DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...192.168.2.29][49674] -> [..185.60.216.53][..443] detected: [.....1] [ip4][..tcp] [...192.168.2.29][49674] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable][mmg-fna.whatsapp.net] detection-update: [.....1] [ip4][..tcp] [...192.168.2.29][49674] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable][mmg-fna.whatsapp.net] detection-update: [.....1] [ip4][..tcp] [...192.168.2.29][49674] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable][mmg-fna.whatsapp.net] analyse: [.....1] [ip4][..tcp] [...192.168.2.29][49674] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 24.640| 0.846| 4.345| 18880535.724| 0.500] [PKTLEN......: 52.000| 1450.000| 329.100| 491.800| 241822.200| 3.800] [BINS(c->s)..: 9,4,0,1,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0] [BINS(s->c)..: 5,1,1,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,1,1,1,1,0,0,1,0,0,0,0] [IATS(ms)....: 90.0,91.9,3.0,95.6,1.4,1.2,0.0,95.9,1.0,78.9,282.8,460.9,0.0,97.9,0.0,4.0,7.0,1.0,0.0,0.0,115.1,0.0,1.2,0.0,102.9,1.0,41.1,24639.8,5.0,6.0,3.0] [PKTLENS.....: 64,60,52,295,52,1450,1450,464,52,52,52,178,310,133,52,52,105,102,94,235,90,52,90,52,162,52,52,52,275,1450,1450,1450] [ENTROPIES...: 4.4,5.2,5.0,5.6,5.2,6.9,7.3,7.4,5.1,5.1,4.9,6.3,7.1,6.4,5.0,5.0,5.6,5.7,5.4,6.9,5.4,5.2,5.9,5.2,6.6,5.0,5.1,5.2,7.0,7.9,7.8,7.9] new: [.....2] [ip4][..tcp] [...192.168.2.29][49698] -> [..185.60.216.53][..443] detected: [.....2] [ip4][..tcp] [...192.168.2.29][49698] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable][mmg-fna.whatsapp.net] detection-update: [.....2] [ip4][..tcp] [...192.168.2.29][49698] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable][mmg-fna.whatsapp.net] analyse: [.....2] [ip4][..tcp] [...192.168.2.29][49698] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.108| 0.019| 0.031| 953.946| 3.300] [PKTLEN......: 52.000| 1450.000| 485.400| 599.200| 359069.100| 4.000] [BINS(c->s)..: 6,5,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,2,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,8,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,1,0,0,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,1,1] [IATS(ms)....: 56.7,61.0,1.0,66.0,0.1,65.0,1.0,5.0,0.0,1.0,0.0,59.9,51.0,0.0,7.3,0.0,4.1,0.1,11.0,0.0,86.4,107.5,0.0,1.4,0.9,1.4,1.2,1.2,1.0,1.2,1.2] [PKTLENS.....: 64,60,52,569,52,198,52,103,105,102,94,276,133,52,90,52,90,52,94,52,52,52,1450,220,1450,1268,1450,1450,1450,1450,1450,1450] [ENTROPIES...: 4.5,5.2,5.1,6.5,5.3,6.5,5.1,5.5,5.8,5.7,5.5,7.1,6.5,5.1,5.5,5.2,6.1,5.3,6.0,5.1,5.1,5.3,7.9,7.1,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9] end: [.....1] [ip4][..tcp] [...192.168.2.29][49674] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable] idle: [.....2] [ip4][..tcp] [...192.168.2.29][49698] -> [..185.60.216.53][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable] DAEMON-EVENT: shutdown