DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] detected: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [TLS][Web][Safe] detection-update: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [TLS][Web][Safe] detection-update: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [TLS][Web][Safe] new: [.....2] [ip4][..tcp] [..192.168.1.178][55265] -> [...146.48.58.18][..443] new: [.....3] [ip4][..tcp] [..192.168.1.178][55266] -> [...146.48.58.18][..443] new: [.....4] [ip4][..tcp] [..192.168.1.178][55267] -> [...146.48.58.18][..443] new: [.....5] [ip4][..tcp] [..192.168.1.178][55268] -> [...146.48.58.18][..443] new: [.....6] [ip4][..tcp] [..192.168.1.178][55269] -> [...146.48.58.18][..443] analyse: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [min|max|avg|stddev|variance|entropy] [IAT.........: 0.000| 0.579| 0.077| 0.167|27833.076| 0.000] [PKTLEN......: 66.000| 1506.000| 569.500| 644.500|415419.900| 4.100] [BINS(c->s)..: 11,0,1,0,0,0,0,1,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0] [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,1,1,0,0,1,1,1,0,1,0,1,0,1,0,1,0,0,1,1,1,0] [IATS........: 28338,28438,576,28670,6985,69,14,35105,3,52717,81952,29,29304,948,28144,550635,1230,579033,248,252,138,105,115,138,126,100,428094,455026,4375,1236,32565,0] [PKTLENS.....: 78,74,66,301,66,1506,1506,641,66,66,159,66,117,66,425,66,1506,1506,66,1506,66,1506,66,1506,66,1506,66,445,66,1506,1506,66] detection-update: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [TLS][Web][Safe] detected: [.....4] [ip4][..tcp] [..192.168.1.178][55267] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detected: [.....2] [ip4][..tcp] [..192.168.1.178][55265] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detected: [.....5] [ip4][..tcp] [..192.168.1.178][55268] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detected: [.....3] [ip4][..tcp] [..192.168.1.178][55266] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detected: [.....6] [ip4][..tcp] [..192.168.1.178][55269] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....4] [ip4][..tcp] [..192.168.1.178][55267] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....2] [ip4][..tcp] [..192.168.1.178][55265] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....5] [ip4][..tcp] [..192.168.1.178][55268] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....3] [ip4][..tcp] [..192.168.1.178][55266] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][55269] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS analyse: [.....4] [ip4][..tcp] [..192.168.1.178][55267] -> [...146.48.58.18][..443] [TLS][Web][Safe] [min|max|avg|stddev|variance|entropy] [IAT.........: 0.000| 0.119| 0.018| 0.029| 823.374| 0.000] [PKTLEN......: 66.000| 1506.000| 632.000| 660.500|436248.100| 4.200] [BINS(c->s)..: 10,1,0,0,0,0,1,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,0,0,0,1,1] [IATS........: 29610,29665,2362,30524,2,28159,51917,8877,77853,8496,625,1248,27408,129,120,247,131,125,259,123,123,248,503,122,637,24023,24010,84464,7818,118862,914,0] [PKTLENS.....: 78,74,66,277,66,207,66,117,508,66,66,1506,1506,66,1506,1506,66,1506,1506,66,1506,1506,66,1506,1506,66,1043,66,66,497,66,1506] analyse: [.....2] [ip4][..tcp] [..192.168.1.178][55265] -> [...146.48.58.18][..443] [TLS][Web][Safe] [min|max|avg|stddev|variance|entropy] [IAT.........: 0.000| 0.140| 0.019| 0.033| 1086.908| 0.000] [PKTLEN......: 66.000| 1506.000| 616.100| 656.600|431150.100| 4.100] [BINS(c->s)..: 10,1,0,0,0,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,1,1,0,1,1,0,1,1,1,0,0,0,0,1,1,1,0,1,1,0,1] [IATS........: 30407,30442,2425,30749,1690,30065,50340,8582,78328,9234,5001,125,33713,130,749,881,125,129,16,259,3,103964,6593,140358,1494,509,31816,122,126,243,376,0] [PKTLENS.....: 78,74,66,277,66,207,66,117,472,66,66,1506,1506,66,1506,1506,66,1506,1506,565,66,66,66,500,66,1506,1506,66,1506,1506,66,1506] analyse: [.....3] [ip4][..tcp] [..192.168.1.178][55266] -> [...146.48.58.18][..443] [TLS][Web][Safe] [min|max|avg|stddev|variance|entropy] [IAT.........: 0.000| 0.144| 0.020| 0.034| 1135.493| 0.000] [PKTLEN......: 66.000| 1506.000| 624.000| 657.100|431734.900| 4.200] [BINS(c->s)..: 10,1,0,0,0,0,1,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,1,1,0,1,1,0,1,0,0,0,1,1,1,0,1,1,0,1,1,0,1] [IATS........: 31343,31380,1377,32375,996,31994,49530,8158,77501,8373,630,1247,30061,122,9,127,127,136,106790,7135,144002,5758,108,35937,131,121,250,128,122,249,129,0] [PKTLENS.....: 78,74,66,277,66,207,66,117,503,66,66,1506,1506,66,1506,1506,66,791,66,66,497,66,1506,1506,66,1506,1506,66,1506,1506,66,1506] analyse: [.....6] [ip4][..tcp] [..192.168.1.178][55269] -> [...146.48.58.18][..443] [TLS][Web][Safe] [min|max|avg|stddev|variance|entropy] [IAT.........: 0.000| 0.147| 0.020| 0.034| 1161.612| 0.000] [PKTLEN......: 66.000| 1506.000| 604.800| 660.800|436665.800| 4.100] [BINS(c->s)..: 10,1,0,0,0,0,1,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,1,1,0,1,1,0,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0] [IATS........: 33594,33644,1195,33573,9,32379,46938,8284,78165,6257,993,261,30448,865,3,877,105414,6486,147007,2135,111,37341,124,122,246,129,624,757,125,122,244,0] [PKTLENS.....: 78,74,66,277,66,207,66,117,495,66,66,1506,1506,66,1506,181,66,66,500,66,1506,1506,66,1506,1506,66,1506,1506,66,1506,1506,66] analyse: [.....5] [ip4][..tcp] [..192.168.1.178][55268] -> [...146.48.58.18][..443] [TLS][Web][Safe] [min|max|avg|stddev|variance|entropy] [IAT.........: 0.000| 0.146| 0.022| 0.035| 1194.506| 0.000] [PKTLEN......: 66.000| 1506.000| 533.000| 616.900|380607.300| 4.100] [BINS(c->s)..: 10,1,0,0,0,0,1,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,8,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,1,0,0,1,1,1,0,1,1,0,1,1,1,0,0,0,0,1,1,1,0] [IATS........: 30429,30474,1424,31291,132,29986,50740,8293,78244,9210,246,28671,116212,146010,494,137,30426,114,380,498,130,113,14,250,2,896,5501,36248,1496,132,31482,0] [PKTLENS.....: 78,74,66,277,66,207,66,117,494,66,66,1413,66,497,66,1506,1506,66,1506,1506,66,1506,1506,425,66,66,66,503,66,1506,1506,66] new: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] detected: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Web][Safe] detection-update: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Web][Safe] detection-update: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Web][Safe] idle: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [TLS][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.178][55265] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [.....3] [ip4][..tcp] [..192.168.1.178][55266] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [.....4] [ip4][..tcp] [..192.168.1.178][55267] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [.....5] [ip4][..tcp] [..192.168.1.178][55268] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [.....6] [ip4][..tcp] [..192.168.1.178][55269] -> [...146.48.58.18][..443] [TLS][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] DAEMON-EVENT: shutdown