DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] new: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] [MIDSTREAM] new: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] [MIDSTREAM] new: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [MIDSTREAM] new: [.....5] [ip4][..tcp] [....192.168.2.4][49173] -> [..93.186.135.82][...80] [MIDSTREAM] new: [.....6] [ip4][..tcp] [....192.168.2.4][49172] -> [..23.50.148.228][..443] [MIDSTREAM] new: [.....7] [ip4][..tcp] [....192.168.2.4][49174] -> [....5.178.42.26][...80] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [....192.168.2.4][49172] -> [..23.50.148.228][..443] [TLS][Unknown][Web][Safe] new: [.....8] [ip4][..tcp] [....192.168.2.4][49175] -> [..17.172.100.53][..443] [MIDSTREAM] new: [.....9] [ip4][..tcp] [....192.168.2.4][49165] -> [..17.172.100.55][..443] [MIDSTREAM] new: [....10] [ip4][..tcp] [....192.168.2.4][49176] -> [..17.130.137.77][..443] [MIDSTREAM] new: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] detected: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com] detection-update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com] new: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] detected: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net] new: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] detection-update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net] new: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] new: [....15] [ip4][..tcp] [....192.168.2.4][49203] -> [..17.178.104.14][..443] detected: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe][query.ess.apple.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe][query.ess.apple.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS new: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [MIDSTREAM] detected: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [ApplePush][Apple][Cloud][Acceptable] detected: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable] analyse: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.712| 0.120| 0.179| 32210.293| 3.400] [PKTLEN......: 40.000| 1480.000| 432.900| 595.100| 354099.200| 3.800] [BINS(c->s)..: 9,1,0,2,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0] [BINS(s->c)..: 8,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,3,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,0,0,0,1,1] [IATS(ms)....: 281.8,283.2,8.7,294.4,1.1,0.0,286.0,0.8,0.5,0.6,39.8,0.2,0.3,326.4,1.4,0.4,3.0,289.9,5.8,0.5,0.0,317.5,1.9,68.9,0.6,382.6,405.2,0.7,0.0,712.5,2.0] [PKTLENS.....: 64,52,40,230,1480,1480,571,40,40,40,40,307,46,77,40,40,40,83,40,1480,1480,153,40,40,1480,1196,40,1480,1480,153,40,40] [ENTROPIES...: 4.5,4.9,4.7,5.6,7.2,7.4,6.9,4.9,4.9,4.9,4.8,7.2,4.8,5.7,4.8,4.8,4.8,5.8,4.9,7.9,7.9,6.7,4.7,4.7,7.9,7.8,4.9,7.9,7.8,6.7,4.8,4.8] new: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] analyse: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.709| 0.193| 0.172| 29610.717| 4.400] [PKTLEN......: 52.000| 253.000| 102.800| 60.800| 3698.600| 4.800] [BINS(c->s)..: 9,0,2,0,2,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,10,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,0,1,1,0,0,0,1,0,1,0,0,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,1,0] [IATS(ms)....: 153.9,242.2,244.8,708.1,709.4,35.6,213.2,0.3,145.7,325.0,262.8,250.3,148.2,98.4,249.4,163.4,164.5,351.1,174.0,178.0,0.0,178.3,0.3,171.7,0.0,302.7,0.3,301.9,0.0,0.0,204.0] [PKTLENS.....: 64,60,52,52,218,130,73,52,52,253,84,71,73,52,227,84,52,118,84,184,84,84,186,52,85,85,252,52,85,85,85,118] [ENTROPIES...: 4.5,5.3,5.3,5.1,6.6,6.2,5.4,5.2,5.2,7.1,5.8,5.8,5.7,5.2,7.1,5.8,5.2,6.3,5.8,6.8,5.8,5.7,6.8,5.3,5.9,5.9,7.0,5.3,5.9,5.8,5.8,6.3] detected: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS analyse: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.246| 0.057| 0.089| 7910.915| 3.400] [PKTLEN......: 40.000| 1480.000| 289.300| 408.500| 166890.900| 3.900] [BINS(c->s)..: 9,1,0,0,0,0,0,1,0,0,0,0,0,0,1,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,0] [IATS(ms)....: 139.3,206.5,8.2,215.7,0.1,2.7,195.5,0.8,0.3,0.0,1.9,0.3,2.1,191.6,2.4,13.1,3.7,6.4,14.7,0.0,200.9,0.3,63.3,0.3,2.2,246.3,5.3,14.9,0.0,241.0,0.2] [PKTLENS.....: 64,52,40,267,40,132,77,40,40,46,77,1480,517,596,40,40,40,40,40,988,386,40,40,1480,526,596,40,40,988,386,40,40] [ENTROPIES...: 4.5,4.8,4.7,6.0,4.7,6.0,5.7,4.9,4.9,4.7,5.6,7.8,7.6,7.6,4.8,4.8,4.7,4.8,4.7,7.8,7.4,4.8,4.8,7.9,7.6,7.6,4.6,4.7,7.8,7.5,4.8,4.8] new: [....18] [ip4][..tcp] [....192.168.2.4][49192] -> [...93.186.135.8][...80] [MIDSTREAM] new: [....19] [ip4][..tcp] [....192.168.2.4][49191] -> [..17.172.100.49][..443] [MIDSTREAM] new: [....20] [ip4][..tcp] [....192.168.2.4][49182] -> [..17.172.100.52][..443] [MIDSTREAM] new: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443] [MIDSTREAM] new: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [MIDSTREAM] new: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] detected: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] detected: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] detected: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] detected: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] detected: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] detected: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] detected: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] detected: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [MIDSTREAM] new: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [MIDSTREAM] new: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] detected: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] new: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] detected: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] new: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] [MIDSTREAM] new: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] [MIDSTREAM] new: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] [MIDSTREAM] new: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] detected: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port new: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] detected: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port analyse: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.352| 0.131| 0.070| 4931.355| 4.700] [PKTLEN......: 50.000| 337.000| 199.000| 98.800| 9763.600| 4.800] [BINS(c->s)..: 1,2,1,1,0,1,1,1,7,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,2,3,1,1,1,3,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,0,0,1,0,1,0,0,1,1,0,1,0,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 85.5,95.2,66.1,60.4,102.7,208.4,184.1,159.6,139.1,188.5,352.4,23.4,152.9,55.1,31.1,91.6,0.1,141.2,0.0,163.2,159.2,188.6,161.9,163.6,162.1,156.8,164.9,143.2,181.6,163.3,123.9] [PKTLENS.....: 72,72,328,72,72,301,211,297,234,301,206,134,50,235,185,134,123,54,246,54,260,120,337,103,301,103,305,229,306,317,315,291] [ENTROPIES...: 5.6,5.7,7.3,5.6,5.6,7.3,6.9,7.2,7.0,7.3,6.9,6.5,5.1,7.0,6.8,6.4,6.4,5.2,7.1,5.1,7.1,6.4,7.3,6.1,7.4,6.1,7.3,7.0,7.3,7.3,7.3,7.2] detection-update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] detected: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] new: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac] update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com] update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net] new: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] detected: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] new: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] detected: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] new: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] detected: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] new: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] detected: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] detection-update: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] detection-update: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] detection-update: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] detection-update: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable] new: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] detected: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] detected: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] detected: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] detected: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] detected: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] detected: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] detected: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] detected: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] new: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] detected: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port new: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] detected: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port analyse: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.307| 0.114| 0.086| 7398.241| 4.500] [PKTLEN......: 54.000| 306.000| 141.000| 58.800| 3453.300| 4.900] [BINS(c->s)..: 1,3,0,6,3,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,2,2,3,4,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,1,1,0,0,1,0,1,0,0,0,1,0,1,1,0,1,1,0,1,0,1,1,0,0] [IATS(ms)....: 304.3,307.4,8.4,89.9,31.9,6.5,226.2,154.2,0.0,188.0,0.3,163.9,163.4,160.1,21.8,153.7,0.1,168.1,122.6,138.9,158.5,186.7,16.2,65.9,114.2,83.7,193.2,164.5,1.3,77.1,55.4] [PKTLENS.....: 72,72,72,72,72,134,124,306,167,54,232,134,228,212,103,134,151,54,172,156,161,172,156,134,114,140,205,140,209,54,134,171] [ENTROPIES...: 5.6,5.6,5.6,5.5,5.6,6.3,6.4,7.3,6.7,5.2,7.0,6.6,7.1,7.0,6.2,6.5,6.6,5.2,6.7,6.6,6.7,6.7,6.7,6.4,6.3,6.5,6.9,6.5,6.9,5.2,6.6,6.7] detection-update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic update: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] new: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] [MIDSTREAM] update: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac] update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com] update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net] update: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] update: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] update: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] update: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] new: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] detected: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS analyse: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.272| 0.058| 0.092| 8444.798| 3.300] [PKTLEN......: 40.000| 1480.000| 289.300| 408.500| 166876.700| 3.900] [BINS(c->s)..: 9,1,0,0,0,0,0,1,0,0,0,0,0,0,1,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] [BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,0] [IATS(ms)....: 139.9,225.1,4.2,228.9,0.1,2.7,200.7,0.3,1.4,0.2,2.3,0.3,0.4,198.2,1.0,14.2,4.7,5.0,13.2,0.0,199.9,0.3,34.7,0.4,0.1,217.0,5.8,16.0,0.0,271.8,0.3] [PKTLENS.....: 64,52,40,267,40,132,77,40,40,46,77,1480,516,596,40,40,40,40,40,988,386,40,40,1480,526,596,40,40,988,386,40,40] [ENTROPIES...: 4.5,4.8,4.7,5.9,4.8,6.0,5.8,4.9,4.9,4.8,5.7,7.9,7.6,7.7,4.8,4.9,4.9,4.8,4.8,7.8,7.5,4.9,4.9,7.9,7.6,7.7,4.8,4.9,7.8,7.4,4.9,4.9] guessed: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] [TLS][Apple][Web][Safe] end: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] guessed: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] [TLS][Apple][Web][Safe] end: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] guessed: [.....9] [ip4][..tcp] [....192.168.2.4][49165] -> [..17.172.100.55][..443] [TLS][Apple][Web][Safe] end: [.....9] [ip4][..tcp] [....192.168.2.4][49165] -> [..17.172.100.55][..443] guessed: [.....8] [ip4][..tcp] [....192.168.2.4][49175] -> [..17.172.100.53][..443] [TLS][Apple][Web][Safe] end: [.....8] [ip4][..tcp] [....192.168.2.4][49175] -> [..17.172.100.53][..443] guessed: [....20] [ip4][..tcp] [....192.168.2.4][49182] -> [..17.172.100.52][..443] [TLS][Apple][Web][Safe] end: [....20] [ip4][..tcp] [....192.168.2.4][49182] -> [..17.172.100.52][..443] guessed: [....19] [ip4][..tcp] [....192.168.2.4][49191] -> [..17.172.100.49][..443] [TLS][Apple][Web][Safe] end: [....19] [ip4][..tcp] [....192.168.2.4][49191] -> [..17.172.100.49][..443] guessed: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] end: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] guessed: [.....7] [ip4][..tcp] [....192.168.2.4][49174] -> [....5.178.42.26][...80] [HTTP][Unknown][Web][Acceptable][] end: [.....7] [ip4][..tcp] [....192.168.2.4][49174] -> [....5.178.42.26][...80] end: [.....6] [ip4][..tcp] [....192.168.2.4][49172] -> [..23.50.148.228][..443] [TLS][Unknown][Web][Safe] guessed: [....15] [ip4][..tcp] [....192.168.2.4][49203] -> [..17.178.104.14][..443] [TLS][Apple][Web][Safe] RISK: TCP Connection Issues, Probing Attempt end: [....15] [ip4][..tcp] [....192.168.2.4][49203] -> [..17.178.104.14][..443] guessed: [.....5] [ip4][..tcp] [....192.168.2.4][49173] -> [..93.186.135.82][...80] [HTTP][Unknown][Web][Acceptable][] end: [.....5] [ip4][..tcp] [....192.168.2.4][49173] -> [..93.186.135.82][...80] guessed: [....18] [ip4][..tcp] [....192.168.2.4][49192] -> [...93.186.135.8][...80] [HTTP][Unknown][Web][Acceptable][] end: [....18] [ip4][..tcp] [....192.168.2.4][49192] -> [...93.186.135.8][...80] guessed: [....10] [ip4][..tcp] [....192.168.2.4][49176] -> [..17.130.137.77][..443] [TLS][Apple][Web][Safe] end: [....10] [ip4][..tcp] [....192.168.2.4][49176] -> [..17.130.137.77][..443] update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port update: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic update: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac] idle: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] guessed: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [TLS][Apple][Web][Safe] end: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] guessed: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] [TLS][Apple][Web][Safe] end: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] idle: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] guessed: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] [TLS][Apple][Web][Safe] end: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] guessed: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] [TLS][Apple][Web][Safe] end: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] idle: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port guessed: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [TLS][Apple][Web][Safe] end: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] guessed: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [TLS][Apple][Web][Safe] end: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] guessed: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443] [TLS][Apple][Web][Safe] end: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443] end: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS idle: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS idle: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] idle: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com] end: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe][query.ess.apple.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS idle: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net] idle: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] guessed: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] [TLS][Unknown][Web][Safe] end: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] idle: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] end: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable] idle: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] idle: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] idle: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] idle: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [ApplePush][Apple][Cloud][Acceptable] DAEMON-EVENT: shutdown