Sometimes, applications can use standard
TLS/SSL
port 443
to exchange data using its own proprietary protocol. Check following application data:16 03 01 00 d5 ......
Although the first few bytes look like a TLS/SSL Handshake
message, in fact the following bytes don’t conform to TLS/SSL
at all.