1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2]
detected: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Network][Acceptable]
new: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16]
detected: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
new: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
new: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68]
detected: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Network][Acceptable]
new: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2]
detected: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
new: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53]
detected: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
detection-update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
new: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53]
detected: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
detection-update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
new: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80]
detected: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80] [HTTP.Google][ConnCheck][Acceptable]
new: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53]
detected: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Web][Acceptable]
new: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53]
detected: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
detection-update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
detection-update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Web][Acceptable]
new: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228]
detected: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] [TLS.GoogleServices][Web][Acceptable]
RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS
detection-update: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] [TLS.GoogleServices][Web][Acceptable]
RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS
new: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53]
detected: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
detection-update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
new: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80]
detected: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80] [HTTP.Google][ConnCheck][Acceptable]
new: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216]
detected: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Network][Acceptable]
new: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53]
detected: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443]
detected: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
new: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53]
detected: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443]
detected: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
new: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53]
detected: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443]
detected: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
new: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53]
detected: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
detection-update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
new: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80]
detected: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
new: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16]
detected: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
new: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53]
detected: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
detection-update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
new: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443]
detected: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443]
detected: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53]
detected: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443]
detected: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443]
new: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443]
new: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080]
new: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080]
detected: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080]
new: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53]
detected: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
new: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53]
detected: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
new: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443]
detection-update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443]
new: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443]
detected: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detected: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
new: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443]
detected: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
analyse: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.091| 0.022| 0.031| 964.249| 0.000]
[PKTLEN......: 66.000| 1514.000| 594.300| 637.000|405792.100| 4.100]
[BINS(c->s)..: 11,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,1,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,9,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,1,1,1,1,1,1,1,0,0,0]
[IATS(ms)....: 47.0,53.0,0.3,73.2,0.1,18.9,0.4,0.3,0.4,88.2,0.3,0.7,0.2,8.1,32.8,75.3,63.7,49.4,70.9,0.8,90.5,2.0,0.4,0.5,0.4,0.5,0.7,0.0,5.3,0.3,1.1,0.0]
[PKTLENS.....: 74,74,66,268,66,66,1514,1514,1514,833,66,66,66,66,192,1096,308,66,66,1514,1514,66,1514,1514,1514,464,1514,1126,100,66,66,66]
detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53]
detected: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
ERROR-EVENT: Unknown packet type
analyse: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.016| 0.161| 0.286|81844.249| 0.000]
[PKTLEN......: 54.000| 1514.000| 380.200| 485.100|235358.500| 4.000]
[BINS(c->s)..: 12,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,1,1,0,0,1,0,1,0]
[IATS(ms)....: 55.7,59.3,1.4,66.6,0.4,0.1,64.1,4.8,0.3,2.7,66.9,3.1,100.8,8.3,108.4,5.9,66.9,500.8,354.1,941.1,3.0,88.7,111.8,176.5,0.2,64.7,9.2,104.2,1015.9,966.5,45.6,0.0]
[PKTLENS.....: 74,62,54,261,1514,1514,399,54,54,54,380,60,113,54,1136,60,955,54,1120,1120,60,507,54,1168,60,891,54,54,60,54,60,54]
detection-update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443]
new: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443]
detected: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detected: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
new: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443]
new: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443]
detected: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80]
new: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443]
new: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443]
new: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443]
new: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443]
detected: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
detected: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
analyse: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.836| 0.167| 0.244|59552.047| 0.000]
[PKTLEN......: 54.000| 1514.000| 401.000| 534.600|285800.000| 3.900]
[BINS(c->s)..: 10,0,0,1,0,0,3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,1,0]
[IATS(ms)....: 54.2,55.4,0.5,50.3,258.9,520.1,785.3,3.8,0.2,0.1,0.0,60.8,0.3,0.1,0.1,52.1,11.0,287.0,223.9,2.7,139.2,0.2,171.9,179.9,0.1,402.7,22.4,216.5,783.8,835.9,50.5,0.0]
[PKTLENS.....: 74,62,54,259,60,259,259,60,1514,1514,1514,688,54,54,54,54,180,1514,105,482,60,60,480,54,1514,1210,60,357,54,54,60,54]
detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
new: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443]
detected: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443]
new: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443]
detected: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443]
detected: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detected: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443]
new: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443]
detected: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detected: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
analyse: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.352| 0.044| 0.079| 6215.196| 0.000]
[PKTLEN......: 54.000| 1514.000| 657.200| 676.900|458225.800| 4.200]
[BINS(c->s)..: 4,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,11,0,0]
[BINS(s->c)..: 11,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,1,1,0,1,1,0,0,1,1,0]
[IATS(ms)....: 57.0,58.6,1.8,56.8,4.8,0.1,59.3,0.3,22.9,80.0,5.9,71.8,0.3,0.1,0.6,0.3,0.2,1.4,0.3,0.1,67.8,34.8,23.9,352.1,295.3,0.1,57.7,0.7,60.6,0.1,59.8,0.0]
[PKTLENS.....: 74,62,54,313,60,60,210,54,105,820,60,564,1514,1439,1514,1514,1514,1514,1514,1514,83,60,60,60,1514,60,60,1514,1514,60,60,1514]
new: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443]
detected: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
ERROR-EVENT: Unknown packet type
new: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443]
detected: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1]
detected: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] [IGMP][Network][Acceptable]
new: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443]
detected: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443]
detected: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Network][Acceptable]
update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Network][Acceptable]
update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
new: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443]
new: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53]
detected: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detected: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443]
detection-update: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
detected: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
new: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53]
detected: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443]
detected: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.897| 0.237| 0.560|313730.662| 0.000]
[PKTLEN......: 66.000| 1514.000| 617.100| 665.400|442821.700| 4.100]
[BINS(c->s)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,4,0,0]
[BINS(s->c)..: 7,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,5,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,1]
[IATS(ms)....: 52.9,67.2,1.0,63.2,9.6,59.8,0.3,20.9,0.5,0.2,0.2,1.1,0.2,97.5,0.1,7.3,15.9,484.6,0.2,0.2,116.0,306.3,538.3,1116.6,2896.8,0.3,0.2,0.1,0.1,583.2,913.8,0.0]
[PKTLENS.....: 74,74,66,583,66,222,66,117,1514,1514,139,1514,1514,1495,66,66,66,66,1514,1514,1223,1223,1514,1514,1514,66,78,78,78,78,66,66]
analyse: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.486| 0.102| 0.138|19130.661| 0.000]
[PKTLEN......: 54.000| 1514.000| 700.300| 682.000|465082.800| 4.200]
[BINS(c->s)..: 6,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 6,1,0,0,0,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,1,0,0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 92.4,95.4,2.4,97.4,1.9,14.1,0.3,0.1,113.4,0.3,0.2,49.6,132.6,83.3,183.9,0.3,326.1,293.1,272.4,0.1,443.7,0.4,0.5,0.0,276.5,199.2,0.5,0.0,0.7,486.1,0.4,0.0]
[PKTLENS.....: 74,62,54,275,60,60,1514,1514,464,54,54,54,180,105,54,1514,547,60,1514,60,60,1514,1514,1514,225,1514,1514,1514,225,1514,1514,1514]
detection-update: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
new: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80]
new: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443]
new: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443]
new: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53]
detected: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
detected: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
new: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443]
detected: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
new: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443]
new: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443]
detection-update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
new: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443]
detection-update: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detected: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detected: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
detection-update: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
new: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443]
detected: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Web][Acceptable]
update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Network][Acceptable]
update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
new: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443]
detected: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
new: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80]
detected: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
new: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443]
detected: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443]
new: [....79] [ip4][..tcp] [..172.16.42.216][34054] -> [..54.239.24.186][..443]
detected: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443]
new: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443]
new: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443]
new: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080]
new: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443]
new: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080]
detected: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detected: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443]
new: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443]
detected: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
new: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443]
new: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443]
new: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80]
new: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443]
new: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443]
new: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80]
detection-update: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detected: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
analyse: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.570| 0.289| 0.417|173871.694| 0.000]
[PKTLEN......: 54.000| 1514.000| 385.100| 516.000|266233.000| 4.000]
[BINS(c->s)..: 8,1,0,0,2,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 7,1,1,0,0,0,0,0,0,0,0,0,0,0,0,2,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,0,0,1,1,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0]
[IATS(ms)....: 325.4,332.9,0.3,247.7,0.2,241.3,0.3,0.3,23.8,0.3,429.9,0.1,1569.5,1485.9,353.0,706.9,73.8,0.3,358.8,0.4,256.6,3.7,0.2,956.2,948.6,95.3,235.6,1.1,0.1,275.4,23.7,0.0]
[PKTLENS.....: 74,62,54,293,139,107,54,54,113,1514,188,60,60,188,60,731,54,1514,252,60,539,54,1514,220,539,54,1514,60,571,60,54,1514]
detection-update: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443]
detected: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53]
detected: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
detection-update: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
new: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443]
new: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443]
detected: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
analyse: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.192| 0.160| 0.282|79548.359| 0.000]
[PKTLEN......: 54.000| 1514.000| 357.000| 486.700|236894.100| 4.000]
[BINS(c->s)..: 4,1,0,1,1,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[BINS(s->c)..: 10,1,1,0,1,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,0,1,1,1,0,1,1,0,0,0,1,0,1,1,1,0,0,1,1,0,0,0,1,1,1,0,0,1]
[IATS(ms)....: 214.4,219.1,3.7,1161.8,1191.6,0.1,0.0,75.9,170.4,0.4,119.0,9.7,7.9,105.5,90.0,79.1,135.4,22.4,255.4,0.3,202.3,1.2,199.7,0.1,0.1,204.8,0.0,11.4,221.9,0.1,253.2,0.0]
[PKTLENS.....: 74,62,54,293,293,60,139,107,54,60,192,54,113,1514,60,220,60,60,1147,1514,268,60,555,1514,284,176,60,60,539,1514,204,60]
detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
analyse: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.080| 0.209| 0.303|92031.574| 0.000]
[PKTLEN......: 54.000| 1514.000| 374.500| 516.500|266795.300| 3.900]
[BINS(c->s)..: 7,1,0,0,0,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,1,0,1,1,0,0,0,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,0,1,0,1]
[IATS(ms)....: 1005.7,1080.3,210.2,18.7,169.7,18.0,105.0,0.1,107.2,0.3,11.7,34.8,0.1,215.2,0.3,0.1,21.7,195.6,0.3,202.8,0.7,212.9,0.3,205.8,11.0,236.3,754.7,0.3,888.9,405.4,377.3,0.0]
[PKTLENS.....: 74,74,62,54,293,62,54,139,107,54,54,113,1514,268,60,60,60,555,1514,220,60,715,1514,252,60,571,54,1514,220,60,1514,60]
new: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53]
detected: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443]
detected: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Network][Acceptable]
update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Network][Acceptable]
update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
detection-update: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443]
new: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443]
new: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443]
detected: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detected: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
new: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53]
detected: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443]
new: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443]
new: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443]
new: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443]
detected: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detected: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detected: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
analyse: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.326| 0.037| 0.075| 5555.152| 0.000]
[PKTLEN......: 54.000| 1514.000| 559.400| 489.800|239933.900| 4.400]
[BINS(c->s)..: 7,0,0,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,1,1,0,1]
[IATS(ms)....: 55.9,57.4,1.4,113.3,0.4,112.3,0.1,3.2,65.7,1.4,70.0,0.2,85.3,246.6,0.1,0.0,0.1,325.6,0.3,3.8,0.8,0.2,0.3,0.1,0.3,0.3,0.6,0.4,1.1,6.7,1.2,0.0]
[PKTLENS.....: 74,62,54,265,1514,1289,54,54,380,60,113,1514,284,60,1035,603,603,603,54,54,1514,1514,755,1115,603,603,603,603,603,603,54,603]
analyse: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.933| 0.089| 0.198|39194.591| 0.000]
[PKTLEN......: 54.000| 1514.000| 464.100| 541.500|293230.800| 4.100]
[BINS(c->s)..: 11,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[BINS(s->c)..: 4,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,1,1,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,0,0,1,0,0,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0]
[IATS(ms)....: 109.9,111.6,1.6,102.0,0.2,101.6,0.3,1.9,56.2,0.1,87.5,19.1,7.6,147.9,304.1,639.4,932.7,32.7,0.1,0.0,0.7,0.1,0.0,0.3,0.6,110.7,0.2,1.8,0.2,0.1,0.1,0.0]
[PKTLENS.....: 74,62,54,265,1514,1289,54,54,380,60,113,54,1514,268,60,1514,1514,60,1035,603,603,603,603,603,1483,91,54,54,54,54,54,54]
analyse: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 9.247| 1.357| 2.197|4827473.510| 0.000]
[PKTLEN......: 54.000| 1514.000| 439.800| 556.200|309356.400| 4.000]
[BINS(c->s)..: 9,1,0,0,0,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 7,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,1,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,1,0,1,1,0,0,0,1,1,0,0,1]
[IATS(ms)....: 992.4,1100.5,1.1,243.6,0.8,17.2,3008.6,6019.8,9247.0,0.1,67.2,0.3,0.3,66.7,669.5,0.3,275.2,528.0,1079.9,2835.2,350.0,114.6,72.1,219.3,5051.1,0.3,5193.9,65.0,174.2,2275.4,2411.2,0.0]
[PKTLENS.....: 74,74,62,62,54,54,293,293,293,139,107,54,54,113,60,1514,1132,1514,1514,1514,60,1132,60,955,54,1514,236,60,859,54,54,60]
analyse: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 19.096| 0.770| 3.358|11273140.961| 0.000]
[PKTLEN......: 54.000| 1514.000| 281.500| 412.900|170449.200| 4.000]
[BINS(c->s)..: 7,0,1,1,0,0,5,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 8,1,0,0,1,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,0,0,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,0,0]
[IATS(ms)....: 123.6,128.0,5.4,470.5,0.6,0.6,0.0,1232.5,1.5,5.0,0.7,0.7,10.0,973.2,0.5,0.1,0.0,190.9,73.2,0.3,171.9,0.1,117.0,408.2,413.7,66.7,140.9,83.3,0.1,166.3,19096.2,0.0]
[PKTLENS.....: 74,62,54,246,60,1514,1514,536,246,246,54,54,54,180,60,60,60,99,54,1514,290,60,212,118,292,247,246,60,60,272,54,356]
detection-update: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
new: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53]
detected: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443]
new: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443]
new: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443]
new: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443]
new: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443]
detected: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detected: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53]
detected: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
detection-update: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
new: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443]
new: [...116] [ip4][..tcp] [..172.16.42.216][37552] -> [..54.239.24.180][..443]
detected: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
update: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Web][Acceptable]
update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Network][Acceptable]
update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
new: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443]
detected: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53]
detected: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80]
new: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80]
new: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80]
new: [...122] [ip4][..tcp] [..172.16.42.216][51988] -> [....52.84.63.56][...80]
new: [...123] [ip4][..tcp] [..172.16.42.216][51989] -> [....52.84.63.56][...80]
new: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80]
detected: [...123] [ip4][..tcp] [..172.16.42.216][51989] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...122] [ip4][..tcp] [..172.16.42.216][51988] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
analyse: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.295| 0.052| 0.098| 9533.209| 0.000]
[PKTLEN......: 66.000| 1514.000| 611.000| 635.800|404189.900| 4.200]
[BINS(c->s)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,1,1,1,0,0]
[IATS(ms)....: 58.0,60.3,1.6,154.7,0.4,0.4,0.4,0.5,0.5,0.2,0.4,156.7,0.3,4.1,0.1,3.4,0.2,0.1,0.2,0.1,0.1,0.1,7.0,268.3,295.2,18.3,286.3,0.5,0.4,286.6,4.3,0.0]
[PKTLENS.....: 74,74,66,613,66,1514,1514,1514,1514,1514,1514,1514,66,66,1514,441,66,66,66,66,66,66,66,613,613,441,78,606,1514,1514,66,66]
new: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443]
detected: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
analyse: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.107| 0.141| 0.257|65864.266| 0.000]
[PKTLEN......: 54.000| 1514.000| 444.000| 555.400|308431.600| 4.000]
[BINS(c->s)..: 7,1,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[BINS(s->c)..: 6,2,2,1,0,0,0,0,0,0,0,0,1,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,1,1,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1]
[IATS(ms)....: 111.1,112.4,0.8,179.9,0.1,0.0,179.9,2.9,0.3,3.3,0.5,135.1,0.2,170.2,502.2,1107.1,16.8,0.2,0.2,0.0,0.0,0.0,706.6,0.4,9.7,355.9,0.3,629.2,147.8,0.1,0.1,0.0]
[PKTLENS.....: 74,62,54,297,60,139,107,54,54,113,1514,300,60,60,1514,1514,60,1514,135,1514,167,443,91,54,54,54,1514,332,60,1035,603,603]
new: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80]
new: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80]
new: [...128] [ip4][..tcp] [..172.16.42.216][51994] -> [....52.84.63.56][...80]
new: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80]
new: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80]
new: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80]
detected: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...128] [ip4][..tcp] [..172.16.42.216][51994] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
detected: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
analyse: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.179| 0.023| 0.044| 1924.322| 0.000]
[PKTLEN......: 66.000| 1514.000| 757.400| 681.300|464196.800| 4.300]
[BINS(c->s)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,1,0,0,0,0,12,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,0,0,1,1,0,1,1,1,1,0]
[IATS(ms)....: 31.3,34.1,0.6,113.4,46.4,0.0,0.0,0.1,0.0,0.0,11.2,1.6,7.2,179.1,0.1,0.1,0.1,0.1,0.1,3.4,0.3,0.4,4.5,99.2,0.3,120.8,46.9,0.2,0.3,0.8,17.5,0.0]
[PKTLENS.....: 74,74,66,613,66,1514,1514,1514,1514,1514,1514,1514,1237,1237,66,66,66,66,66,66,66,66,78,613,1514,1514,66,1514,1350,1514,1514,66]
update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Network][Acceptable]
update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Network][Acceptable]
update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
update: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
analyse: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.511| 0.042| 0.110|12114.281| 0.000]
[PKTLEN......: 66.000| 1514.000| 693.600| 671.900|451493.000| 4.200]
[BINS(c->s)..: 13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,11,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,1,1]
[IATS(ms)....: 25.0,26.3,0.4,110.2,0.1,0.2,0.3,0.4,0.4,1.1,0.5,0.4,0.4,114.9,0.2,0.1,0.1,3.5,0.1,26.3,0.3,0.1,0.1,0.1,0.2,4.7,62.5,45.1,368.8,510.9,0.4,0.0]
[PKTLENS.....: 74,74,66,613,66,66,1514,1514,1514,1514,1514,1514,1514,1514,66,66,66,66,1514,1309,66,66,66,66,66,66,613,1309,78,613,1514,1514]
new: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443]
detected: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443]
detected: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
idle: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
idle: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Network][Acceptable]
analyse: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 120.003| 3.968| 21.185|448816230.695| 0.000]
[PKTLEN......: 66.000| 1514.000| 450.500| 570.000|324877.800| 4.000]
[BINS(c->s)..: 9,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1,0,0]
[BINS(s->c)..: 7,3,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,0,0,1,1,1,1,1,0,0,0,0,1,1,1,1,0,1,1]
[IATS(ms)....: 77.1,79.5,13.2,60.9,0.4,0.6,0.1,48.6,1.8,3.6,177.8,227.4,44.5,20.0,267.2,445.6,122.6,0.1,0.0,0.0,282.5,8.7,270.5,1.6,407.0,0.1,164.1,0.1,290.0,120002.8,0.1,0.0]
[PKTLENS.....: 74,74,66,287,66,1514,1514,640,66,66,66,192,308,66,1430,1430,66,1514,314,110,100,66,66,1514,1017,66,66,1329,100,66,97,66]
detection-update: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
new: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443]
detected: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
idle: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Network][Acceptable]
idle: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
idle: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
end: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443]
update: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53]
detected: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
detection-update: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
new: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443]
detected: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
new: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443]
detected: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
end: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
end: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443]
guessed: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443]
end: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
end: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443]
end: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
end: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
end: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
end: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443]
end: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
guessed: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080] [HTTP_Proxy][Web][Acceptable]
end: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080]
end: [....26] [ip4][..tcp] [..172.16.42.216][38364] -> [..34.199.52.240][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Web][Acceptable]
update: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Network][Acceptable]
update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
update: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
update: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53]
detected: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443]
new: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443]
new: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443]
detected: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
detected: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
new: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443]
detection-update: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detection-update: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detected: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
update: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443]
detected: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
new: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53]
detected: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
detection-update: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
new: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443]
detected: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detection-update: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][Cloud][Acceptable]
new: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53]
detected: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
detection-update: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
new: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443]
analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 8.001| 0.664| 1.905|3629965.115| 0.000]
[PKTLEN......: 54.000| 1514.000| 438.700| 584.700|341856.600| 3.900]
[BINS(c->s)..: 9,0,0,0,1,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[BINS(s->c)..: 8,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,0,1,0,0,1,1,0,0,0,1,0,1,0,1,1,0]
[IATS(ms)....: 133.8,140.4,3.2,141.6,1.3,0.1,137.2,0.3,0.1,2.7,82.2,0.2,95.7,0.4,359.1,405.4,633.6,688.6,100.8,373.1,50.8,202.6,7767.1,1.6,8001.1,353.8,410.1,314.8,108.3,0.2,84.0,0.0]
[PKTLENS.....: 74,62,54,261,1514,1514,399,54,54,54,380,60,113,1514,204,60,1514,113,54,1514,60,683,54,1514,300,60,54,60,1514,60,60,54]
detection-update: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
detected: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
new: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53]
detected: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443]
new: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53]
detected: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
detected: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
new: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443]
detected: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.106| 0.022| 0.031| 964.869| 0.000]
[PKTLEN......: 66.000| 1514.000| 539.800| 600.400|360465.600| 4.100]
[BINS(c->s)..: 9,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 5,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,0,1,0,0,1,1,1,0,1,1,1,1,1,1,0,1,0]
[IATS(ms)....: 42.7,43.7,0.7,45.0,4.0,0.5,0.6,0.3,50.6,0.8,0.3,1.1,7.3,12.7,0.3,65.6,42.6,4.2,48.9,0.4,25.2,76.4,106.0,0.2,0.6,0.6,0.3,0.0,102.0,2.9,1.9,0.0]
[PKTLENS.....: 74,74,66,268,66,1514,1514,1514,833,66,66,66,66,192,1514,781,78,192,1514,78,320,66,66,1514,1514,1514,697,608,143,66,163,66]
detection-update: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
new: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53]
detected: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
detection-update: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443]
new: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443]
new: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443]
detected: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detected: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detected: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
new: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443]
detection-update: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detected: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
end: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
end: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443]
end: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][Web][Acceptable]
end: [....61] [ip4][..tcp] [..172.16.42.216][42148] -> [..72.21.206.135][..443] [TLS.Amazon][Web][Acceptable]
update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
update: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443]
detected: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
detection-update: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
detection-update: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
analyse: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.262| 0.033| 0.059| 3460.134| 0.000]
[PKTLEN......: 66.000| 1514.000| 631.000| 624.900|390532.600| 4.200]
[BINS(c->s)..: 10,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,1,0,1,1,1,1,0,0,0,0,1,1,0,0,1,0,1,1]
[IATS(ms)....: 16.7,17.9,1.6,27.3,5.3,0.5,0.5,0.3,32.5,0.3,12.9,0.3,0.1,39.0,52.8,61.9,0.5,0.3,0.1,35.1,0.7,5.1,216.8,261.8,0.2,39.4,7.5,74.2,66.6,42.1,0.4,0.0]
[PKTLENS.....: 74,74,66,285,66,1514,1514,1514,764,66,66,66,66,192,324,1343,1514,1514,770,100,66,66,1308,1308,862,100,66,1319,100,78,1514,1514]
detection-update: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
analyse: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.241| 0.031| 0.057| 3274.655| 0.000]
[PKTLEN......: 66.000| 1514.000| 634.400| 578.400|334504.200| 4.400]
[BINS(c->s)..: 6,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,2,0,1,0,0,1,0,0,0,0,1,1,0,0,1,0,1,0,0,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 34.0,35.1,2.2,37.9,5.1,0.5,0.2,42.9,0.3,0.1,30.8,68.8,38.4,227.1,241.4,50.1,58.4,55.5,3.8,2.0,4.4,1.6,0.7,7.8,0.1,0.1,9.0,0.3,3.1,0.8,10.2,0.0]
[PKTLENS.....: 74,74,66,260,66,1514,1514,632,66,66,66,192,117,732,732,117,78,66,1110,441,270,829,919,455,1514,191,571,1514,1514,1514,1514,1514]
new: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53]
detected: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
analyse: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.264| 0.057| 0.086| 7393.244| 0.000]
[PKTLEN......: 66.000| 1514.000| 546.200| 595.200|354289.100| 4.200]
[BINS(c->s)..: 12,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,3,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,2,0,0,0,0,0,0,2,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,0,1,0,1,0,0,0,1,1,1,0,0,0,0,1,1,1,0,0]
[IATS(ms)....: 22.8,24.0,0.9,22.8,6.6,0.6,0.6,0.3,39.7,0.1,0.1,0.2,6.8,37.6,46.2,226.7,213.1,3.9,222.3,264.1,0.1,55.3,103.4,0.1,10.4,183.9,242.5,1.0,0.1,38.6,0.1,0.0]
[PKTLENS.....: 74,74,66,285,66,1514,1514,1514,764,66,66,66,66,192,324,1351,324,78,1351,1351,944,100,100,66,66,78,1336,1514,1514,522,66,66]
detection-update: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
new: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443]
detected: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
new: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443]
analyse: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 7.471| 0.614| 1.478|2183643.136| 0.000]
[PKTLEN......: 54.000| 1514.000| 540.200| 637.500|406420.100| 4.000]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,1,0,0]
[BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,1,1,0,0,0,0,0,0,1,0,1,1]
[IATS(ms)....: 168.5,171.2,1.5,108.9,4.4,1.7,0.7,112.7,0.3,4.1,0.2,6.2,0.1,10.4,13.1,1.1,0.3,290.4,0.0,0.0,0.1,299.4,0.7,529.3,1065.9,2114.2,3665.4,7470.6,595.2,595.1,1817.1,0.0]
[PKTLENS.....: 74,62,54,281,60,60,1514,1514,54,54,1514,669,54,54,180,1514,1438,374,60,60,105,60,54,1438,1438,1438,1438,54,60,1438,60,60]
detection-update: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][Cloud][Acceptable]
detected: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
detection-update: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][Web][Acceptable]
idle: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443]
idle: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443]
guessed: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443]
end: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
idle: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443]
end: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...122] [ip4][..tcp] [..172.16.42.216][51988] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...123] [ip4][..tcp] [..172.16.42.216][51989] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...124] [ip4][..tcp] [..172.16.42.216][51990] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...126] [ip4][..tcp] [..172.16.42.216][51992] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...127] [ip4][..tcp] [..172.16.42.216][51993] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...128] [ip4][..tcp] [..172.16.42.216][51994] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...129] [ip4][..tcp] [..172.16.42.216][51995] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...130] [ip4][..tcp] [..172.16.42.216][51996] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
end: [...131] [ip4][..tcp] [..172.16.42.216][51997] -> [....52.84.63.56][...80] [HTTP.Amazon][Web][Acceptable]
idle: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
idle: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] [IGMP][Network][Acceptable]
end: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
idle: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443]
guessed: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
end: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80]
end: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][VirtAssistant][Acceptable]
end: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443]
end: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
guessed: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443]
end: [...107] [ip4][..tcp] [..172.16.42.216][40856] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...117] [ip4][..tcp] [..172.16.42.216][40864] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...125] [ip4][..tcp] [..172.16.42.216][40871] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
idle: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Web][Acceptable]
idle: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
end: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
idle: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443]
idle: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443]
end: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443]
idle: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
idle: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Network][Acceptable]
idle: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443]
idle: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
idle: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][Web][Acceptable]
idle: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
idle: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
idle: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
end: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
guessed: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443]
end: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
idle: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443]
end: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
end: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
idle: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
end: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][Web][Acceptable]
RISK: Weak TLS Cipher
idle: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
idle: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
idle: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
end: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443]
end: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
idle: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][VirtAssistant][Acceptable]
idle: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
end: [...115] [ip4][..tcp] [..172.16.42.216][37551] -> [..54.239.24.180][..443] [TLS.AmazonAWS][Cloud][Acceptable]
guessed: [...116] [ip4][..tcp] [..172.16.42.216][37552] -> [..54.239.24.180][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [...116] [ip4][..tcp] [..172.16.42.216][37552] -> [..54.239.24.180][..443]
end: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS.AmazonAWS][Cloud][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
end: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
idle: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443]
end: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443]
guessed: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443]
end: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443]
idle: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
idle: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
idle: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80] [HTTP.Google][ConnCheck][Acceptable]
idle: [....24] [ip4][..udp] [..172.16.42.216][23559] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Cloud][Acceptable]
idle: [....15] [ip4][..udp] [..172.16.42.216][48155] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
idle: [...157] [ip4][..tcp] [..172.16.42.216][38483] -> [..52.85.209.143][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
idle: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80] [HTTP.Google][ConnCheck][Acceptable]
guessed: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080] [HTTP_Proxy][Web][Acceptable]
end: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080]
guessed: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080] [HTTP_Proxy][Web][Acceptable]
end: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080]
idle: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
guessed: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] [HTTP_Proxy][Web][Acceptable]
idle: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080]
end: [....78] [ip4][..tcp] [..172.16.42.216][34053] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
guessed: [....79] [ip4][..tcp] [..172.16.42.216][34054] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....79] [ip4][..tcp] [..172.16.42.216][34054] -> [..54.239.24.186][..443]
end: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
guessed: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443]
end: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] [TLS.AmazonAWS][Cloud][Acceptable]
end: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
idle: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS][ConnCheck][Acceptable]
idle: [....10] [ip4][..udp] [..172.16.42.216][52603] -> [....172.16.42.1][...53] [DNS.Google][Web][Acceptable]
idle: [....64] [ip4][..udp] [..172.16.42.216][60804] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
guessed: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080] [HTTP_Proxy][Web][Acceptable]
end: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080]
idle: [....11] [ip4][..tcp] [..172.16.42.216][42878] -> [173.194.223.188][.5228] [TLS.GoogleServices][Web][Acceptable]
RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS
idle: [....62] [ip4][..udp] [..172.16.42.216][44475] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
end: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][Web][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
idle: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
end: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443]
idle: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Web][Acceptable]
DAEMON-EVENT: shutdown
|