96,86,52,52,1500,1003,52,52,1315,86,52,83,52] [ENTROPIES...: 4.7,5.3,5.0,5.4,5.1,7.0,7.2,7.6,5.0,5.1,5.0,6.6,7.2,5.0,7.9,7.9,5.1,7.9,7.3,6.1,5.8,5.1,5.1,7.9,7.8,5.1,5.1,7.9,5.9,5.1,5.6,5.1] new: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] detected: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher idle: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy end: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] end: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] idle: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] update: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][skills-store.amazon.com] update: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] new: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] detected: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] detection-update: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] new: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] detected: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) detection-update: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] detected: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] end: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] RISK: Error Code end: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] end: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] guessed: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443] [TLS][AmazonAWS][Web][Safe] end: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443] end: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] end: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] guessed: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: TCP Connection Issues, Probing Attempt end: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080] end: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][android-1c1335ec95a27318] update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] update: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][api.amazon.com] update: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] update: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] new: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] detected: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] detection-update: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] new: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] new: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] new: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] detected: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detected: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] new: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] detection-update: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detected: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher update: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][ecx.images-amazon.com] new: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] detected: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] detection-update: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] detected: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] detected: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] detected: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] detection-update: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] new: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 8.001| 0.664| 1.905| 3629965.115| 2.500] [PKTLEN......: 40.000| 1500.000| 424.700| 584.700| 341856.600| 3.800] [BINS(c->s)..: 9,0,0,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0] [BINS(s->c)..: 8,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,0,1,0,0,1,1,0,0,0,1,0,1,0,1,1,0] [IATS(ms)....: 133.8,140.4,3.2,141.6,1.3,0.1,137.2,0.3,0.1,2.7,82.2,0.2,95.7,0.4,359.1,405.4,633.6,688.6,100.8,373.1,50.8,202.6,7767.1,1.6,8001.1,353.8,410.1,314.8,108.3,0.2,84.0] [PKTLENS.....: 60,48,40,247,1500,1500,385,40,40,40,366,46,99,1500,190,46,1500,99,40,1500,46,669,40,1500,286,46,40,46,1500,46,46,40] [ENTROPIES...: 4.7,5.2,4.8,5.6,6.8,7.3,7.4,4.7,4.8,4.9,7.4,4.6,6.0,7.9,6.9,4.6,7.9,6.0,4.8,7.9,4.7,7.7,4.8,7.9,7.3,4.5,4.8,4.5,7.9,4.6,4.6,4.9] detected: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) detection-update: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] detected: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] detection-update: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] new: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] new: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] detected: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][android.clients.google.com] detected: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][android.clients.google.com] new: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] detected: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe][android.clients.google.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe][android.clients.google.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe][android.clients.google.com] RISK: TLS (probably) Not Carrying HTTPS analyse: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.106| 0.022| 0.031| 964.869| 3.600] [PKTLEN......: 52.000| 1500.000| 525.800| 600.400| 360465.600| 4.100] [BINS(c->s)..: 9,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [BINS(s->c)..: 5,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,0,1,0,0,1,1,1,0,1,1,1,1,1,1,0,1,0] [IATS(ms)....: 42.7,43.7,0.7,45.0,4.0,0.5,0.6,0.3,50.6,0.8,0.3,1.1,7.3,12.7,0.3,65.6,42.6,4.2,48.9,0.4,25.2,76.4,106.0,0.2,0.6,0.6,0.3,0.0,102.0,2.9,1.9] [PKTLENS.....: 60,60,52,254,52,1500,1500,1500,819,52,52,52,52,178,1500,767,64,178,1500,64,306,52,52,1500,1500,1500,683,594,129,52,149,52] [ENTROPIES...: 4.7,5.2,5.0,5.6,5.0,6.9,7.2,7.5,7.6,5.1,4.9,5.0,4.9,6.3,7.9,7.7,5.2,6.3,7.9,5.1,7.1,5.0,5.0,7.9,7.9,7.9,7.7,7.6,6.3,5.0,6.5,4.8] new: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] detected: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][images-na.ssl-images-amazon.com] detection-update: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][images-na.ssl-images-amazon.com] new: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] new: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] new: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] detected: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detected: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detected: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] new: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] detection-update: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detection-update: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detection-update: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detection-update: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detection-update: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detection-update: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] detected: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) detection-update: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] end: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] end: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] update: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][s3-external-2.amazonaws.com] update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] update: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][dp-gw-na-js.amazon.com] update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][cognito-identity.us-east-1.amazonaws.com] new: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] detected: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS][AmazonAWS][Web][Safe][] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS][AmazonAWS][Web][Safe][] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn analyse: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.241| 0.031| 0.057| 3274.655| 3.400] [PKTLEN......: 52.000| 1500.000| 620.400| 578.400| 334504.200| 4.300] [BINS(c->s)..: 6,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 3,2,0,1,0,0,1,0,0,0,0,1,1,0,0,1,0,1,0,0,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1] [IATS(ms)....: 34.0,35.1,2.2,37.9,5.1,0.5,0.2,42.9,0.3,0.1,30.8,68.8,38.4,227.1,241.4,50.1,58.4,55.5,3.8,2.0,4.4,1.6,0.7,7.8,0.1,0.1,9.0,0.3,3.1,0.8,10.2] [PKTLENS.....: 60,60,52,246,52,1500,1500,618,52,52,52,178,103,718,718,103,64,52,1096,427,256,815,905,441,1500,177,557,1500,1500,1500,1500,1500] [ENTROPIES...: 4.7,5.2,5.1,5.4,5.2,7.0,7.3,7.7,5.0,5.1,5.1,6.6,6.1,7.7,7.7,6.1,5.1,5.2,7.8,7.4,7.1,7.7,7.8,7.5,7.9,6.8,7.6,7.9,7.9,7.9,7.9,7.9] new: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] detected: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] analyse: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.264| 0.057| 0.086| 7393.244| 3.600] [PKTLEN......: 52.000| 1500.000| 532.200| 595.200| 354289.100| 4.100] [BINS(c->s)..: 12,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,3,0,0,0,0,0,0,0] [BINS(s->c)..: 2,2,0,0,0,0,0,0,2,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,1,0,1,0,0,0,1,1,1,0,0,0,0,1,1,1,0,0] [IATS(ms)....: 22.8,24.0,0.9,22.8,6.6,0.6,0.6,0.3,39.7,0.1,0.1,0.2,6.8,37.6,46.2,226.7,213.1,3.9,222.3,264.1,0.1,55.3,103.4,0.1,10.4,183.9,242.5,1.0,0.1,38.6,0.1] [PKTLENS.....: 60,60,52,271,52,1500,1500,1500,750,52,52,52,52,178,310,1337,310,64,1337,1337,930,86,86,52,52,64,1322,1500,1500,508,52,52] [ENTROPIES...: 4.7,5.3,5.1,5.7,5.1,7.1,7.3,7.5,7.6,5.1,5.0,5.1,5.0,6.4,7.2,7.9,7.2,5.0,7.9,7.9,7.8,5.8,5.8,5.1,5.1,5.1,7.8,7.9,7.9,7.5,5.1,5.1] detection-update: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] new: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] detected: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] new: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] analyse: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 7.471| 0.614| 1.478| 2183643.136| 2.800] [PKTLEN......: 40.000| 1500.000| 526.200| 637.500| 406420.100| 3.900] [BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,1,0,0] [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,1,1,0,0,0,0,0,0,1,0,1,1] [IATS(ms)....: 168.5,171.2,1.5,108.9,4.4,1.7,0.7,112.7,0.3,4.1,0.2,6.2,0.1,10.4,13.1,1.1,0.3,290.4,0.0,0.0,0.1,299.4,0.7,529.3,1065.9,2114.2,3665.4,7470.6,595.2,595.1,1817.1] [PKTLENS.....: 60,48,40,267,46,46,1500,1500,40,40,1500,655,40,40,166,1500,1424,360,46,46,91,46,40,1424,1424,1424,1424,40,46,1424,46,46] [ENTROPIES...: 4.6,5.1,4.8,5.7,4.6,4.5,7.1,7.3,4.8,4.8,7.4,7.6,4.9,4.8,6.3,7.9,7.9,7.3,4.4,4.3,5.9,4.4,4.7,7.9,7.9,7.9,7.9,4.8,4.3,7.9,4.5,4.5] detected: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] idle: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][android-1c1335ec95a27318] idle: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] end: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] end: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] guessed: [....79] [ip4][..tcp] [..172.16.42.216][34054] -> [..54.239.24.186][..443] [TLS][AmazonAWS][Web][Safe] end: [....79] [ip4][..tcp] [..172.16.42.216][34054] -> [..54.239.24.186][..443] end: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] guessed: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443] [TLS][AmazonAWS][Web][Safe] end: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443] end: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] idle: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] idle: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] idle: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][images-na.ssl-images-amazon.com] idle: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] idle: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] end: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][api.amazon.com] idle: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS idle: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] end: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] guessed: [...116] [ip4][..tcp] [..172.16.42.216][37552] -> [..54.239.24.180][..443] [TLS][AmazonAWS][Web][Safe] end: [...116] [ip4][..tcp] [..172.16.42.216][37552] -> [..54.239.24.180][..443] guessed: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic, TCP Connection Issues, Probing Attempt end: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080] guessed: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic, TCP Connection Issues, Probing Attempt end: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080] guessed: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] idle: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] end: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] guessed: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] [TLS][AmazonAWS][Web][Safe] end: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] end: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher guessed: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443] [TLS][AmazonAWS][Web][Safe] end: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443] end: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher end: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher end: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher idle: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] end: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher guessed: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe] end: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] end: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][api.amazon.com] RISK: TLS (probably) Not Carrying HTTPS idle: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] idle: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][s3-external-2.amazonaws.com] idle: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] end: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...122] [ip4][..tcp] [..172.16.42.216][51988] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...123] [ip4][..tcp] [..172.16.42.216][51989] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...128] [ip4][..tcp] [..172.16.42.216][51994] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable][ecx.images-amazon.com] end: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] guessed: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] [HTTP][AmazonAWS][Web][Acceptable][] end: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] end: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] end: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] RISK: Error Code idle: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] idle: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][images-na.ssl-images-amazon.com] idle: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][ecx.images-amazon.com] idle: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] end: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] RISK: TLS (probably) Not Carrying HTTPS idle: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][android.clients.google.com] idle: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] idle: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] idle: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][dp-gw-na-js.amazon.com] idle: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher idle: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher guessed: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe] end: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] end: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher idle: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher idle: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] idle: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] idle: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] idle: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80] [HTTP.Google][Google][ConnCheck][Acceptable][connectivitycheck.android.com] end: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn idle: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][skills-store.amazon.com] idle: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] idle: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] end: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][dp-gw-na-js.amazon.com] RISK: TLS (probably) Not Carrying HTTPS idle: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] idle: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] idle: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] guessed: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: TCP Connection Issues, Probing Attempt end: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080] end: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] idle: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] idle: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] idle: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] end: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] idle: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80] [HTTP.Google][Google][ConnCheck][Acceptable][connectivitycheck.android.com] idle: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] idle: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][connectivitycheck.android.com] idle: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][cognito-identity.us-east-1.amazonaws.com] idle: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown