DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [..216.58.210.14][..443] -> [..192.168.1.105][49361] new: [.....2] [ip4][..tcp] [..192.168.1.105][58480] -> [..216.58.214.78][..443] [MIDSTREAM] new: [.....3] [ip4][..tcp] [..192.168.1.105][58481] -> [..216.58.214.78][..443] [MIDSTREAM] new: [.....4] [ip4][..udp] [..192.168.1.105][53656] -> [.216.58.210.227][..443] new: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] detected: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] detection-update: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] new: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] new: [.....7] [ip4][..tcp] [..192.168.1.105][59120] -> [.114.134.80.162][...80] new: [.....8] [ip4][..tcp] [..192.168.1.105][59121] -> [.114.134.80.162][...80] new: [.....9] [ip4][..tcp] [..192.168.1.105][35154] -> [.216.58.210.206][..443] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] [HTTP][Web][Acceptable] new: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] detected: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] detection-update: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....11] [ip4][..tcp] [..192.168.1.105][51698] -> [.93.188.134.137][...80] detected: [....11] [ip4][..tcp] [..192.168.1.105][51698] -> [.93.188.134.137][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] new: [....12] [ip4][..tcp] [..192.168.1.105][37802] -> [..216.58.212.69][..443] [MIDSTREAM] new: [....13] [ip4][..tcp] [..192.168.1.105][40440] -> [.54.225.163.210][..443] [MIDSTREAM] new: [....14] [ip4][..tcp] [..192.168.1.105][34699] -> [..216.58.212.65][..443] [MIDSTREAM] detection-update: [....11] [ip4][..tcp] [..192.168.1.105][51698] -> [.93.188.134.137][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] analyse: [....11] [ip4][..tcp] [..192.168.1.105][51698] -> [.93.188.134.137][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.482| 0.042| 0.114|12948.299| 0.000] [PKTLEN......: 66.000| 2938.000| 462.100| 693.400|480801.900| 3.800] [BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 29.2,29.2,0.3,28.2,454.5,482.4,0.1,0.1,13.2,13.2,0.1,0.0,0.0,0.0,8.4,8.4,0.1,0.1,0.0,0.0,0.0,0.0,0.0,0.0,15.4,15.4,68.3,68.3,0.1,0.0,54.8,0.0] [PKTLENS.....: 74,74,66,516,66,71,78,1502,78,1502,78,68,86,1078,78,72,78,2938,78,294,86,68,86,1502,78,819,66,72,66,1502,66,1502] new: [....15] [ip4][..udp] [..192.168.1.105][53543] -> [....192.168.1.1][...53] detected: [....15] [ip4][..udp] [..192.168.1.105][53543] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] detection-update: [....15] [ip4][..udp] [..192.168.1.105][53543] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] RISK: Suspicious DNS Traffic new: [....16] [ip4][..tcp] [..192.168.1.105][35803] -> [.93.188.134.246][...80] new: [....17] [ip4][..tcp] [..192.168.1.105][35804] -> [.93.188.134.246][...80] new: [....18] [ip4][..tcp] [..192.168.1.105][35805] -> [.93.188.134.246][...80] detected: [....16] [ip4][..tcp] [..192.168.1.105][35803] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] detected: [....17] [ip4][..tcp] [..192.168.1.105][35804] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] detected: [....18] [ip4][..tcp] [..192.168.1.105][35805] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] new: [....19] [ip4][..udp] [..192.168.1.105][41352] -> [....192.168.1.1][...53] detected: [....19] [ip4][..udp] [..192.168.1.105][41352] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] analyse: [....17] [ip4][..tcp] [..192.168.1.105][35804] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.314| 0.038| 0.072| 5116.345| 0.000] [PKTLEN......: 66.000| 2938.000| 710.700| 831.300|691142.800| 4.100] [BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,2] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 26.8,26.8,0.2,31.4,283.1,314.3,2.6,2.6,16.7,16.7,12.8,12.8,0.1,0.0,45.7,45.8,5.1,5.0,71.0,71.0,5.5,5.5,32.3,32.3,43.0,43.0,3.2,3.2,2.5,2.5,2.8,0.0] [PKTLENS.....: 74,74,66,498,66,580,66,1502,66,2938,66,1502,66,1078,78,1502,66,893,66,580,78,2938,78,1502,78,1502,78,1502,78,1502,78,1502] analyse: [....16] [ip4][..tcp] [..192.168.1.105][35803] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.401| 0.041| 0.093| 8612.838| 0.000] [PKTLEN......: 66.000| 4374.000| 847.800| 1162.900|1352437.000| 3.900] [BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,3] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 26.7,26.8,0.2,28.2,372.4,400.5,6.7,6.7,6.6,6.6,15.5,15.5,6.6,6.6,9.2,9.2,23.4,23.4,49.3,49.3,71.7,71.7,3.3,3.3,2.9,2.9,2.8,2.8,5.5,5.5,3.7,0.0] [PKTLENS.....: 74,74,66,486,66,581,66,1502,66,4374,66,1502,66,4374,66,2938,66,581,78,581,78,1502,66,1502,66,1502,78,1502,78,1502,78,1502] new: [....20] [ip4][..udp] [..192.168.1.105][18035] -> [....192.168.1.1][...53] detected: [....20] [ip4][..udp] [..192.168.1.105][18035] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....21] [ip4][..udp] [..192.168.1.105][50640] -> [....192.168.1.1][...53] detected: [....21] [ip4][..udp] [..192.168.1.105][50640] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] RISK: Suspicious DGA Domain name new: [....22] [ip4][..udp] [..192.168.1.105][51440] -> [....192.168.1.1][...53] detected: [....22] [ip4][..udp] [..192.168.1.105][51440] -> [....192.168.1.1][...53] [DNS.Alibaba][Web][Acceptable] new: [....23] [ip4][..udp] [..192.168.1.105][53466] -> [....192.168.1.1][...53] detected: [....23] [ip4][..udp] [..192.168.1.105][53466] -> [....192.168.1.1][...53] [DNS.Alibaba][Web][Acceptable] new: [....24] [ip4][..udp] [..192.168.1.105][33822] -> [....192.168.1.1][...53] detected: [....24] [ip4][..udp] [..192.168.1.105][33822] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] new: [....25] [ip4][..tcp] [..192.168.1.105][35806] -> [.93.188.134.246][...80] new: [....26] [ip4][..tcp] [..192.168.1.105][35807] -> [.93.188.134.246][...80] new: [....27] [ip4][..tcp] [..192.168.1.105][35808] -> [.93.188.134.246][...80] new: [....28] [ip4][..tcp] [..192.168.1.105][35809] -> [.93.188.134.246][...80] detected: [....25] [ip4][..tcp] [..192.168.1.105][35806] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] detected: [....26] [ip4][..tcp] [..192.168.1.105][35807] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] detected: [....28] [ip4][..tcp] [..192.168.1.105][35809] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] detection-update: [....20] [ip4][..udp] [..192.168.1.105][18035] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....29] [ip4][..udp] [..192.168.1.105][11798] -> [....192.168.1.1][...53] detected: [....29] [ip4][..udp] [..192.168.1.105][11798] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....30] [ip4][..tcp] [..192.168.1.105][42275] -> [...222.73.28.96][...80] detection-update: [....19] [ip4][..udp] [..192.168.1.105][41352] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....31] [ip4][..udp] [..192.168.1.105][16804] -> [....192.168.1.1][...53] detected: [....31] [ip4][..udp] [..192.168.1.105][16804] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....32] [ip4][..tcp] [..192.168.1.105][35811] -> [.93.188.134.246][...80] detection-update: [....22] [ip4][..udp] [..192.168.1.105][51440] -> [....192.168.1.1][...53] [DNS.Alibaba][Web][Acceptable] new: [....33] [ip4][..udp] [..192.168.1.105][50533] -> [....192.168.1.1][...53] detected: [....33] [ip4][..udp] [..192.168.1.105][50533] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] new: [....34] [ip4][..tcp] [..192.168.1.105][50827] -> [...47.89.65.229][..443] detection-update: [....23] [ip4][..udp] [..192.168.1.105][53466] -> [....192.168.1.1][...53] [DNS.Alibaba][Web][Acceptable] new: [....35] [ip4][..tcp] [..192.168.1.105][48352] -> [..140.205.174.1][..443] new: [....36] [ip4][..tcp] [..192.168.1.105][48353] -> [..140.205.174.1][..443] new: [....37] [ip4][..tcp] [..192.168.1.105][42280] -> [...222.73.28.96][...80] new: [....38] [ip4][..tcp] [..192.168.1.105][50831] -> [...47.89.65.229][..443] new: [....39] [ip4][..tcp] [..192.168.1.105][48356] -> [..140.205.174.1][..443] detected: [....32] [ip4][..tcp] [..192.168.1.105][35811] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] detected: [....34] [ip4][..tcp] [..192.168.1.105][50827] -> [...47.89.65.229][..443] [TLS.Alibaba][Web][Acceptable] detection-update: [....21] [ip4][..udp] [..192.168.1.105][50640] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] RISK: Suspicious DGA Domain name, Risky Domain Name new: [....40] [ip4][..tcp] [..192.168.1.105][52271] -> [..42.156.184.19][..443] new: [....41] [ip4][..tcp] [..192.168.1.105][52272] -> [..42.156.184.19][..443] detection-update: [....24] [ip4][..udp] [..192.168.1.105][33822] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] new: [....42] [ip4][..tcp] [..192.168.1.105][47721] -> [.140.205.170.63][..443] detected: [....30] [ip4][..tcp] [..192.168.1.105][42275] -> [...222.73.28.96][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] new: [....43] [ip4][..tcp] [..192.168.1.105][52274] -> [..42.156.184.19][..443] new: [....44] [ip4][..tcp] [..192.168.1.105][47723] -> [.140.205.170.63][..443] analyse: [....18] [ip4][..tcp] [..192.168.1.105][35805] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.439| 0.087| 0.119|14239.990| 0.000] [PKTLEN......: 66.000| 1502.000| 528.000| 578.700|334896.400| 4.200] [BINS(c->s)..: 14,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 26.8,26.8,0.3,31.4,276.1,307.3,6.9,6.9,153.9,153.9,2.9,2.9,375.9,438.8,4.4,67.2,2.9,3.0,31.5,31.4,138.5,138.5,6.1,6.1,4.5,4.5,193.5,193.5,28.8,28.7,2.7,0.0] [PKTLENS.....: 74,74,66,476,66,577,66,1026,66,577,78,1026,78,525,66,494,66,1502,66,494,78,1502,66,1502,66,1502,66,1502,78,1502,66,1502] analyse: [....26] [ip4][..tcp] [..192.168.1.105][35807] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.184| 0.031| 0.055| 2983.622| 0.000] [PKTLEN......: 66.000| 1502.000| 647.200| 674.000|454231.700| 4.100] [BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 62.2,62.2,0.1,161.1,22.7,183.7,5.7,5.7,2.6,2.5,10.5,10.6,5.2,5.3,3.2,3.2,2.5,2.4,5.5,5.5,2.9,2.9,2.6,2.6,4.8,4.8,162.1,162.1,26.3,26.3,3.1,0.0] [PKTLENS.....: 74,74,66,550,66,493,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,493,78,1502,66,1502] analyse: [....28] [ip4][..tcp] [..192.168.1.105][35809] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.252| 0.036| 0.056| 3089.619| 0.000] [PKTLEN......: 66.000| 1502.000| 647.700| 673.800|454044.400| 4.100] [BINS(c->s)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 50.2,50.2,0.1,181.5,70.9,252.2,2.7,2.7,2.6,2.5,4.2,4.3,31.8,31.8,8.1,8.1,11.4,11.4,8.7,8.7,2.6,2.6,7.1,7.1,13.6,13.6,66.3,66.3,92.4,92.4,2.8,0.0] [PKTLENS.....: 74,74,66,539,66,507,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,1502,66,507,78,1502,66,1502] idle: [....30] [ip4][..tcp] [..192.168.1.105][42275] -> [...222.73.28.96][...80] guessed: [....37] [ip4][..tcp] [..192.168.1.105][42280] -> [...222.73.28.96][...80] [HTTP][Web][Acceptable] idle: [....37] [ip4][..tcp] [..192.168.1.105][42280] -> [...222.73.28.96][...80] idle: [....20] [ip4][..udp] [..192.168.1.105][18035] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] idle: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] guessed: [....12] [ip4][..tcp] [..192.168.1.105][37802] -> [..216.58.212.69][..443] [TLS.Google][Web][Acceptable] idle: [....12] [ip4][..tcp] [..192.168.1.105][37802] -> [..216.58.212.69][..443] idle: [....16] [ip4][..tcp] [..192.168.1.105][35803] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] idle: [....17] [ip4][..tcp] [..192.168.1.105][35804] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] idle: [....18] [ip4][..tcp] [..192.168.1.105][35805] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] idle: [....25] [ip4][..tcp] [..192.168.1.105][35806] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] idle: [....26] [ip4][..tcp] [..192.168.1.105][35807] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] guessed: [....27] [ip4][..tcp] [..192.168.1.105][35808] -> [.93.188.134.246][...80] [HTTP][Web][Acceptable] idle: [....27] [ip4][..tcp] [..192.168.1.105][35808] -> [.93.188.134.246][...80] idle: [....28] [ip4][..tcp] [..192.168.1.105][35809] -> [.93.188.134.246][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] idle: [....32] [ip4][..tcp] [..192.168.1.105][35811] -> [.93.188.134.246][...80] guessed: [....13] [ip4][..tcp] [..192.168.1.105][40440] -> [.54.225.163.210][..443] [TLS.AmazonAWS][Cloud][Acceptable] idle: [....13] [ip4][..tcp] [..192.168.1.105][40440] -> [.54.225.163.210][..443] guessed: [.....2] [ip4][..tcp] [..192.168.1.105][58480] -> [..216.58.214.78][..443] [TLS.Google][Web][Acceptable] idle: [.....2] [ip4][..tcp] [..192.168.1.105][58480] -> [..216.58.214.78][..443] guessed: [.....3] [ip4][..tcp] [..192.168.1.105][58481] -> [..216.58.214.78][..443] [TLS.Google][Web][Acceptable] idle: [.....3] [ip4][..tcp] [..192.168.1.105][58481] -> [..216.58.214.78][..443] idle: [....34] [ip4][..tcp] [..192.168.1.105][50827] -> [...47.89.65.229][..443] guessed: [....38] [ip4][..tcp] [..192.168.1.105][50831] -> [...47.89.65.229][..443] [TLS][Web][Safe] idle: [....38] [ip4][..tcp] [..192.168.1.105][50831] -> [...47.89.65.229][..443] guessed: [....42] [ip4][..tcp] [..192.168.1.105][47721] -> [.140.205.170.63][..443] [TLS][Web][Safe] idle: [....42] [ip4][..tcp] [..192.168.1.105][47721] -> [.140.205.170.63][..443] guessed: [....44] [ip4][..tcp] [..192.168.1.105][47723] -> [.140.205.170.63][..443] [TLS][Web][Safe] idle: [....44] [ip4][..tcp] [..192.168.1.105][47723] -> [.140.205.170.63][..443] idle: [....23] [ip4][..udp] [..192.168.1.105][53466] -> [....192.168.1.1][...53] [DNS.Alibaba][Web][Acceptable] idle: [....22] [ip4][..udp] [..192.168.1.105][51440] -> [....192.168.1.1][...53] [DNS.Alibaba][Web][Acceptable] guessed: [....40] [ip4][..tcp] [..192.168.1.105][52271] -> [..42.156.184.19][..443] [TLS][Web][Safe] idle: [....40] [ip4][..tcp] [..192.168.1.105][52271] -> [..42.156.184.19][..443] guessed: [....41] [ip4][..tcp] [..192.168.1.105][52272] -> [..42.156.184.19][..443] [TLS][Web][Safe] idle: [....41] [ip4][..tcp] [..192.168.1.105][52272] -> [..42.156.184.19][..443] guessed: [....43] [ip4][..tcp] [..192.168.1.105][52274] -> [..42.156.184.19][..443] [TLS][Web][Safe] idle: [....43] [ip4][..tcp] [..192.168.1.105][52274] -> [..42.156.184.19][..443] idle: [....15] [ip4][..udp] [..192.168.1.105][53543] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] RISK: Suspicious DNS Traffic idle: [....19] [ip4][..udp] [..192.168.1.105][41352] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] idle: [....31] [ip4][..udp] [..192.168.1.105][16804] -> [....192.168.1.1][...53] guessed: [....14] [ip4][..tcp] [..192.168.1.105][34699] -> [..216.58.212.65][..443] [TLS.Google][Web][Acceptable] idle: [....14] [ip4][..tcp] [..192.168.1.105][34699] -> [..216.58.212.65][..443] guessed: [....35] [ip4][..tcp] [..192.168.1.105][48352] -> [..140.205.174.1][..443] [TLS][Web][Safe] idle: [....35] [ip4][..tcp] [..192.168.1.105][48352] -> [..140.205.174.1][..443] guessed: [....36] [ip4][..tcp] [..192.168.1.105][48353] -> [..140.205.174.1][..443] [TLS][Web][Safe] idle: [....36] [ip4][..tcp] [..192.168.1.105][48353] -> [..140.205.174.1][..443] guessed: [....39] [ip4][..tcp] [..192.168.1.105][48356] -> [..140.205.174.1][..443] [TLS][Web][Safe] idle: [....39] [ip4][..tcp] [..192.168.1.105][48356] -> [..140.205.174.1][..443] idle: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] [DNS.Sina(Weibo)][SocialNetwork][Fun] idle: [....24] [ip4][..udp] [..192.168.1.105][33822] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] guessed: [.....1] [ip4][..udp] [..216.58.210.14][..443] -> [..192.168.1.105][49361] [Google][Web][Acceptable] idle: [.....1] [ip4][..udp] [..216.58.210.14][..443] -> [..192.168.1.105][49361] end: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] [HTTP][Web][Acceptable] guessed: [.....7] [ip4][..tcp] [..192.168.1.105][59120] -> [.114.134.80.162][...80] [HTTP][Web][Acceptable] idle: [.....7] [ip4][..tcp] [..192.168.1.105][59120] -> [.114.134.80.162][...80] guessed: [.....8] [ip4][..tcp] [..192.168.1.105][59121] -> [.114.134.80.162][...80] [HTTP][Web][Acceptable] idle: [.....8] [ip4][..tcp] [..192.168.1.105][59121] -> [.114.134.80.162][...80] guessed: [.....9] [ip4][..tcp] [..192.168.1.105][35154] -> [.216.58.210.206][..443] [TLS.Google][Web][Acceptable] idle: [.....9] [ip4][..tcp] [..192.168.1.105][35154] -> [.216.58.210.206][..443] guessed: [.....4] [ip4][..udp] [..192.168.1.105][53656] -> [.216.58.210.227][..443] [Google][Web][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.1.105][53656] -> [.216.58.210.227][..443] idle: [....33] [ip4][..udp] [..192.168.1.105][50533] -> [....192.168.1.1][...53] idle: [....11] [ip4][..tcp] [..192.168.1.105][51698] -> [.93.188.134.137][...80] [HTTP.Sina(Weibo)][SocialNetwork][Fun] idle: [....21] [ip4][..udp] [..192.168.1.105][50640] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] RISK: Suspicious DGA Domain name, Risky Domain Name idle: [....29] [ip4][..udp] [..192.168.1.105][11798] -> [....192.168.1.1][...53] DAEMON-EVENT: shutdown