diff --git a/VERSION b/VERSION index 39f322e8..ea5343a1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.5.21 +2.5.22 diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md index 0bdd321c..684af053 100644 --- a/doc/CHANGELOG.md +++ b/doc/CHANGELOG.md @@ -1,5 +1,11 @@ # CHANGELOG for Mercury +## Version 2.5.22 + +* JSON records created from incomplete TCP segments are now highlighted with `"reassembly_properties": { "truncated": true }`. +* Improved TCP segment handling. +* Removed inappropriate output regarding truncation in X509 certificates. + ## Version 2.5.21 * Fixed a slow memory leak in TCP reassembly diff --git a/src/libmerc/pkt_proc.cc b/src/libmerc/pkt_proc.cc index 704dd0d5..04effc71 100644 --- a/src/libmerc/pkt_proc.cc +++ b/src/libmerc/pkt_proc.cc @@ -201,7 +201,7 @@ void stateful_pkt_proc::set_tcp_protocol(protocol &x, { struct tls_record rec{pkt}; struct tls_handshake handshake{rec.fragment}; - if (reassembler_ptr && tcp_pkt && handshake.additional_bytes_needed) { + if (tcp_pkt && handshake.additional_bytes_needed) { tcp_pkt->reassembly_needed(handshake.additional_bytes_needed); // set pkt type as tls CH, so that initial segments can be fingerprinted as best effort for reassembly failed cases } @@ -425,13 +425,18 @@ bool stateful_pkt_proc::process_tcp_data (protocol &x, return true; } else { - // non initial seg, directly put in reassembler + // non initial seg + // call set_tcp_protocol in case there is something worth fingerpriting + set_tcp_protocol(x, pkt, false, &tcp_pkt); + if (!tcp_pkt.additional_bytes_needed && !(std::holds_alternative(x) || std::holds_alternative(x)) ) { + reassembler->curr_reassembly_state = reassembly_none; + reassembler->dump_pkt = false; + return true; + } reassembler->init_segment(k, ts->tv_sec, seg_context, syn_seq, pkt); // write_pkt = false; for out of order pkts, write to pcap file only after initial seg is known reassembler->dump_pkt = false; reassembler->curr_reassembly_state = reassembly_in_progress; - // call set_tcp_protocol in case there is something worth fingerpriting - set_tcp_protocol(x, pkt, false, &tcp_pkt); return true; } } @@ -444,17 +449,30 @@ bool stateful_pkt_proc::process_tcp_data (protocol &x, is_init_seg = reassembler->is_init_seg(k, seg_context.seq); if (is_init_seg) { set_tcp_protocol(x, pkt, true, &tcp_pkt); - seg_context.additional_bytes_needed = tcp_pkt.additional_bytes_needed; + if (!tcp_pkt.additional_bytes_needed && !(std::holds_alternative(x) || std::holds_alternative(x)) ) { + reassembler->curr_reassembly_state = reassembly_none; + reassembler->dump_pkt = false; + reassembler->remove_segment(k); + return true; + } + else { + seg_context.additional_bytes_needed = tcp_pkt.additional_bytes_needed; + } } else { set_tcp_protocol(x, pkt, false, &tcp_pkt); + if (!tcp_pkt.additional_bytes_needed && !(std::holds_alternative(x) || std::holds_alternative(x)) ) { + reassembler->curr_reassembly_state = reassembly_none; + reassembler->dump_pkt = false; + reassembler->remove_segment(k); + return true; + } } bool reassembly_consumed = false; struct tcp_segment *seg = reassembler->check_packet(k, ts->tv_sec, seg_context, pkt_copy, reassembly_consumed); if (reassembly_consumed) { // reassmebled data already consumed for this flow - reassembler->pruner.nodes[seg->prune_index].is_in_map = false; reassembler->remove_segment(k); reassembler->dump_pkt = false; reassembler->curr_reassembly_state = reassembly_done; @@ -468,7 +486,6 @@ bool stateful_pkt_proc::process_tcp_data (protocol &x, } if(seg->done) { - reassembler->pruner.nodes[seg->prune_index].is_in_map = false; struct datum reassembled_data = seg->get_reassembled_segment(); set_tcp_protocol(x, reassembled_data, true, &tcp_pkt); reassembler->dump_pkt = false; @@ -479,6 +496,10 @@ bool stateful_pkt_proc::process_tcp_data (protocol &x, reassembler->curr_reassembly_state = reassembly_in_progress; } + + if (!in_reassembly && tcp_pkt.additional_bytes_needed) { + reassembler->curr_reassembly_state = truncated; + } return true; } @@ -507,6 +528,11 @@ size_t stateful_pkt_proc::ip_write_json(void *buffer, struct datum pkt{ip_packet, ip_packet+length}; ip ip_pkt{pkt, k}; uint8_t transport_proto = ip_pkt.transport_protocol(); + bool truncated_tcp = false; + + if (reassembler) { + reassembler->curr_reassembly_state = reassembly_none; + } // process encapsulations // @@ -560,11 +586,17 @@ size_t stateful_pkt_proc::ip_write_json(void *buffer, } // note: we could check for non-empty data field - } else { + } else if (tcp_pkt.is_FIN() || tcp_pkt.is_RST()) { + tcp_flow_table.find_and_erase(k); + } + else { //bool write_pkt = false; if (!process_tcp_data(x, pkt, tcp_pkt, k, ts, reassembler)) { return 0; } + else if (tcp_pkt.additional_bytes_needed) { + truncated_tcp = true; + } } } else if (transport_proto == ip::protocol::udp) { @@ -625,7 +657,14 @@ size_t stateful_pkt_proc::ip_write_json(void *buffer, } if (crypto_policy) { std::visit(do_crypto_assessment{crypto_policy, record}, x); } - if (reassembler) { + // write indication of truncation or reassembly + // + if (!reassembler && truncated_tcp) { + struct json_object flags{record, "reassembly_properties"}; + flags.print_key_bool("truncated", true); + flags.close(); + } + else if (reassembler && reassembler->curr_reassembly_state != reassembly_status::reassembly_none) { reassembler->write_flags(record, "reassembly_properties"); if (reassembler->curr_reassembly_consumed == true) { reassembler->remove_segment(reassembler->reap_it); @@ -773,7 +812,11 @@ bool stateful_pkt_proc::analyze_ip_packet(const uint8_t *packet, tcp_flow_table.syn_packet(k, ts->tv_sec, ntoh(tcp_pkt.header->seq)); } else if (tcp_pkt.is_SYN_ACK()) { tcp_flow_table.syn_packet(k, ts->tv_sec, ntoh(tcp_pkt.header->seq)); - } else { + } + else if (tcp_pkt.is_FIN() || tcp_pkt.is_RST()) { + tcp_flow_table.find_and_erase(k); + } + else { bool ret = process_tcp_data(x, pkt, tcp_pkt, k, ts, reassembler); if (reassembler->curr_reassembly_state == reassembly_in_progress) { analysis.flow_state_pkts_needed = true; diff --git a/src/libmerc/tcp.h b/src/libmerc/tcp.h index 84855920..5f2c067f 100644 --- a/src/libmerc/tcp.h +++ b/src/libmerc/tcp.h @@ -294,7 +294,6 @@ struct tcp_segment { uint32_t total_bytes_needed; uint32_t current_bytes; uint32_t seg_count; - uint16_t prune_index; // index of prune node in pruning table unsigned int init_time; bool done; bool seg_overlap; // current pkt overlaps with a previous segment @@ -310,7 +309,7 @@ struct tcp_segment { //std::vector< std::pair > seg; tcp_segment() : seq_init{0}, curr_seq{0}, index{0}, end_index{0}, seg_len{0}, max_index{8192}, total_bytes_needed{8192}, - current_bytes{0}, seg_count{0}, prune_index{0}, init_time{0}, done{false}, seg_overlap{false}, max_seg_exceed{false} {} + current_bytes{0}, seg_count{0}, init_time{0}, done{false}, seg_overlap{false}, max_seg_exceed{false} {} bool init_from_pkt (unsigned int sec, struct tcp_seg_context &tcp_pkt, uint32_t syn_seq, datum &p) { seq_init = syn_seq; @@ -425,6 +424,8 @@ struct tcp_segment { }; +/* Comment reassembly pruning logic + struct prune_node { unsigned int init_timestamp; struct key seg_key; @@ -549,43 +550,51 @@ struct prune_table { return force_pruned; } }; +End comment reassembly pruning logic */ void fprintf_json_string_escaped(FILE *f, const char *key, const uint8_t *data, unsigned int len); enum reassembly_status { reassembly_none = 0, reassembly_in_progress = 1, - reassembly_done = 2 + reassembly_done = 2, + truncated = 3 // truncated but cant reassemble as sync seq not known TODO: Try reassmbling wihtout syn seq }; struct tcp_reassembler { bool dump_pkt; // current pkt involved in reassembly, dump pkt regardless of json - struct prune_table pruner; - uint64_t force_prunes; bool curr_reassembly_consumed; enum reassembly_status curr_reassembly_state; - static const uint32_t max_map_entries = 5000; - static const uint32_t force_prune_count = 4000; + static const uint32_t max_map_entries = 10000; // Hard limit to map entries std::unordered_map segment_table; std::unordered_map::iterator reap_it; - tcp_reassembler(unsigned int size) : dump_pkt{false}, pruner{}, force_prunes{0}, curr_reassembly_consumed{false}, curr_reassembly_state{reassembly_none}, segment_table{}, reap_it{segment_table.end()} { + tcp_reassembler(unsigned int size) : dump_pkt{false}, curr_reassembly_consumed{false}, curr_reassembly_state{reassembly_none}, segment_table{}, reap_it{segment_table.end()} { segment_table.reserve(size); reap_it = segment_table.end(); } bool init_segment(const struct key &k, unsigned int sec, struct tcp_seg_context &tcp_pkt, uint32_t syn_seq, datum &p) { - active_prune(sec); // try pruning before inserting + if (segment_table.size() >= max_map_entries) { + // aggressive : remove two entries + increment_reap_iterator(); + if (reap_it != segment_table.end()) { + reap_it = segment_table.erase(reap_it); + } + increment_reap_iterator(); + if (reap_it != segment_table.end()) { + reap_it = segment_table.erase(reap_it); + } + } + else { + reap(sec); // passive: try cleaning expired entries + } + tcp_segment segment; if (segment.init_from_pkt(sec, tcp_pkt, syn_seq, p)) { - reap_it = segment_table.emplace(k, segment).first; - uint16_t index; - if (pruner.add_node(sec,k,segment_table,index)) { - force_prunes++; - } - reap_it->second.prune_index = index; + reap_it = segment_table.emplace(k, segment).first; //++reap_it; return true; } @@ -602,10 +611,10 @@ struct tcp_reassembler { struct tcp_segment *check_packet(const struct key &k, unsigned int sec, struct tcp_seg_context &tcp_pkt, datum &p, bool &reassembly_consumed) { + reap(sec); // passive cleaning auto it = segment_table.find(k); if (it != segment_table.end()) { if (it->second.expired(sec)) { - pruner.nodes[it->second.prune_index].is_in_map = false; remove_segment(it); return nullptr; } @@ -633,16 +642,6 @@ struct tcp_reassembler { } } - void active_prune(unsigned int ts) { - if (segment_table.size() >= force_prune_count) { - pruner.do_pruning(ts, segment_table); - } - if (segment_table.size() == max_map_entries) { - pruner.do_force_pruning(segment_table); - } - pruner.check_time_pruning(ts, segment_table); - } - void count_all() { auto it = segment_table.begin(); while (it != segment_table.end()) { @@ -651,6 +650,14 @@ struct tcp_reassembler { } void write_flags(struct json_object &record, const char *key) { + if (curr_reassembly_state == truncated) { + // truncated but not in reassembly + struct json_object flags{record, key}; + flags.print_key_bool("truncated", true); + flags.close(); + return; + } + if (reap_it == segment_table.end()) { return; } @@ -665,10 +672,35 @@ struct tcp_reassembler { } flags.close(); } + else { + struct json_object flags{record, key}; + flags.print_key_bool("truncated", true); + flags.close(); + } reap_it = segment_table.end(); return; } + void reap(unsigned int sec) { + + // check for expired flows + increment_reap_iterator(); + if (reap_it != segment_table.end() && reap_it->second.expired(sec)) { + reap_it = segment_table.erase(reap_it); + } + increment_reap_iterator(); + if (reap_it != segment_table.end() && reap_it->second.expired(sec)) { + reap_it = segment_table.erase(reap_it); + } + } + + void increment_reap_iterator() { + if (reap_it != segment_table.end()) { + ++reap_it; + } else { + reap_it = segment_table.begin(); + } + } }; struct flow_table { @@ -754,6 +786,7 @@ struct tcp_context { struct flow_table_tcp { std::unordered_map table; std::unordered_map::iterator reap_it; + static constexpr uint32_t max_entries = 20000; flow_table_tcp(unsigned int size) : table{}, reap_it{table.end()} { table.reserve(size); @@ -761,6 +794,20 @@ struct flow_table_tcp { } void syn_packet(const struct key &k, unsigned int sec, uint32_t seq) { + if (table.size() >= max_entries) { + // aggressive : try to remove two entries + increment_reap_iterator(); + if (reap_it != table.end()) { + reap_it = table.erase(reap_it); + } + increment_reap_iterator(); + if (reap_it != table.end()) { + reap_it = table.erase(reap_it); + } + } + else { + reap(sec); // passive: try clean expired entries + } auto it = table.find(k); if (it == table.end()) { table.insert({k, {sec, seq}}); @@ -768,6 +815,13 @@ struct flow_table_tcp { } } + void find_and_erase(const struct key &k) { + auto it = table.find(k); + if (it != table.end()) { + reap_it = table.erase(it); + } + } + bool is_first_data_packet(const struct key &k, unsigned int sec, uint32_t seq) { auto it = table.find(k); if (it != table.end()) { diff --git a/src/libmerc/tcpip.h b/src/libmerc/tcpip.h index 1b9151bc..c8ee1b66 100644 --- a/src/libmerc/tcpip.h +++ b/src/libmerc/tcpip.h @@ -170,6 +170,10 @@ struct tcp_packet : public base_protocol { return header && TCP_IS_FIN(header->flags); } + bool is_RST() { + return header && TCP_IS_RST(header->flags); + } + uint32_t seq() const { return hton(header->seq); } void set_key(struct key &k) { diff --git a/src/libmerc/x509.h b/src/libmerc/x509.h index 7999494b..d7135278 100644 --- a/src/libmerc/x509.h +++ b/src/libmerc/x509.h @@ -1722,7 +1722,6 @@ struct x509_cert { bool signature_is_weak(bool unsigned_is_weak=false) const { if (signature_algorithm.parameters.is_truncated()) { - fprintf(stdout, "truncated signature_algorithm\n"); return false; // missing data } diff --git a/test/data/top-https.json b/test/data/top-https.json index c24fefd4..b2c1327e 100644 --- a/test/data/top-https.json +++ b/test/data/top-https.json @@ -46,7 +46,7 @@ {"dns":{"base64":"1DiBgAABAAAAAQAAB3R3aXR0ZXIDY29tAAAcAAHADAAGAAEAAAAFADwDbnMxA3AyNgZkeW5lY3QDbmV0AAp6b25lLWFkbWluBmR5bmRuc8AUd6KRMQAADhAAAAJYAAk6gAAAADw="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":35429,"event_start":1565200317.321305} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"104.244.42.65","protocol":6,"src_port":42708,"dst_port":443,"event_start":1565200317.321610} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"twitter.com"}},"src_ip":"192.168.113.237","dst_ip":"104.244.42.65","protocol":6,"src_port":42708,"dst_port":443,"event_start":1565200317.365401} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGcTCCBVmgAwIBAgIQB6JxQM/Z/JSUJ1FPhVVCbzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTAzMDcwMDAwMDBaFw0yMDAzMDcxMjAwMDBaMHcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0dGVyLCBJbmMuMQ0wCwYDVQQLEwRhdGxhMRQwEgYDVQQDEwt0d2l0dGVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZX2kcltfrcPTyfAAFtIAgTueiAqeU/k6M3OArrOTRJGLuLCsvj3a+O2Y4cxBvPyhsAgbM+nLlXtf0ziH5SDjJzLO6mVK6T71xZOjI8z01HVkbwqOnFVGPD82XygX4W1oajOt4d1wMpOZoc6B/Lh+y7QCFUvM+xdMD085JyrWZvaGw3oQQq4DbrDBaoWCbSzdbbuRk1xpgctN2xd5rF/n5Mg4UkGByTR/NEfB9luVio+bbTo4tPiKRbwO2nzoGGWMaS8T+UEtTpel3YXPpUsP2fkcPFzpht6eYrOi7qhtaugW8pes3jyPhxxp93tvNH2Or7SaBg6cM6mEiIjN2Ez8sCAwEAAaOCAv4wggL6MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBSENo9/S2lF5zjBaIIQ7RVsnpEMaTAnBgNVHREEIDAeggt0d2l0dGVyLmNvbYIPd3d3LnR3aXR0ZXIuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWlZVWG+AAAEAwBIMEYCIQCZOt2dMF/436CEFe7BC/fYroy24FfWkERqHaL2fSOmSgIhAKmrYz3oS314+5Mt3tvlAtKZtUMACoNIkUdQ8Wzqpir8AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFpWVVjAwAABAMARzBFAiAQbTBEz6oSpOcpBz1JnXW4hWGRGkV2pwssM9ITkAA81QIhAJPBH6YLyk8idL0ntAig+St39IOsIRyKAosS+wqOwyOCMA0="}]}},"src_ip":"104.244.42.65","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42708,"event_start":1565200317.419283} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGcTCCBVmgAwIBAgIQB6JxQM/Z/JSUJ1FPhVVCbzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTAzMDcwMDAwMDBaFw0yMDAzMDcxMjAwMDBaMHcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0dGVyLCBJbmMuMQ0wCwYDVQQLEwRhdGxhMRQwEgYDVQQDEwt0d2l0dGVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZX2kcltfrcPTyfAAFtIAgTueiAqeU/k6M3OArrOTRJGLuLCsvj3a+O2Y4cxBvPyhsAgbM+nLlXtf0ziH5SDjJzLO6mVK6T71xZOjI8z01HVkbwqOnFVGPD82XygX4W1oajOt4d1wMpOZoc6B/Lh+y7QCFUvM+xdMD085JyrWZvaGw3oQQq4DbrDBaoWCbSzdbbuRk1xpgctN2xd5rF/n5Mg4UkGByTR/NEfB9luVio+bbTo4tPiKRbwO2nzoGGWMaS8T+UEtTpel3YXPpUsP2fkcPFzpht6eYrOi7qhtaugW8pes3jyPhxxp93tvNH2Or7SaBg6cM6mEiIjN2Ez8sCAwEAAaOCAv4wggL6MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBSENo9/S2lF5zjBaIIQ7RVsnpEMaTAnBgNVHREEIDAeggt0d2l0dGVyLmNvbYIPd3d3LnR3aXR0ZXIuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWlZVWG+AAAEAwBIMEYCIQCZOt2dMF/436CEFe7BC/fYroy24FfWkERqHaL2fSOmSgIhAKmrYz3oS314+5Mt3tvlAtKZtUMACoNIkUdQ8Wzqpir8AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFpWVVjAwAABAMARzBFAiAQbTBEz6oSpOcpBz1JnXW4hWGRGkV2pwssM9ITkAA81QIhAJPBH6YLyk8idL0ntAig+St39IOsIRyKAosS+wqOwyOCMA0="}]}},"reassembly_properties":{"truncated":true},"src_ip":"104.244.42.65","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42708,"event_start":1565200317.419283} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGcTCCBVmgAwIBAgIQB6JxQM/Z/JSUJ1FPhVVCbzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTAzMDcwMDAwMDBaFw0yMDAzMDcxMjAwMDBaMHcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0dGVyLCBJbmMuMQ0wCwYDVQQLEwRhdGxhMRQwEgYDVQQDEwt0d2l0dGVyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZX2kcltfrcPTyfAAFtIAgTueiAqeU/k6M3OArrOTRJGLuLCsvj3a+O2Y4cxBvPyhsAgbM+nLlXtf0ziH5SDjJzLO6mVK6T71xZOjI8z01HVkbwqOnFVGPD82XygX4W1oajOt4d1wMpOZoc6B/Lh+y7QCFUvM+xdMD085JyrWZvaGw3oQQq4DbrDBaoWCbSzdbbuRk1xpgctN2xd5rF/n5Mg4UkGByTR/NEfB9luVio+bbTo4tPiKRbwO2nzoGGWMaS8T+UEtTpel3YXPpUsP2fkcPFzpht6eYrOi7qhtaugW8pes3jyPhxxp93tvNH2Or7SaBg6cM6mEiIjN2Ez8sCAwEAAaOCAv4wggL6MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBSENo9/S2lF5zjBaIIQ7RVsnpEMaTAnBgNVHREEIDAeggt0d2l0dGVyLmNvbYIPd3d3LnR3aXR0ZXIuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWlZVWG+AAAEAwBIMEYCIQCZOt2dMF/436CEFe7BC/fYroy24FfWkERqHaL2fSOmSgIhAKmrYz3oS314+5Mt3tvlAtKZtUMACoNIkUdQ8Wzqpir8AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFpWVVjAwAABAMARzBFAiAQbTBEz6oSpOcpBz1JnXW4hWGRGkV2pwssM9ITkAA81QIhAJPBH6YLyk8idL0ntAig+St39IOsIRyKAosS+wqOwyOCMA0GCSqGSIb3DQEBCwUAA4IBAQCh0yFFh1vTQMpEgFLa6I5hoheo/LkG6MuWHrRI4raGkQtGbXdbYtudOx8bpb3K12l/B9OcZZWhWiW47pjOgxdny1zkJjyaAc1iye0gt/dKBc8WRtlagBlC9C8tWkhvanppbnc02DvwX97kDWwUFhqFcHLTZhWIB3Q2ztp2XAFMqGFR9YzxmgCugJGVa1RuyY/VViiOFManXW0aPilm8o+cjWN94x510w6osrwiOSpZAJyMQgPCFaCVcLO/2OIPj4SMYsW1Tx9CGdqz5fufSavzmE+t1FJYWgn0YSZ5G3+I4tkMM4rbmDZQIQatunC9SRfZte4tT4yg6LSsLwoQRCjZ"},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"104.244.42.65","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42708,"event_start":1565200317.419555} {"dns":{"base64":"mYUBAAABAAAAAAAACW1pY3Jvc29mdANjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":51332,"dst_port":53,"event_start":1565200317.804832} {"dns":{"base64":"G5oBAAABAAAAAAAACW1pY3Jvc29mdANjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":59157,"dst_port":53,"event_start":1565200317.805019} @@ -54,7 +54,7 @@ {"dns":{"base64":"G5qBgAABAAAAAQAACW1pY3Jvc29mdANjb20AABwAAcAMAAYAAQAAAAUAKwNuczEEbXNmdANuZXQABm1zbmhzdMAMeFi6BgAAHCAAAAJYACTqAAAADhA="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":59157,"event_start":1565200317.836652} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"13.77.161.179","protocol":6,"src_port":60570,"dst_port":443,"event_start":1565200317.837161} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"microsoft.com"}},"src_ip":"192.168.113.237","dst_ip":"13.77.161.179","protocol":6,"src_port":60570,"dst_port":443,"event_start":1565200317.943160} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIISXDCCEESgAwIBAgITFgAFDAsp4tFASrt9zwAAAAUMCzANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQwHhcNMTkwNTE3MDIyOTE1WhcNMjEwNTE3MDIyOTE1WjAaMRgwFgYDVQQDDA8qLm1pY3Jvc29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmepkIe+jvvXqtZVvd5Gt1L0xFOI+0SniOz35tKL8glkd5X2iUcuN4mPYlNC3LzhDv2H5JeTq0YrRKdfZPb8IzJCgmwELeNySYndxkUTw2HURcPj9o7AyANqviu9b6qR4A6WI6KTkyyc2lojPiuXKtQ10jBtCHNi03UqrLN1i0ZTa4KlfoSEOu39aT/pakk7RrFC57Tqnx48zKOazmBLUOxfaIrCux3JTOaM77VMunfJfSS2R+mMrWr+TQ1s0vyZqf+eBmC3367185InVjNkr7H900I3QVkrATuX2rEOVLwfUF2DurJEazSZDU0SmoTu00Pd4g2SlVSo9xCJqpWtSJAgMBAAGjgg4nMIIOIzB4BgkqhkiG9w0BCQ8EazBpMA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBLTALBglghkgBZQMEAQIwCwYJYIZIAWUDBAEFMAcGBSsOAwIHMAoGCCqGSIb3DQMHMIIB9wYKKwYBBAHWeQIEAgSCAecEggHjAeEAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWrDqHFNAAAEAwBIMEYCIQD0dwPwU8gcb9ykPsUQ950AxBU1+EHkeJggADmu7bZTKAIhAOU36VVQj80s9Mpk4GLViRJ93sytOdczGm3kfL/6VWFmAHYA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAFqw6hxSgAABAMARzBFAiEAiDoIHVLz/u85x/JYsnNb/Yntc9kpd6D6at50Y0euGtwCIFfJLvQPHvrjEzGDJQ3ldUKG63aIBPKTE/M9SkEJ41W5AHYAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAFqw6hxYQAABAMARzBFAiEA+r5693PaDGW3WBBz1/aQ8V/LuFF4WLkwhaHWsQrPPF0CIFBrAZYpgqAiOf5enLTqpMk9FTDtJHhegtocUWCCaNRtAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFqw6hyMAAABAMARzBFAiEAtGpR5a6NxYG4"}]}},"src_ip":"13.77.161.179","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":60570,"event_start":1565200318.067614} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIISXDCCEESgAwIBAgITFgAFDAsp4tFASrt9zwAAAAUMCzANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQwHhcNMTkwNTE3MDIyOTE1WhcNMjEwNTE3MDIyOTE1WjAaMRgwFgYDVQQDDA8qLm1pY3Jvc29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmepkIe+jvvXqtZVvd5Gt1L0xFOI+0SniOz35tKL8glkd5X2iUcuN4mPYlNC3LzhDv2H5JeTq0YrRKdfZPb8IzJCgmwELeNySYndxkUTw2HURcPj9o7AyANqviu9b6qR4A6WI6KTkyyc2lojPiuXKtQ10jBtCHNi03UqrLN1i0ZTa4KlfoSEOu39aT/pakk7RrFC57Tqnx48zKOazmBLUOxfaIrCux3JTOaM77VMunfJfSS2R+mMrWr+TQ1s0vyZqf+eBmC3367185InVjNkr7H900I3QVkrATuX2rEOVLwfUF2DurJEazSZDU0SmoTu00Pd4g2SlVSo9xCJqpWtSJAgMBAAGjgg4nMIIOIzB4BgkqhkiG9w0BCQ8EazBpMA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBLTALBglghkgBZQMEAQIwCwYJYIZIAWUDBAEFMAcGBSsOAwIHMAoGCCqGSIb3DQMHMIIB9wYKKwYBBAHWeQIEAgSCAecEggHjAeEAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWrDqHFNAAAEAwBIMEYCIQD0dwPwU8gcb9ykPsUQ950AxBU1+EHkeJggADmu7bZTKAIhAOU36VVQj80s9Mpk4GLViRJ93sytOdczGm3kfL/6VWFmAHYA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAFqw6hxSgAABAMARzBFAiEAiDoIHVLz/u85x/JYsnNb/Yntc9kpd6D6at50Y0euGtwCIFfJLvQPHvrjEzGDJQ3ldUKG63aIBPKTE/M9SkEJ41W5AHYAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAFqw6hxYQAABAMARzBFAiEA+r5693PaDGW3WBBz1/aQ8V/LuFF4WLkwhaHWsQrPPF0CIFBrAZYpgqAiOf5enLTqpMk9FTDtJHhegtocUWCCaNRtAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFqw6hyMAAABAMARzBFAiEAtGpR5a6NxYG4"}]}},"reassembly_properties":{"truncated":true},"src_ip":"13.77.161.179","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":60570,"event_start":1565200318.067614} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIISXDCCEESgAwIBAgITFgAFDAsp4tFASrt9zwAAAAUMCzANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQwHhcNMTkwNTE3MDIyOTE1WhcNMjEwNTE3MDIyOTE1WjAaMRgwFgYDVQQDDA8qLm1pY3Jvc29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmepkIe+jvvXqtZVvd5Gt1L0xFOI+0SniOz35tKL8glkd5X2iUcuN4mPYlNC3LzhDv2H5JeTq0YrRKdfZPb8IzJCgmwELeNySYndxkUTw2HURcPj9o7AyANqviu9b6qR4A6WI6KTkyyc2lojPiuXKtQ10jBtCHNi03UqrLN1i0ZTa4KlfoSEOu39aT/pakk7RrFC57Tqnx48zKOazmBLUOxfaIrCux3JTOaM77VMunfJfSS2R+mMrWr+TQ1s0vyZqf+eBmC3367185InVjNkr7H900I3QVkrATuX2rEOVLwfUF2DurJEazSZDU0SmoTu00Pd4g2SlVSo9xCJqpWtSJAgMBAAGjgg4nMIIOIzB4BgkqhkiG9w0BCQ8EazBpMA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBLTALBglghkgBZQMEAQIwCwYJYIZIAWUDBAEFMAcGBSsOAwIHMAoGCCqGSIb3DQMHMIIB9wYKKwYBBAHWeQIEAgSCAecEggHjAeEAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWrDqHFNAAAEAwBIMEYCIQD0dwPwU8gcb9ykPsUQ950AxBU1+EHkeJggADmu7bZTKAIhAOU36VVQj80s9Mpk4GLViRJ93sytOdczGm3kfL/6VWFmAHYA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAFqw6hxSgAABAMARzBFAiEAiDoIHVLz/u85x/JYsnNb/Yntc9kpd6D6at50Y0euGtwCIFfJLvQPHvrjEzGDJQ3ldUKG63aIBPKTE/M9SkEJ41W5AHYAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAFqw6hxYQAABAMARzBFAiEA+r5693PaDGW3WBBz1/aQ8V/LuFF4WLkwhaHWsQrPPF0CIFBrAZYpgqAiOf5enLTqpMk9FTDtJHhegtocUWCCaNRtAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFqw6hyMAAABAMARzBFAiEAtGpR5a6NxYG4jDqqjKRptlN/4oKgcG3NddgjY85aiQoCIDtZfPIsKvvi7Dp915kJN2KWpSAjxRyrj3f9VYRdO3HSMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUIh9qGdYPu2QGCyYUbgbWeYYX062CBXYTS30KC55N6AgFkAgEdMIGFBggrBgEFBQcBAQR5MHcwUQYIKwYBBQUHMAKGRWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA0LmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTAdBgNVHQ4EFgQUDy1hz6AvvPkrcPW9hiSibjry2agwCwYDVR0PBAQDAgSwMIIJTwYDVR0RBIIJRjCCCUKCCG1zZG4uY29tggh4Ym94LmNvbYIKKi5saXZlLmNvbYIKKi5tc2RuLmNvbYIKZ2lnamFtLmNvbYIKd2luZG93cy5ubIIKd2luaGVjLmNvbYIKd2luaGVjLm5ldIILKi5henVyZS5iaXqCCyouYXp1cmUubmV0ggsqLmdldGllLmNvbYILKi5tc2RuMi5jb22CCyoubmV0ZnguY29tggsqLnZzc2RrLmNvbYILc3VyZmFjZS5jb22CC3dpbmRvd3MuY29tggwqLmdpZ2phbS5jb22CDCoubXNkbnR2LmNvbYIMKi53aW5kb3dzLm5sggwqLndpbmhlYy5jb22CDCoud2luaGVjLm5ldIIMaG9sb2xlbnMuY29tggxtaWNyb3NvZnQuYXqCDG1pY3Jvc29mdC5iZYIMbWljcm9zb2Z0LmJ5ggxtaWNyb3NvZnQuY2GCDG1pY3Jvc29mdC5jaIIMbWljcm9zb2Z0LmNsggxtaWNyb3NvZnQuY3qCDG1pY3Jvc29mdC5kZYIMbWljcm9zb2Z0LmRrggxtaWNyb3NvZnQuZWWCDG1pY3Jvc29mdC5lc4IMbWljcm9zb2Z0LmV1ggxtaWNyb3NvZnQuZmmCDG1pY3Jvc29mdC5nZYIMbWljcm9zb2Z0LmdyggxtaWNyb3NvZnQuaHWCDG1pY3Jvc29mdC5pc4IMbWljcm9zb2Z0Lml0ggxtaWNyb3NvZnQuanCCDG1pY3Jvc29mdC5sdIIMbWljcm9zb2Z0Lmx1ggxtaWNyb3NvZnQubHaCDG1pY3Jvc29mdC5tZIIMbWljcm9zb2Z0LnBsggxtaWNyb3NvZnQucHSCDG1pY3Jvc29mdC5yb4IMbWljcm9zb2Z0LnJzggxtaWNyb3NvZnQucnWCDG1pY3Jvc29mdC5zZYIMbWljcm9zb2Z0LnNpggxtaWNyb3NvZnQudHaCDG1pY3Jvc29mdC51YYIMbWljcm9zb2Z0LnV6ggxtaWNyb3NvZnQudm6CDSouYml6dGFsay5vcmeCDSouaHlwZXItdi5jb22CDSoubXNkbm1hZy5jb22CDSouc3VyZmFjZS5jb22CDSoudm9ydC1leC5jb22CDSoud2luZG93cy5iaXqCDSoud2luZG93cy5jb22CDWltYWdpbmVjdXAucGyCDW1pY3Jvc29mdC5jYXSCDW1pY3Jvc29mdC5jb22CDiouZnVzZWxhYnMuY29tgg4qLmhvbG9sZW5zLmNvbYIOKi5taWNyb3NvZnQuY2GCDioubWljcm9zb2Z0LmN6gg4qLm1pY3Jvc29mdC5kZYIOKi5taWNyb3NvZnQuZXWCDioubWljcm9zb2Z0Lml0gg4qLm1pY3Jvc29mdC5qcIIOKi5taWNyb3NvZnQucGyCDioubWljcm9zb2Z0LnJ1gg4qLm1zZG53aWtpLmNvbYIPKi5nYW1ldm9pY2UuY29tgg8qLmltYWdpbmVjdXAucGyCDyoubWFjb2ZmaWNlLmNvbYIPKi5taWNyb3NvZnQuY29tghAqLm1pY3Jvc29mdC5iYW5kghAqLm1zbGVhcm5pbmcuY29tghAqLm1zbGVhcm5pbmcub3JnghAqLnBvd2VycG9pbnQuY29tghAqLnNoYXJlcG9pbnQubmV0ghEqLm15bWljcm9zb2Z0LmNvbYIRbWljcm9zb2Z0ZWRnZS5jb22CEW1pY3Jvc29mdGxpbmMuY29tghIqLmFwcHJlYWRpbmVzcy5jb22CEiouZGVwbG95b2ZmaWNlLmNvbYISKi5vZmZpY2V3ZWJhcHAuY29tghIqLnBhcnRuZXJndWlkZS5jb22CEiouc2NyaXB0anVua2llLmNvbYISKi5zeXNpbnRlcm5hbHMuY29tghJtaWNyb3NvZnRjbG91ZC5jb22CEyoubGFzdGRldmVsb3Blci5jb22CEyoubWljcm9zb2Z0YmFuZC5jb22CEyoubWljcm9zb2Z0ZWRnZS5jb22CEyoubWljcm9zb2Z0bGluYy5jb22CEyoubXNkbmdlZWtzcGVhay5jb22CEyouc3RhcnR1cGNlbnRlci5jb22CEyoud2luZG93c21vYmlsZS5jb22CFCouY2xpZW50c2VjdXJpdHkuY29tghQqLmNsaWVudHNlY3VyaXR5Lm5ldIIUKi5jbGllbnRzZWN1cml0eS5vcmeCFCoubWljcm9zb2Z0Y2xvdWQuY29tghQqLnBvd2VycG9pbnRsaXZlLmNvbYIUKi53aW5kb3dzY2F0YWxvZy5jb22CFSoubWljcm9zb2Z0aGVhbHRoLmNvbYIVKi5teXdpbmRvd3Ntb2JpbGUuY29tghUqLnBvd2VycG9pbnRyYWRpby5jb22CFSouc2hhcmVwb2ludHBlZGlhLmNvbYIVKi53aW5kb3dzZGVmZW5kZXIuY29tghUqLndpbmRvd3NkZWZlbmRlci5uZXSCFSoud2luZG93c2RlZmVuZGVyLm9yZ4IVKi53aW5kb3dzZW1iZWRkZWQuY29tghYqLm1pY3Jvc29mdHN1cmZhY2UuY29tghYqLm1pY3Jvc29mdHdpbmRvd3MuY29tghYqLm1vYmlsZXBjcGFydG5lcnMuY29tghZ3aW5kb3dzbWFya2V0cGxhY2UuY29tghcqLmRldmVsb3BvbmJpbmdtYXBzLmNvbYIXKi5taWNyb3NvZnRiaXpzcGFyay5jb22CFyoubWljcm9zb2Z0ZHluYW1pY3MuY29tghcqLm1pY3Jvc29mdGxlYXJuaW5nLm5ldIIXKi5taWNyb3NvZnRsZWFybmluZy5vcmeCFyoud2luZG93c3Bvd2Vyc2hlbGwub3JnghgqLm1pY3Jvc29mdGl0YWNhZGVteS5jb22CGCoucGFydG5lcnNpbmxlYXJuaW5nLmNvbYIYKi53aW5kb3dzbWFya2V0cGxhY2UuY29tghoqLm1pY3Jvc29mdGdhbWVzdHVkaW9zLmNvbYIbKi5tc3NoYXJlcG9pbnRjb21tdW5pdHkuY29tghsqLm15c2hhcmVwb2ludGNvbW11bml0eS5jb22CHCouYnVzaW5lc3NyZWFkeWxpY2Vuc2luZy5jb22CHCoucmV0YWlsZXhwZXJpZW5jZWNlbnRlci5jb20wgawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JsME0GA1UdIARGMEQwQgYJKwYBBAGCNyoBMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NwczAfBgNVHSMEGDAWgBR6e4zBz+egyhzUa/r74TPDDxqinTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggIBACrMnCZR6pFRSGNDpUy1NYBlfZBFb94OgEhu+Prmq390badYhGb9opwkd+1TohltyGTAJqdaxP7ubmqYjAquEj6eZ1B9JvgelFNhDxeyaE5imUSH/J2+P7HXh4hE/acZAQtE6J6AhohLogWgvjidwlocqdlD7RT14RFW4faLgvAGJAa1zyNAlIhOY2LAb/VA6jmKv13XKnxA+iQ0dMQFBmvEpuH5bX3D8BQ3R3WLlZN6NJ9HuVhvJ7lv9UT0nYAWNGf2jOwH2MsBOeEN9q0mXTeEizfJUc2O9JOUPiJXtvvVvHmnZdF3Mk8ENL/f5k/jk+2PagfjFBQqVJJ1XBH+ndXesbEp6RkBytF/8ubvIAa9Kuel7FJjQTN8eVik2GNnQICHISgYXj8V5MKd/AmrWwBivRY5PAL0IKWjlZ39WWH7smocPgCuHqM7usme7I5ToujwomY9Z7XoewARy+sOt9qgZJ9QaPlKVXB3m+8fxjGtnyP+kBkBtX6ATkai4lcQg/Au+w9JWZZqNjCjU2dRq2GVz2uSAq/k8kKMcEr7kUlS96k9OxkH4LMhcaF/6/fZzEK/urLWlydQ8QuGlfgZkU3L8iFxVtZETFZQNYPR1KjylPhWKR3V1FtM2dtJ6nWC5UNhJHDkPsRnfp7gEvH7VgqVqMgAxIOxGqicYL66amu/"},{"base64":"MIIFtDCCBJygAwIBAgIQC2qzsD6xqfbEYJJqqM3+szANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE2MDUyMDEyNTIzOFoXDTI0MDUyMDEyNTIzOFowgYsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xFTATBgNVBAsTDE1pY3Jvc29mdCBJVDEeMBwGA1UEAxMVTWljcm9zb2Z0IElUIFRMUyBDQSA0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq+XrXaNrOZ71NIgSux1SJl19CQvGeY6rtw7fGbLd7g/27vRW5Ebikg/iZwvjHHGk1EFztMuZFo6/d32wrx5s7XEuwwh3Sl6Sruxa0EiB0MXpoPV6jx6NXtOtksDaxpE1MSC5OQTNECo8lx0AnpkYGAnPS5fkyfwA8AxanTboskDBSqyEKKo9Rhgrp4qs9K9LqH5JQsdiIMDmpztd65Afu4rYnJDjOrFswpTOPjJry3GzQS65xeFd2FkngvvhSA1+6ATx+QEnQfqUWn3FMLu2utcRm4j6AcxuS5K5+Hg8y5xomhZmiNCTsCqDLpcRHX6BIGHksLmbnG5TlZUixtm9dRC62XWMPD8d0Jb4M0V7ex9UM+VIl6cFJKLb0dyVriAqfZaJSHuSetAksd5IEfdnPLTf+Fhg9U97NGjm/awmCLbzLEPbT8QW0JsMcYexB2uG3Y+gsftm2tjL6fLwZeWO2BzqL7otZPFe0BtQsgyFSs87yC4qanWMwK5c2enAfH182pzjvUqwYAeCK31dyBCvLmKM3Jr94dm5WUiXQhrDUIELH4Mia+SbvCkigv2AUVx1Xw41wt1/L3pnnz2OW4y7r530zAz7qB+dIcHz51IaXc4UV21QuEnusQsn0uJpJxJuxsAmPuekKxuLUzgG+hqHOuBLf5kWTlk9WWnxcadlZRsCAwEAAaOCAUIwggE+MB0GA1UdDgQWBBR6e4zBz+egyhzUa/r74TPDDxqinTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMJMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9PbW5pcm9vdDIwMjUuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQAR/nIGOiEKN27I9SkiAmKeRQ7t+gaf77+eJDUX/jmIsrsB4Xjf0YuX/bd38YpyT0k66LMp13SH5LnzF2CHiJJVgr3ZfRNIfwaQOolm552W95XNYA/X4cr2du76mzVIoZh90pMqT4EWx6iWu9El86ZvUNoAmyqo9DUA4/0sO+3lFZt/Fg/Hjsk2IJTwHQG5ElBQmYHgKEIsjnj/7cae1eTK6aCqs0hPpF/kixj/EwItkBE2GGYoOiKa3pXxWe6fbSoXdZNQwwUS1d5ktLa829d2Wf6l1uVW4f5GXDuK+OwO++8SkJHOIBKBujxS43/jQPQMQSBmhxjaMmng9tyPKPK9"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"13.77.161.179","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":60570,"event_start":1565200318.068724} {"dns":{"base64":"CNIBAAABAAAAAAAAA3d3dwltaWNyb3NvZnQDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":40531,"dst_port":53,"event_start":1565200318.294385} {"dns":{"base64":"WnUBAAABAAAAAAAAA3d3dwltaWNyb3NvZnQDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":43609,"dst_port":53,"event_start":1565200318.294704} @@ -62,7 +62,7 @@ {"dns":{"base64":"WnWBgAABAAUADAAAA3d3dwltaWNyb3NvZnQDY29tAAAcAAHADAAFAAEAAAAFACMDd3d3CW1pY3Jvc29mdAdjb20tYy0zB2VkZ2VrZXkDbmV0AMAvAAUAAQAAAAUANwN3d3cJbWljcm9zb2Z0B2NvbS1jLTMHZWRnZWtleQNuZXQLZ2xvYmFscmVkaXIGYWthZG5zwE3AXgAFAAEAAAAFABkGZTEzNjc4BGRzcGIKYWthbWFpZWRnZcBNwKEAHAABAAAABQAQJgAUHgACAagAAAAAAAA1bsChABwAAQAAAAUAECYAFB4AAgGKAAAAAAAANW7ArQACAAEAAAAFAAoHbnM3LTE5NMCtwK0AAgABAAAABQAJBmExLTE5MsCtwK0AAgABAAAABQAKB25zMy0xOTTArcCtAAIAAQAAAAUACgdhMTEtMTkywK3ArQACAAEAAAAFAAYDbGEzwK3ArQACAAEAAAAFAAYDbGExwK3ArQACAAEAAAAFAAoHbnM1LTE5NMCtwK0AAgABAAAABQAKB2ExMy0xOTLArcCtAAIAAQAAAAUABwRsYXIywK3ArQACAAEAAAAFAAkGYTYtMTkywK3ArQACAAEAAAAFAAoHYTEyLTE5MsCtwK0AAgABAAAABQAKB25zNi0xOTTArQ=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":43609,"event_start":1565200318.397349} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"23.193.38.96","protocol":6,"src_port":33868,"dst_port":443,"event_start":1565200318.398426} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.microsoft.com"}},"src_ip":"192.168.113.237","dst_ip":"23.193.38.96","protocol":6,"src_port":33868,"dst_port":443,"event_start":1565200318.436809} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHnzCCBYegAwIBAgITFgAAoiZScXH3VKzEFgAAAACiJjANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQwHhcNMTgwMTE2MjEyNDAyWhcNMjAwMTE2MjEyNDAyWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEaMBgGA1UEAxMRd3d3Lm1pY3Jvc29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6uKEPBupNS4BXRWdhU6RzawVP27lFo4eiAOloEHaXYM1DoPUJxxt+uyhwkk8yIZFKLK9AKX0qtqTVFOh3TFk77uGJKlfyugpVs+5sGGffhd0y2cGSyOltJLcf/v31tRjeN/xNi9CeHtcK46ksqgp9kdTDd1IuxDO9fN45LRPZkRuOpNyyXAHlMyVDO4Xfgt8CYH/ssmr1ZqYr98dO9iAiU+eFrz6huBCAJfFzMXWznbpwrsd41TjE5zPJkHaB9BOKuLZySfEQhIRewexFtJXlT88Kj6SfIoe2naZxqDW/tQVVzRxID092mXdVEjL2MZ6GocNk1pPezqY8wOUjgA7AgMBAAGjggL7MIIC9zCBmQYDVR0RBIGRMIGOghVwcml2YWN5Lm1pY3Jvc29mdC5jb22CEWMucy1taWNyb3NvZnQuY29tgg1taWNyb3NvZnQuY29tghFpLnMtbWljcm9zb2Z0LmNvbYIYc3RhdGljdmlldy5taWNyb3NvZnQuY29tghF3d3cubWljcm9zb2Z0LmNvbYITd3d3cWEubWljcm9zb2Z0LmNvbTAdBgNVHQ4EFgQUMqJLlf7sAXZDo1IX+BIPkeyx9OcwHwYDVR0jBBgwFoAUenuMwc/noMoc1Gv6++Ezww8aop0wgawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JsMIGFBggrBgEFBQcBAQR5MHcwUQYIKwYBBQUHMAKGRWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA0LmNydDAiBgg="}]}},"src_ip":"23.193.38.96","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":33868,"event_start":1565200318.475364} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHnzCCBYegAwIBAgITFgAAoiZScXH3VKzEFgAAAACiJjANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQwHhcNMTgwMTE2MjEyNDAyWhcNMjAwMTE2MjEyNDAyWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEaMBgGA1UEAxMRd3d3Lm1pY3Jvc29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6uKEPBupNS4BXRWdhU6RzawVP27lFo4eiAOloEHaXYM1DoPUJxxt+uyhwkk8yIZFKLK9AKX0qtqTVFOh3TFk77uGJKlfyugpVs+5sGGffhd0y2cGSyOltJLcf/v31tRjeN/xNi9CeHtcK46ksqgp9kdTDd1IuxDO9fN45LRPZkRuOpNyyXAHlMyVDO4Xfgt8CYH/ssmr1ZqYr98dO9iAiU+eFrz6huBCAJfFzMXWznbpwrsd41TjE5zPJkHaB9BOKuLZySfEQhIRewexFtJXlT88Kj6SfIoe2naZxqDW/tQVVzRxID092mXdVEjL2MZ6GocNk1pPezqY8wOUjgA7AgMBAAGjggL7MIIC9zCBmQYDVR0RBIGRMIGOghVwcml2YWN5Lm1pY3Jvc29mdC5jb22CEWMucy1taWNyb3NvZnQuY29tgg1taWNyb3NvZnQuY29tghFpLnMtbWljcm9zb2Z0LmNvbYIYc3RhdGljdmlldy5taWNyb3NvZnQuY29tghF3d3cubWljcm9zb2Z0LmNvbYITd3d3cWEubWljcm9zb2Z0LmNvbTAdBgNVHQ4EFgQUMqJLlf7sAXZDo1IX+BIPkeyx9OcwHwYDVR0jBBgwFoAUenuMwc/noMoc1Gv6++Ezww8aop0wgawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JsMIGFBggrBgEFBQcBAQR5MHcwUQYIKwYBBQUHMAKGRWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA0LmNydDAiBgg="}]}},"reassembly_properties":{"truncated":true},"src_ip":"23.193.38.96","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":33868,"event_start":1565200318.475364} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHnzCCBYegAwIBAgITFgAAoiZScXH3VKzEFgAAAACiJjANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQwHhcNMTgwMTE2MjEyNDAyWhcNMjAwMTE2MjEyNDAyWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEaMBgGA1UEAxMRd3d3Lm1pY3Jvc29mdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6uKEPBupNS4BXRWdhU6RzawVP27lFo4eiAOloEHaXYM1DoPUJxxt+uyhwkk8yIZFKLK9AKX0qtqTVFOh3TFk77uGJKlfyugpVs+5sGGffhd0y2cGSyOltJLcf/v31tRjeN/xNi9CeHtcK46ksqgp9kdTDd1IuxDO9fN45LRPZkRuOpNyyXAHlMyVDO4Xfgt8CYH/ssmr1ZqYr98dO9iAiU+eFrz6huBCAJfFzMXWznbpwrsd41TjE5zPJkHaB9BOKuLZySfEQhIRewexFtJXlT88Kj6SfIoe2naZxqDW/tQVVzRxID092mXdVEjL2MZ6GocNk1pPezqY8wOUjgA7AgMBAAGjggL7MIIC9zCBmQYDVR0RBIGRMIGOghVwcml2YWN5Lm1pY3Jvc29mdC5jb22CEWMucy1taWNyb3NvZnQuY29tgg1taWNyb3NvZnQuY29tghFpLnMtbWljcm9zb2Z0LmNvbYIYc3RhdGljdmlldy5taWNyb3NvZnQuY29tghF3d3cubWljcm9zb2Z0LmNvbYITd3d3cWEubWljcm9zb2Z0LmNvbTAdBgNVHQ4EFgQUMqJLlf7sAXZDo1IX+BIPkeyx9OcwHwYDVR0jBBgwFoAUenuMwc/noMoc1Gv6++Ezww8aop0wgawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JsMIGFBggrBgEFBQcBAQR5MHcwUQYIKwYBBQUHMAKGRWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA0LmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7ZAYLJhRuBtZ5hhfTrYIFdhNLfQoLnk3oCAWQCARowHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMAsGA1UdDwQEAwIEsDBNBgNVHSAERjBEMEIGCSsGAQQBgjcqATA1MDMGCCsGAQUFBwIBFidodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcHMwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAZQDBGHkYWARoiApsKcns0lfEuovFuh9CQ3ZMVTDjDhvls0IcuddtEvETXdB+h8+vgIx4jC7SmsRrpEH28X06qEZCMd1vPP/rEI9ZYwAnzabB/HRkGsPHv/hkjVbhcsqYVkPyD9MYc+cgRE0Nggh+l2fIuSxrMvFw0iLsE/7ZkyiZFWfLkddu/be7gjoYIbNyS6E2HQkHlexz9QBUMHERUYBuqey+c1l45WTgLJUWsqeIZJ01oekLkdkR4tg1pZbnFjDeRBqFLnUU1RMHlgKodJYPMzBCkZGRk0mCZJDJcZv62HNdT/Zuz4yHLz6KQcjpVZacYyqeBBqJtus5zSJKP8l9MqZYbihsmAlXZdeXPwiB+YEeGGEGi2iDV39eSs6rPCL1BYZ5kvfoBdSfTAPmviK4ezCUuBL/k4YulsrquoAC/Sz+xFVEBK+qdYXczxgFMxXnx6XjxkKGYrf33g6e/9XexHsyWolQhrmbZE3GrTmH9hbqh0bg+95qhk0oq+iDWy3Lj5ZnexabBg/r+szxTNmPp0LIvMcM1YW9hkAyDYuDSB0Yee/p+ByJUeMIT55F/YO/Qtqc7Z2vNvnq/229nly2lg8AVwDliH30hloIffEXMY3xJWwDUG6Uj++g+838tBwUOF9wrBIwh9pI8EQLW9HUROzSg8ALy7tgVWuowFo="},{"base64":"MIIFtDCCBJygAwIBAgIQC2qzsD6xqfbEYJJqqM3+szANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE2MDUyMDEyNTIzOFoXDTI0MDUyMDEyNTIzOFowgYsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xFTATBgNVBAsTDE1pY3Jvc29mdCBJVDEeMBwGA1UEAxMVTWljcm9zb2Z0IElUIFRMUyBDQSA0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq+XrXaNrOZ71NIgSux1SJl19CQvGeY6rtw7fGbLd7g/27vRW5Ebikg/iZwvjHHGk1EFztMuZFo6/d32wrx5s7XEuwwh3Sl6Sruxa0EiB0MXpoPV6jx6NXtOtksDaxpE1MSC5OQTNECo8lx0AnpkYGAnPS5fkyfwA8AxanTboskDBSqyEKKo9Rhgrp4qs9K9LqH5JQsdiIMDmpztd65Afu4rYnJDjOrFswpTOPjJry3GzQS65xeFd2FkngvvhSA1+6ATx+QEnQfqUWn3FMLu2utcRm4j6AcxuS5K5+Hg8y5xomhZmiNCTsCqDLpcRHX6BIGHksLmbnG5TlZUixtm9dRC62XWMPD8d0Jb4M0V7ex9UM+VIl6cFJKLb0dyVriAqfZaJSHuSetAksd5IEfdnPLTf+Fhg9U97NGjm/awmCLbzLEPbT8QW0JsMcYexB2uG3Y+gsftm2tjL6fLwZeWO2BzqL7otZPFe0BtQsgyFSs87yC4qanWMwK5c2enAfH182pzjvUqwYAeCK31dyBCvLmKM3Jr94dm5WUiXQhrDUIELH4Mia+SbvCkigv2AUVx1Xw41wt1/L3pnnz2OW4y7r530zAz7qB+dIcHz51IaXc4UV21QuEnusQsn0uJpJxJuxsAmPuekKxuLUzgG+hqHOuBLf5kWTlk9WWnxcadlZRsCAwEAAaOCAUIwggE+MB0GA1UdDgQWBBR6e4zBz+egyhzUa/r74TPDDxqinTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMJMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9PbW5pcm9vdDIwMjUuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQAR/nIGOiEKN27I9SkiAmKeRQ7t+gaf77+eJDUX/jmIsrsB4Xjf0YuX/bd38YpyT0k66LMp13SH5LnzF2CHiJJVgr3ZfRNIfwaQOolm552W95XNYA/X4cr2du76mzVIoZh90pMqT4EWx6iWu9El86ZvUNoAmyqo9DUA4/0sO+3lFZt/Fg/Hjsk2IJTwHQG5ElBQmYHgKEIsjnj/7cae1eTK6aCqs0hPpF/kixj/EwItkBE2GGYoOiKa3pXxWe6fbSoXdZNQwwUS1d5ktLa829d2Wf6l1uVW4f5GXDuK+OwO++8SkJHOIBKBujxS43/jQPQMQSBmhxjaMmng9tyPKPK9"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"23.193.38.96","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":33868,"event_start":1565200318.475686} {"dns":{"base64":"95cBAAABAAAAAAAACGxpbmtlZGluA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":44500,"dst_port":53,"event_start":1565200318.887409} {"dns":{"base64":"2z4BAAABAAAAAAAACGxpbmtlZGluA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":34101,"dst_port":53,"event_start":1565200318.887566} @@ -70,7 +70,7 @@ {"dns":{"base64":"2z6BgAABAAEADQANCGxpbmtlZGluA2NvbQAAHAABwAwAHAABAAAABQAQJiABCcACAAAAAAAAbK4KCsAVAAIAAQAAAAUAFAFpDGd0bGQtc2VydmVycwNuZXQAwBUAAgABAAAABQAEAWPASMAVAAIAAQAAAAUABAFqwEjAFQACAAEAAAAFAAQBYcBIwBUAAgABAAAABQAEAWjASMAVAAIAAQAAAAUABAFtwEjAFQACAAEAAAAFAAQBZcBIwBUAAgABAAAABQAEAWbASMAVAAIAAQAAAAUABAFrwEjAFQACAAEAAAAFAAQBZ8BIwBUAAgABAAAABQAEAWLASMAVAAIAAQAAAAUABAFswEjAFQACAAEAAAAFAAQBZMBIwIYAAQABAAAABQAEwAUGHsD2AAEAAQAAAAUABMAhDh7AZgABAAEAAAAFAATAGlwewRYAAQABAAAABQAEwB9QHsC2AAEAAQAAAAUABMAMXh7AxgABAAEAAAAFAATAIzMewOYAAQABAAAABQAEwCpdHsCWAAEAAQAAAAUABMA2cB7ARgABAAEAAAAFAATAK6wewHYAAQABAAAABQAEwDBPHsDWAAEAAQAAAAUABMA0sh7BBgABAAEAAAAFAATAKaIewKYAAQABAAAABQAEwDdTHg=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":34101,"event_start":1565200318.924396} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"108.174.10.10","protocol":6,"src_port":38906,"dst_port":443,"event_start":1565200318.924781} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"linkedin.com"}},"src_ip":"192.168.113.237","dst_ip":"108.174.10.10","protocol":6,"src_port":38906,"dst_port":443,"event_start":1565200318.963027} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHTTCCBjWgAwIBAgIQAXBEMNrkYNTuijQQnLcKBDANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcNMjAwOTAxMDAwMDAwWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEdMBsGA1UEChMUTGlua2VkSW4gQ29ycG9yYXRpb24xGTAXBgNVBAMTEHd3dy5saW5rZWRpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EIO7ZCS57AL7mW79kZ0rR3rfWYksMQnt1NQGfbLI88qxIqg6DMp8TNteTfeWQKpy0JFm4zTNjaSmA0UxKLBPERe67/gGAT1xjINNUx/iOFcj1H7y/1gs7SVsJ6JFmCgPIXID8AeOtHYe8dzVpYPAEXIYi93H58menJa11h5gl3Pfh9nkp9J5B3YK9reXIulcu6Kp8YCLcVT+LIrQzO8S46mHsh9sjLOoDeM5nk7C2+kjgFPE00wYweECBFjnzDaFimJa7W6NiZdrTMbJiV0QSlYWCtBm/ex8oRnv69aHwqGU9aFDYXXYe8soq4UzBoxUeUKrILYdTX4csK+VHoMLAgMBAAGjggQAMIID/DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUlN2Cs4TYrUJ+AeD/6tPeT+VBk80wTAYDVR0RBEUwQ4IQd3d3LmxpbmtlZGluLmNvbYIPbWVkaWEubGljZG4uY29tghBzdGF0aWMubGljZG4uY29tggxsaW5rZWRpbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfQGCisGAQQB1nkCBAIEggHkBIIB4AHeAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFjskR9OAAABAMARzBFAiApWVtfQZ+QMpPq3tkEwLmmHnjQnwsQhJ464m1ibJbwyAIhAORfUeW72J63+NpMIXi+AGfoBQ9xeYNwbXfxKlTLmDgHAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFjskR+DQAABAMARjBEAiAK5UFiJQhsItiNIhbXgGWA7QeY0Bf22ZM2s1PYJppHkQIgTGViCUQ8gNEqBBl66H1M9t34DzpHObUkzVMqVVJejV4AdAC72d+8H4pxtZOU"}]}},"src_ip":"108.174.10.10","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":38906,"event_start":1565200319.004705} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHTTCCBjWgAwIBAgIQAXBEMNrkYNTuijQQnLcKBDANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcNMjAwOTAxMDAwMDAwWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEdMBsGA1UEChMUTGlua2VkSW4gQ29ycG9yYXRpb24xGTAXBgNVBAMTEHd3dy5saW5rZWRpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EIO7ZCS57AL7mW79kZ0rR3rfWYksMQnt1NQGfbLI88qxIqg6DMp8TNteTfeWQKpy0JFm4zTNjaSmA0UxKLBPERe67/gGAT1xjINNUx/iOFcj1H7y/1gs7SVsJ6JFmCgPIXID8AeOtHYe8dzVpYPAEXIYi93H58menJa11h5gl3Pfh9nkp9J5B3YK9reXIulcu6Kp8YCLcVT+LIrQzO8S46mHsh9sjLOoDeM5nk7C2+kjgFPE00wYweECBFjnzDaFimJa7W6NiZdrTMbJiV0QSlYWCtBm/ex8oRnv69aHwqGU9aFDYXXYe8soq4UzBoxUeUKrILYdTX4csK+VHoMLAgMBAAGjggQAMIID/DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUlN2Cs4TYrUJ+AeD/6tPeT+VBk80wTAYDVR0RBEUwQ4IQd3d3LmxpbmtlZGluLmNvbYIPbWVkaWEubGljZG4uY29tghBzdGF0aWMubGljZG4uY29tggxsaW5rZWRpbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfQGCisGAQQB1nkCBAIEggHkBIIB4AHeAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFjskR9OAAABAMARzBFAiApWVtfQZ+QMpPq3tkEwLmmHnjQnwsQhJ464m1ibJbwyAIhAORfUeW72J63+NpMIXi+AGfoBQ9xeYNwbXfxKlTLmDgHAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFjskR+DQAABAMARjBEAiAK5UFiJQhsItiNIhbXgGWA7QeY0Bf22ZM2s1PYJppHkQIgTGViCUQ8gNEqBBl66H1M9t34DzpHObUkzVMqVVJejV4AdAC72d+8H4pxtZOU"}]}},"reassembly_properties":{"truncated":true},"src_ip":"108.174.10.10","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":38906,"event_start":1565200319.004705} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHTTCCBjWgAwIBAgIQAXBEMNrkYNTuijQQnLcKBDANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcNMjAwOTAxMDAwMDAwWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEdMBsGA1UEChMUTGlua2VkSW4gQ29ycG9yYXRpb24xGTAXBgNVBAMTEHd3dy5saW5rZWRpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EIO7ZCS57AL7mW79kZ0rR3rfWYksMQnt1NQGfbLI88qxIqg6DMp8TNteTfeWQKpy0JFm4zTNjaSmA0UxKLBPERe67/gGAT1xjINNUx/iOFcj1H7y/1gs7SVsJ6JFmCgPIXID8AeOtHYe8dzVpYPAEXIYi93H58menJa11h5gl3Pfh9nkp9J5B3YK9reXIulcu6Kp8YCLcVT+LIrQzO8S46mHsh9sjLOoDeM5nk7C2+kjgFPE00wYweECBFjnzDaFimJa7W6NiZdrTMbJiV0QSlYWCtBm/ex8oRnv69aHwqGU9aFDYXXYe8soq4UzBoxUeUKrILYdTX4csK+VHoMLAgMBAAGjggQAMIID/DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUlN2Cs4TYrUJ+AeD/6tPeT+VBk80wTAYDVR0RBEUwQ4IQd3d3LmxpbmtlZGluLmNvbYIPbWVkaWEubGljZG4uY29tghBzdGF0aWMubGljZG4uY29tggxsaW5rZWRpbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfQGCisGAQQB1nkCBAIEggHkBIIB4AHeAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFjskR9OAAABAMARzBFAiApWVtfQZ+QMpPq3tkEwLmmHnjQnwsQhJ464m1ibJbwyAIhAORfUeW72J63+NpMIXi+AGfoBQ9xeYNwbXfxKlTLmDgHAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFjskR+DQAABAMARjBEAiAK5UFiJQhsItiNIhbXgGWA7QeY0Bf22ZM2s1PYJppHkQIgTGViCUQ8gNEqBBl66H1M9t34DzpHObUkzVMqVVJejV4AdAC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWOyRH4EAAAEAwBFMEMCHz9v4I8sB4+5kYsyF3ZhCj9qq32Cl08uxKCguUuGeAQCIF0bVhp2DAoQuY3ZGURzxUFYb3nH88AmTZLetYEDlm0nAHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFjskR/igAABAMASDBGAiEAoAXrwTz48+EEBF+8CnLw8FAT938F+kve/9m6XjuxFdECIQCU6M6OSiUCxlV3y06YoCPqaFpLDpTAujd8x5o2xIRs2TANBgkqhkiG9w0BAQsFAAOCAQEAERzOZXblnmBzczHgqL1Mcr9bt1tkYc9LwHF31Lf2Ky2UR09Dl9p/dWYPxJeVkuEYYhdFyeFBOCW2Xc/S4QtyBRxXFof/AvCoDImEShLI4YazoqBZGgfJsilc9bcVGuULdXuFUgc0HZYbOBD1zLms99NdPKiJQTAFF67cey0Uy9WPQStyxQ3am+wkQrlmtqb2pltH+ZXFGHP6CZ+4cirf85/KseKqffZ4eGxNYn9ZEwzNiCk9lTiZzp0eO7ovzH2FTHI8EZEbfid0EaULYN0YbGLHhdrZq8tPbXNl6ghkH2UFHp/EglHQS2mbwlv6WjourfH/qEzcgeANfrNMEgMicQ=="},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"108.174.10.10","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":38906,"event_start":1565200319.004903} {"dns":{"base64":"mG4BAAABAAAAAAAAA3d3dwhsaW5rZWRpbgNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":43639,"dst_port":53,"event_start":1565200319.095856} {"dns":{"base64":"M3IBAAABAAAAAAAAA3d3dwhsaW5rZWRpbgNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":53706,"dst_port":53,"event_start":1565200319.096015} @@ -78,7 +78,7 @@ {"dns":{"base64":"M3KBgAABAAMADQALA3d3dwhsaW5rZWRpbgNjb20AABwAAcAMAAUAAQAAAAUACgd3d3ctc3JjwBDALgAFAAEAAAAFAAsIcG9wLWVkYTbADMBEABwAAQAAAAUAECYgARlQ4wEBAAAAAGyuC0HAGQACAAEAAAAFABQBYgxndGxkLXNlcnZlcnMDbmV0AMAZAAIAAQAAAAUABAFnwHnAGQACAAEAAAAFAAQBZsB5wBkAAgABAAAABQAEAWHAecAZAAIAAQAAAAUABAFkwHnAGQACAAEAAAAFAAQBa8B5wBkAAgABAAAABQAEAWXAecAZAAIAAQAAAAUABAFjwHnAGQACAAEAAAAFAAQBbcB5wBkAAgABAAAABQAEAWrAecAZAAIAAQAAAAUABAFswHnAGQACAAEAAAAFAAQBacB5wBkAAgABAAAABQAEAWjAecC3AAEAAQAAAAUABMAFBh7AdwABAAEAAAAFAATAIQ4ewPcAAQABAAAABQAEwBpcHsDHAAEAAQAAAAUABMAfUB7A5wABAAEAAAAFAATADF4ewKcAAQABAAAABQAEwCMzHsCXAAEAAQAAAAUABMAqXR7BRwABAAEAAAAFAATANnAewTcAAQABAAAABQAEwCusHsEXAAEAAQAAAAUABMAwTx7A1wABAAEAAAAFAATANLIe"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":53706,"event_start":1565200319.096651} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"108.174.11.65","protocol":6,"src_port":47924,"dst_port":443,"event_start":1565200319.097269} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.linkedin.com"}},"src_ip":"192.168.113.237","dst_ip":"108.174.11.65","protocol":6,"src_port":47924,"dst_port":443,"event_start":1565200319.166463} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHTTCCBjWgAwIBAgIQAXBEMNrkYNTuijQQnLcKBDANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcNMjAwOTAxMDAwMDAwWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEdMBsGA1UEChMUTGlua2VkSW4gQ29ycG9yYXRpb24xGTAXBgNVBAMTEHd3dy5saW5rZWRpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EIO7ZCS57AL7mW79kZ0rR3rfWYksMQnt1NQGfbLI88qxIqg6DMp8TNteTfeWQKpy0JFm4zTNjaSmA0UxKLBPERe67/gGAT1xjINNUx/iOFcj1H7y/1gs7SVsJ6JFmCgPIXID8AeOtHYe8dzVpYPAEXIYi93H58menJa11h5gl3Pfh9nkp9J5B3YK9reXIulcu6Kp8YCLcVT+LIrQzO8S46mHsh9sjLOoDeM5nk7C2+kjgFPE00wYweECBFjnzDaFimJa7W6NiZdrTMbJiV0QSlYWCtBm/ex8oRnv69aHwqGU9aFDYXXYe8soq4UzBoxUeUKrILYdTX4csK+VHoMLAgMBAAGjggQAMIID/DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUlN2Cs4TYrUJ+AeD/6tPeT+VBk80wTAYDVR0RBEUwQ4IQd3d3LmxpbmtlZGluLmNvbYIPbWVkaWEubGljZG4uY29tghBzdGF0aWMubGljZG4uY29tggxsaW5rZWRpbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfQGCisGAQQB1nkCBAIEggHkBIIB4AHeAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFjskR9OAAABAMARzBFAiApWVtfQZ+QMpPq3tkEwLmmHnjQnwsQhJ464m1ibJbwyAIhAORfUeW72J63+NpMIXi+AGfoBQ9xeYNwbXfxKlTLmDgHAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFjskR+DQAABAMARjBEAiAK5UFiJQhsItiNIhbXgGWA7QeY0Bf22ZM2s1PYJppHkQIgTGViCUQ8gNEqBBl66H1M9t34DzpHObUkzVMqVVJejV4AdAC72d+8H4pxtZOU"}]}},"src_ip":"108.174.11.65","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47924,"event_start":1565200319.231324} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHTTCCBjWgAwIBAgIQAXBEMNrkYNTuijQQnLcKBDANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcNMjAwOTAxMDAwMDAwWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEdMBsGA1UEChMUTGlua2VkSW4gQ29ycG9yYXRpb24xGTAXBgNVBAMTEHd3dy5saW5rZWRpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EIO7ZCS57AL7mW79kZ0rR3rfWYksMQnt1NQGfbLI88qxIqg6DMp8TNteTfeWQKpy0JFm4zTNjaSmA0UxKLBPERe67/gGAT1xjINNUx/iOFcj1H7y/1gs7SVsJ6JFmCgPIXID8AeOtHYe8dzVpYPAEXIYi93H58menJa11h5gl3Pfh9nkp9J5B3YK9reXIulcu6Kp8YCLcVT+LIrQzO8S46mHsh9sjLOoDeM5nk7C2+kjgFPE00wYweECBFjnzDaFimJa7W6NiZdrTMbJiV0QSlYWCtBm/ex8oRnv69aHwqGU9aFDYXXYe8soq4UzBoxUeUKrILYdTX4csK+VHoMLAgMBAAGjggQAMIID/DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUlN2Cs4TYrUJ+AeD/6tPeT+VBk80wTAYDVR0RBEUwQ4IQd3d3LmxpbmtlZGluLmNvbYIPbWVkaWEubGljZG4uY29tghBzdGF0aWMubGljZG4uY29tggxsaW5rZWRpbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfQGCisGAQQB1nkCBAIEggHkBIIB4AHeAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFjskR9OAAABAMARzBFAiApWVtfQZ+QMpPq3tkEwLmmHnjQnwsQhJ464m1ibJbwyAIhAORfUeW72J63+NpMIXi+AGfoBQ9xeYNwbXfxKlTLmDgHAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFjskR+DQAABAMARjBEAiAK5UFiJQhsItiNIhbXgGWA7QeY0Bf22ZM2s1PYJppHkQIgTGViCUQ8gNEqBBl66H1M9t34DzpHObUkzVMqVVJejV4AdAC72d+8H4pxtZOU"}]}},"reassembly_properties":{"truncated":true},"src_ip":"108.174.11.65","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47924,"event_start":1565200319.231324} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHTTCCBjWgAwIBAgIQAXBEMNrkYNTuijQQnLcKBDANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNTMwMDAwMDAwWhcNMjAwOTAxMDAwMDAwWjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEdMBsGA1UEChMUTGlua2VkSW4gQ29ycG9yYXRpb24xGTAXBgNVBAMTEHd3dy5saW5rZWRpbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7EIO7ZCS57AL7mW79kZ0rR3rfWYksMQnt1NQGfbLI88qxIqg6DMp8TNteTfeWQKpy0JFm4zTNjaSmA0UxKLBPERe67/gGAT1xjINNUx/iOFcj1H7y/1gs7SVsJ6JFmCgPIXID8AeOtHYe8dzVpYPAEXIYi93H58menJa11h5gl3Pfh9nkp9J5B3YK9reXIulcu6Kp8YCLcVT+LIrQzO8S46mHsh9sjLOoDeM5nk7C2+kjgFPE00wYweECBFjnzDaFimJa7W6NiZdrTMbJiV0QSlYWCtBm/ex8oRnv69aHwqGU9aFDYXXYe8soq4UzBoxUeUKrILYdTX4csK+VHoMLAgMBAAGjggQAMIID/DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUlN2Cs4TYrUJ+AeD/6tPeT+VBk80wTAYDVR0RBEUwQ4IQd3d3LmxpbmtlZGluLmNvbYIPbWVkaWEubGljZG4uY29tghBzdGF0aWMubGljZG4uY29tggxsaW5rZWRpbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfQGCisGAQQB1nkCBAIEggHkBIIB4AHeAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFjskR9OAAABAMARzBFAiApWVtfQZ+QMpPq3tkEwLmmHnjQnwsQhJ464m1ibJbwyAIhAORfUeW72J63+NpMIXi+AGfoBQ9xeYNwbXfxKlTLmDgHAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFjskR+DQAABAMARjBEAiAK5UFiJQhsItiNIhbXgGWA7QeY0Bf22ZM2s1PYJppHkQIgTGViCUQ8gNEqBBl66H1M9t34DzpHObUkzVMqVVJejV4AdAC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWOyRH4EAAAEAwBFMEMCHz9v4I8sB4+5kYsyF3ZhCj9qq32Cl08uxKCguUuGeAQCIF0bVhp2DAoQuY3ZGURzxUFYb3nH88AmTZLetYEDlm0nAHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFjskR/igAABAMASDBGAiEAoAXrwTz48+EEBF+8CnLw8FAT938F+kve/9m6XjuxFdECIQCU6M6OSiUCxlV3y06YoCPqaFpLDpTAujd8x5o2xIRs2TANBgkqhkiG9w0BAQsFAAOCAQEAERzOZXblnmBzczHgqL1Mcr9bt1tkYc9LwHF31Lf2Ky2UR09Dl9p/dWYPxJeVkuEYYhdFyeFBOCW2Xc/S4QtyBRxXFof/AvCoDImEShLI4YazoqBZGgfJsilc9bcVGuULdXuFUgc0HZYbOBD1zLms99NdPKiJQTAFF67cey0Uy9WPQStyxQ3am+wkQrlmtqb2pltH+ZXFGHP6CZ+4cirf85/KseKqffZ4eGxNYn9ZEwzNiCk9lTiZzp0eO7ovzH2FTHI8EZEbfid0EaULYN0YbGLHhdrZq8tPbXNl6ghkH2UFHp/EglHQS2mbwlv6WjourfH/qEzcgeANfrNMEgMicQ=="},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"108.174.11.65","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47924,"event_start":1565200319.231660} {"dns":{"base64":"q7UBAAABAAAAAAAACWluc3RhZ3JhbQNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":42910,"dst_port":53,"event_start":1565200319.813362} {"dns":{"base64":"PW4BAAABAAAAAAAACWluc3RhZ3JhbQNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":50970,"dst_port":53,"event_start":1565200319.813552} @@ -100,7 +100,7 @@ {"dns":{"base64":"IBGBgAABAAEABgAMCXdpa2lwZWRpYQNvcmcAABwAAcAMABwAAQAAAAUAECYgAAAIYe0aAAAAAAAAAAHAFgACAAEAAAAFABkCYTADb3JnC2FmaWxpYXMtbnN0BGluZm8AwBYAAgABAAAABQAFAmEywErAFgACAAEAAAAFABUCZDADb3JnC2FmaWxpYXMtbnN0wBbAFgACAAEAAAAFAAUCYzDASsAWAAIAAQAAAAUABQJiMMCAwBYAAgABAAAABQAFAmIywIDARwABAAEAAAAFAATHEzgBwGwAAQABAAAABQAEx/lwAcCvAAEAAQAAAAUABMcTNgHAwAABAAEAAAAFAATH+XgBwJ4AAQABAAAABQAExxM1AcB9AAEAAQAAAAUABMcTOQHARwAcAAEAAAAFABAgAQUAAA4AAAAAAAAAAAABwGwAHAABAAAABQAQIAEFAABAAAAAAAAAAAAAAcCvABwAAQAAAAUAECABBQAADAAAAAAAAAAAAAHAwAAcAAEAAAAFABAgAQUAAEgAAAAAAAAAAAABwJ4AHAABAAAABQAQIAEFAAALAAAAAAAAAAAAAcB9ABwAAQAAAAUAECABBQAADwAAAAAAAAAAAAE="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":36230,"event_start":1565200320.525287} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"208.80.154.224","protocol":6,"src_port":51344,"dst_port":443,"event_start":1565200320.525880} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"wikipedia.org"}},"src_ip":"192.168.113.237","dst_ip":"208.80.154.224","protocol":6,"src_port":51344,"dst_port":443,"event_start":1565200320.565853} -{"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIq"}]}},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51344,"event_start":1565200320.613668} +{"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIq"}]}},"reassembly_properties":{"truncated":true},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51344,"event_start":1565200320.613668} {"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIqLm0ud2lraXZveWFnZS5vcmeCECoud2lrdGlvbmFyeS5vcmeCEioubS53aWt0aW9uYXJ5Lm9yZ4IZKi53aWtpbWVkaWFmb3VuZGF0aW9uLm9yZ4IUKi53bWZ1c2VyY29udGVudC5vcmeCDXdpa2lwZWRpYS5vcmcwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSt4NNfC33t2i98DfZjjYpZGMJsijAfBgNVHSMEGDAWgBSW3mHxvRwWKVMcwMx9O4MAQOYafDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZvUzN/YAAAQDAEcwRQIgBATdvSzbd5NwGdtkmJ5SEvEPn6A8hgAsk6GSP6hzWcgCIQDKfHQNtObs/hHPfLgXsVkcnHIbjlNwmWeiukGtGHZFMgB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZvUzN8cAAAQDAEcwRQIgYalEnXtd/fPhjq9SXPoSPRhaMmeDs0IMN5o5Y6QTKfUCIQClR1uj+B56K4tGh/mws4qugG1qSD9zfvmx8roKik3HHDANBgkqhkiG9w0BAQsFAAOCAQEAUEJyg/AZo+owG5J/LIk8EIDnyOcanmfgvdjMg8KnpBvh8l3Wb4HmOudluJhIeIbCUMwzEzSGqYQQ78n4wtjLaLwaDgL4WzHOVec2k+rbfmPT6MUCtdlz1PK5/WY9JQyQq6vy+tm3a6Wijy6M8U/TdrJubK5X03SFfRb0pDuFdr2fnkctLRnyCb1w0XHwGXjEcGm1LY42YKwdvbj3WIqumeSEuG4MZtquW6NURKELSil03G/hRHRAHHGx3zXes/jJcpH2GPX9eY9B+R1oHmCE2QF5Y/Bh+uNA2+2Iuj/6UJAOw/Z/8+qZcnLWWnK2Dwzc34C/AUD+Wb71oUcr60+pPg=="},{"base64":"MIIEYjCCA0qgAwIBAgILBAAAAAABMYnGRMkwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwODAyMTAwMDAwWhcNMjIwODAyMTAwMDAwWjBmMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTE8MDoGA1UEAxMzR2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw5sPyOTf8xwpZ0gww5TP37ATsKYScpH1SPvAzSFdMijAi5GXAt9yYidT4vw+JxsjFU127/ys+r741bnSkbZEyLKNtWbwajjlkOT8gy85vnm6JnIY0h4f1c2aRoZHVrR1H3CnNR/4YASrnrqiOpX2MoKCjoSSaJiGXoNJPc367RzknsFI5sStc7rKd+kFAK5AaXUppxDZIje+H7+4/Ue5f7co6jkZjHZTCXpGLmJWQmu6Z0cbTcPSh41ICjir9QhiwHERa1uK2OrkmthCk0g7XO6fM7+FrXbn4Dw1ots2Qh5Sk94ZdqSvL41+bPE+SeATv+WUuYCIOEHc+ldK72y8QIDAQABo4IBKTCCASUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJbeYfG9HBYpUxzAzH07gwBA5hp8MEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L3Jvb3QtcjMuY3JsMD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAugYpwLQZjCERwJQRnrs91NVDQPafuyULI2i1Gvf6VGTMKxP5IfBEreHoFVjb7v3bok3MGI8Nmm3DawGhMfCNvABAzDlfh2FRbfSV6uoVNT5AhcBi1aE0/niqqLJaOfM3Qfuc6D5xSlvr+GlYoeDGk3fpumeS62VYkHBzQn2v9CMmeReq+qS7meVEb2WB58rrVcj0ticRIXSUvGu3dGIpxM2uR/LmQlt4hgVhy5CqeYnfBH6xJnBLjUAfhHvA+wfmyLdOkfQ1A+3o60EQF0m0YsinLPLhTI8DLPMWN11n8aQ5eUmjwF3MVfkhgA/7zuIpalhQ6abX6xwyNrVip8H65g=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51344,"event_start":1565200320.614434} {"dns":{"base64":"xBoBAAABAAAAAAAAA3d3dwl3aWtpcGVkaWEDb3JnAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":42538,"dst_port":53,"event_start":1565200320.713805} {"dns":{"base64":"jPoBAAABAAAAAAAAA3d3dwl3aWtpcGVkaWEDb3JnAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":44457,"dst_port":53,"event_start":1565200320.713972} @@ -108,7 +108,7 @@ {"dns":{"base64":"jPqBgAABAAIABgAMA3d3dwl3aWtpcGVkaWEDb3JnAAAcAAHADAAFAAEAAAAFABEEZHluYQl3aWtpbWVkaWHAGsAvABwAAQAAAAUAECYgAAAIYe0aAAAAAAAAAAHAGgACAAEAAAAFABkCYzADb3JnC2FmaWxpYXMtbnN0BGluZm8AwBoAAgABAAAABQAVAmIyA29yZwthZmlsaWFzLW5zdMAawBoAAgABAAAABQAFAmIwwJDAGgACAAEAAAAFAAUCYTLAa8AaAAIAAQAAAAUABQJkMMCQwBoAAgABAAAABQAFAmEwwGvA4QABAAEAAAAFAATHEzgBwL8AAQABAAAABQAEx/lwAcCuAAEAAQAAAAUABMcTNgHAjQABAAEAAAAFAATH+XgBwGgAAQABAAAABQAExxM1AcDQAAEAAQAAAAUABMcTOQHA4QAcAAEAAAAFABAgAQUAAA4AAAAAAAAAAAABwL8AHAABAAAABQAQIAEFAABAAAAAAAAAAAAAAcCuABwAAQAAAAUAECABBQAADAAAAAAAAAAAAAHAjQAcAAEAAAAFABAgAQUAAEgAAAAAAAAAAAABwGgAHAABAAAABQAQIAEFAAALAAAAAAAAAAAAAcDQABwAAQAAAAUAECABBQAADwAAAAAAAAAAAAE="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":44457,"event_start":1565200320.756902} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"208.80.154.224","protocol":6,"src_port":51346,"dst_port":443,"event_start":1565200320.757754} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.wikipedia.org"}},"src_ip":"192.168.113.237","dst_ip":"208.80.154.224","protocol":6,"src_port":51346,"dst_port":443,"event_start":1565200320.804450} -{"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIq"}]}},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51346,"event_start":1565200320.851523} +{"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIq"}]}},"reassembly_properties":{"truncated":true},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51346,"event_start":1565200320.851523} {"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIqLm0ud2lraXZveWFnZS5vcmeCECoud2lrdGlvbmFyeS5vcmeCEioubS53aWt0aW9uYXJ5Lm9yZ4IZKi53aWtpbWVkaWFmb3VuZGF0aW9uLm9yZ4IUKi53bWZ1c2VyY29udGVudC5vcmeCDXdpa2lwZWRpYS5vcmcwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSt4NNfC33t2i98DfZjjYpZGMJsijAfBgNVHSMEGDAWgBSW3mHxvRwWKVMcwMx9O4MAQOYafDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZvUzN/YAAAQDAEcwRQIgBATdvSzbd5NwGdtkmJ5SEvEPn6A8hgAsk6GSP6hzWcgCIQDKfHQNtObs/hHPfLgXsVkcnHIbjlNwmWeiukGtGHZFMgB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZvUzN8cAAAQDAEcwRQIgYalEnXtd/fPhjq9SXPoSPRhaMmeDs0IMN5o5Y6QTKfUCIQClR1uj+B56K4tGh/mws4qugG1qSD9zfvmx8roKik3HHDANBgkqhkiG9w0BAQsFAAOCAQEAUEJyg/AZo+owG5J/LIk8EIDnyOcanmfgvdjMg8KnpBvh8l3Wb4HmOudluJhIeIbCUMwzEzSGqYQQ78n4wtjLaLwaDgL4WzHOVec2k+rbfmPT6MUCtdlz1PK5/WY9JQyQq6vy+tm3a6Wijy6M8U/TdrJubK5X03SFfRb0pDuFdr2fnkctLRnyCb1w0XHwGXjEcGm1LY42YKwdvbj3WIqumeSEuG4MZtquW6NURKELSil03G/hRHRAHHGx3zXes/jJcpH2GPX9eY9B+R1oHmCE2QF5Y/Bh+uNA2+2Iuj/6UJAOw/Z/8+qZcnLWWnK2Dwzc34C/AUD+Wb71oUcr60+pPg=="},{"base64":"MIIEYjCCA0qgAwIBAgILBAAAAAABMYnGRMkwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwODAyMTAwMDAwWhcNMjIwODAyMTAwMDAwWjBmMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTE8MDoGA1UEAxMzR2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw5sPyOTf8xwpZ0gww5TP37ATsKYScpH1SPvAzSFdMijAi5GXAt9yYidT4vw+JxsjFU127/ys+r741bnSkbZEyLKNtWbwajjlkOT8gy85vnm6JnIY0h4f1c2aRoZHVrR1H3CnNR/4YASrnrqiOpX2MoKCjoSSaJiGXoNJPc367RzknsFI5sStc7rKd+kFAK5AaXUppxDZIje+H7+4/Ue5f7co6jkZjHZTCXpGLmJWQmu6Z0cbTcPSh41ICjir9QhiwHERa1uK2OrkmthCk0g7XO6fM7+FrXbn4Dw1ots2Qh5Sk94ZdqSvL41+bPE+SeATv+WUuYCIOEHc+ldK72y8QIDAQABo4IBKTCCASUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJbeYfG9HBYpUxzAzH07gwBA5hp8MEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L3Jvb3QtcjMuY3JsMD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAugYpwLQZjCERwJQRnrs91NVDQPafuyULI2i1Gvf6VGTMKxP5IfBEreHoFVjb7v3bok3MGI8Nmm3DawGhMfCNvABAzDlfh2FRbfSV6uoVNT5AhcBi1aE0/niqqLJaOfM3Qfuc6D5xSlvr+GlYoeDGk3fpumeS62VYkHBzQn2v9CMmeReq+qS7meVEb2WB58rrVcj0ticRIXSUvGu3dGIpxM2uR/LmQlt4hgVhy5CqeYnfBH6xJnBLjUAfhHvA+wfmyLdOkfQ1A+3o60EQF0m0YsinLPLhTI8DLPMWN11n8aQ5eUmjwF3MVfkhgA/7zuIpalhQ6abX6xwyNrVip8H65g=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51346,"event_start":1565200320.851714} {"dns":{"base64":"FOMBAAABAAAAAAAABWFwcGxlA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":49777,"dst_port":53,"event_start":1565200321.058045} {"dns":{"base64":"BvoBAAABAAAAAAAABWFwcGxlA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":53304,"dst_port":53,"event_start":1565200321.058223} @@ -116,7 +116,7 @@ {"dns":{"base64":"BvqBgAABAAAAAQAABWFwcGxlA2NvbQAAHAABwAwABgABAAAABQApBWFkbnMxwAwKaG9zdG1hc3RlcsAMd8/meAAAA4QAAAOEAB7DAAABUeQ="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":53304,"event_start":1565200321.094206} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"17.178.96.59","protocol":6,"src_port":47956,"dst_port":443,"event_start":1565200321.094698} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"apple.com"}},"src_ip":"192.168.113.237","dst_ip":"17.178.96.59","protocol":6,"src_port":47956,"dst_port":443,"event_start":1565200321.185602} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIH8zCCBtugAwIBAgIQCntZYuAq75f9bqCozf4GOzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDcyMDAwMDAwMFoXDTIwMDcyMDEyMDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRowGAYDVQQLExFJbnRlcm5ldCBTZXJ2aWNlczEWMBQGA1UEAxMNd3d3LmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJVaWbq7ReuQNs4LNpYlxNwolxVkFREluDtvvHdC0dEGXxyl1Htd77fa3WdGsXrckZm/WA6OrGFDi0oxqGsmzqt8UhoL/8u0cMtLo22L3SakDlZNVdsZzHfuWwRkYRWiazWn8y90SECimUDM71NfqdrZAmYtWTah/EIeH0c4W3bv1ZD9qbXlGog3rlqTY2oi2faxAZuTJY2snOgnX50LvNUiHo5IzUuweD/dhPun02Y6hUd0FIJQ4ekA+CtBsf7Ji2Sc42nXeGtiW+0WYsmLzTxSnPdUcp+ad8S9ndCeWokM6dl3Iv177dJIn4aQ71x1TgagkjBYZ1GWjFo2hcbKJ0CAwEAAaOCBA4wggQKMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBT2nT+05RGAUUXkbIsK8871kncHUjCCATYGA1UdEQSCAS0wggEpghRleHRlbnNpb25zLmFwcGxlLmNvbYISZmVlZGJhY2suYXBwbGUuY29tghFnZW5zZXJ2LmFwcGxlLmNvbYIOaGVscC5hcHBsZS5jb22CEWhlbHBvc3guYXBwbGUuY29tghBoZWxwcXQuYXBwbGUuY29tghBpbWFnZXMuYXBwbGUuY29tghdpdHVuZXNwYXJ0bmVyLmFwcGxlLmNvbYIRcHJvaGVscC5hcHBsZS5jb22CEHJlYmF0ZS5hcHBsZS5jb22CG3NhZmFyaS1leHRlbnNpb25zLmFwcGxlLmNvbYIadHJhY2tpbmdzaGlwbWVudC5hcHBsZS5jb22CEnRyYWlsZXJzLmFwcGxlLmNvbYIJYXBwbGUuY29tgg13d3cuYXBwbGUuY29tMA4GA1UdDwE="}]}},"src_ip":"17.178.96.59","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47956,"event_start":1565200321.282621} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIH8zCCBtugAwIBAgIQCntZYuAq75f9bqCozf4GOzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDcyMDAwMDAwMFoXDTIwMDcyMDEyMDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRowGAYDVQQLExFJbnRlcm5ldCBTZXJ2aWNlczEWMBQGA1UEAxMNd3d3LmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJVaWbq7ReuQNs4LNpYlxNwolxVkFREluDtvvHdC0dEGXxyl1Htd77fa3WdGsXrckZm/WA6OrGFDi0oxqGsmzqt8UhoL/8u0cMtLo22L3SakDlZNVdsZzHfuWwRkYRWiazWn8y90SECimUDM71NfqdrZAmYtWTah/EIeH0c4W3bv1ZD9qbXlGog3rlqTY2oi2faxAZuTJY2snOgnX50LvNUiHo5IzUuweD/dhPun02Y6hUd0FIJQ4ekA+CtBsf7Ji2Sc42nXeGtiW+0WYsmLzTxSnPdUcp+ad8S9ndCeWokM6dl3Iv177dJIn4aQ71x1TgagkjBYZ1GWjFo2hcbKJ0CAwEAAaOCBA4wggQKMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBT2nT+05RGAUUXkbIsK8871kncHUjCCATYGA1UdEQSCAS0wggEpghRleHRlbnNpb25zLmFwcGxlLmNvbYISZmVlZGJhY2suYXBwbGUuY29tghFnZW5zZXJ2LmFwcGxlLmNvbYIOaGVscC5hcHBsZS5jb22CEWhlbHBvc3guYXBwbGUuY29tghBoZWxwcXQuYXBwbGUuY29tghBpbWFnZXMuYXBwbGUuY29tghdpdHVuZXNwYXJ0bmVyLmFwcGxlLmNvbYIRcHJvaGVscC5hcHBsZS5jb22CEHJlYmF0ZS5hcHBsZS5jb22CG3NhZmFyaS1leHRlbnNpb25zLmFwcGxlLmNvbYIadHJhY2tpbmdzaGlwbWVudC5hcHBsZS5jb22CEnRyYWlsZXJzLmFwcGxlLmNvbYIJYXBwbGUuY29tgg13d3cuYXBwbGUuY29tMA4GA1UdDwE="}]}},"reassembly_properties":{"truncated":true},"src_ip":"17.178.96.59","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47956,"event_start":1565200321.282621} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIH8zCCBtugAwIBAgIQCntZYuAq75f9bqCozf4GOzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDcyMDAwMDAwMFoXDTIwMDcyMDEyMDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRowGAYDVQQLExFJbnRlcm5ldCBTZXJ2aWNlczEWMBQGA1UEAxMNd3d3LmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJVaWbq7ReuQNs4LNpYlxNwolxVkFREluDtvvHdC0dEGXxyl1Htd77fa3WdGsXrckZm/WA6OrGFDi0oxqGsmzqt8UhoL/8u0cMtLo22L3SakDlZNVdsZzHfuWwRkYRWiazWn8y90SECimUDM71NfqdrZAmYtWTah/EIeH0c4W3bv1ZD9qbXlGog3rlqTY2oi2faxAZuTJY2snOgnX50LvNUiHo5IzUuweD/dhPun02Y6hUd0FIJQ4ekA+CtBsf7Ji2Sc42nXeGtiW+0WYsmLzTxSnPdUcp+ad8S9ndCeWokM6dl3Iv177dJIn4aQ71x1TgagkjBYZ1GWjFo2hcbKJ0CAwEAAaOCBA4wggQKMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBT2nT+05RGAUUXkbIsK8871kncHUjCCATYGA1UdEQSCAS0wggEpghRleHRlbnNpb25zLmFwcGxlLmNvbYISZmVlZGJhY2suYXBwbGUuY29tghFnZW5zZXJ2LmFwcGxlLmNvbYIOaGVscC5hcHBsZS5jb22CEWhlbHBvc3guYXBwbGUuY29tghBoZWxwcXQuYXBwbGUuY29tghBpbWFnZXMuYXBwbGUuY29tghdpdHVuZXNwYXJ0bmVyLmFwcGxlLmNvbYIRcHJvaGVscC5hcHBsZS5jb22CEHJlYmF0ZS5hcHBsZS5jb22CG3NhZmFyaS1leHRlbnNpb25zLmFwcGxlLmNvbYIadHJhY2tpbmdzaGlwbWVudC5hcHBsZS5jb22CEnRyYWlsZXJzLmFwcGxlLmNvbYIJYXBwbGUuY29tgg13d3cuYXBwbGUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFsDybfogAABAMARzBFAiANYeCK4RsTjJyWm00Myizu96qqHAW1JHwjyO7TihtGiQIhAIzHukiG871pfYoOc2B2JqRwcH+BkLZVkCkIfTcrDl9LAHUAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFsDybf4AAABAMARjBEAiA+YJNS/bLKIyT+cpt9NtxKSQSW4/ctVA7wcTBjv2jlLQIgLKt5ld2x1FFDSjldkX+u/mfaIzk8apZ9F/lJeTTf3KIwDQYJKoZIhvcNAQELBQADggEBAGcYjzS/MA7CsV+3FgW5qoz7hNp3M1H1kha1PipJY32edcbWR6DhraZwpb1xfcB8NCIi6IZ/66rhMQvljs4eK5dGMDD25qMeWnFxeby6eqvGig7deN2vZkUoqMElv+WTDwZMy+W+QxZWgRzi5u0x/oM3iIAdSjZ2Oihb7QLMj4li+cIEXv70G8DftG5W7za1+lgySo9kK72mKwbmAr5OEDirSatO9MINGFFqVlIzP1z87wqenvj/13NYjHILzAzhkMlhA2EynbpnoJHlrjLlCOe+HMz1PGzvTa7sA4eBJ0vhcolQ8Tg0K01oglkzQpg3PENgk2pJWaToKO2SB1C7Dgo="},{"base64":"MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUYuD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQhcJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbhhgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn8TUoE6smftX3eg=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"17.178.96.59","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47956,"event_start":1565200321.283427} {"dns":{"base64":"xd4BAAABAAAAAAAAA3d3dwVhcHBsZQNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":37364,"dst_port":53,"event_start":1565200321.512636} {"dns":{"base64":"J3EBAAABAAAAAAAAA3d3dwVhcHBsZQNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":56935,"dst_port":53,"event_start":1565200321.512806} @@ -124,7 +124,7 @@ {"dns":{"base64":"xd6BgAABAAQADQAGA3d3dwVhcHBsZQNjb20AAAEAAcAMAAUAAQAAAAUAGwN3d3cFYXBwbGUDY29tB2VkZ2VrZXkDbmV0AMArAAUAAQAAAAUALwN3d3cFYXBwbGUDY29tB2VkZ2VrZXkDbmV0C2dsb2JhbHJlZGlyBmFrYWRuc8BBwFIABQABAAAABQAZBWU2ODU4BWRzY2U5CmFrYW1haWVkZ2XAQcCNAAEAAQAAAAUABLgzga7AQQACAAEAAAAFABEBZgxndGxkLXNlcnZlcnPAQcBBAAIAAQAAAAUABAFtwMTAQQACAAEAAAAFAAQBZcDEwEEAAgABAAAABQAEAWLAxMBBAAIAAQAAAAUABAFhwMTAQQACAAEAAAAFAAQBbMDEwEEAAgABAAAABQAEAWjAxMBBAAIAAQAAAAUABAFpwMTAQQACAAEAAAAFAAQBa8DEwEEAAgABAAAABQAEAWTAxMBBAAIAAQAAAAUABAFqwMTAQQACAAEAAAAFAAQBZ8DEwEEAAgABAAAABQAEAWPAxMEPAAEAAQAAAAUABMAFBh7A/wABAAEAAAAFAATAIQ4ewY8AAQABAAAABQAEwBpcHsFfAAEAAQAAAAUABMAfUB7A7wABAAEAAAAFAATADF4ewMIAAQABAAAABQAEwCMzHg=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":37364,"event_start":1565200321.548812} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"184.51.129.174","protocol":6,"src_port":50196,"dst_port":443,"event_start":1565200321.549929} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.apple.com"}},"src_ip":"192.168.113.237","dst_ip":"184.51.129.174","protocol":6,"src_port":50196,"dst_port":443,"event_start":1565200321.585675} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG8TCCBdmgAwIBAgIQD45OTJz1XqX+Lpsrfv/ejzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMwNzAwMDAwMFoXDTIwMDMwNzEyMDAwMFowge4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMSUwIwYDVQQLExxJbnRlcm5ldCBTZXJ2aWNlcyBmb3IgQWthbWFpMRYwFAYDVQQDEw13d3cuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V5dxoW+5Sp4eh93H0IX6sHjda7JOHrgz5/rukdCz2N1JtNMjmwvx7wcuzfJpaDTj+o9AsjoBqGnK0x7kVW8UavnyLiopkk+lEXxAJAmubWvtaAiQSwQUovZ8JHlQHZg/cKx/tBVw08YfSAADItBLC3BCsDhLt74R4SyNk4DX3eQ9vVg2KolEOs3OAN/S0Y2di5m/hjkmzHs1SrbYJDXoNWreZwB9qyHiHNDCOBI8AmsQUBg5JynzL0vx10yMi5C12kvRjDTbhe6HKa6vLViU4nHSu+5+A8lL7R6XAX75P0TRxv/YG9A8g8tUzg/IYdNCLEb09qr1Z6UaUOjol7x6QIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFNj1/23cljBcrYB1/87F950Wc8sWMCoGA1UdEQQjMCGCEGltYWdlcy5hcHBsZS5jb22CDXd3dy5hcHBsZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHQ="}]}},"src_ip":"184.51.129.174","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50196,"event_start":1565200321.628019} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG8TCCBdmgAwIBAgIQD45OTJz1XqX+Lpsrfv/ejzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMwNzAwMDAwMFoXDTIwMDMwNzEyMDAwMFowge4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMSUwIwYDVQQLExxJbnRlcm5ldCBTZXJ2aWNlcyBmb3IgQWthbWFpMRYwFAYDVQQDEw13d3cuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V5dxoW+5Sp4eh93H0IX6sHjda7JOHrgz5/rukdCz2N1JtNMjmwvx7wcuzfJpaDTj+o9AsjoBqGnK0x7kVW8UavnyLiopkk+lEXxAJAmubWvtaAiQSwQUovZ8JHlQHZg/cKx/tBVw08YfSAADItBLC3BCsDhLt74R4SyNk4DX3eQ9vVg2KolEOs3OAN/S0Y2di5m/hjkmzHs1SrbYJDXoNWreZwB9qyHiHNDCOBI8AmsQUBg5JynzL0vx10yMi5C12kvRjDTbhe6HKa6vLViU4nHSu+5+A8lL7R6XAX75P0TRxv/YG9A8g8tUzg/IYdNCLEb09qr1Z6UaUOjol7x6QIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFNj1/23cljBcrYB1/87F950Wc8sWMCoGA1UdEQQjMCGCEGltYWdlcy5hcHBsZS5jb22CDXd3dy5hcHBsZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHQ="}]}},"reassembly_properties":{"truncated":true},"src_ip":"184.51.129.174","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50196,"event_start":1565200321.628019} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG8TCCBdmgAwIBAgIQD45OTJz1XqX+Lpsrfv/ejzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMwNzAwMDAwMFoXDTIwMDMwNzEyMDAwMFowge4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMSUwIwYDVQQLExxJbnRlcm5ldCBTZXJ2aWNlcyBmb3IgQWthbWFpMRYwFAYDVQQDEw13d3cuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V5dxoW+5Sp4eh93H0IX6sHjda7JOHrgz5/rukdCz2N1JtNMjmwvx7wcuzfJpaDTj+o9AsjoBqGnK0x7kVW8UavnyLiopkk+lEXxAJAmubWvtaAiQSwQUovZ8JHlQHZg/cKx/tBVw08YfSAADItBLC3BCsDhLt74R4SyNk4DX3eQ9vVg2KolEOs3OAN/S0Y2di5m/hjkmzHs1SrbYJDXoNWreZwB9qyHiHNDCOBI8AmsQUBg5JynzL0vx10yMi5C12kvRjDTbhe6HKa6vLViU4nHSu+5+A8lL7R6XAX75P0TRxv/YG9A8g8tUzg/IYdNCLEb09qr1Z6UaUOjol7x6QIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFNj1/23cljBcrYB1/87F950Wc8sWMCoGA1UdEQQjMCGCEGltYWdlcy5hcHBsZS5jb22CDXd3dy5hcHBsZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWlYQtEGAAAEAwBHMEUCIGiBDFSIRXrGhLhlm/2cNID2OJHvz1j5/fNQb62OoK3oAiEAzjKdWz2ii7YESO4BJmzTUKHqfyUMACpCbUINE8CphbwAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWlYQtFEAAAEAwBHMEUCIEvUZFLTUvA+2NQ9xUBy7cMEjDwWRl04ArqiHlKq4dq2AiEAo14va8y5NNmkAHDhOpm0DSVt01l3wpiMaqCup+EGczIwDQYJKoZIhvcNAQELBQADggEBAD/ZoRmzfFalieWiMzPj/Lsp29dpdjEvaZeQoQwRC1rLq0FmspvfcdbckpG2F4vTnIM83HynKV26OJebDQfgRsonX0GgwIQeRwDch3n9rz40wm2xRwxSFIGssmy0MLJBYXcHlgVbJjailMJww83BFawzDWBo+hmVPigU3hkV8ktDqwC/VOOvWikPMsvMvn8HMPbZSeYnH8A7nD0u0WzFtg6NF9xIXB/Bfku6jEPKr5l2iJukaGD6wtOH7zkWjEk2LAn5Byoue2E+dnbvdJalrv9rTPd/lkG+nAlBuooc/cJK4QqofnuomKgBXavv2zaz5pNdJwwmwzOTdK95geXURk4="},{"base64":"MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUYuD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQhcJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbhhgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn8TUoE6smftX3eg=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"184.51.129.174","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50196,"event_start":1565200321.628488} {"dns":{"base64":"gpYBAAABAAAAAAAABHBsdXMGZ29vZ2xlA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":49368,"dst_port":53,"event_start":1565200321.807857} {"dns":{"base64":"/zMBAAABAAAAAAAABHBsdXMGZ29vZ2xlA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":50088,"dst_port":53,"event_start":1565200321.808041} @@ -146,7 +146,7 @@ {"dns":{"base64":"mjuBgAABAAIADQANBWFkb2JlA2NvbQAAAQABwAwAAQABAAAABQAEwWjXOsAMAAEAAQAAAAUABMCTgszAEgACAAEAAAAFABQBZgxndGxkLXNlcnZlcnMDbmV0AMASAAIAAQAAAAUABAFowEnAEgACAAEAAAAFAAQBbcBJwBIAAgABAAAABQAEAWLAScASAAIAAQAAAAUABAFlwEnAEgACAAEAAAAFAAQBasBJwBIAAgABAAAABQAEAWvAScASAAIAAQAAAAUABAFkwEnAEgACAAEAAAAFAAQBacBJwBIAAgABAAAABQAEAWHAScASAAIAAQAAAAUABAFjwEnAEgACAAEAAAAFAAQBbMBJwBIAAgABAAAABQAEAWfAScDnAAEAAQAAAAUABMAFBh7AhwABAAEAAAAFAATAIQ4ewPcAAQABAAAABQAEwBpcHsDHAAEAAQAAAAUABMAfUB7AlwABAAEAAAAFAATADF4ewEcAAQABAAAABQAEwCMzHsEXAAEAAQAAAAUABMAqXR7AZwABAAEAAAAFAATANnAewNcAAQABAAAABQAEwCusHsCnAAEAAQAAAAUABMAwTx7AtwABAAEAAAAFAATANLIewQcAAQABAAAABQAEwCmiHsB3AAEAAQAAAAUABMA3Ux4="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":33679,"event_start":1565200322.541182} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"193.104.215.58","protocol":6,"src_port":60736,"dst_port":443,"event_start":1565200322.541707} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"adobe.com"}},"src_ip":"192.168.113.237","dst_ip":"193.104.215.58","protocol":6,"src_port":60736,"dst_port":443,"event_start":1565200322.674115} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000a000400020017)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIGLzCCBRegAwIBAgIQBLgdEPzovoRDZiFcyFagRzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjAxMDAwMDAwWhcNMTkxMjA2MTIwMDAwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEhMB8GA1UECxMYSVQgTG9hZCBCYWxhbmNlciBTZXJ2aWNlMRswGQYDVQQDExJyZWRpcmVjdC5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ+AXhfq3SFNOkC/hISYptY/6WjBD8HyijBSxrMRcAk+k7CeE3LYMDzKZR8/Zir91LSgrDNI5XscKxdGHRC7kYHZpSLwGjkficBCOj+7RKhyzYErI6Q+M2NjeYz2+enCzFo2CLhymNDBHpzL1jTAokdOV1CB4oeo0WJoLNLXXG/H7QdNCpEgt1RwWO/xO6/ZAVyHe8UOHJ0xS09NXGVV/8prkTPtZZOyjEPdMxInYGWjuSCLcaRUE+1wfjSErUwiUOMWR2M1DjuunAy+tD0pXnWcR186H4iWQJ66bc0ihsm6zIo2v9b6cm0vvT+zV7zCNwMzrHrq8mYuA5lAQS0fLbAgMBAAGjggK7MIICtzAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUVNfxXsNkIlFAdWmRw+BrlbXXo5owgf4GA1UdEQSB9jCB84IScmVkaXJlY3QuYWRvYmUuY29tghl0cmlnZ2VyY2FtcGFpZ24uYWRvYmUuY29tghJjYW1wYWlnbi5hZG9iZS5jb22CFnd3dy5lY2hvc2lnbi5hZG9iZS5jb22CEmVjaG9zaWduLmFkb2JlLmNvbYIVY29tbXVuaXRpZXMuYWRvYmUuY29tgg5lcmVnLmFkb2JlLmNvbYIWd3d3LmNyZWF0aXZlLmFkb2JlLmNvbYIJYWRvYmUuY29tghJ3aWtpZG9jcy5hZG9iZS5jb22CE3RyYW5zbGF0ZS5hZG9iZS5jb22CD3RydXN0LmFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQB9/prkxMFbQ9c1ZU8AWA=="}]}},"src_ip":"193.104.215.58","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":60736,"event_start":1565200322.813528} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000a000400020017)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIGLzCCBRegAwIBAgIQBLgdEPzovoRDZiFcyFagRzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjAxMDAwMDAwWhcNMTkxMjA2MTIwMDAwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEhMB8GA1UECxMYSVQgTG9hZCBCYWxhbmNlciBTZXJ2aWNlMRswGQYDVQQDExJyZWRpcmVjdC5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ+AXhfq3SFNOkC/hISYptY/6WjBD8HyijBSxrMRcAk+k7CeE3LYMDzKZR8/Zir91LSgrDNI5XscKxdGHRC7kYHZpSLwGjkficBCOj+7RKhyzYErI6Q+M2NjeYz2+enCzFo2CLhymNDBHpzL1jTAokdOV1CB4oeo0WJoLNLXXG/H7QdNCpEgt1RwWO/xO6/ZAVyHe8UOHJ0xS09NXGVV/8prkTPtZZOyjEPdMxInYGWjuSCLcaRUE+1wfjSErUwiUOMWR2M1DjuunAy+tD0pXnWcR186H4iWQJ66bc0ihsm6zIo2v9b6cm0vvT+zV7zCNwMzrHrq8mYuA5lAQS0fLbAgMBAAGjggK7MIICtzAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUVNfxXsNkIlFAdWmRw+BrlbXXo5owgf4GA1UdEQSB9jCB84IScmVkaXJlY3QuYWRvYmUuY29tghl0cmlnZ2VyY2FtcGFpZ24uYWRvYmUuY29tghJjYW1wYWlnbi5hZG9iZS5jb22CFnd3dy5lY2hvc2lnbi5hZG9iZS5jb22CEmVjaG9zaWduLmFkb2JlLmNvbYIVY29tbXVuaXRpZXMuYWRvYmUuY29tgg5lcmVnLmFkb2JlLmNvbYIWd3d3LmNyZWF0aXZlLmFkb2JlLmNvbYIJYWRvYmUuY29tghJ3aWtpZG9jcy5hZG9iZS5jb22CE3RyYW5zbGF0ZS5hZG9iZS5jb22CD3RydXN0LmFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQB9/prkxMFbQ9c1ZU8AWA=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"193.104.215.58","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":60736,"event_start":1565200322.813528} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000a000400020017)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIGLzCCBRegAwIBAgIQBLgdEPzovoRDZiFcyFagRzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcxMjAxMDAwMDAwWhcNMTkxMjA2MTIwMDAwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEhMB8GA1UECxMYSVQgTG9hZCBCYWxhbmNlciBTZXJ2aWNlMRswGQYDVQQDExJyZWRpcmVjdC5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ+AXhfq3SFNOkC/hISYptY/6WjBD8HyijBSxrMRcAk+k7CeE3LYMDzKZR8/Zir91LSgrDNI5XscKxdGHRC7kYHZpSLwGjkficBCOj+7RKhyzYErI6Q+M2NjeYz2+enCzFo2CLhymNDBHpzL1jTAokdOV1CB4oeo0WJoLNLXXG/H7QdNCpEgt1RwWO/xO6/ZAVyHe8UOHJ0xS09NXGVV/8prkTPtZZOyjEPdMxInYGWjuSCLcaRUE+1wfjSErUwiUOMWR2M1DjuunAy+tD0pXnWcR186H4iWQJ66bc0ihsm6zIo2v9b6cm0vvT+zV7zCNwMzrHrq8mYuA5lAQS0fLbAgMBAAGjggK7MIICtzAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUVNfxXsNkIlFAdWmRw+BrlbXXo5owgf4GA1UdEQSB9jCB84IScmVkaXJlY3QuYWRvYmUuY29tghl0cmlnZ2VyY2FtcGFpZ24uYWRvYmUuY29tghJjYW1wYWlnbi5hZG9iZS5jb22CFnd3dy5lY2hvc2lnbi5hZG9iZS5jb22CEmVjaG9zaWduLmFkb2JlLmNvbYIVY29tbXVuaXRpZXMuYWRvYmUuY29tgg5lcmVnLmFkb2JlLmNvbYIWd3d3LmNyZWF0aXZlLmFkb2JlLmNvbYIJYWRvYmUuY29tghJ3aWtpZG9jcy5hZG9iZS5jb22CE3RyYW5zbGF0ZS5hZG9iZS5jb22CD3RydXN0LmFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQB9/prkxMFbQ9c1ZU8AWEtaUYGrdBMxwUZ/0z3KJaQA26/tsaWnKmTE0819bNhbKzyNnBAJqY670FLLiNnH1uPhLtSKFIK08j6+3gNWV+b1xCsr62oOHaH30T3Z6l1X8mVhsESR77opxYH4qEPKbAijh8xR0nS9mGVTqtOj3sCqWgU3C4JysqHzVeoudR+EmJTGPDcXXiwijaBINOGw6S7/hwqikQQZ9UG3euBAIB9IGoDurpvMmuR+ElFtEZY+Vm3hDIePuM2EN6ahoYYSE4PATAlxDmiQ7Yst7BdCAEyzqxeELmguQ9UyxRWsw9LGy9ZyVt1znk8iiO5a17FT50uc"},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"193.104.215.58","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":60736,"event_start":1565200322.813848} {"dns":{"base64":"N34BAAABAAAAAAAAA3d3dwVhZG9iZQNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":34513,"dst_port":53,"event_start":1565200323.091225} {"dns":{"base64":"LX8BAAABAAAAAAAAA3d3dwVhZG9iZQNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":58696,"dst_port":53,"event_start":1565200323.091384} @@ -154,7 +154,7 @@ {"dns":{"base64":"LX+BgAABAAUADAAAA3d3dwVhZG9iZQNjb20AABwAAcAMAAUAAQAAAAUAKwxzc2wtZGVsaXZlcnkFYWRvYmUKY29tLWlvbi1jbgdlZGdla2V5A25ldADAKwAFAAEAAAAFAD8Mc3NsLWRlbGl2ZXJ5BWFkb2JlCmNvbS1pb24tY24HZWRnZWtleQNuZXQLZ2xvYmFscmVkaXIGYWthZG5zwFHAYgAFAAEAAAAFABgFZTc5MzMEZHNjYQpha2FtYWllZGdlwFHArQAcAAEAAAAFABAmABQeAAIBkwAAAAAAAB79wK0AHAABAAAABQAQJgAUHgACAaUAAAAAAAAe/cC4AAIAAQAAAAUABgNsYTPAuMC4AAIAAQAAAAUACgduczYtMTk0wLjAuAACAAEAAAAFAAoHbnM3LTE5NMC4wLgAAgABAAAABQAJBmE2LTE5MsC4wLgAAgABAAAABQAKB25zNS0xOTTAuMC4AAIAAQAAAAUACgdhMTMtMTkywLjAuAACAAEAAAAFAAoHYTExLTE5MsC4wLgAAgABAAAABQAKB2EyOC0xOTLAuMC4AAIAAQAAAAUACgdhMTItMTkywLjAuAACAAEAAAAFAAkGYTEtMTkywLjAuAACAAEAAAAFAAcEbGFyMsC4wLgAAgABAAAABQAGA2xhMcC4"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":58696,"event_start":1565200323.187086} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"184.50.35.161","protocol":6,"src_port":56932,"dst_port":443,"event_start":1565200323.187537} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.adobe.com"}},"src_ip":"192.168.113.237","dst_ip":"184.50.35.161","protocol":6,"src_port":56932,"dst_port":443,"event_start":1565200323.228088} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGNzCCBR+gAwIBAgIQCg503M6e7LVhG69g0BbsbzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA2MDAwMDAwWhcNMjAwMjA1MTIwMDAwWjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMQswCQYDVQQLEwJJUzEUMBIGA1UEAwwLKi5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHy02hH5awt6eB0ZB5yfF3ZQO+955tDn+W6IfR+yLQFIi931YwkIxAM7M2VD1bm760h29lI6RiYFpiW0oPUnkt8zEpdayi2OHH5Ap6nQSDlEHW9BQpMXLBVep0HG6e8Qz2uiW84K8qlERWRBoDf7LZkJ+j3VGVPX50rD4BW1SjiHw5Hil+mb9tR6z2OMHFhoMYMYhOL4HSRnv3Nj4Xg1f1BfKwYVt4KZe1rnUmqJFVXk0iwdPv71JYh96Rj1CeaYCSG3PhL1CctmEtzfeVFX++kCM1PXeQsJtGEGiITu2FBBFzdheqTxdC9/LOnM9WgmqhVYoScwqo43O34sUx2oJAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUKL0O8nlF4pVkpaFcldo1cKl5FJQwIQYDVR0RBBowGIILKi5hZG9iZS5jb22CCWFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm6OYBSAAABAMARjBEAiAGzoFtL3H38sDIqCoGUtHh+mft+u6+95qWVkiz6tc="}]}},"src_ip":"184.50.35.161","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56932,"event_start":1565200323.269655} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGNzCCBR+gAwIBAgIQCg503M6e7LVhG69g0BbsbzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA2MDAwMDAwWhcNMjAwMjA1MTIwMDAwWjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMQswCQYDVQQLEwJJUzEUMBIGA1UEAwwLKi5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHy02hH5awt6eB0ZB5yfF3ZQO+955tDn+W6IfR+yLQFIi931YwkIxAM7M2VD1bm760h29lI6RiYFpiW0oPUnkt8zEpdayi2OHH5Ap6nQSDlEHW9BQpMXLBVep0HG6e8Qz2uiW84K8qlERWRBoDf7LZkJ+j3VGVPX50rD4BW1SjiHw5Hil+mb9tR6z2OMHFhoMYMYhOL4HSRnv3Nj4Xg1f1BfKwYVt4KZe1rnUmqJFVXk0iwdPv71JYh96Rj1CeaYCSG3PhL1CctmEtzfeVFX++kCM1PXeQsJtGEGiITu2FBBFzdheqTxdC9/LOnM9WgmqhVYoScwqo43O34sUx2oJAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUKL0O8nlF4pVkpaFcldo1cKl5FJQwIQYDVR0RBBowGIILKi5hZG9iZS5jb22CCWFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm6OYBSAAABAMARjBEAiAGzoFtL3H38sDIqCoGUtHh+mft+u6+95qWVkiz6tc="}]}},"reassembly_properties":{"truncated":true},"src_ip":"184.50.35.161","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56932,"event_start":1565200323.269655} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGNzCCBR+gAwIBAgIQCg503M6e7LVhG69g0BbsbzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA2MDAwMDAwWhcNMjAwMjA1MTIwMDAwWjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMQswCQYDVQQLEwJJUzEUMBIGA1UEAwwLKi5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHy02hH5awt6eB0ZB5yfF3ZQO+955tDn+W6IfR+yLQFIi931YwkIxAM7M2VD1bm760h29lI6RiYFpiW0oPUnkt8zEpdayi2OHH5Ap6nQSDlEHW9BQpMXLBVep0HG6e8Qz2uiW84K8qlERWRBoDf7LZkJ+j3VGVPX50rD4BW1SjiHw5Hil+mb9tR6z2OMHFhoMYMYhOL4HSRnv3Nj4Xg1f1BfKwYVt4KZe1rnUmqJFVXk0iwdPv71JYh96Rj1CeaYCSG3PhL1CctmEtzfeVFX++kCM1PXeQsJtGEGiITu2FBBFzdheqTxdC9/LOnM9WgmqhVYoScwqo43O34sUx2oJAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUKL0O8nlF4pVkpaFcldo1cKl5FJQwIQYDVR0RBBowGIILKi5hZG9iZS5jb22CCWFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm6OYBSAAABAMARjBEAiAGzoFtL3H38sDIqCoGUtHh+mft+u6+95qWVkiz6tckEAIgNIqKfTS1ssN9aslsQmNTqxw00g0VQRqLRx/yqDpOEmAAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWbo5gIhAAAEAwBHMEUCIFCsSzZXC6mRE0/g7xTRXY94byQOwpjY13VAd0nv+VdIAiEA0hop7zM0YHyWGkiK1emLlPEj8tpv2L0uo/eC5AfqdMAwDQYJKoZIhvcNAQELBQADggEBAApznoYz6ONoMxctjevgb6j9S3Nne3QdHSbAHzQeYzClDxIJNp/Ob+38tShcMwpu2lBFb0QL3QNRwOZ5xQk4O0h+ul0t1YVDKJw9Mz2qwuOt4mUp+u764vmHDrvZxJxGQ/c6oTsm4biRKBZbI6PTXwz61DhsQ2jtWNATNGWDsdv6MS2F12blpNFdOVzXVOWRb+E7fbZC9VU0l760VFrYB/UuLJ7xb7+3fN04l1KFQE2wtfwdbVZEdYe72eNxIZDmIPxFFotlyzhdsWoGV3WGXTbjVzc3vb3SRQ3E4QTouANow1YA3wwRJWEarmiPN7L+P4sMrDAYF2im1b2YY2Iem+Y="},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"184.50.35.161","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56932,"event_start":1565200323.270041} {"dns":{"base64":"ZTwBAAABAAAAAAAAAmVuCXdpa2lwZWRpYQNvcmcAAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":58038,"dst_port":53,"event_start":1565200323.465109} {"dns":{"base64":"oo0BAAABAAAAAAAAAmVuCXdpa2lwZWRpYQNvcmcAABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":60058,"dst_port":53,"event_start":1565200323.465267} @@ -162,7 +162,7 @@ {"dns":{"base64":"ZTyBgAABAAIABgAKAmVuCXdpa2lwZWRpYQNvcmcAAAEAAcAMAAUAAQAAAAUAEQRkeW5hCXdpa2ltZWRpYcAZwC4AAQABAAAABQAE0FCa4MAZAAIAAQAAAAUAGQJhMANvcmcLYWZpbGlhcy1uc3QEaW5mbwDAGQACAAEAAAAFABUCYjIDb3JnC2FmaWxpYXMtbnN0wBnAGQACAAEAAAAFAAUCZDDAg8AZAAIAAQAAAAUABQJiMMCDwBkAAgABAAAABQAFAmMwwF7AGQACAAEAAAAFAAUCYTLAXsBbAAEAAQAAAAUABMcTOAHA1AABAAEAAAAFAATH+XABwMMAAQABAAAABQAExxM1AcChAAEAAQAAAAUABMcTOQHAWwAcAAEAAAAFABAgAQUAAA4AAAAAAAAAAAABwNQAHAABAAAABQAQIAEFAABAAAAAAAAAAAAAAcCyABwAAQAAAAUAECABBQAADAAAAAAAAAAAAAHAgAAcAAEAAAAFABAgAQUAAEgAAAAAAAAAAAABwMMAHAABAAAABQAQIAEFAAALAAAAAAAAAAAAAcChABwAAQAAAAUAECABBQAADwAAAAAAAAAAAAE="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":58038,"event_start":1565200323.504438} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"208.80.154.224","protocol":6,"src_port":51360,"dst_port":443,"event_start":1565200323.504965} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"en.wikipedia.org"}},"src_ip":"192.168.113.237","dst_ip":"208.80.154.224","protocol":6,"src_port":51360,"dst_port":443,"event_start":1565200323.548513} -{"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIq"}]}},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51360,"event_start":1565200323.593652} +{"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIq"}]}},"reassembly_properties":{"truncated":true},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51360,"event_start":1565200323.593652} {"fingerprints":{"tls_server":"tls_server/(0303)(cca9)((ff01)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIIMTCCBxmgAwIBAgIMFkDF1F0uxNlMfXxqMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgxMTA4MjEyMTA0WhcNMTkxMTIyMDc1OTU5WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEjMCEGA1UEChMaV2lraW1lZGlhIEZvdW5kYXRpb24sIEluYy4xGDAWBgNVBAMMDyoud2lraXBlZGlhLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGd1rS7GauMxJ15BmViShjVMjwQJNjjw+OUhnIaqE5QF/q6c/LIvVh4N3473a7J52JcfmlfCrXvDthHzaZNEneKjggWVMIIFkTAOBgNVHQ8BAf8EBAMCA4gwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIICxQYDVR0RBIICvDCCAriCDyoud2lraXBlZGlhLm9yZ4INd2lraW1lZGlhLm9yZ4INbWVkaWF3aWtpLm9yZ4INd2lraWJvb2tzLm9yZ4IMd2lraWRhdGEub3Jnggx3aWtpbmV3cy5vcmeCDXdpa2lxdW90ZS5vcmeCDndpa2lzb3VyY2Uub3Jngg93aWtpdmVyc2l0eS5vcmeCDndpa2l2b3lhZ2Uub3Jngg53aWt0aW9uYXJ5Lm9yZ4IXd2lraW1lZGlhZm91bmRhdGlvbi5vcmeCBncud2lraYISd21mdXNlcmNvbnRlbnQub3JnghEqLm0ud2lraXBlZGlhLm9yZ4IPKi53aWtpbWVkaWEub3JnghEqLm0ud2lraW1lZGlhLm9yZ4IWKi5wbGFuZXQud2lraW1lZGlhLm9yZ4IPKi5tZWRpYXdpa2kub3JnghEqLm0ubWVkaWF3aWtpLm9yZ4IPKi53aWtpYm9va3Mub3JnghEqLm0ud2lraWJvb2tzLm9yZ4IOKi53aWtpZGF0YS5vcmeCECoubS53aWtpZGF0YS5vcmeCDioud2lraW5ld3Mub3JnghAqLm0ud2lraW5ld3Mub3Jngg8qLndpa2lxdW90ZS5vcmeCESoubS53aWtpcXVvdGUub3JnghAqLndpa2lzb3VyY2Uub3JnghIqLm0ud2lraXNvdXJjZS5vcmeCESoud2lraXZlcnNpdHkub3JnghMqLm0ud2lraXZlcnNpdHkub3JnghAqLndpa2l2b3lhZ2Uub3JnghIqLm0ud2lraXZveWFnZS5vcmeCECoud2lrdGlvbmFyeS5vcmeCEioubS53aWt0aW9uYXJ5Lm9yZ4IZKi53aWtpbWVkaWFmb3VuZGF0aW9uLm9yZ4IUKi53bWZ1c2VyY29udGVudC5vcmeCDXdpa2lwZWRpYS5vcmcwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSt4NNfC33t2i98DfZjjYpZGMJsijAfBgNVHSMEGDAWgBSW3mHxvRwWKVMcwMx9O4MAQOYafDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZvUzN/YAAAQDAEcwRQIgBATdvSzbd5NwGdtkmJ5SEvEPn6A8hgAsk6GSP6hzWcgCIQDKfHQNtObs/hHPfLgXsVkcnHIbjlNwmWeiukGtGHZFMgB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZvUzN8cAAAQDAEcwRQIgYalEnXtd/fPhjq9SXPoSPRhaMmeDs0IMN5o5Y6QTKfUCIQClR1uj+B56K4tGh/mws4qugG1qSD9zfvmx8roKik3HHDANBgkqhkiG9w0BAQsFAAOCAQEAUEJyg/AZo+owG5J/LIk8EIDnyOcanmfgvdjMg8KnpBvh8l3Wb4HmOudluJhIeIbCUMwzEzSGqYQQ78n4wtjLaLwaDgL4WzHOVec2k+rbfmPT6MUCtdlz1PK5/WY9JQyQq6vy+tm3a6Wijy6M8U/TdrJubK5X03SFfRb0pDuFdr2fnkctLRnyCb1w0XHwGXjEcGm1LY42YKwdvbj3WIqumeSEuG4MZtquW6NURKELSil03G/hRHRAHHGx3zXes/jJcpH2GPX9eY9B+R1oHmCE2QF5Y/Bh+uNA2+2Iuj/6UJAOw/Z/8+qZcnLWWnK2Dwzc34C/AUD+Wb71oUcr60+pPg=="},{"base64":"MIIEYjCCA0qgAwIBAgILBAAAAAABMYnGRMkwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwODAyMTAwMDAwWhcNMjIwODAyMTAwMDAwWjBmMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTE8MDoGA1UEAxMzR2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw5sPyOTf8xwpZ0gww5TP37ATsKYScpH1SPvAzSFdMijAi5GXAt9yYidT4vw+JxsjFU127/ys+r741bnSkbZEyLKNtWbwajjlkOT8gy85vnm6JnIY0h4f1c2aRoZHVrR1H3CnNR/4YASrnrqiOpX2MoKCjoSSaJiGXoNJPc367RzknsFI5sStc7rKd+kFAK5AaXUppxDZIje+H7+4/Ue5f7co6jkZjHZTCXpGLmJWQmu6Z0cbTcPSh41ICjir9QhiwHERa1uK2OrkmthCk0g7XO6fM7+FrXbn4Dw1ots2Qh5Sk94ZdqSvL41+bPE+SeATv+WUuYCIOEHc+ldK72y8QIDAQABo4IBKTCCASUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJbeYfG9HBYpUxzAzH07gwBA5hp8MEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L3Jvb3QtcjMuY3JsMD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAugYpwLQZjCERwJQRnrs91NVDQPafuyULI2i1Gvf6VGTMKxP5IfBEreHoFVjb7v3bok3MGI8Nmm3DawGhMfCNvABAzDlfh2FRbfSV6uoVNT5AhcBi1aE0/niqqLJaOfM3Qfuc6D5xSlvr+GlYoeDGk3fpumeS62VYkHBzQn2v9CMmeReq+qS7meVEb2WB58rrVcj0ticRIXSUvGu3dGIpxM2uR/LmQlt4hgVhy5CqeYnfBH6xJnBLjUAfhHvA+wfmyLdOkfQ1A+3o60EQF0m0YsinLPLhTI8DLPMWN11n8aQ5eUmjwF3MVfkhgA/7zuIpalhQ6abX6xwyNrVip8H65g=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"208.80.154.224","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":51360,"event_start":1565200323.593859} {"dns":{"base64":"YvYBAAABAAAAAAAABml0dW5lcwVhcHBsZQNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":52922,"dst_port":53,"event_start":1565200323.996782} {"dns":{"base64":"wOABAAABAAAAAAAABml0dW5lcwVhcHBsZQNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":51162,"dst_port":53,"event_start":1565200323.996974} @@ -173,11 +173,11 @@ {"fingerprints":{"tls_server":"tls_server/(0303)(1302)((002b00020304)(0033))"},"src_ip":"184.50.246.197","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":46026,"event_start":1565200324.110532} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"17.178.96.59","protocol":6,"src_port":47972,"dst_port":443,"event_start":1565200324.284597} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"apple.com"}},"src_ip":"192.168.113.237","dst_ip":"17.178.96.59","protocol":6,"src_port":47972,"dst_port":443,"event_start":1565200324.382348} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIH8zCCBtugAwIBAgIQCntZYuAq75f9bqCozf4GOzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDcyMDAwMDAwMFoXDTIwMDcyMDEyMDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRowGAYDVQQLExFJbnRlcm5ldCBTZXJ2aWNlczEWMBQGA1UEAxMNd3d3LmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJVaWbq7ReuQNs4LNpYlxNwolxVkFREluDtvvHdC0dEGXxyl1Htd77fa3WdGsXrckZm/WA6OrGFDi0oxqGsmzqt8UhoL/8u0cMtLo22L3SakDlZNVdsZzHfuWwRkYRWiazWn8y90SECimUDM71NfqdrZAmYtWTah/EIeH0c4W3bv1ZD9qbXlGog3rlqTY2oi2faxAZuTJY2snOgnX50LvNUiHo5IzUuweD/dhPun02Y6hUd0FIJQ4ekA+CtBsf7Ji2Sc42nXeGtiW+0WYsmLzTxSnPdUcp+ad8S9ndCeWokM6dl3Iv177dJIn4aQ71x1TgagkjBYZ1GWjFo2hcbKJ0CAwEAAaOCBA4wggQKMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBT2nT+05RGAUUXkbIsK8871kncHUjCCATYGA1UdEQSCAS0wggEpghRleHRlbnNpb25zLmFwcGxlLmNvbYISZmVlZGJhY2suYXBwbGUuY29tghFnZW5zZXJ2LmFwcGxlLmNvbYIOaGVscC5hcHBsZS5jb22CEWhlbHBvc3guYXBwbGUuY29tghBoZWxwcXQuYXBwbGUuY29tghBpbWFnZXMuYXBwbGUuY29tghdpdHVuZXNwYXJ0bmVyLmFwcGxlLmNvbYIRcHJvaGVscC5hcHBsZS5jb22CEHJlYmF0ZS5hcHBsZS5jb22CG3NhZmFyaS1leHRlbnNpb25zLmFwcGxlLmNvbYIadHJhY2tpbmdzaGlwbWVudC5hcHBsZS5jb22CEnRyYWlsZXJzLmFwcGxlLmNvbYIJYXBwbGUuY29tgg13d3cuYXBwbGUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcBAQ=="}]}},"src_ip":"17.178.96.59","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47972,"event_start":1565200324.478242} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIH8zCCBtugAwIBAgIQCntZYuAq75f9bqCozf4GOzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDcyMDAwMDAwMFoXDTIwMDcyMDEyMDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRowGAYDVQQLExFJbnRlcm5ldCBTZXJ2aWNlczEWMBQGA1UEAxMNd3d3LmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJVaWbq7ReuQNs4LNpYlxNwolxVkFREluDtvvHdC0dEGXxyl1Htd77fa3WdGsXrckZm/WA6OrGFDi0oxqGsmzqt8UhoL/8u0cMtLo22L3SakDlZNVdsZzHfuWwRkYRWiazWn8y90SECimUDM71NfqdrZAmYtWTah/EIeH0c4W3bv1ZD9qbXlGog3rlqTY2oi2faxAZuTJY2snOgnX50LvNUiHo5IzUuweD/dhPun02Y6hUd0FIJQ4ekA+CtBsf7Ji2Sc42nXeGtiW+0WYsmLzTxSnPdUcp+ad8S9ndCeWokM6dl3Iv177dJIn4aQ71x1TgagkjBYZ1GWjFo2hcbKJ0CAwEAAaOCBA4wggQKMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBT2nT+05RGAUUXkbIsK8871kncHUjCCATYGA1UdEQSCAS0wggEpghRleHRlbnNpb25zLmFwcGxlLmNvbYISZmVlZGJhY2suYXBwbGUuY29tghFnZW5zZXJ2LmFwcGxlLmNvbYIOaGVscC5hcHBsZS5jb22CEWhlbHBvc3guYXBwbGUuY29tghBoZWxwcXQuYXBwbGUuY29tghBpbWFnZXMuYXBwbGUuY29tghdpdHVuZXNwYXJ0bmVyLmFwcGxlLmNvbYIRcHJvaGVscC5hcHBsZS5jb22CEHJlYmF0ZS5hcHBsZS5jb22CG3NhZmFyaS1leHRlbnNpb25zLmFwcGxlLmNvbYIadHJhY2tpbmdzaGlwbWVudC5hcHBsZS5jb22CEnRyYWlsZXJzLmFwcGxlLmNvbYIJYXBwbGUuY29tgg13d3cuYXBwbGUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcBAQ=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"17.178.96.59","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47972,"event_start":1565200324.478242} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIH8zCCBtugAwIBAgIQCntZYuAq75f9bqCozf4GOzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDcyMDAwMDAwMFoXDTIwMDcyMDEyMDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRowGAYDVQQLExFJbnRlcm5ldCBTZXJ2aWNlczEWMBQGA1UEAxMNd3d3LmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJVaWbq7ReuQNs4LNpYlxNwolxVkFREluDtvvHdC0dEGXxyl1Htd77fa3WdGsXrckZm/WA6OrGFDi0oxqGsmzqt8UhoL/8u0cMtLo22L3SakDlZNVdsZzHfuWwRkYRWiazWn8y90SECimUDM71NfqdrZAmYtWTah/EIeH0c4W3bv1ZD9qbXlGog3rlqTY2oi2faxAZuTJY2snOgnX50LvNUiHo5IzUuweD/dhPun02Y6hUd0FIJQ4ekA+CtBsf7Ji2Sc42nXeGtiW+0WYsmLzTxSnPdUcp+ad8S9ndCeWokM6dl3Iv177dJIn4aQ71x1TgagkjBYZ1GWjFo2hcbKJ0CAwEAAaOCBA4wggQKMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBT2nT+05RGAUUXkbIsK8871kncHUjCCATYGA1UdEQSCAS0wggEpghRleHRlbnNpb25zLmFwcGxlLmNvbYISZmVlZGJhY2suYXBwbGUuY29tghFnZW5zZXJ2LmFwcGxlLmNvbYIOaGVscC5hcHBsZS5jb22CEWhlbHBvc3guYXBwbGUuY29tghBoZWxwcXQuYXBwbGUuY29tghBpbWFnZXMuYXBwbGUuY29tghdpdHVuZXNwYXJ0bmVyLmFwcGxlLmNvbYIRcHJvaGVscC5hcHBsZS5jb22CEHJlYmF0ZS5hcHBsZS5jb22CG3NhZmFyaS1leHRlbnNpb25zLmFwcGxlLmNvbYIadHJhY2tpbmdzaGlwbWVudC5hcHBsZS5jb22CEnRyYWlsZXJzLmFwcGxlLmNvbYIJYXBwbGUuY29tgg13d3cuYXBwbGUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFsDybfogAABAMARzBFAiANYeCK4RsTjJyWm00Myizu96qqHAW1JHwjyO7TihtGiQIhAIzHukiG871pfYoOc2B2JqRwcH+BkLZVkCkIfTcrDl9LAHUAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFsDybf4AAABAMARjBEAiA+YJNS/bLKIyT+cpt9NtxKSQSW4/ctVA7wcTBjv2jlLQIgLKt5ld2x1FFDSjldkX+u/mfaIzk8apZ9F/lJeTTf3KIwDQYJKoZIhvcNAQELBQADggEBAGcYjzS/MA7CsV+3FgW5qoz7hNp3M1H1kha1PipJY32edcbWR6DhraZwpb1xfcB8NCIi6IZ/66rhMQvljs4eK5dGMDD25qMeWnFxeby6eqvGig7deN2vZkUoqMElv+WTDwZMy+W+QxZWgRzi5u0x/oM3iIAdSjZ2Oihb7QLMj4li+cIEXv70G8DftG5W7za1+lgySo9kK72mKwbmAr5OEDirSatO9MINGFFqVlIzP1z87wqenvj/13NYjHILzAzhkMlhA2EynbpnoJHlrjLlCOe+HMz1PGzvTa7sA4eBJ0vhcolQ8Tg0K01oglkzQpg3PENgk2pJWaToKO2SB1C7Dgo="},{"base64":"MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUYuD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQhcJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbhhgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn8TUoE6smftX3eg=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"17.178.96.59","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47972,"event_start":1565200324.478364} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"184.51.129.174","protocol":6,"src_port":50212,"dst_port":443,"event_start":1565200324.710898} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.apple.com"}},"src_ip":"192.168.113.237","dst_ip":"184.51.129.174","protocol":6,"src_port":50212,"dst_port":443,"event_start":1565200324.750395} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG8TCCBdmgAwIBAgIQD45OTJz1XqX+Lpsrfv/ejzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMwNzAwMDAwMFoXDTIwMDMwNzEyMDAwMFowge4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMSUwIwYDVQQLExxJbnRlcm5ldCBTZXJ2aWNlcyBmb3IgQWthbWFpMRYwFAYDVQQDEw13d3cuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V5dxoW+5Sp4eh93H0IX6sHjda7JOHrgz5/rukdCz2N1JtNMjmwvx7wcuzfJpaDTj+o9AsjoBqGnK0x7kVW8UavnyLiopkk+lEXxAJAmubWvtaAiQSwQUovZ8JHlQHZg/cKx/tBVw08YfSAADItBLC3BCsDhLt74R4SyNk4DX3eQ9vVg2KolEOs3OAN/S0Y2di5m/hjkmzHs1SrbYJDXoNWreZwB9qyHiHNDCOBI8AmsQUBg5JynzL0vx10yMi5C12kvRjDTbhe6HKa6vLViU4nHSu+5+A8lL7R6XAX75P0TRxv/YG9A8g8tUzg/IYdNCLEb09qr1Z6UaUOjol7x6QIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFNj1/23cljBcrYB1/87F950Wc8sWMCoGA1UdEQQjMCGCEGltYWdlcy5hcHBsZS5jb22CDXd3dy5hcHBsZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHQ="}]}},"src_ip":"184.51.129.174","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50212,"event_start":1565200324.789728} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG8TCCBdmgAwIBAgIQD45OTJz1XqX+Lpsrfv/ejzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMwNzAwMDAwMFoXDTIwMDMwNzEyMDAwMFowge4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMSUwIwYDVQQLExxJbnRlcm5ldCBTZXJ2aWNlcyBmb3IgQWthbWFpMRYwFAYDVQQDEw13d3cuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V5dxoW+5Sp4eh93H0IX6sHjda7JOHrgz5/rukdCz2N1JtNMjmwvx7wcuzfJpaDTj+o9AsjoBqGnK0x7kVW8UavnyLiopkk+lEXxAJAmubWvtaAiQSwQUovZ8JHlQHZg/cKx/tBVw08YfSAADItBLC3BCsDhLt74R4SyNk4DX3eQ9vVg2KolEOs3OAN/S0Y2di5m/hjkmzHs1SrbYJDXoNWreZwB9qyHiHNDCOBI8AmsQUBg5JynzL0vx10yMi5C12kvRjDTbhe6HKa6vLViU4nHSu+5+A8lL7R6XAX75P0TRxv/YG9A8g8tUzg/IYdNCLEb09qr1Z6UaUOjol7x6QIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFNj1/23cljBcrYB1/87F950Wc8sWMCoGA1UdEQQjMCGCEGltYWdlcy5hcHBsZS5jb22CDXd3dy5hcHBsZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHQ="}]}},"reassembly_properties":{"truncated":true},"src_ip":"184.51.129.174","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50212,"event_start":1565200324.789728} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG8TCCBdmgAwIBAgIQD45OTJz1XqX+Lpsrfv/ejzANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDMwNzAwMDAwMFoXDTIwMDMwNzEyMDAwMFowge4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQITCkNhbGlmb3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJQ3VwZXJ0aW5vMRMwEQYDVQQKEwpBcHBsZSBJbmMuMSUwIwYDVQQLExxJbnRlcm5ldCBTZXJ2aWNlcyBmb3IgQWthbWFpMRYwFAYDVQQDEw13d3cuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V5dxoW+5Sp4eh93H0IX6sHjda7JOHrgz5/rukdCz2N1JtNMjmwvx7wcuzfJpaDTj+o9AsjoBqGnK0x7kVW8UavnyLiopkk+lEXxAJAmubWvtaAiQSwQUovZ8JHlQHZg/cKx/tBVw08YfSAADItBLC3BCsDhLt74R4SyNk4DX3eQ9vVg2KolEOs3OAN/S0Y2di5m/hjkmzHs1SrbYJDXoNWreZwB9qyHiHNDCOBI8AmsQUBg5JynzL0vx10yMi5C12kvRjDTbhe6HKa6vLViU4nHSu+5+A8lL7R6XAX75P0TRxv/YG9A8g8tUzg/IYdNCLEb09qr1Z6UaUOjol7x6QIDAQABo4IDATCCAv0wHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFNj1/23cljBcrYB1/87F950Wc8sWMCoGA1UdEQQjMCGCEGltYWdlcy5hcHBsZS5jb22CDXd3dy5hcHBsZS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzIuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwgYgGCCsGAQUFBwEBBHwwejAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRWYWxpZGF0aW9uU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWlYQtEGAAAEAwBHMEUCIGiBDFSIRXrGhLhlm/2cNID2OJHvz1j5/fNQb62OoK3oAiEAzjKdWz2ii7YESO4BJmzTUKHqfyUMACpCbUINE8CphbwAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWlYQtFEAAAEAwBHMEUCIEvUZFLTUvA+2NQ9xUBy7cMEjDwWRl04ArqiHlKq4dq2AiEAo14va8y5NNmkAHDhOpm0DSVt01l3wpiMaqCup+EGczIwDQYJKoZIhvcNAQELBQADggEBAD/ZoRmzfFalieWiMzPj/Lsp29dpdjEvaZeQoQwRC1rLq0FmspvfcdbckpG2F4vTnIM83HynKV26OJebDQfgRsonX0GgwIQeRwDch3n9rz40wm2xRwxSFIGssmy0MLJBYXcHlgVbJjailMJww83BFawzDWBo+hmVPigU3hkV8ktDqwC/VOOvWikPMsvMvn8HMPbZSeYnH8A7nD0u0WzFtg6NF9xIXB/Bfku6jEPKr5l2iJukaGD6wtOH7zkWjEk2LAn5Byoue2E+dnbvdJalrv9rTPd/lkG+nAlBuooc/cJK4QqofnuomKgBXavv2zaz5pNdJwwmwzOTdK95geXURk4="},{"base64":"MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUYuD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQhcJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbhhgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn8TUoE6smftX3eg=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"184.51.129.174","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50212,"event_start":1565200324.790053} {"dns":{"base64":"rXEBAAABAAAAAAAABXlvdXR1AmJlAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":55237,"dst_port":53,"event_start":1565200324.977294} {"dns":{"base64":"e4EBAAABAAAAAAAABXlvdXR1AmJlAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":42980,"dst_port":53,"event_start":1565200324.978085} @@ -195,7 +195,7 @@ {"dns":{"base64":"Nf+BgAABAAAAAQAABXZpbWVvA2NvbQAAHAABwAwABgABAAAABQBBBW5zLTcwCWF3c2Rucy0wOMASEWF3c2Rucy1ob3N0bWFzdGVyBmFtYXpvbsASeAuCBAABUYAAABwgAAk6gAAAASw="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":40905,"event_start":1565200326.929205} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.192.217","protocol":6,"src_port":42704,"dst_port":443,"event_start":1565200326.929453} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"vimeo.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.192.217","protocol":6,"src_port":42704,"dst_port":443,"event_start":1565200326.966862} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjeg=="}]}},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42704,"event_start":1565200327.008134} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjeg=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42704,"event_start":1565200327.008134} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5aIhzbf13QhYCIEevrRV+w20kyxQ5/ujQtTbjKjYfrEwOwp1oHhjbAJJuMA0GCSqGSIb3DQEBCwUAA4IBAQAnRC6rW/JPfntMo/scqBV/52WMHt3+cLCWYZBrxG4sNj29wuzFwHBdpdlqD9GNLElu9vcllnAqzmria6KsZ0lLeU1WWb5vl5u7Q5k6o4OVuziFF9O7198prtuf2u+tUG/zHEL0KhkPD0mu+UzispcYkuntD2kSiZ3LCrKxL5zpUuFC9D2r4P6b32fmg53Fck76P/qZe+niplaV8rrMGgFbPreCTrlyd4F1Xm5/0tyyLPsnIDN/uBjzuvkgvmw4DkoYOCwMCJftC7Ajix7vs0/KoYgc5r8Iz8twzdacEM62ZWR0obQ9du8Qys7TLlKa1eiiXVJ27zyMjxA8svFmUmBc"},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42704,"event_start":1565200327.008493} {"dns":{"base64":"dFoBAAABAAAAAAAAA2dvbwJnbAAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":51350,"dst_port":53,"event_start":1565200327.245395} {"dns":{"base64":"B04BAAABAAAAAAAAA2dvbwJnbAAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":41171,"dst_port":53,"event_start":1565200327.245574} @@ -223,7 +223,7 @@ {"dns":{"base64":"To2BgAABAAAAAQAACXBpbnRlcmVzdANjb20AABwAAcAMAAYAAQAAAAUANQRkbnMxA3AwOQVuc29uZQNuZXQACmhvc3RtYXN0ZXLANF07NSQAAFRgAAAOEAAJOoAAAAcI"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":34119,"event_start":1565200328.789459} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.128.84","protocol":6,"src_port":41224,"dst_port":443,"event_start":1565200328.789680} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"pinterest.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.128.84","protocol":6,"src_port":41224,"dst_port":443,"event_start":1565200328.828760} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIMjTCCC3WgAwIBAgIQCGY+vEVuw5mUM8/1pacz4TANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MDUwMDAwMDBaFw0yMDA3MjIxMjAwMDBaMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9QaW50ZXJlc3QsIEluYy4xGDAWBgNVBAMMDyoucGludGVyZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkhv7I4WhMZQvgZAF11mLNfGTz4waZri4nOlRGlEZfA0/9jtBRCw98wADg9QG4Ur4HeRYCQWN0o9mP3XBtdguuP1qB6bOKr3KXtXrasQ6d0ZLTekwCyjBR+pG90QChIw0J5L/rGJlNJcbtqi93cbcpXS6O+DJ6ibF4GRCaczCu8bXbEgt2Ktl70cCrFfqMWqBO1YlXOEP7CeTN1K4znwBidkcrZHvju7Ub8ZTG274+6IkEmzveUGXgdigPz8R/rnX1Qzp8UMSh0lQqTXOboH0/zQX4QT681uR1aKnJvLrw0BgeXpzNReNhGnmR5msh2fiXnlarhuc5KRH3EcsbId3sCAwEAAaOCCSMwggkfMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRhD8DeFSE2Vt03bW3bog/FxUqXyzCCBkoGA1UdEQSCBkEwggY9gg8qLnBpbnRlcmVzdC5jb22CDCoucGluaW1nLmNvbYIQKi5waW50ZXJlc3QuaW5mb4IXKi5waW50ZXJlc3QuZW5naW5lZXJpbmeCEyoucGludGVyZXN0bWFpbC5jb22CDioucGludGVyZXN0LmF0gg4qLnBpbnRlcmVzdC5jaIIOKi5waW50ZXJlc3QuZGWCDioucGludGVyZXN0LmRrgg4qLnBpbnRlcmVzdC5pZYIOKi5waW50ZXJlc3QuanCCDioucGludGVyZXN0Lmtygg4qLnBpbnRlcmVzdC5teIIOKi5waW50ZXJlc3QucHSCDioucGludGVyZXN0LnNlghEqLnBpbnRlcmVzdC5jby5hdIIRKi5waW50ZXJlc3QuY28ua3KCESoucGludGVyZXN0LmNvLnVrghIqLnBpbnRlcmVzdC5jb20ubXiCBnBpbi5pdIINcGludGVyZXN0LmNvbYIKcGluaW1nLmNvbYIOcGludGVyZXN0LmluZm+CFXBpbnRlcmVzdC5lbmdpbmVlcmluZ4IRcGludGVyZXN0bWFpbC5jb22CDHBpbnRlcmVzdC5hdIIMcGludGVyZXN0LmNoggxwaW50ZXJlc3QuZGWCDHBpbg=="}]}},"src_ip":"151.101.128.84","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41224,"event_start":1565200328.871396} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIMjTCCC3WgAwIBAgIQCGY+vEVuw5mUM8/1pacz4TANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MDUwMDAwMDBaFw0yMDA3MjIxMjAwMDBaMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9QaW50ZXJlc3QsIEluYy4xGDAWBgNVBAMMDyoucGludGVyZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkhv7I4WhMZQvgZAF11mLNfGTz4waZri4nOlRGlEZfA0/9jtBRCw98wADg9QG4Ur4HeRYCQWN0o9mP3XBtdguuP1qB6bOKr3KXtXrasQ6d0ZLTekwCyjBR+pG90QChIw0J5L/rGJlNJcbtqi93cbcpXS6O+DJ6ibF4GRCaczCu8bXbEgt2Ktl70cCrFfqMWqBO1YlXOEP7CeTN1K4znwBidkcrZHvju7Ub8ZTG274+6IkEmzveUGXgdigPz8R/rnX1Qzp8UMSh0lQqTXOboH0/zQX4QT681uR1aKnJvLrw0BgeXpzNReNhGnmR5msh2fiXnlarhuc5KRH3EcsbId3sCAwEAAaOCCSMwggkfMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRhD8DeFSE2Vt03bW3bog/FxUqXyzCCBkoGA1UdEQSCBkEwggY9gg8qLnBpbnRlcmVzdC5jb22CDCoucGluaW1nLmNvbYIQKi5waW50ZXJlc3QuaW5mb4IXKi5waW50ZXJlc3QuZW5naW5lZXJpbmeCEyoucGludGVyZXN0bWFpbC5jb22CDioucGludGVyZXN0LmF0gg4qLnBpbnRlcmVzdC5jaIIOKi5waW50ZXJlc3QuZGWCDioucGludGVyZXN0LmRrgg4qLnBpbnRlcmVzdC5pZYIOKi5waW50ZXJlc3QuanCCDioucGludGVyZXN0Lmtygg4qLnBpbnRlcmVzdC5teIIOKi5waW50ZXJlc3QucHSCDioucGludGVyZXN0LnNlghEqLnBpbnRlcmVzdC5jby5hdIIRKi5waW50ZXJlc3QuY28ua3KCESoucGludGVyZXN0LmNvLnVrghIqLnBpbnRlcmVzdC5jb20ubXiCBnBpbi5pdIINcGludGVyZXN0LmNvbYIKcGluaW1nLmNvbYIOcGludGVyZXN0LmluZm+CFXBpbnRlcmVzdC5lbmdpbmVlcmluZ4IRcGludGVyZXN0bWFpbC5jb22CDHBpbnRlcmVzdC5hdIIMcGludGVyZXN0LmNoggxwaW50ZXJlc3QuZGWCDHBpbg=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.128.84","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41224,"event_start":1565200328.871396} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIMjTCCC3WgAwIBAgIQCGY+vEVuw5mUM8/1pacz4TANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MDUwMDAwMDBaFw0yMDA3MjIxMjAwMDBaMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9QaW50ZXJlc3QsIEluYy4xGDAWBgNVBAMMDyoucGludGVyZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkhv7I4WhMZQvgZAF11mLNfGTz4waZri4nOlRGlEZfA0/9jtBRCw98wADg9QG4Ur4HeRYCQWN0o9mP3XBtdguuP1qB6bOKr3KXtXrasQ6d0ZLTekwCyjBR+pG90QChIw0J5L/rGJlNJcbtqi93cbcpXS6O+DJ6ibF4GRCaczCu8bXbEgt2Ktl70cCrFfqMWqBO1YlXOEP7CeTN1K4znwBidkcrZHvju7Ub8ZTG274+6IkEmzveUGXgdigPz8R/rnX1Qzp8UMSh0lQqTXOboH0/zQX4QT681uR1aKnJvLrw0BgeXpzNReNhGnmR5msh2fiXnlarhuc5KRH3EcsbId3sCAwEAAaOCCSMwggkfMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRhD8DeFSE2Vt03bW3bog/FxUqXyzCCBkoGA1UdEQSCBkEwggY9gg8qLnBpbnRlcmVzdC5jb22CDCoucGluaW1nLmNvbYIQKi5waW50ZXJlc3QuaW5mb4IXKi5waW50ZXJlc3QuZW5naW5lZXJpbmeCEyoucGludGVyZXN0bWFpbC5jb22CDioucGludGVyZXN0LmF0gg4qLnBpbnRlcmVzdC5jaIIOKi5waW50ZXJlc3QuZGWCDioucGludGVyZXN0LmRrgg4qLnBpbnRlcmVzdC5pZYIOKi5waW50ZXJlc3QuanCCDioucGludGVyZXN0Lmtygg4qLnBpbnRlcmVzdC5teIIOKi5waW50ZXJlc3QucHSCDioucGludGVyZXN0LnNlghEqLnBpbnRlcmVzdC5jby5hdIIRKi5waW50ZXJlc3QuY28ua3KCESoucGludGVyZXN0LmNvLnVrghIqLnBpbnRlcmVzdC5jb20ubXiCBnBpbi5pdIINcGludGVyZXN0LmNvbYIKcGluaW1nLmNvbYIOcGludGVyZXN0LmluZm+CFXBpbnRlcmVzdC5lbmdpbmVlcmluZ4IRcGludGVyZXN0bWFpbC5jb22CDHBpbnRlcmVzdC5hdIIMcGludGVyZXN0LmNoggxwaW50ZXJlc3QuZGWCDHBpbnRlcmVzdC5ka4IMcGludGVyZXN0LmllggxwaW50ZXJlc3QuanCCDHBpbnRlcmVzdC5rcoIMcGludGVyZXN0Lm14ggxwaW50ZXJlc3QucHSCDHBpbnRlcmVzdC5zZYIPcGludGVyZXN0LmNvLmF0gg9waW50ZXJlc3QuY28ua3KCD3BpbnRlcmVzdC5jby51a4IQcGludGVyZXN0LmNvbS5teIIOKi5waW50ZXJlc3QuY2GCDioucGludGVyZXN0LmZyggxwaW50ZXJlc3QuY2GCDHBpbnRlcmVzdC5mcoIQcGludGVyZXN0LmNvbS5hdYISKi5waW50ZXJlc3QuY29tLmF1ggxwaW50ZXJlc3QubnqCDioucGludGVyZXN0Lm56ggxwaW50ZXJlc3QuZXOCDioucGludGVyZXN0LmVzggxwaW50ZXJlc3QuY2yCDioucGludGVyZXN0LmNsggxwaW50ZXJlc3QucGiCDioucGludGVyZXN0LnBoggxwaW50ZXJlc3QuaW6CDioucGludGVyZXN0Lmlugg9waW50ZXJlc3QuY28uaW6CESoucGludGVyZXN0LmNvLmluggxwaW50ZXJlc3QuYmWCDioucGludGVyZXN0LmJlggxwaW50ZXJlc3QucGWCDioucGludGVyZXN0LnBlggxwaW50ZXJlc3QuY2+CDioucGludGVyZXN0LmNvghBwaW50ZXJlc3QuY29tLnB5ghIqLnBpbnRlcmVzdC5jb20ucHmCEHBpbnRlcmVzdC5jb20uYm+CEioucGludGVyZXN0LmNvbS5ib4IQcGludGVyZXN0LmNvbS5lY4ISKi5waW50ZXJlc3QuY29tLmVjggxwaW50ZXJlc3QuZWOCDioucGludGVyZXN0LmVjggxwaW50ZXJlc3QuaHWCDioucGludGVyZXN0Lmh1ghBwaW50ZXJlc3QuY29tLnZughIqLnBpbnRlcmVzdC5jb20udm6CDHBpbnRlcmVzdC5pdIIOKi5waW50ZXJlc3QuaXSCDHBpbnRlcmVzdC5ydYIOKi5waW50ZXJlc3QucnWCEHBpbnRlcmVzdC5jb20ucGWCEioucGludGVyZXN0LmNvbS5wZYIQcGludGVyZXN0LmNvbS51eYISKi5waW50ZXJlc3QuY29tLnV5gg9waW50ZXJlc3QuY28ubnqCESoucGludGVyZXN0LmNvLm56ggxwaW50ZXJlc3QudWuCDioucGludGVyZXN0LnVrggxwaW50ZXJlc3Qudm6CDioucGludGVyZXN0LnZuggxwaW50ZXJlc3QuaWSCDioucGludGVyZXN0LmlkggxwaW50ZXJlc3QudGiCDioucGludGVyZXN0LnRoggxwaW50ZXJlc3QudHeCDioucGludGVyZXN0LnR3ggxwaW50ZXJlc3QubmyCDioucGludGVyZXN0Lm5sghcqLnRlc3RpbmcucGludGVyZXN0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFrKNL+mgAABAMARzBFAiEArmUaVzEV4/sfmgxudtHKXaLrxUSLEZW3SI0h+kZG8dQCIE9avQtifguGleicGI+OrQTENAkLRD2h2lHcdq5vN3fSAHcAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrKNL/tgAABAMASDBGAiEAzSi2aDTh1b6DJ61mmc2lRXZfx68orgji7x58ge5F+FYCIQDQ+SxUAju2+MP8W2iS0m1XinZITOwPFEakM4GZoL1GzDANBgkqhkiG9w0BAQsFAAOCAQEAaCRt+7t8x1ZeKmzWn2qsch/VndkGzIxFVi5UteyGfKgMWj7UzxD7/BW2WgGgfFTmolhdQd8kX9yQzJ19PkFF5PIrTLTx5tqbYzkRzgOqV8Oc52SC9AEhJgAr7OfAHBlb4uuy8+U/imnU2wQ1oCsJ9GU5fhoezvhU8nnFusdU6wf1vXZyfDTFiy71iW3eh5u4d5sbc5xVJgUuDgjel89+e02R47S3GAHovjFMqfg4S7HjXtk4C9fXAKHuPK7ZZ64ctePiPK8l+/5VpACFrAr56PiXGyty9o61tfs0XSXmEux1VZxQMJjX4Pmjx5ZZIWhhKPTntm0EGMKawmwa2kHu3w=="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.128.84","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41224,"event_start":1565200328.872734} {"dns":{"base64":"42gBAAABAAAAAAAAA3d3dwlwaW50ZXJlc3QDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":47727,"dst_port":53,"event_start":1565200328.964290} {"dns":{"base64":"IFsBAAABAAAAAAAAA3d3dwlwaW50ZXJlc3QDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":43919,"dst_port":53,"event_start":1565200328.964478} @@ -233,7 +233,7 @@ {"dns":{"base64":"bmuBgAABAAAAAQAABWU2NDQ5AWEKYWthbWFpZWRnZQNuZXQAABwAAcASAAYAAQAAAAUAMQNuMGHAFApob3N0bWFzdGVyBmFrYW1haQNjb20AXUsPAgAAA+gAAAPoAAAD6AAABwg="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":33532,"event_start":1565200329.036374} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.128.84","protocol":6,"src_port":41226,"dst_port":443,"event_start":1565200329.036843} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.pinterest.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.128.84","protocol":6,"src_port":41226,"dst_port":443,"event_start":1565200329.075644} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIMjTCCC3WgAwIBAgIQCGY+vEVuw5mUM8/1pacz4TANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MDUwMDAwMDBaFw0yMDA3MjIxMjAwMDBaMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9QaW50ZXJlc3QsIEluYy4xGDAWBgNVBAMMDyoucGludGVyZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkhv7I4WhMZQvgZAF11mLNfGTz4waZri4nOlRGlEZfA0/9jtBRCw98wADg9QG4Ur4HeRYCQWN0o9mP3XBtdguuP1qB6bOKr3KXtXrasQ6d0ZLTekwCyjBR+pG90QChIw0J5L/rGJlNJcbtqi93cbcpXS6O+DJ6ibF4GRCaczCu8bXbEgt2Ktl70cCrFfqMWqBO1YlXOEP7CeTN1K4znwBidkcrZHvju7Ub8ZTG274+6IkEmzveUGXgdigPz8R/rnX1Qzp8UMSh0lQqTXOboH0/zQX4QT681uR1aKnJvLrw0BgeXpzNReNhGnmR5msh2fiXnlarhuc5KRH3EcsbId3sCAwEAAaOCCSMwggkfMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRhD8DeFSE2Vt03bW3bog/FxUqXyzCCBkoGA1UdEQSCBkEwggY9gg8qLnBpbnRlcmVzdC5jb22CDCoucGluaW1nLmNvbYIQKi5waW50ZXJlc3QuaW5mb4IXKi5waW50ZXJlc3QuZW5naW5lZXJpbmeCEyoucGludGVyZXN0bWFpbC5jb22CDioucGludGVyZXN0LmF0gg4qLnBpbnRlcmVzdC5jaIIOKi5waW50ZXJlc3QuZGWCDioucGludGVyZXN0LmRrgg4qLnBpbnRlcmVzdC5pZYIOKi5waW50ZXJlc3QuanCCDioucGludGVyZXN0Lmtygg4qLnBpbnRlcmVzdC5teIIOKi5waW50ZXJlc3QucHSCDioucGludGVyZXN0LnNlghEqLnBpbnRlcmVzdC5jby5hdIIRKi5waW50ZXJlc3QuY28ua3KCESoucGludGVyZXN0LmNvLnVrghIqLnBpbnRlcmVzdC5jb20ubXiCBnBpbi5pdIINcGludGVyZXN0LmNvbYIKcGluaW1nLmNvbYIOcGludGVyZXN0LmluZm+CFXBpbnRlcmVzdC5lbmdpbmVlcmluZ4IRcGludGVyZXN0bWFpbC5jb22CDHBpbnRlcmVzdC5hdIIMcGludGVyZXN0LmNoggxwaW50ZXJlc3QuZGWCDHBpbg=="}]}},"src_ip":"151.101.128.84","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41226,"event_start":1565200329.120488} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIMjTCCC3WgAwIBAgIQCGY+vEVuw5mUM8/1pacz4TANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MDUwMDAwMDBaFw0yMDA3MjIxMjAwMDBaMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9QaW50ZXJlc3QsIEluYy4xGDAWBgNVBAMMDyoucGludGVyZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkhv7I4WhMZQvgZAF11mLNfGTz4waZri4nOlRGlEZfA0/9jtBRCw98wADg9QG4Ur4HeRYCQWN0o9mP3XBtdguuP1qB6bOKr3KXtXrasQ6d0ZLTekwCyjBR+pG90QChIw0J5L/rGJlNJcbtqi93cbcpXS6O+DJ6ibF4GRCaczCu8bXbEgt2Ktl70cCrFfqMWqBO1YlXOEP7CeTN1K4znwBidkcrZHvju7Ub8ZTG274+6IkEmzveUGXgdigPz8R/rnX1Qzp8UMSh0lQqTXOboH0/zQX4QT681uR1aKnJvLrw0BgeXpzNReNhGnmR5msh2fiXnlarhuc5KRH3EcsbId3sCAwEAAaOCCSMwggkfMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRhD8DeFSE2Vt03bW3bog/FxUqXyzCCBkoGA1UdEQSCBkEwggY9gg8qLnBpbnRlcmVzdC5jb22CDCoucGluaW1nLmNvbYIQKi5waW50ZXJlc3QuaW5mb4IXKi5waW50ZXJlc3QuZW5naW5lZXJpbmeCEyoucGludGVyZXN0bWFpbC5jb22CDioucGludGVyZXN0LmF0gg4qLnBpbnRlcmVzdC5jaIIOKi5waW50ZXJlc3QuZGWCDioucGludGVyZXN0LmRrgg4qLnBpbnRlcmVzdC5pZYIOKi5waW50ZXJlc3QuanCCDioucGludGVyZXN0Lmtygg4qLnBpbnRlcmVzdC5teIIOKi5waW50ZXJlc3QucHSCDioucGludGVyZXN0LnNlghEqLnBpbnRlcmVzdC5jby5hdIIRKi5waW50ZXJlc3QuY28ua3KCESoucGludGVyZXN0LmNvLnVrghIqLnBpbnRlcmVzdC5jb20ubXiCBnBpbi5pdIINcGludGVyZXN0LmNvbYIKcGluaW1nLmNvbYIOcGludGVyZXN0LmluZm+CFXBpbnRlcmVzdC5lbmdpbmVlcmluZ4IRcGludGVyZXN0bWFpbC5jb22CDHBpbnRlcmVzdC5hdIIMcGludGVyZXN0LmNoggxwaW50ZXJlc3QuZGWCDHBpbg=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.128.84","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41226,"event_start":1565200329.120488} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIMjTCCC3WgAwIBAgIQCGY+vEVuw5mUM8/1pacz4TANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA2MDUwMDAwMDBaFw0yMDA3MjIxMjAwMDBaMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9QaW50ZXJlc3QsIEluYy4xGDAWBgNVBAMMDyoucGludGVyZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkhv7I4WhMZQvgZAF11mLNfGTz4waZri4nOlRGlEZfA0/9jtBRCw98wADg9QG4Ur4HeRYCQWN0o9mP3XBtdguuP1qB6bOKr3KXtXrasQ6d0ZLTekwCyjBR+pG90QChIw0J5L/rGJlNJcbtqi93cbcpXS6O+DJ6ibF4GRCaczCu8bXbEgt2Ktl70cCrFfqMWqBO1YlXOEP7CeTN1K4znwBidkcrZHvju7Ub8ZTG274+6IkEmzveUGXgdigPz8R/rnX1Qzp8UMSh0lQqTXOboH0/zQX4QT681uR1aKnJvLrw0BgeXpzNReNhGnmR5msh2fiXnlarhuc5KRH3EcsbId3sCAwEAAaOCCSMwggkfMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBRhD8DeFSE2Vt03bW3bog/FxUqXyzCCBkoGA1UdEQSCBkEwggY9gg8qLnBpbnRlcmVzdC5jb22CDCoucGluaW1nLmNvbYIQKi5waW50ZXJlc3QuaW5mb4IXKi5waW50ZXJlc3QuZW5naW5lZXJpbmeCEyoucGludGVyZXN0bWFpbC5jb22CDioucGludGVyZXN0LmF0gg4qLnBpbnRlcmVzdC5jaIIOKi5waW50ZXJlc3QuZGWCDioucGludGVyZXN0LmRrgg4qLnBpbnRlcmVzdC5pZYIOKi5waW50ZXJlc3QuanCCDioucGludGVyZXN0Lmtygg4qLnBpbnRlcmVzdC5teIIOKi5waW50ZXJlc3QucHSCDioucGludGVyZXN0LnNlghEqLnBpbnRlcmVzdC5jby5hdIIRKi5waW50ZXJlc3QuY28ua3KCESoucGludGVyZXN0LmNvLnVrghIqLnBpbnRlcmVzdC5jb20ubXiCBnBpbi5pdIINcGludGVyZXN0LmNvbYIKcGluaW1nLmNvbYIOcGludGVyZXN0LmluZm+CFXBpbnRlcmVzdC5lbmdpbmVlcmluZ4IRcGludGVyZXN0bWFpbC5jb22CDHBpbnRlcmVzdC5hdIIMcGludGVyZXN0LmNoggxwaW50ZXJlc3QuZGWCDHBpbnRlcmVzdC5ka4IMcGludGVyZXN0LmllggxwaW50ZXJlc3QuanCCDHBpbnRlcmVzdC5rcoIMcGludGVyZXN0Lm14ggxwaW50ZXJlc3QucHSCDHBpbnRlcmVzdC5zZYIPcGludGVyZXN0LmNvLmF0gg9waW50ZXJlc3QuY28ua3KCD3BpbnRlcmVzdC5jby51a4IQcGludGVyZXN0LmNvbS5teIIOKi5waW50ZXJlc3QuY2GCDioucGludGVyZXN0LmZyggxwaW50ZXJlc3QuY2GCDHBpbnRlcmVzdC5mcoIQcGludGVyZXN0LmNvbS5hdYISKi5waW50ZXJlc3QuY29tLmF1ggxwaW50ZXJlc3QubnqCDioucGludGVyZXN0Lm56ggxwaW50ZXJlc3QuZXOCDioucGludGVyZXN0LmVzggxwaW50ZXJlc3QuY2yCDioucGludGVyZXN0LmNsggxwaW50ZXJlc3QucGiCDioucGludGVyZXN0LnBoggxwaW50ZXJlc3QuaW6CDioucGludGVyZXN0Lmlugg9waW50ZXJlc3QuY28uaW6CESoucGludGVyZXN0LmNvLmluggxwaW50ZXJlc3QuYmWCDioucGludGVyZXN0LmJlggxwaW50ZXJlc3QucGWCDioucGludGVyZXN0LnBlggxwaW50ZXJlc3QuY2+CDioucGludGVyZXN0LmNvghBwaW50ZXJlc3QuY29tLnB5ghIqLnBpbnRlcmVzdC5jb20ucHmCEHBpbnRlcmVzdC5jb20uYm+CEioucGludGVyZXN0LmNvbS5ib4IQcGludGVyZXN0LmNvbS5lY4ISKi5waW50ZXJlc3QuY29tLmVjggxwaW50ZXJlc3QuZWOCDioucGludGVyZXN0LmVjggxwaW50ZXJlc3QuaHWCDioucGludGVyZXN0Lmh1ghBwaW50ZXJlc3QuY29tLnZughIqLnBpbnRlcmVzdC5jb20udm6CDHBpbnRlcmVzdC5pdIIOKi5waW50ZXJlc3QuaXSCDHBpbnRlcmVzdC5ydYIOKi5waW50ZXJlc3QucnWCEHBpbnRlcmVzdC5jb20ucGWCEioucGludGVyZXN0LmNvbS5wZYIQcGludGVyZXN0LmNvbS51eYISKi5waW50ZXJlc3QuY29tLnV5gg9waW50ZXJlc3QuY28ubnqCESoucGludGVyZXN0LmNvLm56ggxwaW50ZXJlc3QudWuCDioucGludGVyZXN0LnVrggxwaW50ZXJlc3Qudm6CDioucGludGVyZXN0LnZuggxwaW50ZXJlc3QuaWSCDioucGludGVyZXN0LmlkggxwaW50ZXJlc3QudGiCDioucGludGVyZXN0LnRoggxwaW50ZXJlc3QudHeCDioucGludGVyZXN0LnR3ggxwaW50ZXJlc3QubmyCDioucGludGVyZXN0Lm5sghcqLnRlc3RpbmcucGludGVyZXN0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFrKNL+mgAABAMARzBFAiEArmUaVzEV4/sfmgxudtHKXaLrxUSLEZW3SI0h+kZG8dQCIE9avQtifguGleicGI+OrQTENAkLRD2h2lHcdq5vN3fSAHcAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrKNL/tgAABAMASDBGAiEAzSi2aDTh1b6DJ61mmc2lRXZfx68orgji7x58ge5F+FYCIQDQ+SxUAju2+MP8W2iS0m1XinZITOwPFEakM4GZoL1GzDANBgkqhkiG9w0BAQsFAAOCAQEAaCRt+7t8x1ZeKmzWn2qsch/VndkGzIxFVi5UteyGfKgMWj7UzxD7/BW2WgGgfFTmolhdQd8kX9yQzJ19PkFF5PIrTLTx5tqbYzkRzgOqV8Oc52SC9AEhJgAr7OfAHBlb4uuy8+U/imnU2wQ1oCsJ9GU5fhoezvhU8nnFusdU6wf1vXZyfDTFiy71iW3eh5u4d5sbc5xVJgUuDgjel89+e02R47S3GAHovjFMqfg4S7HjXtk4C9fXAKHuPK7ZZ64ctePiPK8l+/5VpACFrAr56PiXGyty9o61tfs0XSXmEux1VZxQMJjX4Pmjx5ZZIWhhKPTntm0EGMKawmwa2kHu3w=="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.128.84","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41226,"event_start":1565200329.120859} {"dns":{"base64":"zRQBAAABAAAAAAAABHBsYXkGZ29vZ2xlA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":54769,"dst_port":53,"event_start":1565200329.530603} {"dns":{"base64":"/9UBAAABAAAAAAAABHBsYXkGZ29vZ2xlA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":53320,"dst_port":53,"event_start":1565200329.530795} @@ -285,7 +285,7 @@ {"dns":{"base64":"68aBgAABAAIABQAIA2JpdAJseQAAAQABwAwAAQABAAAABQAEQ8f4CsAMAAEAAQAAAAUABEPH+AvAEAACAAEAAAAFAAoDcGNoA2x0dMAQwBAAAgABAAAABQAUBnBobG9lbQd1b3JlZ29uA2VkdQDAEAACAAEAAAAFABADZG5zBmx0dG5ldANuZXQAwBAAAgABAAAABQAQBW5zLWx5B2FmcmluaWPAhcAQAAIAAQAAAAUABwRkbnMxwH7AegABAAEAAAAFAAQ+8CQJwEQAAQABAAAABQAEzD3YQ8CyAAEAAQAAAAUABD5EKgnAlgABAAEAAAAFAATE2KgYwFoAAQABAAAABQAEgN8gI8BEABwAAQAAAAUAECABBQAAFGBnAK0AAAAAAAHAlgAcAAEAAAAFABAgAUP4ASAAAAAAAAAAAAAkwFoAHAABAAAABQAQIAEEaA0BACAAAAAAgN8gIw=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":49963,"event_start":1565200332.566308} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"67.199.248.10","protocol":6,"src_port":55156,"dst_port":443,"event_start":1565200332.566732} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"bit.ly"}},"src_ip":"192.168.113.237","dst_ip":"67.199.248.10","protocol":6,"src_port":55156,"dst_port":443,"event_start":1565200332.678111} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGszCCBZugAwIBAgIQDWR3s57NlhtLxB5iD5etfjANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDcwMzAwMDAwMFoXDTE5MDgyMDEyMDAwMFowgbsxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQFEwc0NjI3MDEzMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRQwEgYDVQQKEwtCaXRseSwgSW5jLjEPMA0GA1UEAxMGYml0Lmx5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznd+dJC+0jK0zgnPKkp5TqfwlPS1hafMINVKQBTMBzLoA786NkCFMG7rAV7P3J4a0PQkTz6hbBTfF4d6nld6k98tIyFzH4cRIVU7yx+Ebat2GY/fFNjtgKdsmUZrd9hfBqXxAKWtoOfNtIPQSTDh0Lq8FXzVkeompoz0v+MczgNeoSq5ieTxtS2CoemP89dhOFXXq5uHJOS7OqjD1zNnWxBXltWtMN+2yWo6/NGzkiq7F2nfRInf97MSCmSMH5nK7L1G6xNo+qfvGWgZVBznNaygX7avYuHvgRZ1YN/1BGflQ3hidAsYWMW5s49jUx/Di0CcRL6mf+Xz8wpOMk4/kwIDAQABo4IC9jCCAvIwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFCHl30RIen6Sr8lKfr84jyIjaHLJMB0GA1UdEQQWMBSCBmJpdC5seYIKd3d3LmJpdC5seTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABZF6i2GcAAAQDAEcwRQIgRFgqLABzUHkbLvr95JZbCjc+DMCKb1GAeEV8llFkePMCIQCst8gB/SAjkLpb9HsnXo4T98+2vENa+qu0fodWfqVvWwB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABZF6i19oAAAQDAEYwRAIgbmo="}]}},"src_ip":"67.199.248.10","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":55156,"event_start":1565200332.784458} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGszCCBZugAwIBAgIQDWR3s57NlhtLxB5iD5etfjANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDcwMzAwMDAwMFoXDTE5MDgyMDEyMDAwMFowgbsxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQFEwc0NjI3MDEzMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRQwEgYDVQQKEwtCaXRseSwgSW5jLjEPMA0GA1UEAxMGYml0Lmx5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznd+dJC+0jK0zgnPKkp5TqfwlPS1hafMINVKQBTMBzLoA786NkCFMG7rAV7P3J4a0PQkTz6hbBTfF4d6nld6k98tIyFzH4cRIVU7yx+Ebat2GY/fFNjtgKdsmUZrd9hfBqXxAKWtoOfNtIPQSTDh0Lq8FXzVkeompoz0v+MczgNeoSq5ieTxtS2CoemP89dhOFXXq5uHJOS7OqjD1zNnWxBXltWtMN+2yWo6/NGzkiq7F2nfRInf97MSCmSMH5nK7L1G6xNo+qfvGWgZVBznNaygX7avYuHvgRZ1YN/1BGflQ3hidAsYWMW5s49jUx/Di0CcRL6mf+Xz8wpOMk4/kwIDAQABo4IC9jCCAvIwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFCHl30RIen6Sr8lKfr84jyIjaHLJMB0GA1UdEQQWMBSCBmJpdC5seYIKd3d3LmJpdC5seTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABZF6i2GcAAAQDAEcwRQIgRFgqLABzUHkbLvr95JZbCjc+DMCKb1GAeEV8llFkePMCIQCst8gB/SAjkLpb9HsnXo4T98+2vENa+qu0fodWfqVvWwB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABZF6i19oAAAQDAEYwRAIgbmo="}]}},"reassembly_properties":{"truncated":true},"src_ip":"67.199.248.10","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":55156,"event_start":1565200332.784458} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGszCCBZugAwIBAgIQDWR3s57NlhtLxB5iD5etfjANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDcwMzAwMDAwMFoXDTE5MDgyMDEyMDAwMFowgbsxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQFEwc0NjI3MDEzMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRQwEgYDVQQKEwtCaXRseSwgSW5jLjEPMA0GA1UEAxMGYml0Lmx5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznd+dJC+0jK0zgnPKkp5TqfwlPS1hafMINVKQBTMBzLoA786NkCFMG7rAV7P3J4a0PQkTz6hbBTfF4d6nld6k98tIyFzH4cRIVU7yx+Ebat2GY/fFNjtgKdsmUZrd9hfBqXxAKWtoOfNtIPQSTDh0Lq8FXzVkeompoz0v+MczgNeoSq5ieTxtS2CoemP89dhOFXXq5uHJOS7OqjD1zNnWxBXltWtMN+2yWo6/NGzkiq7F2nfRInf97MSCmSMH5nK7L1G6xNo+qfvGWgZVBznNaygX7avYuHvgRZ1YN/1BGflQ3hidAsYWMW5s49jUx/Di0CcRL6mf+Xz8wpOMk4/kwIDAQABo4IC9jCCAvIwHwYDVR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFCHl30RIen6Sr8lKfr84jyIjaHLJMB0GA1UdEQQWMBSCBmJpdC5seYIKd3d3LmJpdC5seTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABZF6i2GcAAAQDAEcwRQIgRFgqLABzUHkbLvr95JZbCjc+DMCKb1GAeEV8llFkePMCIQCst8gB/SAjkLpb9HsnXo4T98+2vENa+qu0fodWfqVvWwB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABZF6i19oAAAQDAEYwRAIgbmrJyI2amsTHWy31ejWA+p/3lVfhpgpjbVmGHqD96HkCIEid5T6yI11UyVV1HVbKV3V0d/LR7GraugLARjr0ByzwMA0GCSqGSIb3DQEBCwUAA4IBAQDGyFbf+EbxHAs65YFOq1wPA5sRnPs50am+sBVFsMBJ8d6zHPwER/vquEtuuzlA87abnN5dOW+cIujGdaorO8sXuEh+bKj7jQ8DM+Vae/kDCLpszkiBfxyFwgoFrXgX3Zvy9ccnQlHgDptgF/Jd5y/KQax9/w7HuRwuVW7oBTi67LZYRa8+hkS1d3B6Zo7OXnCgg2vIFYo96I5roGWDxfcWvHg88oGp3XpEfUssWgRJizpKYB6t4rGgqbzlcqRqa0oHntk4daSegITewFiLKPlQenthNq73BKVpQd5rmLt7YAAGFYUg6gKyx4sQNl0EeOesgF35cg71fRyfdnWyqL1x"},{"base64":"MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowdTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTE0MDIGA1UEAxMrRGlnaUNlcnQgU0hBMiBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANdTpARR+JmmFkhLZyeqk0nQOe0MsLAAh/FnKIaFjI5j2ryxQDji0/XspQUYuD0+xZkXMuwYjPrxDKZkIYXLBxA0sFKIKx9om9KxjxKws9LniB8f7zh3VFNfgHk/LhqqqB5LKw2rt2O5Nbd9FLxZS99RStKh4gzikIKHaq7q12TWmFXo/a8aUGxUvBHy/Urynbt/DvTVvo4WiRJV2MBxNO723C3sxIclho3YIeSwTQyJ3DkmF93215SF2AQhcJ1vb/9cuhnhRctWVyh+HA1BV6q3uCe7seT6Ku8hI3UarS2bhjWMnHe1c63YlC3k8wyd7sFOYn4XwHGeLN7x+RAoGTMCAwEAAaOCAUkwggFFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ901Cl1qCt7vNKYApl0yHU+PjWDzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAnbbQkIbhhgLtxaDwNBx0wY12zIYKqPBKikLWP8ipTa18CK3mtlC4ohpNiAexKSHc59rGPCHg4xFJcKx6HQGkyhE6V6t9VypAdP3THYUYUN9XR3WhfVUgLkc3UHKMf4Ib0mKPLQNa2sPIoc4sUqIAY+tzunHISScjl2SFnjgOrWNoPLpSgVh5oywM395t6zHyuqB8bPEs1OG9d4Q3A84ytciagRpKkk47RpqF/oOi+Z6Mo8wNXrM9zwR4jxQUezKcxwCmXMS1oVWNWlZopCJwqjyBcdmdqEU79OX2olHdx3ti6G8MdOu42vi/hw15UJGQmxg7kVkn8TUoE6smftX3eg=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"67.199.248.10","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":55156,"event_start":1565200332.784752} {"dns":{"base64":"AiMBAAABAAAAAAAABWJpdGx5A2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":36233,"dst_port":53,"event_start":1565200333.006126} {"dns":{"base64":"WmUBAAABAAAAAAAABWJpdGx5A2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":48534,"dst_port":53,"event_start":1565200333.006301} @@ -294,7 +294,7 @@ {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"67.199.248.14","protocol":6,"src_port":41982,"dst_port":443,"event_start":1565200333.070960} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"67.199.248.14","protocol":6,"src_port":41982,"dst_port":443,"event_start":1565200334.085917} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"bitly.com"}},"src_ip":"192.168.113.237","dst_ip":"67.199.248.14","protocol":6,"src_port":41982,"dst_port":443,"event_start":1565200334.217016} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG4zCCBcugAwIBAgIQDWINzIIdaLjR4RD3jzgHSTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xODA4MjcwMDAwMDBaFw0yMDA5MDgxMjAwMDBaMHQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAoTC0JpdGx5LCBJbmMuMRMwEQYDVQQLEwpPcGVyYXRpb25zMRQwEgYDVQQDDAsqLmJpdGx5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN/qidwToSGhNX6Bb0gP03RZq7L92Ut3iJgdGPBwwndspJGTVa2kkkQpbcM7mbG3bvvk3JaAH0A6CE78FN65YacWfbrAR1w2P62jobapbJ37Wn1wY4Wd8AgQIJIM37L5oHMXwGpxYu+1yzJ8o2wTYTDdHat8y0INxy0NXLzEC4ySNTHhBDQIW8ufPUaSdJZkehTs7zH/TOUCAlhjXMmSmiLcyCqzwrUg3Rq3/+6hIRU0cBqVBRy6fHv6RtLcII8HmALXmA2aV1fZWO8FqgabIi7eFHPsJiBkGGoOb0Y7OqWK7XYYJbwfjKo3LchjDJVCAknwvbrOJPOQSlxEItGJwfsCAwEAAaOCA3MwggNvMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQ7EDxxmfdjgjJ2p9by+facoK9fkTAhBgNVHREEGjAYggsqLmJpdGx5LmNvbYIJYml0bHkuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZXx/YAYAAAQDAEgwRgIhAIFD4oEZXrLNxMruEFIfoV28ZKZefWWq4eC9Zx5WibmPAiEAq7sQiGHv4gzIJ+VwYhHE1Dsl0sj4hZgSX5m/yag5M4YAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWV8f2DIAAAEAwBIMEYCIQCQ5eMnd6CzaYM1U6E5jTE+mVVgC3wqS3+pk16TFWFkxgIhAO9eGwJIPbzLlDT9fpjhmHMx6wFsqqZ9lrgOthDmWvsvAHYA7ku9t3U="}]}},"src_ip":"67.199.248.14","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41982,"event_start":1565200334.337930} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG4zCCBcugAwIBAgIQDWINzIIdaLjR4RD3jzgHSTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xODA4MjcwMDAwMDBaFw0yMDA5MDgxMjAwMDBaMHQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAoTC0JpdGx5LCBJbmMuMRMwEQYDVQQLEwpPcGVyYXRpb25zMRQwEgYDVQQDDAsqLmJpdGx5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN/qidwToSGhNX6Bb0gP03RZq7L92Ut3iJgdGPBwwndspJGTVa2kkkQpbcM7mbG3bvvk3JaAH0A6CE78FN65YacWfbrAR1w2P62jobapbJ37Wn1wY4Wd8AgQIJIM37L5oHMXwGpxYu+1yzJ8o2wTYTDdHat8y0INxy0NXLzEC4ySNTHhBDQIW8ufPUaSdJZkehTs7zH/TOUCAlhjXMmSmiLcyCqzwrUg3Rq3/+6hIRU0cBqVBRy6fHv6RtLcII8HmALXmA2aV1fZWO8FqgabIi7eFHPsJiBkGGoOb0Y7OqWK7XYYJbwfjKo3LchjDJVCAknwvbrOJPOQSlxEItGJwfsCAwEAAaOCA3MwggNvMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQ7EDxxmfdjgjJ2p9by+facoK9fkTAhBgNVHREEGjAYggsqLmJpdGx5LmNvbYIJYml0bHkuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZXx/YAYAAAQDAEgwRgIhAIFD4oEZXrLNxMruEFIfoV28ZKZefWWq4eC9Zx5WibmPAiEAq7sQiGHv4gzIJ+VwYhHE1Dsl0sj4hZgSX5m/yag5M4YAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWV8f2DIAAAEAwBIMEYCIQCQ5eMnd6CzaYM1U6E5jTE+mVVgC3wqS3+pk16TFWFkxgIhAO9eGwJIPbzLlDT9fpjhmHMx6wFsqqZ9lrgOthDmWvsvAHYA7ku9t3U="}]}},"reassembly_properties":{"truncated":true},"src_ip":"67.199.248.14","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41982,"event_start":1565200334.337930} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG4zCCBcugAwIBAgIQDWINzIIdaLjR4RD3jzgHSTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xODA4MjcwMDAwMDBaFw0yMDA5MDgxMjAwMDBaMHQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAoTC0JpdGx5LCBJbmMuMRMwEQYDVQQLEwpPcGVyYXRpb25zMRQwEgYDVQQDDAsqLmJpdGx5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN/qidwToSGhNX6Bb0gP03RZq7L92Ut3iJgdGPBwwndspJGTVa2kkkQpbcM7mbG3bvvk3JaAH0A6CE78FN65YacWfbrAR1w2P62jobapbJ37Wn1wY4Wd8AgQIJIM37L5oHMXwGpxYu+1yzJ8o2wTYTDdHat8y0INxy0NXLzEC4ySNTHhBDQIW8ufPUaSdJZkehTs7zH/TOUCAlhjXMmSmiLcyCqzwrUg3Rq3/+6hIRU0cBqVBRy6fHv6RtLcII8HmALXmA2aV1fZWO8FqgabIi7eFHPsJiBkGGoOb0Y7OqWK7XYYJbwfjKo3LchjDJVCAknwvbrOJPOQSlxEItGJwfsCAwEAAaOCA3MwggNvMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQ7EDxxmfdjgjJ2p9by+facoK9fkTAhBgNVHREEGjAYggsqLmJpdGx5LmNvbYIJYml0bHkuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZXx/YAYAAAQDAEgwRgIhAIFD4oEZXrLNxMruEFIfoV28ZKZefWWq4eC9Zx5WibmPAiEAq7sQiGHv4gzIJ+VwYhHE1Dsl0sj4hZgSX5m/yag5M4YAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWV8f2DIAAAEAwBIMEYCIQCQ5eMnd6CzaYM1U6E5jTE+mVVgC3wqS3+pk16TFWFkxgIhAO9eGwJIPbzLlDT9fpjhmHMx6wFsqqZ9lrgOthDmWvsvAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFlfH9gMwAABAMARzBFAiEAi19tXp6F0lwZFYgToZVHTSjpkrUpLL+dgOQUd7KDoQ4CIFLu3fUU/W5s3WYUf/mwxYOqqwxe+qEiifgn8LEreE27MA0GCSqGSIb3DQEBCwUAA4IBAQAd9K9mdg9VA2uPFQDjJpIkGYvEVlbz9nUaqxMLP4anttngfqRorn4p28A3DhKQCT83/5TEWqE+esNI1Nhz2b4yA7LRhqaEkJVY8OHWBVf9blsaBZ4gZlCxC26V/7U6U5BqEGSzydSFHnhOVsCBTHe8/UvWNW8kDiswXUgk+GxW2T+ypEB+gbUaI06drBVUtwGIftxSOdy49c4jFGrDFaPjhHKn9oZ2oQOR5lu+ZQOPXt2LNuuvKmxLzVmCd59ysPmIGn558kk3TOjHcVRB3DoYNsBp3lCLX0fYLfevGerFolvraa0AywvzbHDKa4JQ7g2h498IkovdPXEW8hQ8Xy7f"},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"67.199.248.14","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":41982,"event_start":1565200334.338224} {"dns":{"base64":"FSMBAAABAAAAAAAABXlhaG9vA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":50783,"dst_port":53,"event_start":1565200334.828074} {"dns":{"base64":"rkQBAAABAAAAAAAABXlhaG9vA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":38416,"dst_port":53,"event_start":1565200334.828333} @@ -302,7 +302,7 @@ {"dns":{"base64":"FSOBgAABAAYADQAKBXlhaG9vA2NvbQAAAQABwAwAAQABAAAABQAESB4jCcAMAAEAAQAAAAUABGKK2+jADAABAAEAAAAFAARiifYIwAwAAQABAAAABQAEYon2B8AMAAEAAQAAAAUABGKK2+fADAABAAEAAAAFAARIHiMKwBIAAgABAAAABQAUAWcMZ3RsZC1zZXJ2ZXJzA25ldADAEgACAAEAAAAFAAQBYsCJwBIAAgABAAAABQAEAWvAicASAAIAAQAAAAUABAFjwInAEgACAAEAAAAFAAQBaMCJwBIAAgABAAAABQAEAWbAicASAAIAAQAAAAUABAFkwInAEgACAAEAAAAFAAQBacCJwBIAAgABAAAABQAEAWzAicASAAIAAQAAAAUABAFlwInAEgACAAEAAAAFAAQBbcCJwBIAAgABAAAABQAEAWHAicASAAIAAQAAAAUABAFqwInBRwABAAEAAAAFAATABQYewKcAAQABAAAABQAEwCEOHsDHAAEAAQAAAAUABMAaXB7A9wABAAEAAAAFAATAH1AewScAAQABAAAABQAEwAxeHsDnAAEAAQAAAAUABMAjMx7AhwABAAEAAAAFAATAKl0ewNcAAQABAAAABQAEwDZwHsEHAAEAAQAAAAUABMArrB7BVwABAAEAAAAFAATAME8e"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":50783,"event_start":1565200334.864301} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"72.30.35.9","protocol":6,"src_port":37050,"dst_port":443,"event_start":1565200334.865000} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"yahoo.com"}},"src_ip":"192.168.113.237","dst_ip":"72.30.35.9","protocol":6,"src_port":37050,"dst_port":443,"event_start":1565200334.923897} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHCzCCBfOgAwIBAgIQC8M2wJUf1+pWw3jShdD6bTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA4MDYwMDAwMDBaFw0yMDAyMDIxMjAwMDBaMGMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRgwFgYDVQQDDA8qLnd3dy55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirs4sQ7vEOfujfIii5gGWEOlqKc9yHNbAoyN96STzjihj56QK3Uzl7fiShiKiD04OAE1RLOrVObCwrWJi+C3XybKlOAwVvKD1gkkyuGZaunygg4H+TfvRICZV5pRMNNbacko0Ji/Xv5r9+epnHAeGXSp0LxQiH3wyJCBtLPuBI6A3wxd1iaWiFAWNR2WUMyU3uENLnbMjr0j462/+kYdhZ0+phZ9auThabOOR8TA61NwTofCJ5Xq0cMk9h6kWN7FcpMEMrid2qPqYTQcvVBgFipPZRNIO7ymRPEmnWQo21PtgiRfnILqg+Lwd95A5RYg2XeRhmXBa22Sh+J/b1im/AgMBAAGjggOsMIIDqDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUaekEkRuDKAqyMmsIHXgRzibqObswgdYGA1UdEQSBzjCBy4IPKi53d3cueWFob28uY29tgg4qLmFtcC55aW1nLmNvbYILKi55YWhvby5jb22CEGFkZC5teS55YWhvby5jb22CD2NhLm15LnlhaG9vLmNvbYITY2Eucm9nZXJzLnlhaG9vLmNvbYIQZGRsLmZwLnlhaG9vLmNvbYIWZnItY2Eucm9nZXJzLnlhaG9vLmNvbYIPaGsucmQueWFob28uY29tggxtYnAueWltZy5jb22CD3R3LnJkLnlhaG9vLmNvbYIJeWFob28uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC4="}]}},"src_ip":"72.30.35.9","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":37050,"event_start":1565200334.982648} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHCzCCBfOgAwIBAgIQC8M2wJUf1+pWw3jShdD6bTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA4MDYwMDAwMDBaFw0yMDAyMDIxMjAwMDBaMGMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRgwFgYDVQQDDA8qLnd3dy55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirs4sQ7vEOfujfIii5gGWEOlqKc9yHNbAoyN96STzjihj56QK3Uzl7fiShiKiD04OAE1RLOrVObCwrWJi+C3XybKlOAwVvKD1gkkyuGZaunygg4H+TfvRICZV5pRMNNbacko0Ji/Xv5r9+epnHAeGXSp0LxQiH3wyJCBtLPuBI6A3wxd1iaWiFAWNR2WUMyU3uENLnbMjr0j462/+kYdhZ0+phZ9auThabOOR8TA61NwTofCJ5Xq0cMk9h6kWN7FcpMEMrid2qPqYTQcvVBgFipPZRNIO7ymRPEmnWQo21PtgiRfnILqg+Lwd95A5RYg2XeRhmXBa22Sh+J/b1im/AgMBAAGjggOsMIIDqDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUaekEkRuDKAqyMmsIHXgRzibqObswgdYGA1UdEQSBzjCBy4IPKi53d3cueWFob28uY29tgg4qLmFtcC55aW1nLmNvbYILKi55YWhvby5jb22CEGFkZC5teS55YWhvby5jb22CD2NhLm15LnlhaG9vLmNvbYITY2Eucm9nZXJzLnlhaG9vLmNvbYIQZGRsLmZwLnlhaG9vLmNvbYIWZnItY2Eucm9nZXJzLnlhaG9vLmNvbYIPaGsucmQueWFob28uY29tggxtYnAueWltZy5jb22CD3R3LnJkLnlhaG9vLmNvbYIJeWFob28uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC4="}]}},"reassembly_properties":{"truncated":true},"src_ip":"72.30.35.9","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":37050,"event_start":1565200334.982648} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHCzCCBfOgAwIBAgIQC8M2wJUf1+pWw3jShdD6bTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA4MDYwMDAwMDBaFw0yMDAyMDIxMjAwMDBaMGMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRgwFgYDVQQDDA8qLnd3dy55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirs4sQ7vEOfujfIii5gGWEOlqKc9yHNbAoyN96STzjihj56QK3Uzl7fiShiKiD04OAE1RLOrVObCwrWJi+C3XybKlOAwVvKD1gkkyuGZaunygg4H+TfvRICZV5pRMNNbacko0Ji/Xv5r9+epnHAeGXSp0LxQiH3wyJCBtLPuBI6A3wxd1iaWiFAWNR2WUMyU3uENLnbMjr0j462/+kYdhZ0+phZ9auThabOOR8TA61NwTofCJ5Xq0cMk9h6kWN7FcpMEMrid2qPqYTQcvVBgFipPZRNIO7ymRPEmnWQo21PtgiRfnILqg+Lwd95A5RYg2XeRhmXBa22Sh+J/b1im/AgMBAAGjggOsMIIDqDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUaekEkRuDKAqyMmsIHXgRzibqObswgdYGA1UdEQSBzjCBy4IPKi53d3cueWFob28uY29tgg4qLmFtcC55aW1nLmNvbYILKi55YWhvby5jb22CEGFkZC5teS55YWhvby5jb22CD2NhLm15LnlhaG9vLmNvbYITY2Eucm9nZXJzLnlhaG9vLmNvbYIQZGRsLmZwLnlhaG9vLmNvbYIWZnItY2Eucm9nZXJzLnlhaG9vLmNvbYIPaGsucmQueWFob28uY29tggxtYnAueWltZy5jb22CD3R3LnJkLnlhaG9vLmNvbYIJeWFob28uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWxoP1bRAAAEAwBHMEUCIQDdmgmiG/EpnvAnBdg3XCQTGLs8lNSIDGHDaQWgBq9VCgIgZsZ3m6pXNI//TS8XhYh8PCWIjBokKJvm1Tn1ST6L3ckAdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWxoP1ccAAAEAwBGMEQCIEHpkO5+0ht224fAM6owijpPlRfcO+YwaVQDkgI1mIDAAiBtpay6WdE9oAc9pF31Je1sgbaDFGD0q5Yx22QwmFvxZDANBgkqhkiG9w0BAQsFAAOCAQEAnINtMIB149N31+iHLGR4/lXGfKmKjUibQR6WaD0lNANjChxDiFXPQieobLfkWkaMfKBbGSg8h7WMdCsCkIMnN+z8KmmTnY4MN+m8wR0QOXKHvWXX6HG3sSORtJ7EI9uxFvBOlEHmj4HBrQVs0iiVOp5gcOAfCcphMtNBp3gIy8eqi7HeUrsiVwJal/vz2V+zlaHgXJ86eVOqvE1H30hdiQYXi23+sbfkTfZh119xiJ9c591HgYrUy4vWdAdPD0Eoo1JVIxDRpNHxIIDpnxYehlCU921fOJqwL1ShquSF59UzV7DDnIxdkYTmPY5H5kjlbhNU99k/dnkWSpecKP0m8Q=="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"72.30.35.9","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":37050,"event_start":1565200334.983206} {"dns":{"base64":"rPQBAAABAAAAAAAAA3d3dwV5YWhvbwNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":54985,"dst_port":53,"event_start":1565200335.120651} {"dns":{"base64":"DxIBAAABAAAAAAAAA3d3dwV5YWhvbwNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":46072,"dst_port":53,"event_start":1565200335.120836} @@ -310,7 +310,7 @@ {"dns":{"base64":"rPSBgAABAAUADQAJA3d3dwV5YWhvbwNjb20AAAEAAcAMAAUAAQAAAAUAFg1hdHN2Mi1mcC1zaGVkA3dnMQFiwBDAKwABAAEAAAAFAARIHiMJwCsAAQABAAAABQAEYorb6MArAAEAAQAAAAUABEgeIwrAKwABAAEAAAAFAARiitvnwBYAAgABAAAABQAUAWoMZ3RsZC1zZXJ2ZXJzA25ldADAFgACAAEAAAAFAAQBZMCPwBYAAgABAAAABQAEAWnAj8AWAAIAAQAAAAUABAFrwI/AFgACAAEAAAAFAAQBZ8CPwBYAAgABAAAABQAEAWbAj8AWAAIAAQAAAAUABAFowI/AFgACAAEAAAAFAAQBYsCPwBYAAgABAAAABQAEAWPAj8AWAAIAAQAAAAUABAFswI/AFgACAAEAAAAFAAQBYcCPwBYAAgABAAAABQAEAWXAj8AWAAIAAQAAAAUABAFtwI/BPQABAAEAAAAFAATABQYewQ0AAQABAAAABQAEwCEOHsEdAAEAAQAAAAUABMAaXB7ArQABAAEAAAAFAATAH1AewU0AAQABAAAABQAEwAxeHsDtAAEAAQAAAAUABMAjMx7A3QABAAEAAAAFAATAKl0ewP0AAQABAAAABQAEwDZwHsC9AAEAAQAAAAUABMArrB4="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":54985,"event_start":1565200335.158060} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"98.138.219.231","protocol":6,"src_port":59128,"dst_port":443,"event_start":1565200335.158395} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.yahoo.com"}},"src_ip":"192.168.113.237","dst_ip":"98.138.219.231","protocol":6,"src_port":59128,"dst_port":443,"event_start":1565200335.242324} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHCzCCBfOgAwIBAgIQC8M2wJUf1+pWw3jShdD6bTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA4MDYwMDAwMDBaFw0yMDAyMDIxMjAwMDBaMGMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRgwFgYDVQQDDA8qLnd3dy55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirs4sQ7vEOfujfIii5gGWEOlqKc9yHNbAoyN96STzjihj56QK3Uzl7fiShiKiD04OAE1RLOrVObCwrWJi+C3XybKlOAwVvKD1gkkyuGZaunygg4H+TfvRICZV5pRMNNbacko0Ji/Xv5r9+epnHAeGXSp0LxQiH3wyJCBtLPuBI6A3wxd1iaWiFAWNR2WUMyU3uENLnbMjr0j462/+kYdhZ0+phZ9auThabOOR8TA61NwTofCJ5Xq0cMk9h6kWN7FcpMEMrid2qPqYTQcvVBgFipPZRNIO7ymRPEmnWQo21PtgiRfnILqg+Lwd95A5RYg2XeRhmXBa22Sh+J/b1im/AgMBAAGjggOsMIIDqDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUaekEkRuDKAqyMmsIHXgRzibqObswgdYGA1UdEQSBzjCBy4IPKi53d3cueWFob28uY29tgg4qLmFtcC55aW1nLmNvbYILKi55YWhvby5jb22CEGFkZC5teS55YWhvby5jb22CD2NhLm15LnlhaG9vLmNvbYITY2Eucm9nZXJzLnlhaG9vLmNvbYIQZGRsLmZwLnlhaG9vLmNvbYIWZnItY2Eucm9nZXJzLnlhaG9vLmNvbYIPaGsucmQueWFob28uY29tggxtYnAueWltZy5jb22CD3R3LnJkLnlhaG9vLmNvbYIJeWFob28uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC4="}]}},"src_ip":"98.138.219.231","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":59128,"event_start":1565200335.331768} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHCzCCBfOgAwIBAgIQC8M2wJUf1+pWw3jShdD6bTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA4MDYwMDAwMDBaFw0yMDAyMDIxMjAwMDBaMGMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRgwFgYDVQQDDA8qLnd3dy55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirs4sQ7vEOfujfIii5gGWEOlqKc9yHNbAoyN96STzjihj56QK3Uzl7fiShiKiD04OAE1RLOrVObCwrWJi+C3XybKlOAwVvKD1gkkyuGZaunygg4H+TfvRICZV5pRMNNbacko0Ji/Xv5r9+epnHAeGXSp0LxQiH3wyJCBtLPuBI6A3wxd1iaWiFAWNR2WUMyU3uENLnbMjr0j462/+kYdhZ0+phZ9auThabOOR8TA61NwTofCJ5Xq0cMk9h6kWN7FcpMEMrid2qPqYTQcvVBgFipPZRNIO7ymRPEmnWQo21PtgiRfnILqg+Lwd95A5RYg2XeRhmXBa22Sh+J/b1im/AgMBAAGjggOsMIIDqDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUaekEkRuDKAqyMmsIHXgRzibqObswgdYGA1UdEQSBzjCBy4IPKi53d3cueWFob28uY29tgg4qLmFtcC55aW1nLmNvbYILKi55YWhvby5jb22CEGFkZC5teS55YWhvby5jb22CD2NhLm15LnlhaG9vLmNvbYITY2Eucm9nZXJzLnlhaG9vLmNvbYIQZGRsLmZwLnlhaG9vLmNvbYIWZnItY2Eucm9nZXJzLnlhaG9vLmNvbYIPaGsucmQueWFob28uY29tggxtYnAueWltZy5jb22CD3R3LnJkLnlhaG9vLmNvbYIJeWFob28uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC4="}]}},"reassembly_properties":{"truncated":true},"src_ip":"98.138.219.231","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":59128,"event_start":1565200335.331768} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHCzCCBfOgAwIBAgIQC8M2wJUf1+pWw3jShdD6bTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA4MDYwMDAwMDBaFw0yMDAyMDIxMjAwMDBaMGMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRgwFgYDVQQDDA8qLnd3dy55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirs4sQ7vEOfujfIii5gGWEOlqKc9yHNbAoyN96STzjihj56QK3Uzl7fiShiKiD04OAE1RLOrVObCwrWJi+C3XybKlOAwVvKD1gkkyuGZaunygg4H+TfvRICZV5pRMNNbacko0Ji/Xv5r9+epnHAeGXSp0LxQiH3wyJCBtLPuBI6A3wxd1iaWiFAWNR2WUMyU3uENLnbMjr0j462/+kYdhZ0+phZ9auThabOOR8TA61NwTofCJ5Xq0cMk9h6kWN7FcpMEMrid2qPqYTQcvVBgFipPZRNIO7ymRPEmnWQo21PtgiRfnILqg+Lwd95A5RYg2XeRhmXBa22Sh+J/b1im/AgMBAAGjggOsMIIDqDAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVkYqISuFlyOzAdBgNVHQ4EFgQUaekEkRuDKAqyMmsIHXgRzibqObswgdYGA1UdEQSBzjCBy4IPKi53d3cueWFob28uY29tgg4qLmFtcC55aW1nLmNvbYILKi55YWhvby5jb22CEGFkZC5teS55YWhvby5jb22CD2NhLm15LnlhaG9vLmNvbYITY2Eucm9nZXJzLnlhaG9vLmNvbYIQZGRsLmZwLnlhaG9vLmNvbYIWZnItY2Eucm9nZXJzLnlhaG9vLmNvbYIPaGsucmQueWFob28uY29tggxtYnAueWltZy5jb22CD3R3LnJkLnlhaG9vLmNvbYIJeWFob28uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWxoP1bRAAAEAwBHMEUCIQDdmgmiG/EpnvAnBdg3XCQTGLs8lNSIDGHDaQWgBq9VCgIgZsZ3m6pXNI//TS8XhYh8PCWIjBokKJvm1Tn1ST6L3ckAdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWxoP1ccAAAEAwBGMEQCIEHpkO5+0ht224fAM6owijpPlRfcO+YwaVQDkgI1mIDAAiBtpay6WdE9oAc9pF31Je1sgbaDFGD0q5Yx22QwmFvxZDANBgkqhkiG9w0BAQsFAAOCAQEAnINtMIB149N31+iHLGR4/lXGfKmKjUibQR6WaD0lNANjChxDiFXPQieobLfkWkaMfKBbGSg8h7WMdCsCkIMnN+z8KmmTnY4MN+m8wR0QOXKHvWXX6HG3sSORtJ7EI9uxFvBOlEHmj4HBrQVs0iiVOp5gcOAfCcphMtNBp3gIy8eqi7HeUrsiVwJal/vz2V+zlaHgXJ86eVOqvE1H30hdiQYXi23+sbfkTfZh119xiJ9c591HgYrUy4vWdAdPD0Eoo1JVIxDRpNHxIIDpnxYehlCU921fOJqwL1ShquSF59UzV7DDnIxdkYTmPY5H5kjlbhNU99k/dnkWSpecKP0m8Q=="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"98.138.219.231","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":59128,"event_start":1565200335.333809} {"dns":{"base64":"hR0BAAABAAAAAAAABmFtYXpvbgNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":53662,"dst_port":53,"event_start":1565200336.134566} {"dns":{"base64":"U8kBAAABAAAAAAAABmFtYXpvbgNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":50727,"dst_port":53,"event_start":1565200336.134719} @@ -318,7 +318,7 @@ {"dns":{"base64":"U8mBgAABAAAAAQAABmFtYXpvbgNjb20AABwAAcAMAAYAAQAAAAUAMRNkbnMtZXh0ZXJuYWwtbWFzdGVywAwEcm9vdMAMd9AASgAAALQAAAA8AC4kgAAAADw="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":50727,"event_start":1565200336.175898} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"176.32.98.166","protocol":6,"src_port":52744,"dst_port":443,"event_start":1565200336.176117} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"amazon.com"}},"src_ip":"192.168.113.237","dst_ip":"176.32.98.166","protocol":6,"src_port":52744,"dst_port":443,"event_start":1565200336.223970} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102))"},"tls":{"server":{"certs":[{"base64":"MIIIITCCBwmgAwIBAgIQBgbZf4Ao3WgcJWbIhYPjZjANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVEaWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTkwNDMwMDAwMDAwWhcNMjAwNDAxMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEWMBQGA1UEAwwNKi5wZWcuYTJ6LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALFgxFvUh6c5p4HmPB4BjoRVRU9zT3/3GW7IxJRqc94R+BCvzWqI3hK7rfo8Vn6IDwOMVsfrJhSS6IPs+a0TAIyygJ5wFSjYkPtLfkfgKXMyP/c6MhxrYbxuATIX5dcJZ5kLEiGSlb9FBOIl9ILZqewA2aXAZV9kGG+dwe2f+tnW2cCho3gd29+HcRM4swvX1Q/6y+AkjPzLgET//E/UR7k98Bz6bY2bSwIg7N0dyysRSfQe7WpFJr5GwLTnEkrTz2SKgtk7H4SxkK0Sm6MLhIA6zlgQCW+gdKnZWijWiR7eFZwGKBC0AmTOPSraaDvb31D6syjzgMvkKR9IFUWA8BUCAwEAAaOCBOowggTmMB8GA1UdIwQYMBaAFCRuKy3QapJRUSVpAaqaR6aJ50AgMB0GA1UdDgQWBBQaXzAyaZXZcFEDaE8X9EnhptybGjCCAiMGA1UdEQSCAhowggIWggxhbWF6b24uY28udWuCE3VlZGF0YS5hbWF6b24uY28udWuCEHd3dy5hbWF6b24uY28udWuCF29yaWdpbi13d3cuYW1hem9uLmNvLnVrgg0qLnBlZy5hMnouY29tggphbWF6b24uY29tgghhbXpuLmNvbYIRdWVkYXRhLmFtYXpvbi5jb22CDXVzLmFtYXpvbi5jb22CDnd3dy5hbWF6b24uY29tggx3d3cuYW16bi5jb22CFGNvcnBvcmF0ZS5hbWF6b24uY29tghFidXlib3guYW1hem9uLmNvbYIRaXBob25lLmFtYXpvbi5jb22CDXlwLmFtYXpvbi5jb22CD2hvbWUuYW1hem9uLmNvbYIVb3JpZ2luLXd3dy5hbWF6b24uY29tgiFidWNrZXllLXJldGFpbC13ZWJzaXRlLmFtYXpvbi5jb22CEmh1ZGRsZXMuYW1hem9uLmNvbYIJYW1hem9uLmRlgg13d3cuYW1hem9uLmRlghRvcmlnaW4td3d3LmFtYXpvbi5kZYIMYW1hem9uLmNvLmpwgglhbWF6b24uanCCDXd3dy5hbWF6b24uanCCEHd3dy5hbWF6b24uY28uanCCF29yaWdpbi13d3c="}]}},"src_ip":"176.32.98.166","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":52744,"event_start":1565200336.270155} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102))"},"tls":{"server":{"certs":[{"base64":"MIIIITCCBwmgAwIBAgIQBgbZf4Ao3WgcJWbIhYPjZjANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVEaWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTkwNDMwMDAwMDAwWhcNMjAwNDAxMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEWMBQGA1UEAwwNKi5wZWcuYTJ6LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALFgxFvUh6c5p4HmPB4BjoRVRU9zT3/3GW7IxJRqc94R+BCvzWqI3hK7rfo8Vn6IDwOMVsfrJhSS6IPs+a0TAIyygJ5wFSjYkPtLfkfgKXMyP/c6MhxrYbxuATIX5dcJZ5kLEiGSlb9FBOIl9ILZqewA2aXAZV9kGG+dwe2f+tnW2cCho3gd29+HcRM4swvX1Q/6y+AkjPzLgET//E/UR7k98Bz6bY2bSwIg7N0dyysRSfQe7WpFJr5GwLTnEkrTz2SKgtk7H4SxkK0Sm6MLhIA6zlgQCW+gdKnZWijWiR7eFZwGKBC0AmTOPSraaDvb31D6syjzgMvkKR9IFUWA8BUCAwEAAaOCBOowggTmMB8GA1UdIwQYMBaAFCRuKy3QapJRUSVpAaqaR6aJ50AgMB0GA1UdDgQWBBQaXzAyaZXZcFEDaE8X9EnhptybGjCCAiMGA1UdEQSCAhowggIWggxhbWF6b24uY28udWuCE3VlZGF0YS5hbWF6b24uY28udWuCEHd3dy5hbWF6b24uY28udWuCF29yaWdpbi13d3cuYW1hem9uLmNvLnVrgg0qLnBlZy5hMnouY29tggphbWF6b24uY29tgghhbXpuLmNvbYIRdWVkYXRhLmFtYXpvbi5jb22CDXVzLmFtYXpvbi5jb22CDnd3dy5hbWF6b24uY29tggx3d3cuYW16bi5jb22CFGNvcnBvcmF0ZS5hbWF6b24uY29tghFidXlib3guYW1hem9uLmNvbYIRaXBob25lLmFtYXpvbi5jb22CDXlwLmFtYXpvbi5jb22CD2hvbWUuYW1hem9uLmNvbYIVb3JpZ2luLXd3dy5hbWF6b24uY29tgiFidWNrZXllLXJldGFpbC13ZWJzaXRlLmFtYXpvbi5jb22CEmh1ZGRsZXMuYW1hem9uLmNvbYIJYW1hem9uLmRlgg13d3cuYW1hem9uLmRlghRvcmlnaW4td3d3LmFtYXpvbi5kZYIMYW1hem9uLmNvLmpwgglhbWF6b24uanCCDXd3dy5hbWF6b24uanCCEHd3dy5hbWF6b24uY28uanCCF29yaWdpbi13d3c="}]}},"reassembly_properties":{"truncated":true},"src_ip":"176.32.98.166","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":52744,"event_start":1565200336.270155} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102))"},"tls":{"server":{"certs":[{"base64":"MIIIITCCBwmgAwIBAgIQBgbZf4Ao3WgcJWbIhYPjZjANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVEaWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTkwNDMwMDAwMDAwWhcNMjAwNDAxMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEWMBQGA1UEAwwNKi5wZWcuYTJ6LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALFgxFvUh6c5p4HmPB4BjoRVRU9zT3/3GW7IxJRqc94R+BCvzWqI3hK7rfo8Vn6IDwOMVsfrJhSS6IPs+a0TAIyygJ5wFSjYkPtLfkfgKXMyP/c6MhxrYbxuATIX5dcJZ5kLEiGSlb9FBOIl9ILZqewA2aXAZV9kGG+dwe2f+tnW2cCho3gd29+HcRM4swvX1Q/6y+AkjPzLgET//E/UR7k98Bz6bY2bSwIg7N0dyysRSfQe7WpFJr5GwLTnEkrTz2SKgtk7H4SxkK0Sm6MLhIA6zlgQCW+gdKnZWijWiR7eFZwGKBC0AmTOPSraaDvb31D6syjzgMvkKR9IFUWA8BUCAwEAAaOCBOowggTmMB8GA1UdIwQYMBaAFCRuKy3QapJRUSVpAaqaR6aJ50AgMB0GA1UdDgQWBBQaXzAyaZXZcFEDaE8X9EnhptybGjCCAiMGA1UdEQSCAhowggIWggxhbWF6b24uY28udWuCE3VlZGF0YS5hbWF6b24uY28udWuCEHd3dy5hbWF6b24uY28udWuCF29yaWdpbi13d3cuYW1hem9uLmNvLnVrgg0qLnBlZy5hMnouY29tggphbWF6b24uY29tgghhbXpuLmNvbYIRdWVkYXRhLmFtYXpvbi5jb22CDXVzLmFtYXpvbi5jb22CDnd3dy5hbWF6b24uY29tggx3d3cuYW16bi5jb22CFGNvcnBvcmF0ZS5hbWF6b24uY29tghFidXlib3guYW1hem9uLmNvbYIRaXBob25lLmFtYXpvbi5jb22CDXlwLmFtYXpvbi5jb22CD2hvbWUuYW1hem9uLmNvbYIVb3JpZ2luLXd3dy5hbWF6b24uY29tgiFidWNrZXllLXJldGFpbC13ZWJzaXRlLmFtYXpvbi5jb22CEmh1ZGRsZXMuYW1hem9uLmNvbYIJYW1hem9uLmRlgg13d3cuYW1hem9uLmRlghRvcmlnaW4td3d3LmFtYXpvbi5kZYIMYW1hem9uLmNvLmpwgglhbWF6b24uanCCDXd3dy5hbWF6b24uanCCEHd3dy5hbWF6b24uY28uanCCF29yaWdpbi13d3cuYW1hem9uLmNvLmpwghAqLmFhLnBlZy5hMnouY29tghAqLmFiLnBlZy5hMnouY29tghAqLmFjLnBlZy5hMnouY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdwYDVR0fBHAwbjA1oDOgMYYvaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsQ0FHMi5jcmwwNaAzoDGGL2h0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbENBRzIuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHQGCCsGAQUFBwEBBGgwZjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFqbA26bQAABAMASDBGAiEAolsv5iHlTTpF3kJTj/mGWrTm775kYt6O9enHc2+IWisCIQC4yqet/vmnRcOZpDo4/cYpJbIJp0XkD9nfwxOopnvp9gB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABamwNtjgAAAQDAEYwRAIgTsND30lAbIjVGm8JJ/7jAq8s418JQgRE1z3pN3/8v4sCID1rsUiBMGkT0OjBuvo0AnBCJqqoN56TY3JmFlqMqFVsMA0GCSqGSIb3DQEBCwUAA4IBAQAmqfhGKyfkUG8TDiyP/+kX6tQbZ+V6kYq5sMR3ny4MFPI8Wf/kLWgFSQyaU82o4dGlqzEBLYd9WCCyr0Lr2j+KPbcwn+dQpBkqCgkER3FnM79Aoc9Xs74nbapMZ2w/nK/WVc66dtO/k7LVbEREJksAPC6tAn2FqRxDPUJShmHpsgpi/A8TXtviGll1NzdUG5DLD/8cg3pig9ZmyAvYjXlEtemWv2Y11q9NtKk7GkqA5hFMAVZEUxVzUXquFAKeKnCXlPmjpVmq6vXY7JAmu2ys+AprOtpISKNrhX/gaotw2yEXVmNaC3uURYpeKCRw5NUgjx6UgEfg6L+UbLCirxCM"},{"base64":"MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2JhbCBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNIfL7zBYZdW9UvhU5L4IatFaxhz1uvPmoKR/uadpFgC4przc/cV35gmAvkVNlW7SHMArZagV+Xau4CLyMnuG3UsOcGAngLH1ypmTb+u6wbBfpXzYEQQGfWMItYNdSWYb7QjHqXnxr5IuYUL6nG6AEfq/gmD6yOTSwyOR2Bm40cZbIc22GoiS9g5+vCShjEbyrpEJIJ7RfRACvmfe8EiRROM6GyD5eHn7OgzS+8LOy4g2gxPR/VSpAQGQuBldYpdlH5NnbQtwl6OErXb4y/E3w57bqukPyV93t4CTZedJMeJfD/1K2uaGvG/w/VNfFVbkhJ+Pi474j48V4Rd6rfArMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFCRuKy3QapJRUSVpAaqaR6aJ50AgMB8GA1UdIwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQALOYSR+ZfrqoGvhOlaOJL84mxZvzbIRacxAxHhBsCsMsdaVSnaT0AC9aHesO3ewPj2dZ12uYf+QYB6z13jAMZbAuabeGLJ3LhimnftiQjXS8X9Q9ViIyfEBFltcT8jW+rZ8uckJ2/0lYDblizkVIvP6hnZf1WZUXoOLRg9eFhSvGNoVwvdRLNXSmDmyHBwW4coatc7TlJFGa8kBpJIERqLrqwYElesA8u49L3KJg6nwd3jM+/AVTANlVlOnAM2BvjAjxSZnE0qnsHhfTuvcqdFuhOWKU4Z0BqYBvQ3lBetoxi6PrABDJXWKTUgNX31EGDk92hiHuwZ4STyhxGs6QiA"},{"base64":"MIIE3zCCA8egAwIBAgIQYxgNOPuAl3ip0DWjFhj4QDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTcxMTA2MDAwMDAwWhcNMjIxMTA1MjM1OTU5WjBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs3zTTce2vJsmiQrUp1/0a6IQoIjfUZVMn7iNvzrvI6iZE8euarBhprz6wt6F4JJES6Ypp+1qOofuBUdSAFrFC3nGMabDDc2h8Zsdce3v3X4MuUgzeu7B9DTt17LNK9LqUv5Km4rTrUmaS2JembawBgkmD/TyFJGPdnkKthBpyP8rrptOmSMmu181foXRvNjB2rlQSVSfM1LZbjSW3dd+P7SUu0rFUHqY+Vs7Qju0xtRfD2qbKVMLT9TFWMJ0pXFHyCnc1zktMWSgYMjFDRjx4Jvheh5iHK/YPlELyDpQrEZyj2cxQUPUZ2w4cUiSE0Ta8PRQymSaG6u5zFsTODKYUCAwEAAaOCAScwggEjMB0GA1UdDgQWBBROIlQgGJXm427mD/r6uRLtBhePOTAPBgNVHRMBAf8EBTADAQH/MF8GA1UdIARYMFYwVAYEVR0gADBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZDBdodHRwczovL2Quc3ltY2IuY29tL3JwYTAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcy5zeW1jYi5jb20vcGNhMy1nNS5jcmwwDgYDVR0PAQH/BAQDAgGGMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQBQ3dNWKSUBip6n5X1Nua8bjKLSJzXlnescavPECMpFBlIIKH2mc6mL2Xr/wkSIBDrsqAO3sBcmoJN+n8V30O5JelrtEAFYSyRDXfu78ZlHn6kvV5/jPUFECEM/hdN0x8WdLpGjJMqfs0EG5qHj+UaxpucWD445wea4zlK7hUR+MA8fq0Yd1HEKj4c8TcgaQIHMa4KHr448cQ69e3CPECRhRNg+RAKT2I7SlaVzLvaB/8yym2oMCEsoqiRT8dbXg35aKEYmmzn3O/mnB7bGUd/EUrkIf7FVamgYZd1fSzQeg1cHqf0ja6eHpvq2bTl+cWFHaq/84KlHe5Rh0CsmpZzn"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"176.32.98.166","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":52744,"event_start":1565200336.271389} {"dns":{"base64":"fpkBAAABAAAAAAAAA3d3dwZhbWF6b24DY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":59476,"dst_port":53,"event_start":1565200336.356162} {"dns":{"base64":"mTkBAAABAAAAAAAAA3d3dwZhbWF6b24DY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":45391,"dst_port":53,"event_start":1565200336.356346} @@ -328,7 +328,7 @@ {"dns":{"base64":"x2uBgAABAAAAAQAADmQzYWc0aHVra2g2MnluCmNsb3VkZnJvbnQDbmV0AAAcAAHADAAGAAEAAAAFAEUGbnMtMTMwCWF3c2Rucy0xNgNjb20AEWF3c2Rucy1ob3N0bWFzdGVyBmFtYXpvbsBMAAAAAQAAHCAAAAOEABJ1AAABUYA="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":40095,"event_start":1565200336.420956} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"99.84.220.24","protocol":6,"src_port":49224,"dst_port":443,"event_start":1565200336.421383} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.amazon.com"}},"src_ip":"192.168.113.237","dst_ip":"99.84.220.24","protocol":6,"src_port":49224,"dst_port":443,"event_start":1565200336.459535} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHgjCCBmqgAwIBAgIQB4di2kRD0yIued1fqA/gJDANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVEaWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTkwMzI5MDAwMDAwWhcNMTkxMjE1MTIwMDAwWjBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEXMBUGA1UEAxMOd3d3LmFtYXpvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVx5YP0mZBxSSAZGbhvJaYx7eBEl4gpVF3M4j8uk5jtPcPtq07f5Gltumil3cpM2teuW9687x3BKoX1h9uyLq3jMQSV2TxlPXd59ZTPXXNMXlTCk8JoFn7atM9Z/9b4kGthlfAgf49ZrRpiZUL6qX/NyyuHbD2fGcw5YgrvVIRPYWyztxlknKQMknHy28o25/Wvne0OeCTdWnEZQuvLKtbiS25/a1vX+ZK4srX6rPi0U5I5lfUBwt4pvBCOahIYJvGHVjCMv2Xe8ewZYP430gsSep6KiFIZTvzX2zj8dV0Ns3iiKH4OAZW5rekGIBRzDlgOM9rs4DqpiE5kK/MWsAVAgMBAAGjggRKMIIERjAfBgNVHSMEGDAWgBQkbist0GqSUVElaQGqmkemiedAIDAdBgNVHQ4EFgQUqA11y8YrIoyghAcMz9DLYo26Ws4wggGCBgNVHREEggF5MIIBdYIKYW1hem9uLmNvbYIIYW16bi5jb22CEXVlZGF0YS5hbWF6b24uY29tgg11cy5hbWF6b24uY29tgg53d3cuYW1hem9uLmNvbYIMd3d3LmFtem4uY29tghRjb3Jwb3JhdGUuYW1hem9uLmNvbYIRYnV5Ym94LmFtYXpvbi5jb22CEWlwaG9uZS5hbWF6b24uY29tgg15cC5hbWF6b24uY29tgg9ob21lLmFtYXpvbi5jb22CFW9yaWdpbi13d3cuYW1hem9uLmNvbYIhYnVja2V5ZS1yZXRhaWwtd2Vic2l0ZS5hbWF6b24uY29tghJodWRkbGVzLmFtYXpvbi5jb22CJXAtbnQtd3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb22CJXAteW8td3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb22CJXAteTMtd3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Axhi9odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDA1oDOgMYYvaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXI="}]}},"src_ip":"99.84.220.24","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":49224,"event_start":1565200336.502594} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHgjCCBmqgAwIBAgIQB4di2kRD0yIued1fqA/gJDANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVEaWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTkwMzI5MDAwMDAwWhcNMTkxMjE1MTIwMDAwWjBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEXMBUGA1UEAxMOd3d3LmFtYXpvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVx5YP0mZBxSSAZGbhvJaYx7eBEl4gpVF3M4j8uk5jtPcPtq07f5Gltumil3cpM2teuW9687x3BKoX1h9uyLq3jMQSV2TxlPXd59ZTPXXNMXlTCk8JoFn7atM9Z/9b4kGthlfAgf49ZrRpiZUL6qX/NyyuHbD2fGcw5YgrvVIRPYWyztxlknKQMknHy28o25/Wvne0OeCTdWnEZQuvLKtbiS25/a1vX+ZK4srX6rPi0U5I5lfUBwt4pvBCOahIYJvGHVjCMv2Xe8ewZYP430gsSep6KiFIZTvzX2zj8dV0Ns3iiKH4OAZW5rekGIBRzDlgOM9rs4DqpiE5kK/MWsAVAgMBAAGjggRKMIIERjAfBgNVHSMEGDAWgBQkbist0GqSUVElaQGqmkemiedAIDAdBgNVHQ4EFgQUqA11y8YrIoyghAcMz9DLYo26Ws4wggGCBgNVHREEggF5MIIBdYIKYW1hem9uLmNvbYIIYW16bi5jb22CEXVlZGF0YS5hbWF6b24uY29tgg11cy5hbWF6b24uY29tgg53d3cuYW1hem9uLmNvbYIMd3d3LmFtem4uY29tghRjb3Jwb3JhdGUuYW1hem9uLmNvbYIRYnV5Ym94LmFtYXpvbi5jb22CEWlwaG9uZS5hbWF6b24uY29tgg15cC5hbWF6b24uY29tgg9ob21lLmFtYXpvbi5jb22CFW9yaWdpbi13d3cuYW1hem9uLmNvbYIhYnVja2V5ZS1yZXRhaWwtd2Vic2l0ZS5hbWF6b24uY29tghJodWRkbGVzLmFtYXpvbi5jb22CJXAtbnQtd3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb22CJXAteW8td3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb22CJXAteTMtd3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Axhi9odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDA1oDOgMYYvaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXI="}]}},"reassembly_properties":{"truncated":true},"src_ip":"99.84.220.24","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":49224,"event_start":1565200336.502594} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHgjCCBmqgAwIBAgIQB4di2kRD0yIued1fqA/gJDANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVEaWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTkwMzI5MDAwMDAwWhcNMTkxMjE1MTIwMDAwWjBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEXMBUGA1UEAxMOd3d3LmFtYXpvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVx5YP0mZBxSSAZGbhvJaYx7eBEl4gpVF3M4j8uk5jtPcPtq07f5Gltumil3cpM2teuW9687x3BKoX1h9uyLq3jMQSV2TxlPXd59ZTPXXNMXlTCk8JoFn7atM9Z/9b4kGthlfAgf49ZrRpiZUL6qX/NyyuHbD2fGcw5YgrvVIRPYWyztxlknKQMknHy28o25/Wvne0OeCTdWnEZQuvLKtbiS25/a1vX+ZK4srX6rPi0U5I5lfUBwt4pvBCOahIYJvGHVjCMv2Xe8ewZYP430gsSep6KiFIZTvzX2zj8dV0Ns3iiKH4OAZW5rekGIBRzDlgOM9rs4DqpiE5kK/MWsAVAgMBAAGjggRKMIIERjAfBgNVHSMEGDAWgBQkbist0GqSUVElaQGqmkemiedAIDAdBgNVHQ4EFgQUqA11y8YrIoyghAcMz9DLYo26Ws4wggGCBgNVHREEggF5MIIBdYIKYW1hem9uLmNvbYIIYW16bi5jb22CEXVlZGF0YS5hbWF6b24uY29tgg11cy5hbWF6b24uY29tgg53d3cuYW1hem9uLmNvbYIMd3d3LmFtem4uY29tghRjb3Jwb3JhdGUuYW1hem9uLmNvbYIRYnV5Ym94LmFtYXpvbi5jb22CEWlwaG9uZS5hbWF6b24uY29tgg15cC5hbWF6b24uY29tgg9ob21lLmFtYXpvbi5jb22CFW9yaWdpbi13d3cuYW1hem9uLmNvbYIhYnVja2V5ZS1yZXRhaWwtd2Vic2l0ZS5hbWF6b24uY29tghJodWRkbGVzLmFtYXpvbi5jb22CJXAtbnQtd3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb22CJXAteW8td3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb22CJXAteTMtd3d3LWFtYXpvbi1jb20ta2FsaWFzLmFtYXpvbi5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Axhi9odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDA1oDOgMYYvaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsQ0FHMi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdAYIKwYBBQUHAQEEaDBmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbENBRzIuY3J0MAkGA1UdEwQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWnJKGXMAAAEAwBIMEYCIQDW4rda28H2PYEzT70WkFyphM9fBxeiGY6TV1N4uEjHPwIhALvUGOyZa+js+suhmdBxxMC9teo3hvKaXYOAwR3NgzkAAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFpyShm8QAABAMARzBFAiBnsPt6GIeXSKW60Ugr3w0NTQ2CpTFhK2Ng9C+CcecNhQIhAKwvu5T4oWWBDket4XTCk80vFBaKeR5/H1wzoEjZGqZvMA0GCSqGSIb3DQEBCwUAA4IBAQBY7j0CiHNIvSIGW/8V9SWvf7radfw0abSYJQd48UuXrUonsDJpM2f4W95ELtgkO+T9VFZaSoXwb18SBfcg79nP7LpxvlrYr7gtn3DR/q4e7n3U8boEFgmuNMWMe9MslzJVqDBC5DoDOhwue9MoUQKvNW/dCSJ0i/xgMqbt59nbfRpK0RidWqf2404htmMvftvwjGZW8rSf4Vxu5fVskPms1CDcRCuXCEUQYulF5od1XiF9zyNyyMg5w25d5tIgRdeQa1nammFbvTcx7jL05Efmb6tikZY8A9HJPo4X3/QK7ohvDY3580NXDh7p+BinCLpxLczOQeZjVn7ZBUYEo2nm"},{"base64":"MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2JhbCBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNIfL7zBYZdW9UvhU5L4IatFaxhz1uvPmoKR/uadpFgC4przc/cV35gmAvkVNlW7SHMArZagV+Xau4CLyMnuG3UsOcGAngLH1ypmTb+u6wbBfpXzYEQQGfWMItYNdSWYb7QjHqXnxr5IuYUL6nG6AEfq/gmD6yOTSwyOR2Bm40cZbIc22GoiS9g5+vCShjEbyrpEJIJ7RfRACvmfe8EiRROM6GyD5eHn7OgzS+8LOy4g2gxPR/VSpAQGQuBldYpdlH5NnbQtwl6OErXb4y/E3w57bqukPyV93t4CTZedJMeJfD/1K2uaGvG/w/VNfFVbkhJ+Pi474j48V4Rd6rfArMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFCRuKy3QapJRUSVpAaqaR6aJ50AgMB8GA1UdIwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQALOYSR+ZfrqoGvhOlaOJL84mxZvzbIRacxAxHhBsCsMsdaVSnaT0AC9aHesO3ewPj2dZ12uYf+QYB6z13jAMZbAuabeGLJ3LhimnftiQjXS8X9Q9ViIyfEBFltcT8jW+rZ8uckJ2/0lYDblizkVIvP6hnZf1WZUXoOLRg9eFhSvGNoVwvdRLNXSmDmyHBwW4coatc7TlJFGa8kBpJIERqLrqwYElesA8u49L3KJg6nwd3jM+/AVTANlVlOnAM2BvjAjxSZnE0qnsHhfTuvcqdFuhOWKU4Z0BqYBvQ3lBetoxi6PrABDJXWKTUgNX31EGDk92hiHuwZ4STyhxGs6QiA"},{"base64":"MIIE3zCCA8egAwIBAgIQYxgNOPuAl3ip0DWjFhj4QDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTcxMTA2MDAwMDAwWhcNMjIxMTA1MjM1OTU5WjBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs3zTTce2vJsmiQrUp1/0a6IQoIjfUZVMn7iNvzrvI6iZE8euarBhprz6wt6F4JJES6Ypp+1qOofuBUdSAFrFC3nGMabDDc2h8Zsdce3v3X4MuUgzeu7B9DTt17LNK9LqUv5Km4rTrUmaS2JembawBgkmD/TyFJGPdnkKthBpyP8rrptOmSMmu181foXRvNjB2rlQSVSfM1LZbjSW3dd+P7SUu0rFUHqY+Vs7Qju0xtRfD2qbKVMLT9TFWMJ0pXFHyCnc1zktMWSgYMjFDRjx4Jvheh5iHK/YPlELyDpQrEZyj2cxQUPUZ2w4cUiSE0Ta8PRQymSaG6u5zFsTODKYUCAwEAAaOCAScwggEjMB0GA1UdDgQWBBROIlQgGJXm427mD/r6uRLtBhePOTAPBgNVHRMBAf8EBTADAQH/MF8GA1UdIARYMFYwVAYEVR0gADBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZDBdodHRwczovL2Quc3ltY2IuY29tL3JwYTAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcy5zeW1jYi5jb20vcGNhMy1nNS5jcmwwDgYDVR0PAQH/BAQDAgGGMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQBQ3dNWKSUBip6n5X1Nua8bjKLSJzXlnescavPECMpFBlIIKH2mc6mL2Xr/wkSIBDrsqAO3sBcmoJN+n8V30O5JelrtEAFYSyRDXfu78ZlHn6kvV5/jPUFECEM/hdN0x8WdLpGjJMqfs0EG5qHj+UaxpucWD445wea4zlK7hUR+MA8fq0Yd1HEKj4c8TcgaQIHMa4KHr448cQ69e3CPECRhRNg+RAKT2I7SlaVzLvaB/8yym2oMCEsoqiRT8dbXg35aKEYmmzn3O/mnB7bGUd/EUrkIf7FVamgYZd1fSzQeg1cHqf0ja6eHpvq2bTl+cWFHaq/84KlHe5Rh0CsmpZzn"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"99.84.220.24","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":49224,"event_start":1565200336.503142} {"dns":{"base64":"gOgBAAABAAAAAAAABnBsYXllcgV2aW1lbwNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":36118,"dst_port":53,"event_start":1565200337.042309} {"dns":{"base64":"P/wBAAABAAAAAAAABnBsYXllcgV2aW1lbwNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":54837,"dst_port":53,"event_start":1565200337.042481} @@ -338,11 +338,11 @@ {"dns":{"base64":"yWSBgAABAAAAAQAABXZpbWVvA21hcAZmYXN0bHkDbmV0AAAcAAHAFgAGAAEAAAAFADEDbnMxwBYKaG9zdG1hc3RlcgZmYXN0bHkDY29tAHg5xikAAA4QAAACWAAJOoAAAAAe"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":60235,"event_start":1565200337.119253} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.192.217","protocol":6,"src_port":42746,"dst_port":443,"event_start":1565200337.119533} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"player.vimeo.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.192.217","protocol":6,"src_port":42746,"dst_port":443,"event_start":1565200337.165411} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5"}]}},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42746,"event_start":1565200337.207052} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5"}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42746,"event_start":1565200337.207052} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5aIhzbf13QhYCIEevrRV+w20kyxQ5/ujQtTbjKjYfrEwOwp1oHhjbAJJuMA0GCSqGSIb3DQEBCwUAA4IBAQAnRC6rW/JPfntMo/scqBV/52WMHt3+cLCWYZBrxG4sNj29wuzFwHBdpdlqD9GNLElu9vcllnAqzmria6KsZ0lLeU1WWb5vl5u7Q5k6o4OVuziFF9O7198prtuf2u+tUG/zHEL0KhkPD0mu+UzispcYkuntD2kSiZ3LCrKxL5zpUuFC9D2r4P6b32fmg53Fck76P/qZe+niplaV8rrMGgFbPreCTrlyd4F1Xm5/0tyyLPsnIDN/uBjzuvkgvmw4DkoYOCwMCJftC7Ajix7vs0/KoYgc5r8Iz8twzdacEM62ZWR0obQ9du8Qys7TLlKa1eiiXVJ27zyMjxA8svFmUmBc"},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42746,"event_start":1565200337.207438} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.192.217","protocol":6,"src_port":42748,"dst_port":443,"event_start":1565200337.293823} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"vimeo.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.192.217","protocol":6,"src_port":42748,"dst_port":443,"event_start":1565200337.333104} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5"}]}},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42748,"event_start":1565200337.374774} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5"}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42748,"event_start":1565200337.374774} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGlTCCBX2gAwIBAgIQAaiOYIyyE8CWikH8FKdkezANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODI0MDAwMDAwWhcNMjAwNDAyMTIwMDAwWjBeMQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRMwEQYDVQQKEwpWaW1lbywgTExDMRQwEgYDVQQDDAsqLnZpbWVvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46nW41HzlpbDbnAO56ngIsavFmnUd5yiJxZqoA6HaDRiGsKkZxAHZSlQJ49ZFEF9iFbqywT4vhjf2x3yLAwwxBbNpP1j3qOIiFZJvJUE8F6wQO7vG5xGTQAQXuiZTUPNpm1Jv/b1jT86S8MXVQCR8uaBa5XcIlvWQykg72NFkMOH+8IlraeUQl03dHSz5t08NranCT6MLhpvMxH2mBZhANWTqV2yWKnAqjb+h8vHbNsKC75P9KukK38mY2f9xPQaVvzezf2Tv/M/N0Oc8DUzkikT5AjkUUr3uas8lb39tFRdXAbB0o+UECt3StONweQJtlOO1j8vLb4weVE10pOw0CAwEAAaOCA14wggNaMB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBQX+FWhE5Fzd2lShQjYOnW6cEsVZDAhBgNVHREEGjAYggsqLnZpbWVvLmNvbYIJdmltZW8uY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZWyX6G4AAAQDAEcwRQIhAPwDFjuKlEm+zUyRn3PvA5I3YgamRrEbMMnY+IcWOR3lAiBb5GlNGDAI4LYY/gnlWQIjenIhfq9bAay2paMwzHfVLAB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZWyX6G4AAAQDAEcwRQIgLARzuiPmv7bduu5M0hvKwpMdnqZdslLfpXNZLm+A6cgCIQD5XsLbcd42bVhofRJ+EbeiCiwslOMeHlwsni4abZD/AQB1ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZWyX56EAAAQDAEYwRAIgTctw2guun/asVLNbDeIhv2nqFLDezQB5aIhzbf13QhYCIEevrRV+w20kyxQ5/ujQtTbjKjYfrEwOwp1oHhjbAJJuMA0GCSqGSIb3DQEBCwUAA4IBAQAnRC6rW/JPfntMo/scqBV/52WMHt3+cLCWYZBrxG4sNj29wuzFwHBdpdlqD9GNLElu9vcllnAqzmria6KsZ0lLeU1WWb5vl5u7Q5k6o4OVuziFF9O7198prtuf2u+tUG/zHEL0KhkPD0mu+UzispcYkuntD2kSiZ3LCrKxL5zpUuFC9D2r4P6b32fmg53Fck76P/qZe+niplaV8rrMGgFbPreCTrlyd4F1Xm5/0tyyLPsnIDN/uBjzuvkgvmw4DkoYOCwMCJftC7Ajix7vs0/KoYgc5r8Iz8twzdacEM62ZWR0obQ9du8Qys7TLlKa1eiiXVJ27zyMjxA8svFmUmBc"},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.192.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42748,"event_start":1565200337.374968} {"dns":{"base64":"QQ0BAAABAAAAAAAACXdvcmRwcmVzcwNvcmcAAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":34196,"dst_port":53,"event_start":1565200337.743967} {"dns":{"base64":"+6UBAAABAAAAAAAACXdvcmRwcmVzcwNvcmcAABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":53401,"dst_port":53,"event_start":1565200337.744164} @@ -374,7 +374,7 @@ {"dns":{"base64":"PimBgAABAAAAAQAAB2dvZGFkZHkDY29tAAAcAAHADAAGAAEAAAAFACoEY25zMcAMA2RucwVqb21heANuZXQAeFi6AgAAASwAAAJYABJ1AAAADhA="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":34584,"event_start":1565200339.326612} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"208.109.192.70","protocol":6,"src_port":57146,"dst_port":443,"event_start":1565200339.326786} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"godaddy.com"}},"src_ip":"192.168.113.237","dst_ip":"208.109.192.70","protocol":6,"src_port":57146,"dst_port":443,"event_start":1565200339.414630} -{"fingerprints":{"tls_server":"tls_server/(0303)(cca8)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIFLDCCBBSgAwIBAgIIXhtVcggAOKYwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTgwMjA3MTgxMDAxWhcNMjAwMjA3MTgxMDAxWjA7MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFjAUBgNVBAMMDSouZ29kYWRkeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+x0UeLIgIzBP9FiQTAypkoBRh3J46xjS3WFK68HZ+rG4JRd3QtonEbVpzqJ2+eSd2ZIjfalcRTX1QyzDpbg7pMeFKooSlnIZuPekHtyzAjjBMQICfJy9IXJDKTUiHch6/rPtnM/lNZWqKinxq1kDLAMrg0l7/u6syj6DZaqtPUHcY259CgHqVQzqBp5lerMiYo/d8oE41d6/VvKVfzfCgHV3pUMdt1P97TbghRLN56TQPuh7fgLXpdLzxwTzrIyWpDAZREfL1eZkdWgN2uObsiARbDvE81pgsrxFJdBHZ1acI4OCzA3ypK2IfzTM8XnTedH4vZ4/zitHflV/KOBHAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMxLTgwNi5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcgg0qLmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQUaw2x1LFk8L8KgjaWi8Y8BGrIWAYwDQYJKoZIhvcNAQELBQADggEBAEyKqcvdOrH5m+flLshCsmx7aQveFmEasVfImhAV4ZFHpcBIygaOOi+sO7uDoH1ZtpatgD+vhYml7zLObOn+zO8pLxREd7gAMP6DcfxSauP1C/DOJC4QBUPnloSjS3lIaWaEVg=="}]}},"src_ip":"208.109.192.70","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":57146,"event_start":1565200339.505036} +{"fingerprints":{"tls_server":"tls_server/(0303)(cca8)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIFLDCCBBSgAwIBAgIIXhtVcggAOKYwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTgwMjA3MTgxMDAxWhcNMjAwMjA3MTgxMDAxWjA7MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFjAUBgNVBAMMDSouZ29kYWRkeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+x0UeLIgIzBP9FiQTAypkoBRh3J46xjS3WFK68HZ+rG4JRd3QtonEbVpzqJ2+eSd2ZIjfalcRTX1QyzDpbg7pMeFKooSlnIZuPekHtyzAjjBMQICfJy9IXJDKTUiHch6/rPtnM/lNZWqKinxq1kDLAMrg0l7/u6syj6DZaqtPUHcY259CgHqVQzqBp5lerMiYo/d8oE41d6/VvKVfzfCgHV3pUMdt1P97TbghRLN56TQPuh7fgLXpdLzxwTzrIyWpDAZREfL1eZkdWgN2uObsiARbDvE81pgsrxFJdBHZ1acI4OCzA3ypK2IfzTM8XnTedH4vZ4/zitHflV/KOBHAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMxLTgwNi5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcgg0qLmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQUaw2x1LFk8L8KgjaWi8Y8BGrIWAYwDQYJKoZIhvcNAQELBQADggEBAEyKqcvdOrH5m+flLshCsmx7aQveFmEasVfImhAV4ZFHpcBIygaOOi+sO7uDoH1ZtpatgD+vhYml7zLObOn+zO8pLxREd7gAMP6DcfxSauP1C/DOJC4QBUPnloSjS3lIaWaEVg=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"208.109.192.70","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":57146,"event_start":1565200339.505036} {"fingerprints":{"tls_server":"tls_server/(0303)(cca8)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIFLDCCBBSgAwIBAgIIXhtVcggAOKYwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTgwMjA3MTgxMDAxWhcNMjAwMjA3MTgxMDAxWjA7MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFjAUBgNVBAMMDSouZ29kYWRkeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+x0UeLIgIzBP9FiQTAypkoBRh3J46xjS3WFK68HZ+rG4JRd3QtonEbVpzqJ2+eSd2ZIjfalcRTX1QyzDpbg7pMeFKooSlnIZuPekHtyzAjjBMQICfJy9IXJDKTUiHch6/rPtnM/lNZWqKinxq1kDLAMrg0l7/u6syj6DZaqtPUHcY259CgHqVQzqBp5lerMiYo/d8oE41d6/VvKVfzfCgHV3pUMdt1P97TbghRLN56TQPuh7fgLXpdLzxwTzrIyWpDAZREfL1eZkdWgN2uObsiARbDvE81pgsrxFJdBHZ1acI4OCzA3ypK2IfzTM8XnTedH4vZ4/zitHflV/KOBHAgMBAAGjggG4MIIBtDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMxLTgwNi5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcgg0qLmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQUaw2x1LFk8L8KgjaWi8Y8BGrIWAYwDQYJKoZIhvcNAQELBQADggEBAEyKqcvdOrH5m+flLshCsmx7aQveFmEasVfImhAV4ZFHpcBIygaOOi+sO7uDoH1ZtpatgD+vhYml7zLObOn+zO8pLxREd7gAMP6DcfxSauP1C/DOJC4QBUPnloSjS3lIaWaEVsktj6wGZzZm7Nya9dMlLgGZ3Zen5g2NlPJZpY/hsnMe7zJfIntQYaPgwDR8Mzb6YlcZF28w7fiss5GfjHP/V0QCVMOQ5QOV3Fu49y72qa5Vm2RJI7P/KJqOgEir9LgK0qF1tcFVRjp1MYEUnSKT14AJh2vJ+qWvOGy7HNIIC2p5ct3JItHUJaHrlNWBKmDD8S+xNe/rjBhFOUfrudM="},{"base64":"MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzDBNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOvK/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23ecSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HYpDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7neTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMBAAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEGCCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawiDsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2xLXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"208.109.192.70","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":57146,"event_start":1565200339.505244} {"dns":{"base64":"UugBAAABAAAAAAAAA3d3dwdnb2RhZGR5A2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":35405,"dst_port":53,"event_start":1565200339.688659} {"dns":{"base64":"JK4BAAABAAAAAAAAA3d3dwdnb2RhZGR5A2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":39616,"dst_port":53,"event_start":1565200339.688840} @@ -382,7 +382,7 @@ {"dns":{"base64":"UuiBgAABAAMADQAKA3d3dwdnb2RhZGR5A2NvbQAAAQABwAwABQABAAAABQAiCHd3dy1pcHY2B2dvZGFkZHkDY29tB2VkZ2VrZXkDbmV0AMAtAAUAAQAAAAUAGAVlODgwNARkc2N4CmFrYW1haWVkZ2XASsBbAAEAAQAAAAUABLgy/NnASgACAAEAAAAFABEBZQxndGxkLXNlcnZlcnPASsBKAAIAAQAAAAUABAFpwJHASgACAAEAAAAFAAQBasCRwEoAAgABAAAABQAEAWTAkcBKAAIAAQAAAAUABAFjwJHASgACAAEAAAAFAAQBaMCRwEoAAgABAAAABQAEAWvAkcBKAAIAAQAAAAUABAFmwJHASgACAAEAAAAFAAQBYsCRwEoAAgABAAAABQAEAWHAkcBKAAIAAQAAAAUABAFnwJHASgACAAEAAAAFAAQBbMCRwEoAAgABAAAABQAEAW3AkcEsAAEAAQAAAAUABMAFBh7BHAABAAEAAAAFAATAIQ4ewNwAAQABAAAABQAEwBpcHsDMAAEAAQAAAAUABMAfUB7AjwABAAEAAAAFAATADF4ewQwAAQABAAAABQAEwCMzHsE8AAEAAQAAAAUABMAqXR7A7AABAAEAAAAFAATANnAewKwAAQABAAAABQAEwCusHsC8AAEAAQAAAAUABMAwTx4="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":35405,"event_start":1565200340.185373} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"184.50.252.217","protocol":6,"src_port":54678,"dst_port":443,"event_start":1565200340.185836} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.godaddy.com"}},"src_ip":"192.168.113.237","dst_ip":"184.50.252.217","protocol":6,"src_port":54678,"dst_port":443,"event_start":1565200340.222942} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHOzCCBiOgAwIBAgIJANWT1NXH0e1KMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE5MDIxMjIyNTAzN1oXDTIxMDIxMjIyNTAzN1owgcYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwc1NTEwOTIyMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJTkMuMRgwFgYDVQQDEw93d3cuZ29kYWRkeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9zwL3ngi1HeLwA/+0EH8fo7lBinxeuQ/qnk0A4z9Ch5I/Tb6VRJa/AnTIG2K2hgbMNVgMKzhUFLhEqmvPsUbHYRXz3PEshysY9HVqGqLFi9pwcYACX64fltYQHoA5os25X7TWbvGBxPKzAmHcrMGEaEnvffQU4XQf3iklqbs1ntoiZfioKK/dUV1T2TsnGdIXpYr8jV8Hm7svUdHc3OLm+9+w5n3aZeo8QHOu3bYGSYDGZwV5Jellpw9WAmwmm4sGFj5pZPecUMAShsUsPfz1WMWLLLpoh9hAbEeMNbuQKbyolXoyJz3x0fA3RBnPWrfkK3kIC7A07nIZLvZ7ZKJPAgMBAAGjggM6MIIDNjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMzLTE0LmNybDBcBgNVHSAEVTBTMEgGC2CGSAGG/W0BBxcDMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wBwYFZ4EMAQEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQwHwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wJwYDVR0RBCAwHoIPd3d3LmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTA="}]}},"src_ip":"184.50.252.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":54678,"event_start":1565200340.267821} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHOzCCBiOgAwIBAgIJANWT1NXH0e1KMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE5MDIxMjIyNTAzN1oXDTIxMDIxMjIyNTAzN1owgcYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwc1NTEwOTIyMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJTkMuMRgwFgYDVQQDEw93d3cuZ29kYWRkeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9zwL3ngi1HeLwA/+0EH8fo7lBinxeuQ/qnk0A4z9Ch5I/Tb6VRJa/AnTIG2K2hgbMNVgMKzhUFLhEqmvPsUbHYRXz3PEshysY9HVqGqLFi9pwcYACX64fltYQHoA5os25X7TWbvGBxPKzAmHcrMGEaEnvffQU4XQf3iklqbs1ntoiZfioKK/dUV1T2TsnGdIXpYr8jV8Hm7svUdHc3OLm+9+w5n3aZeo8QHOu3bYGSYDGZwV5Jellpw9WAmwmm4sGFj5pZPecUMAShsUsPfz1WMWLLLpoh9hAbEeMNbuQKbyolXoyJz3x0fA3RBnPWrfkK3kIC7A07nIZLvZ7ZKJPAgMBAAGjggM6MIIDNjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMzLTE0LmNybDBcBgNVHSAEVTBTMEgGC2CGSAGG/W0BBxcDMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wBwYFZ4EMAQEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQwHwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wJwYDVR0RBCAwHoIPd3d3LmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTA="}]}},"reassembly_properties":{"truncated":true},"src_ip":"184.50.252.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":54678,"event_start":1565200340.267821} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIHOzCCBiOgAwIBAgIJANWT1NXH0e1KMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE5MDIxMjIyNTAzN1oXDTIxMDIxMjIyNTAzN1owgcYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwc1NTEwOTIyMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJTkMuMRgwFgYDVQQDEw93d3cuZ29kYWRkeS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9zwL3ngi1HeLwA/+0EH8fo7lBinxeuQ/qnk0A4z9Ch5I/Tb6VRJa/AnTIG2K2hgbMNVgMKzhUFLhEqmvPsUbHYRXz3PEshysY9HVqGqLFi9pwcYACX64fltYQHoA5os25X7TWbvGBxPKzAmHcrMGEaEnvffQU4XQf3iklqbs1ntoiZfioKK/dUV1T2TsnGdIXpYr8jV8Hm7svUdHc3OLm+9+w5n3aZeo8QHOu3bYGSYDGZwV5Jellpw9WAmwmm4sGFj5pZPecUMAShsUsPfz1WMWLLLpoh9hAbEeMNbuQKbyolXoyJz3x0fA3RBnPWrfkK3kIC7A07nIZLvZ7ZKJPAgMBAAGjggM6MIIDNjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZGlnMnMzLTE0LmNybDBcBgNVHSAEVTBTMEgGC2CGSAGG/W0BBxcDMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wBwYFZ4EMAQEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQwHwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wJwYDVR0RBCAwHoIPd3d3LmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQU5kzQPyBNw9M5tOpWYGYNuhlhjT4wggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaOPnrYsAAAQDAEcwRQIhAL07mGyJ020pWHfRxQdzN40x7lvp11qQGxJnJGBNW+dtAiBbpOBWhkybElubsl+jJm4smddfmuTAolrUTmsnAj6UYwB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaOPnsL0AAAQDAEcwRQIhAK7oygdKktE5ix4hL1y6LnlFcjBMW/n91XrSvrmRwhI3AiBM0FrcPSkTNsKoqUGFV5yrDzSdFlo0pzW9N7C0WCFUHAB2AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABaOPnswYAAAQDAEcwRQIgcAsViDwtRhQh0BYNN6DbnmQd/UAs5wTdbAo5xiZXkhQCIQCQ9alomPuVH7ogkPuFnwfD3xI+z0aEHU71jx1CtgDOGjANBgkqhkiG9w0BAQsFAAOCAQEAi3wPs5nE9ki835LsQdZrBy9X4mO13SdJ2qY+IYwArRmnN8IcX4Xq8FeUbYib3FsjwCKR4V3V1pIPQX6lve8OAaXRhrtLubfUwCEgnQQUaZ/VvwZvHEhoBLji/h87MsblhmxtQ6t3wb9l11+s//Vc7w7ddjWXQ4kYIUENk18WYzGpPjxykrsO3KFnE/nydqbqihqpJ15fMP8buReI45IMCr6RlARl7w2HPTQium4CNvYbYSOGY8jsD29hukN15pqGqwPZ/z/ORTcMXYbVajDhtdDjuaAFK6Nm7dpxaccjWKRn+Rz3S8TaBBmV+A89PxusOnLTBJg8hf/xTPvodV122g=="},{"base64":"MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzDBNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOvK/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23ecSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HYpDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7neTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMBAAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEGCCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawiDsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2xLXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"184.50.252.217","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":54678,"event_start":1565200340.268037} {"dns":{"base64":"UvYBAAABAAAAAAAABnR1bWJscgNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":38828,"dst_port":53,"event_start":1565200340.902209} {"dns":{"base64":"EKgBAAABAAAAAAAABnR1bWJscgNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":36002,"dst_port":53,"event_start":1565200340.902368} @@ -390,7 +390,7 @@ {"dns":{"base64":"EKiBgAABAAAAAQAABnR1bWJscgNjb20AABwAAcAMAAYAAQAAAAUAQQ1oaWRkZW4tbWFzdGVyBXlhaG9vwBMKaG9zdG1hc3Rlcgl5YWhvby1pbmPAE3hYufwAAHCAAAAcIAAJOoAAAAJY"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":36002,"event_start":1565200340.939528} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"66.6.33.31","protocol":6,"src_port":36216,"dst_port":443,"event_start":1565200340.940202} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"tumblr.com"}},"src_ip":"192.168.113.237","dst_ip":"66.6.33.31","protocol":6,"src_port":36216,"dst_port":443,"event_start":1565200340.998738} -{"fingerprints":{"tls_server":"tls_server/(0303)(cca8)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGqTCCBZGgAwIBAgIQASwszwgUXWUqe7Pw5GbUaDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA1MDkwMDAwMDBaFw0xOTExMDUxMjAwMDBaMGIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRcwFQYDVQQDEw53d3cudHVtYmxyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSZIjnZx6K5GBdsUXl410/iEsj83gSu4XIHFdKVLmrsbhmc1C/Do2iY1leaRgyA5ERN4NNdAtB7TWr83d9qKFEP49X7lpLZdhineOXKmTVIabB3izePgTnulW7UJhduuMLS1GNsMRy0goc7ZKLMqdqRSXflNtf+SLMjYEh9RUysDpf3aayAFOS785nSAAyGXjMa+LeXQ59wBdXHqgcLPPpQo5RMFHSHwiA8Ls9TbM1Ni7vNOSQG7kndqbHAr05EoU3ICTqcuTJf4drUNx1e/FWwQL/6BOqSa9EntDqtHrTfwvAsTuX/M/TyEQ41TAKwLGve6NHSd1bjz40OnMDhu2MCAwEAAaOCA0swggNHMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQVXsvCCVK7H1Meob7yyrm8GkI/CTB0BgNVHREEbTBrgg53d3cudHVtYmxyLmNvbYIOYXBpLnR1bWJsci5jb22CCnR1bWJsci5jb22CFGFwaS1odHRwMi50dW1ibHIuY29tghR3d3ctaHR0cDIudHVtYmxyLmNvbYIRc2VjdXJlLnR1bWJsci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABap313p0AAAQDAEcwRQIhANVofPFX5mQKVeRPr3rhJpf+JqY1DxDjR3LFOhTFPzaOAiA70OhjmYMCvYTP0f2PEv32f2G9O+tkNnprKd4NWOZMTwB3AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABap313jkAAAQDAEgwRgIhAK3a3PtW"}]}},"src_ip":"66.6.33.31","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":36216,"event_start":1565200341.063728} +{"fingerprints":{"tls_server":"tls_server/(0303)(cca8)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGqTCCBZGgAwIBAgIQASwszwgUXWUqe7Pw5GbUaDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA1MDkwMDAwMDBaFw0xOTExMDUxMjAwMDBaMGIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRcwFQYDVQQDEw53d3cudHVtYmxyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSZIjnZx6K5GBdsUXl410/iEsj83gSu4XIHFdKVLmrsbhmc1C/Do2iY1leaRgyA5ERN4NNdAtB7TWr83d9qKFEP49X7lpLZdhineOXKmTVIabB3izePgTnulW7UJhduuMLS1GNsMRy0goc7ZKLMqdqRSXflNtf+SLMjYEh9RUysDpf3aayAFOS785nSAAyGXjMa+LeXQ59wBdXHqgcLPPpQo5RMFHSHwiA8Ls9TbM1Ni7vNOSQG7kndqbHAr05EoU3ICTqcuTJf4drUNx1e/FWwQL/6BOqSa9EntDqtHrTfwvAsTuX/M/TyEQ41TAKwLGve6NHSd1bjz40OnMDhu2MCAwEAAaOCA0swggNHMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQVXsvCCVK7H1Meob7yyrm8GkI/CTB0BgNVHREEbTBrgg53d3cudHVtYmxyLmNvbYIOYXBpLnR1bWJsci5jb22CCnR1bWJsci5jb22CFGFwaS1odHRwMi50dW1ibHIuY29tghR3d3ctaHR0cDIudHVtYmxyLmNvbYIRc2VjdXJlLnR1bWJsci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABap313p0AAAQDAEcwRQIhANVofPFX5mQKVeRPr3rhJpf+JqY1DxDjR3LFOhTFPzaOAiA70OhjmYMCvYTP0f2PEv32f2G9O+tkNnprKd4NWOZMTwB3AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABap313jkAAAQDAEgwRgIhAK3a3PtW"}]}},"reassembly_properties":{"truncated":true},"src_ip":"66.6.33.31","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":36216,"event_start":1565200341.063728} {"fingerprints":{"tls_server":"tls_server/(0303)(cca8)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIGqTCCBZGgAwIBAgIQASwszwgUXWUqe7Pw5GbUaDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA1MDkwMDAwMDBaFw0xOTExMDUxMjAwMDBaMGIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxETAPBgNVBAoTCE9hdGggSW5jMRcwFQYDVQQDEw53d3cudHVtYmxyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSZIjnZx6K5GBdsUXl410/iEsj83gSu4XIHFdKVLmrsbhmc1C/Do2iY1leaRgyA5ERN4NNdAtB7TWr83d9qKFEP49X7lpLZdhineOXKmTVIabB3izePgTnulW7UJhduuMLS1GNsMRy0goc7ZKLMqdqRSXflNtf+SLMjYEh9RUysDpf3aayAFOS785nSAAyGXjMa+LeXQ59wBdXHqgcLPPpQo5RMFHSHwiA8Ls9TbM1Ni7vNOSQG7kndqbHAr05EoU3ICTqcuTJf4drUNx1e/FWwQL/6BOqSa9EntDqtHrTfwvAsTuX/M/TyEQ41TAKwLGve6NHSd1bjz40OnMDhu2MCAwEAAaOCA0swggNHMB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQWBBQVXsvCCVK7H1Meob7yyrm8GkI/CTB0BgNVHREEbTBrgg53d3cudHVtYmxyLmNvbYIOYXBpLnR1bWJsci5jb22CCnR1bWJsci5jb22CFGFwaS1odHRwMi50dW1ibHIuY29tghR3d3ctaHR0cDIudHVtYmxyLmNvbYIRc2VjdXJlLnR1bWJsci5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABap313p0AAAQDAEcwRQIhANVofPFX5mQKVeRPr3rhJpf+JqY1DxDjR3LFOhTFPzaOAiA70OhjmYMCvYTP0f2PEv32f2G9O+tkNnprKd4NWOZMTwB3AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABap313jkAAAQDAEgwRgIhAK3a3PtW8P12o8iv4n6MmPua4eK+iG2i1w4kucaYCFo+AiEAh2jZ1qxBSgCUn1DpTfzluyQvyRCbegb8E53FP6pFOcswDQYJKoZIhvcNAQELBQADggEBAE76XgXofG7wP8KIsddTu/2OIO3/9pKNrxdiarH6ijCl7A9ic9nKeNOjO9RIrhdmzPscailD7LVfTh4c/v68SAvJsy8nnnMzCG5mjar9tPsdowWyEvz1GyvflGQxez4NTz3mUkh9sSOyFxZs+DavihCsWvfBXPcrmX115hzd3LiDMvUliOKs3YHqzyvAdk8HkkmPEE9rF/xrzrHMeUwSkXVvG0T92nXJq/2cVUWzBNs9QuqWj3LsbX+lyqi3hJ9vRdQfM8g8OxrKMAoORrBiKdNCamlJ4AtETwuAFtUeqQUcwsPeR+TcJh/X7eWOSNvbCPxYn6JwGa/puKUTA6u/qmI="},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"66.6.33.31","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":36216,"event_start":1565200341.063940} {"dns":{"base64":"3TUBAAABAAAAAAAAA3d3dwZ0dW1ibHIDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":44906,"dst_port":53,"event_start":1565200341.199091} {"dns":{"base64":"c3kBAAABAAAAAAAAA3d3dwZ0dW1ibHIDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":34581,"dst_port":53,"event_start":1565200341.199256} @@ -405,7 +405,7 @@ {"dns":{"base64":"6IWBgAABAAEABgAKB21vemlsbGEDb3JnAAABAAHADAABAAEAAAAFAAQ/9dDDwBQAAgABAAAABQAZAmMwA29yZwthZmlsaWFzLW5zdARpbmZvAMAUAAIAAQAAAAUABQJhMMA8wBQAAgABAAAABQAVAmIyA29yZwthZmlsaWFzLW5zdMAUwBQAAgABAAAABQAFAmIwwHLAFAACAAEAAAAFAAUCYTLAPMAUAAIAAQAAAAUABQJkMMBywF4AAQABAAAABQAExxM4AcChAAEAAQAAAAUABMf5cAHAOQABAAEAAAAFAATHEzUBwLIAAQABAAAABQAExxM5AcBeABwAAQAAAAUAECABBQAADgAAAAAAAAAAAAHAoQAcAAEAAAAFABAgAQUAAEAAAAAAAAAAAAABwJAAHAABAAAABQAQIAEFAAAMAAAAAAAAAAAAAcBvABwAAQAAAAUAECABBQAASAAAAAAAAAAAAAHAOQAcAAEAAAAFABAgAQUAAAsAAAAAAAAAAAABwLIAHAABAAAABQAQIAEFAAAPAAAAAAAAAAAAAQ=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":46873,"event_start":1565200341.630639} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"63.245.208.195","protocol":6,"src_port":47714,"dst_port":443,"event_start":1565200341.630930} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"mozilla.org"}},"src_ip":"192.168.113.237","dst_ip":"63.245.208.195","protocol":6,"src_port":47714,"dst_port":443,"event_start":1565200341.736152} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((0000)(ff01)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIGvjCCBaagAwIBAgIQAQkZedZ/mwORduNQcrUeHTANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA5MDAwMDAwWhcNMjAxMTEzMTIwMDAwWjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEbMBkGA1UEChMSTW96aWxsYSBGb3VuZGF0aW9uMQ8wDQYDVQQLEwZXZWJPcHMxFDASBgNVBAMTC21vemlsbGEub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcZLC5z6y00SWoKmAWDDKPBhLyv3TX5dc6cwxXb0FxPJXJshKF39TKWisDqAU+SZ+31vVbVOwqPzcFJqRYb/38XvWzgOXS5ssNk+v+ec651M1jmFKFg0nvFDLFTaxmKVUr2chlyTHarWyFGv20B18RIj/gWFyc4GDHs+QK4IeUMQCTCUen9TYul6nJBpYtWi1lZijRYvtpZsAGiGpI+fdZxPcDl+4sXHJrNOpnpZSuvwo7OltOIoUDpxBXAtdMqQ1jyKEiV5TsBg/rHl49zpkepLhPML/i+H3HN3p45cTsLz8L7ZrO+XwmWzxj3Zl65IXVTDsgrWlSwn9HcGNz5oaQIDAQABo4IDZzCCA2MwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFCMzT98RYeCKouko3+wezZMuuXYJMCcGA1UdEQQgMB6CC21vemlsbGEub3Jngg93d3cubW96aWxsYS5vcmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm+VxxQwAA"}]}},"src_ip":"63.245.208.195","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47714,"event_start":1565200341.846269} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((0000)(ff01)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIGvjCCBaagAwIBAgIQAQkZedZ/mwORduNQcrUeHTANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA5MDAwMDAwWhcNMjAxMTEzMTIwMDAwWjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEbMBkGA1UEChMSTW96aWxsYSBGb3VuZGF0aW9uMQ8wDQYDVQQLEwZXZWJPcHMxFDASBgNVBAMTC21vemlsbGEub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcZLC5z6y00SWoKmAWDDKPBhLyv3TX5dc6cwxXb0FxPJXJshKF39TKWisDqAU+SZ+31vVbVOwqPzcFJqRYb/38XvWzgOXS5ssNk+v+ec651M1jmFKFg0nvFDLFTaxmKVUr2chlyTHarWyFGv20B18RIj/gWFyc4GDHs+QK4IeUMQCTCUen9TYul6nJBpYtWi1lZijRYvtpZsAGiGpI+fdZxPcDl+4sXHJrNOpnpZSuvwo7OltOIoUDpxBXAtdMqQ1jyKEiV5TsBg/rHl49zpkepLhPML/i+H3HN3p45cTsLz8L7ZrO+XwmWzxj3Zl65IXVTDsgrWlSwn9HcGNz5oaQIDAQABo4IDZzCCA2MwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFCMzT98RYeCKouko3+wezZMuuXYJMCcGA1UdEQQgMB6CC21vemlsbGEub3Jngg93d3cubW96aWxsYS5vcmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm+VxxQwAA"}]}},"reassembly_properties":{"truncated":true},"src_ip":"63.245.208.195","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47714,"event_start":1565200341.846269} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((0000)(ff01)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIGvjCCBaagAwIBAgIQAQkZedZ/mwORduNQcrUeHTANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA5MDAwMDAwWhcNMjAxMTEzMTIwMDAwWjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEbMBkGA1UEChMSTW96aWxsYSBGb3VuZGF0aW9uMQ8wDQYDVQQLEwZXZWJPcHMxFDASBgNVBAMTC21vemlsbGEub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcZLC5z6y00SWoKmAWDDKPBhLyv3TX5dc6cwxXb0FxPJXJshKF39TKWisDqAU+SZ+31vVbVOwqPzcFJqRYb/38XvWzgOXS5ssNk+v+ec651M1jmFKFg0nvFDLFTaxmKVUr2chlyTHarWyFGv20B18RIj/gWFyc4GDHs+QK4IeUMQCTCUen9TYul6nJBpYtWi1lZijRYvtpZsAGiGpI+fdZxPcDl+4sXHJrNOpnpZSuvwo7OltOIoUDpxBXAtdMqQ1jyKEiV5TsBg/rHl49zpkepLhPML/i+H3HN3p45cTsLz8L7ZrO+XwmWzxj3Zl65IXVTDsgrWlSwn9HcGNz5oaQIDAQABo4IDZzCCA2MwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFCMzT98RYeCKouko3+wezZMuuXYJMCcGA1UdEQQgMB6CC21vemlsbGEub3Jngg93d3cubW96aWxsYS5vcmcwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm+VxxQwAABAMARzBFAiEAtVpz1SXULqMJz96+u77Rymgzr1GgIDBlRsTOQ5r04MsCIFNI2JfrcBFjJIgf5F7nJ2UdRy9aBZmjzvd0cmfnyKKNAHcAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFm+VxyHgAABAMASDBGAiEAtYF/lHwWUOJO/4PCvs6cillJJdAH7KU1RKZPX9Blwq4CIQCwDhKgUgZFub8buET0KHfJ0Zcg99G/kAD3REU2c7nKhwB3ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZvlcclgAAAQDAEgwRgIhANIUfGM+SGSXMCaZoSBWz9Yi1mZCdWVvqPuexLMBNB5dAiEA/Jit+3955q9R5kBaPhsx+wVKn2usHjmvkjkFq5Iqy+wwDQYJKoZIhvcNAQELBQADggEBAEr076DEJq0tbxoqT53jHlIl42pf1oyCdqy6uORlNqh7tMmPDg29yb3Uq9T/7YuZ6cfEEftSnJSS2LFAccBcNLEHViIlM/3yCpuy3TKKhQ4+q3l8GHqT659JJqCEB7I6VtbuCDWBPq3wRrc37MRTVAhDlAhbaN6UjAjsaterNY4jXfHfdV9EUdadJSw0LNGk8qFeW/+IAuIYPm7qhOgxWM7VD+FT+4V3DlT0SSbDwXosBIbZqwP20/TNr2fyX3b+dpHaHxAkCof679iCS+TxVpRgm8yMFOLWG2Mok51OKzbhwKQv90Qm2QODmYPazftz0YoYtVxDmMCYUmkGlQK/Sqg="},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"63.245.208.195","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47714,"event_start":1565200341.846619} {"dns":{"base64":"NKIBAAABAAAAAAAAA3d3dwdtb3ppbGxhA29yZwAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":59091,"dst_port":53,"event_start":1565200342.063360} {"dns":{"base64":"0Y0BAAABAAAAAAAAA3d3dwdtb3ppbGxhA29yZwAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":32866,"dst_port":53,"event_start":1565200342.063596} @@ -420,7 +420,7 @@ {"dns":{"base64":"kFKBgAABAAAAAQAABmZsaWNrcgNjb20AABwAAcAMAAYAAQAAAAUARQZucy01NzMJYXdzZG5zLTA3A25ldAARYXdzZG5zLWhvc3RtYXN0ZXIGYW1hem9uwBMAAAABAAAcIAAAA4QAEnUAAAFRgA=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":52389,"event_start":1565200342.447574} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"99.84.215.242","protocol":6,"src_port":56402,"dst_port":443,"event_start":1565200342.447924} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"flickr.com"}},"src_ip":"192.168.113.237","dst_ip":"99.84.215.242","protocol":6,"src_port":56402,"dst_port":443,"event_start":1565200342.493276} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIFdTCCBF2gAwIBAgIQDt4YzuELQpTapoK7bNnpZjANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIxMjAwMDBaMBUxEzARBgNVBAMTCmZsaWNrci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ7uaOoNvCN+/ert5b3wZh0CGCmd165UwVC3B1pgEhnt1iyUvM6xczMpkSTxc9w5gvPa/Ne1GPyGOHuY66z9XW50w+Sxjiykbceu+0yYRutkDPv8BhtqKBZgxPJI/3XBvVPyuHQS36IPy+Wjl5EULe9i2KmJMyJfnyE1i7Sb6y4TSk0U4TNi7MGJppXb2e33cgxetihDu00KADE27bXcEWTMstcfBLwdG5/X4x2z/owEvDKNvtolO6SoGwgwQ4l83smKWytETJCljGDTQYnW5SAsW0qy4s1SRf8Tfw+rpETg0muMt6s+satyHzpjoGaXohkDjRnATtx1+J21C3QE9nAgMBAAGjggKOMIICijAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUSWmklGLUX9CtIPn/1pCbKBIdUEUwLAYDVR0RBCUwI4IKZmxpY2tyLmNvbYIHZmxpYy5rcoIMKi5mbGlja3IuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuzwcABAAAEAwBIMEYCIQDVms5k3rQNRh/BDGWUbIgaznl1rFWhhS2mbijASsTlWgIhAJLUcmNRZgbp9oseu+zUDHDGUV05trWyejCkYqeMf89zAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrs8HAUQAABAMARzBFAiEA1dWKmUVBHr1IKCuT5BdfpjdOwLvNn1JfK3AF34iAltMCICPBNPQBQy0fgbTwN9oTwXHesKMl4CbyyTOuzkJuuqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBKYdDCdJU5SY1BejLwpgbyfrg="}]}},"src_ip":"99.84.215.242","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56402,"event_start":1565200342.535652} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIFdTCCBF2gAwIBAgIQDt4YzuELQpTapoK7bNnpZjANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIxMjAwMDBaMBUxEzARBgNVBAMTCmZsaWNrci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ7uaOoNvCN+/ert5b3wZh0CGCmd165UwVC3B1pgEhnt1iyUvM6xczMpkSTxc9w5gvPa/Ne1GPyGOHuY66z9XW50w+Sxjiykbceu+0yYRutkDPv8BhtqKBZgxPJI/3XBvVPyuHQS36IPy+Wjl5EULe9i2KmJMyJfnyE1i7Sb6y4TSk0U4TNi7MGJppXb2e33cgxetihDu00KADE27bXcEWTMstcfBLwdG5/X4x2z/owEvDKNvtolO6SoGwgwQ4l83smKWytETJCljGDTQYnW5SAsW0qy4s1SRf8Tfw+rpETg0muMt6s+satyHzpjoGaXohkDjRnATtx1+J21C3QE9nAgMBAAGjggKOMIICijAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUSWmklGLUX9CtIPn/1pCbKBIdUEUwLAYDVR0RBCUwI4IKZmxpY2tyLmNvbYIHZmxpYy5rcoIMKi5mbGlja3IuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuzwcABAAAEAwBIMEYCIQDVms5k3rQNRh/BDGWUbIgaznl1rFWhhS2mbijASsTlWgIhAJLUcmNRZgbp9oseu+zUDHDGUV05trWyejCkYqeMf89zAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrs8HAUQAABAMARzBFAiEA1dWKmUVBHr1IKCuT5BdfpjdOwLvNn1JfK3AF34iAltMCICPBNPQBQy0fgbTwN9oTwXHesKMl4CbyyTOuzkJuuqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBKYdDCdJU5SY1BejLwpgbyfrg="}]}},"reassembly_properties":{"truncated":true},"src_ip":"99.84.215.242","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56402,"event_start":1565200342.535652} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIFdTCCBF2gAwIBAgIQDt4YzuELQpTapoK7bNnpZjANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIxMjAwMDBaMBUxEzARBgNVBAMTCmZsaWNrci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ7uaOoNvCN+/ert5b3wZh0CGCmd165UwVC3B1pgEhnt1iyUvM6xczMpkSTxc9w5gvPa/Ne1GPyGOHuY66z9XW50w+Sxjiykbceu+0yYRutkDPv8BhtqKBZgxPJI/3XBvVPyuHQS36IPy+Wjl5EULe9i2KmJMyJfnyE1i7Sb6y4TSk0U4TNi7MGJppXb2e33cgxetihDu00KADE27bXcEWTMstcfBLwdG5/X4x2z/owEvDKNvtolO6SoGwgwQ4l83smKWytETJCljGDTQYnW5SAsW0qy4s1SRf8Tfw+rpETg0muMt6s+satyHzpjoGaXohkDjRnATtx1+J21C3QE9nAgMBAAGjggKOMIICijAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUSWmklGLUX9CtIPn/1pCbKBIdUEUwLAYDVR0RBCUwI4IKZmxpY2tyLmNvbYIHZmxpYy5rcoIMKi5mbGlja3IuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuzwcABAAAEAwBIMEYCIQDVms5k3rQNRh/BDGWUbIgaznl1rFWhhS2mbijASsTlWgIhAJLUcmNRZgbp9oseu+zUDHDGUV05trWyejCkYqeMf89zAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrs8HAUQAABAMARzBFAiEA1dWKmUVBHr1IKCuT5BdfpjdOwLvNn1JfK3AF34iAltMCICPBNPQBQy0fgbTwN9oTwXHesKMl4CbyyTOuzkJuuqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBKYdDCdJU5SY1BejLwpgbyfrisQ7VfzHi0IMaKwskPC9YBIO2AvdYJCcIutNcyCukriQDkYeUinsXYmtZb4B4XLto/XP2lqn9pNqBxS6CPKr7DmPy6SpU5RcYWHrKLGvjM4WA2GSD0nabz/yS7Mm+D+txilKh8pwpVMgYPS2AMdX2pnFFWCN58DT6zyt0isjtFoR773gByvPP8W+B4qBqKVdxhtdpo+JDn0/LMpUCrMwppy0/c1jfcEmNSGrgDsSp6E55oeqjKnGCNU3jwsaeeAQAWmm76vW/39r3p+XoP3XSbYNswO0ZumoHjrye63xKOulLY5Z2wv7WAfjjObtjK"},{"base64":"MIIESTCCAzGgAwIBAgITBn+UV4WH6Kx33rJTMlu8mYtWDTANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDFCMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCThZn3c68asg3Wuw6MLAd5tES6BIoSMzoKcG5blPVo+sDORrMd4f2AbnZcMzPa43j4wNxhplty6aUKk4T1qe9BOwKFjwK6zmxxLVYo7bHViXsPlJ6qOMpFge5blDP+18x+B26A0piiQOuPkfyDyeR4xQghfj66Yo19V+emU3nazfvpFA+ROz6WoVmB5x+F2pV8xeKNR7u6azDdU5YVX1TawprmxRC1+WsAYmz6qP+z8ArDITC2FMVy2fw0IjKOtEXc/VfmtTFch5+AfGYMGMqqvJ6LcXiAhqG5TI+Dr0RtM88k+8XUBCeQ8IGKuANaL7TiItKZYxK1MMuTJtV9IblAgMBAAGjggE7MIIBNzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUWaRmBlKge5WSPKOUByeWdFv5PdAwHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQCFkr41u3nPo4FCHOTjY3NTOVI159Gt/a6ZiqyJEi+752+a1U5y6iAwYfmXss2lJwJFqMp2PphKg5625kXg8kP2CN5t6G7bMQcT8C8xDZNtYTd7WPD8UZiRKAJPBXa30/AbwuZe0GaFEQ8ugcYQgSn+IGBI8/LwhBNTZTUVEWuCUUBVV18YtbAiPq3yXqMB48Oz+ctBWuZSkbvkNodPLamkB2g1upRyzQ7qDn1X8nn8N8V7YJ6y68AtkHcNSRAnpTitxBKjtKPISLMVCx7i4hncxHZSyLyKQXhw2W2Xs0qLeC1etA+jTGDK4UfLeC0SF7FSi8o5LL21L8IzApar2pR/"},{"base64":"MIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXjca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qwIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQmjgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAWgBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2VyMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSWMiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/maeyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBKbRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4UakcjMS9cmvqtmg5iUaQqqcT5NJ0hGA=="},{"base64":"MIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNVBAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZpZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/y8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0NTm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRoOt+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0CzyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5JQ4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMBAAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtVrNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28uc3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1UdHwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/GVfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1l08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehuVsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"99.84.215.242","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56402,"event_start":1565200342.535844} {"dns":{"base64":"BRYBAAABAAAAAAAAA3d3dwZmbGlja3IDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":42238,"dst_port":53,"event_start":1565200342.633499} {"dns":{"base64":"zxQBAAABAAAAAAAAA3d3dwZmbGlja3IDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":56785,"dst_port":53,"event_start":1565200342.633692} @@ -428,7 +428,7 @@ {"dns":{"base64":"BRaBgAABAAIABAAIA3d3dwZmbGlja3IDY29tAAABAAHADAAFAAEAAAAFAB8OZDIwYjg2aW51cjE0bGwKY2xvdWRmcm9udANuZXQAwCwAAQABAAAABQAEY1TX8sA7AAIAAQAAAAUAGQducy0xNTk3CWF3c2Rucy0wNwJjbwJ1awDAOwACAAEAAAAFABMGbnMtNjY2CWF3c2Rucy0xOcBGwDsAAgABAAAABQAXB25zLTEzMDYJYXdzZG5zLTM1A29yZwDAOwACAAEAAAAFABMGbnMtNDE4CWF3c2Rucy01MsAXwM4AAQABAAAABQAEzfvBosCMAAEAAQAAAAUABM37wprAqwABAAEAAAAFAATN+8UawGcAAQABAAAABQAEzfvGPcDOABwAAQAAAAUAECYAkABTAaIAAAAAAAAAAAHAjAAcAAEAAAAFABAmAJAAUwKaAAAAAAAAAAABwKsAHAABAAAABQAQJgCQAFMFGgAAAAAAAAAAAcBnABwAAQAAAAUAECYAkABTBj0AAAAAAAAAAAE="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":42238,"event_start":1565200342.667094} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"99.84.215.242","protocol":6,"src_port":56404,"dst_port":443,"event_start":1565200342.667949} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.flickr.com"}},"src_ip":"192.168.113.237","dst_ip":"99.84.215.242","protocol":6,"src_port":56404,"dst_port":443,"event_start":1565200342.707540} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIFdTCCBF2gAwIBAgIQDt4YzuELQpTapoK7bNnpZjANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIxMjAwMDBaMBUxEzARBgNVBAMTCmZsaWNrci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ7uaOoNvCN+/ert5b3wZh0CGCmd165UwVC3B1pgEhnt1iyUvM6xczMpkSTxc9w5gvPa/Ne1GPyGOHuY66z9XW50w+Sxjiykbceu+0yYRutkDPv8BhtqKBZgxPJI/3XBvVPyuHQS36IPy+Wjl5EULe9i2KmJMyJfnyE1i7Sb6y4TSk0U4TNi7MGJppXb2e33cgxetihDu00KADE27bXcEWTMstcfBLwdG5/X4x2z/owEvDKNvtolO6SoGwgwQ4l83smKWytETJCljGDTQYnW5SAsW0qy4s1SRf8Tfw+rpETg0muMt6s+satyHzpjoGaXohkDjRnATtx1+J21C3QE9nAgMBAAGjggKOMIICijAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUSWmklGLUX9CtIPn/1pCbKBIdUEUwLAYDVR0RBCUwI4IKZmxpY2tyLmNvbYIHZmxpYy5rcoIMKi5mbGlja3IuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuzwcABAAAEAwBIMEYCIQDVms5k3rQNRh/BDGWUbIgaznl1rFWhhS2mbijASsTlWgIhAJLUcmNRZgbp9oseu+zUDHDGUV05trWyejCkYqeMf89zAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrs8HAUQAABAMARzBFAiEA1dWKmUVBHr1IKCuT5BdfpjdOwLvNn1JfK3AF34iAltMCICPBNPQBQy0fgbTwN9oTwXHesKMl4CbyyTOuzkJuuqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBKYdDCdJU5SY1BejLwpgbyfrisQ7VfzHi0IMaKwskPC9YBIO2AvdYJCcIutNcyCukriQDkYeUinsXYmtZb4B4XLto/XP2lqn9pNqBxS6CPKr7DmPy6SpU5RcYWHrKLGvjM4WA2GSD0nabz/yS7Mm+D+txilKh8pwpVMgYPS2AMdX2pnFFWCN58DT6zyt0isjtFoR773gByvPP8W+B4qBqKVdxhtdpo+JDn0/LMpUCrMwppy0/c1jfcEmNSGrgDsSp6E55oeqjKnGCNU3jwsaeeAQAWmm76vW/39r3p+XoP3XSbYNswOw=="}]}},"src_ip":"99.84.215.242","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56404,"event_start":1565200342.752418} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIFdTCCBF2gAwIBAgIQDt4YzuELQpTapoK7bNnpZjANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIxMjAwMDBaMBUxEzARBgNVBAMTCmZsaWNrci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ7uaOoNvCN+/ert5b3wZh0CGCmd165UwVC3B1pgEhnt1iyUvM6xczMpkSTxc9w5gvPa/Ne1GPyGOHuY66z9XW50w+Sxjiykbceu+0yYRutkDPv8BhtqKBZgxPJI/3XBvVPyuHQS36IPy+Wjl5EULe9i2KmJMyJfnyE1i7Sb6y4TSk0U4TNi7MGJppXb2e33cgxetihDu00KADE27bXcEWTMstcfBLwdG5/X4x2z/owEvDKNvtolO6SoGwgwQ4l83smKWytETJCljGDTQYnW5SAsW0qy4s1SRf8Tfw+rpETg0muMt6s+satyHzpjoGaXohkDjRnATtx1+J21C3QE9nAgMBAAGjggKOMIICijAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUSWmklGLUX9CtIPn/1pCbKBIdUEUwLAYDVR0RBCUwI4IKZmxpY2tyLmNvbYIHZmxpYy5rcoIMKi5mbGlja3IuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuzwcABAAAEAwBIMEYCIQDVms5k3rQNRh/BDGWUbIgaznl1rFWhhS2mbijASsTlWgIhAJLUcmNRZgbp9oseu+zUDHDGUV05trWyejCkYqeMf89zAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrs8HAUQAABAMARzBFAiEA1dWKmUVBHr1IKCuT5BdfpjdOwLvNn1JfK3AF34iAltMCICPBNPQBQy0fgbTwN9oTwXHesKMl4CbyyTOuzkJuuqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBKYdDCdJU5SY1BejLwpgbyfrisQ7VfzHi0IMaKwskPC9YBIO2AvdYJCcIutNcyCukriQDkYeUinsXYmtZb4B4XLto/XP2lqn9pNqBxS6CPKr7DmPy6SpU5RcYWHrKLGvjM4WA2GSD0nabz/yS7Mm+D+txilKh8pwpVMgYPS2AMdX2pnFFWCN58DT6zyt0isjtFoR773gByvPP8W+B4qBqKVdxhtdpo+JDn0/LMpUCrMwppy0/c1jfcEmNSGrgDsSp6E55oeqjKnGCNU3jwsaeeAQAWmm76vW/39r3p+XoP3XSbYNswOw=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"99.84.215.242","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56404,"event_start":1565200342.752418} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIFdTCCBF2gAwIBAgIQDt4YzuELQpTapoK7bNnpZjANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIgQ0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MDIwMDAwMDBaFw0yMDA4MDIxMjAwMDBaMBUxEzARBgNVBAMTCmZsaWNrci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ7uaOoNvCN+/ert5b3wZh0CGCmd165UwVC3B1pgEhnt1iyUvM6xczMpkSTxc9w5gvPa/Ne1GPyGOHuY66z9XW50w+Sxjiykbceu+0yYRutkDPv8BhtqKBZgxPJI/3XBvVPyuHQS36IPy+Wjl5EULe9i2KmJMyJfnyE1i7Sb6y4TSk0U4TNi7MGJppXb2e33cgxetihDu00KADE27bXcEWTMstcfBLwdG5/X4x2z/owEvDKNvtolO6SoGwgwQ4l83smKWytETJCljGDTQYnW5SAsW0qy4s1SRf8Tfw+rpETg0muMt6s+satyHzpjoGaXohkDjRnATtx1+J21C3QE9nAgMBAAGjggKOMIICijAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQUSWmklGLUX9CtIPn/1pCbKBIdUEUwLAYDVR0RBCUwI4IKZmxpY2tyLmNvbYIHZmxpYy5rcoIMKi5mbGlja3IuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWuzwcABAAAEAwBIMEYCIQDVms5k3rQNRh/BDGWUbIgaznl1rFWhhS2mbijASsTlWgIhAJLUcmNRZgbp9oseu+zUDHDGUV05trWyejCkYqeMf89zAHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFrs8HAUQAABAMARzBFAiEA1dWKmUVBHr1IKCuT5BdfpjdOwLvNn1JfK3AF34iAltMCICPBNPQBQy0fgbTwN9oTwXHesKMl4CbyyTOuzkJuuqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBKYdDCdJU5SY1BejLwpgbyfrisQ7VfzHi0IMaKwskPC9YBIO2AvdYJCcIutNcyCukriQDkYeUinsXYmtZb4B4XLto/XP2lqn9pNqBxS6CPKr7DmPy6SpU5RcYWHrKLGvjM4WA2GSD0nabz/yS7Mm+D+txilKh8pwpVMgYPS2AMdX2pnFFWCN58DT6zyt0isjtFoR773gByvPP8W+B4qBqKVdxhtdpo+JDn0/LMpUCrMwppy0/c1jfcEmNSGrgDsSp6E55oeqjKnGCNU3jwsaeeAQAWmm76vW/39r3p+XoP3XSbYNswO0ZumoHjrye63xKOulLY5Z2wv7WAfjjObtjK"},{"base64":"MIIESTCCAzGgAwIBAgITBn+UV4WH6Kx33rJTMlu8mYtWDTANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDFCMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCThZn3c68asg3Wuw6MLAd5tES6BIoSMzoKcG5blPVo+sDORrMd4f2AbnZcMzPa43j4wNxhplty6aUKk4T1qe9BOwKFjwK6zmxxLVYo7bHViXsPlJ6qOMpFge5blDP+18x+B26A0piiQOuPkfyDyeR4xQghfj66Yo19V+emU3nazfvpFA+ROz6WoVmB5x+F2pV8xeKNR7u6azDdU5YVX1TawprmxRC1+WsAYmz6qP+z8ArDITC2FMVy2fw0IjKOtEXc/VfmtTFch5+AfGYMGMqqvJ6LcXiAhqG5TI+Dr0RtM88k+8XUBCeQ8IGKuANaL7TiItKZYxK1MMuTJtV9IblAgMBAAGjggE7MIIBNzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUWaRmBlKge5WSPKOUByeWdFv5PdAwHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQCFkr41u3nPo4FCHOTjY3NTOVI159Gt/a6ZiqyJEi+752+a1U5y6iAwYfmXss2lJwJFqMp2PphKg5625kXg8kP2CN5t6G7bMQcT8C8xDZNtYTd7WPD8UZiRKAJPBXa30/AbwuZe0GaFEQ8ugcYQgSn+IGBI8/LwhBNTZTUVEWuCUUBVV18YtbAiPq3yXqMB48Oz+ctBWuZSkbvkNodPLamkB2g1upRyzQ7qDn1X8nn8N8V7YJ6y68AtkHcNSRAnpTitxBKjtKPISLMVCx7i4hncxHZSyLyKQXhw2W2Xs0qLeC1etA+jTGDK4UfLeC0SF7FSi8o5LL21L8IzApar2pR/"},{"base64":"MIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXjca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qwIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQmjgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAWgBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2VyMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSWMiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/maeyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBKbRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4UakcjMS9cmvqtmg5iUaQqqcT5NJ0hGA=="},{"base64":"MIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNVBAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZpZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/y8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0NTm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRoOt+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0CzyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5JQ4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMBAAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtVrNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28uc3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1UdHwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/GVfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1l08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehuVsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"99.84.215.242","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56404,"event_start":1565200342.753049} {"dns":{"base64":"oV4BAAABAAAAAAAACGdyYXZhdGFyA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":55844,"dst_port":53,"event_start":1565200343.139712} {"dns":{"base64":"krYBAAABAAAAAAAACGdyYXZhdGFyA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":56525,"dst_port":53,"event_start":1565200343.139875} @@ -454,7 +454,7 @@ {"dns":{"base64":"s8eBgAABAAAAAQAABWU2MDAxAWEKYWthbWFpZWRnZQNuZXQAABwAAcASAAYAAQAAAAUAMQNuMGHAFApob3N0bWFzdGVyBmFrYW1haQNjb20AXUsMoAAAA+gAAAPoAAAD6AAABwg="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":47901,"event_start":1565200344.104356} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"23.67.98.106","protocol":6,"src_port":58940,"dst_port":443,"event_start":1565200344.104576} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"parked-content.godaddy.com"}},"src_ip":"192.168.113.237","dst_ip":"23.67.98.106","protocol":6,"src_port":58940,"dst_port":443,"event_start":1565200344.149261} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG1DCCBbygAwIBAgIIGC58kEbr9U0wDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTkwMjEyMjIzOTA0WhcNMjEwMjEyMjIzOTA0WjBjMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJTkMuMRYwFAYDVQQDDA0qLmdvZGFkZHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Rks2Tbs+DYreyTFDcitH1PN4FdPmW8C8h/AYXAdG9csWK6YUe+pCRutxMLgaz0a/Ky85BG7kawIgKUjZILJxsD0W9sC/GHLdFXi5NtTJUK6WOViVHeiPj+Ov0i/7IlrVP6s6oqokBA66TLLVw0MnZOTVLkmOlYnxOkj/C+bhZf4MU/9Zy8z2J/v/mXBsPhfI73faVXhTChCRuQX0FA5fFhXjd2ipi3SP20mhWDLp008FxOGvSSDhXQnSWAF5jsgZ6DgoNqnrUzw/3uP5/3fAj3QqlZ1xw0cZVOuuoTwZMsxjH8dQrMz8PjGk7DriD3VXAzzMHupDML6R+r533SgwIDAQABo4IDODCCAzQwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMi0xMy5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXAjA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcgg0qLmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQUt6ZsfAL5i/ofSFphx3Gp2BdmMmIwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaOPdGowAAAQDAEcwRQIhAMxX2XWyBa9Tn2kbG6o4HKnnYUZX35JOq57J+IpvZBx/AiAhyVYLWtPilAGU+p/F0YA/vkmayeEWStu/CjUfYsp0sQB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaOPdHjsAAAQDAEYwRAIgWkQUZ163dVmbri6YWXhiABP2sT4+0deGa68TBuyOnMICIFxRtvIH3BmjhyymOOQTV2TQKmRGkvnFWVM06U0Ymv9ZAHYARJRlLrDuzq/EQAfYqP4owA=="}]}},"src_ip":"23.67.98.106","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":58940,"event_start":1565200344.193825} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG1DCCBbygAwIBAgIIGC58kEbr9U0wDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTkwMjEyMjIzOTA0WhcNMjEwMjEyMjIzOTA0WjBjMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJTkMuMRYwFAYDVQQDDA0qLmdvZGFkZHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Rks2Tbs+DYreyTFDcitH1PN4FdPmW8C8h/AYXAdG9csWK6YUe+pCRutxMLgaz0a/Ky85BG7kawIgKUjZILJxsD0W9sC/GHLdFXi5NtTJUK6WOViVHeiPj+Ov0i/7IlrVP6s6oqokBA66TLLVw0MnZOTVLkmOlYnxOkj/C+bhZf4MU/9Zy8z2J/v/mXBsPhfI73faVXhTChCRuQX0FA5fFhXjd2ipi3SP20mhWDLp008FxOGvSSDhXQnSWAF5jsgZ6DgoNqnrUzw/3uP5/3fAj3QqlZ1xw0cZVOuuoTwZMsxjH8dQrMz8PjGk7DriD3VXAzzMHupDML6R+r533SgwIDAQABo4IDODCCAzQwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMi0xMy5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXAjA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcgg0qLmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQUt6ZsfAL5i/ofSFphx3Gp2BdmMmIwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaOPdGowAAAQDAEcwRQIhAMxX2XWyBa9Tn2kbG6o4HKnnYUZX35JOq57J+IpvZBx/AiAhyVYLWtPilAGU+p/F0YA/vkmayeEWStu/CjUfYsp0sQB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaOPdHjsAAAQDAEYwRAIgWkQUZ163dVmbri6YWXhiABP2sT4+0deGa68TBuyOnMICIFxRtvIH3BmjhyymOOQTV2TQKmRGkvnFWVM06U0Ymv9ZAHYARJRlLrDuzq/EQAfYqP4owA=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"23.67.98.106","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":58940,"event_start":1565200344.193825} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIG1DCCBbygAwIBAgIIGC58kEbr9U0wDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTkwMjEyMjIzOTA0WhcNMjEwMjEyMjIzOTA0WjBjMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJTkMuMRYwFAYDVQQDDA0qLmdvZGFkZHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Rks2Tbs+DYreyTFDcitH1PN4FdPmW8C8h/AYXAdG9csWK6YUe+pCRutxMLgaz0a/Ky85BG7kawIgKUjZILJxsD0W9sC/GHLdFXi5NtTJUK6WOViVHeiPj+Ov0i/7IlrVP6s6oqokBA66TLLVw0MnZOTVLkmOlYnxOkj/C+bhZf4MU/9Zy8z2J/v/mXBsPhfI73faVXhTChCRuQX0FA5fFhXjd2ipi3SP20mhWDLp008FxOGvSSDhXQnSWAF5jsgZ6DgoNqnrUzw/3uP5/3fAj3QqlZ1xw0cZVOuuoTwZMsxjH8dQrMz8PjGk7DriD3VXAzzMHupDML6R+r533SgwIDAQABo4IDODCCAzQwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMi0xMy5jcmwwXQYDVR0gBFYwVDBIBgtghkgBhv1tAQcXAjA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAlBgNVHREEHjAcgg0qLmdvZGFkZHkuY29tggtnb2RhZGR5LmNvbTAdBgNVHQ4EFgQUt6ZsfAL5i/ofSFphx3Gp2BdmMmIwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaOPdGowAAAQDAEcwRQIhAMxX2XWyBa9Tn2kbG6o4HKnnYUZX35JOq57J+IpvZBx/AiAhyVYLWtPilAGU+p/F0YA/vkmayeEWStu/CjUfYsp0sQB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABaOPdHjsAAAQDAEYwRAIgWkQUZ163dVmbri6YWXhiABP2sT4+0deGa68TBuyOnMICIFxRtvIH3BmjhyymOOQTV2TQKmRGkvnFWVM06U0Ymv9ZAHYARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAFo490ivAAABAMARzBFAiA3u9e2u7/zy6bmvj1mtciIEAIi7Tght5t2dKtMr6Oo8QIhAOI7Ylq0KUDCvFJUTFJ9BtcPDmAUcHiFHN6YX7cNgkm4MA0GCSqGSIb3DQEBCwUAA4IBAQCuEZMYHRyIsl5gftGz6R5DMDUaGDeshChb5oWMTErkuqJ+vqG4rnHy6RI2MZoMRD0MsdFBv49guEhJChqNQO++A1BW+AYSJqY/tWuE/KD0VcwmVjtPFer1tt6pYZYHqVqSaoRuUlnxiAv7YqiT3ledmIhgr3GLjuXe4nAfRSYK423rHWDhbdsZm+u9n8Hb70Sk9W49CXEyM3IqwYkMTH81HbMcWLHI3Ctp7hDnvvRyJ7tRIvvva5ZNCl1ruzm8ud+LJzEY9em/t2/41nzr9C1rK6nOiGRPkVFtqHGCxi+uR+PTnlM9E0QexuziCIS5xArv8fH5OjDxJJLrELIrex92"},{"base64":"MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzDBNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOvK/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23ecSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HYpDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7neTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMBAAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5nb2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEGCCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawiDsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2xLXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"23.67.98.106","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":58940,"event_start":1565200344.194201} {"dns":{"base64":"z/IBAAABAAAAAAAAAnczA29yZwAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":35956,"dst_port":53,"event_start":1565200344.560780} {"dns":{"base64":"aEIBAAABAAAAAAAAAnczA29yZwAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":51954,"dst_port":53,"event_start":1565200344.560938} @@ -475,11 +475,11 @@ {"dns":{"base64":"Vg2BgAABAAAAAQAAA2dldAR3aXA0BWFkb2JlA2NvbQAAHAABwBAABgABAAAABQAtCW9yMWd0bTAwM8AVCmhvc3RtYXN0ZXLAMHhYS3EAACowAAAOEAAJOoAAAAA8"},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":52579,"event_start":1565200421.835676} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"192.147.130.63","protocol":6,"src_port":56050,"dst_port":443,"event_start":1565200421.836043} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"get.adobe.com"}},"src_ip":"192.168.113.237","dst_ip":"192.147.130.63","protocol":6,"src_port":56050,"dst_port":443,"event_start":1565200421.939433} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIFLzCCBBegAwIBAgIQB0B1cdqi3EvrQNMDvCLFLzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTYwOTIzMDAwMDAwWhcNMTkwOTI3MTIwMDAwWjByMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMRYwFAYDVQQDEw1nZXQuYWRvYmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveM8fv/wEUZyOU3P1HZbEfXssMIqSVViH1GmY4WTN4BjXvKAqhyZZ4d9L9cwwc0wYpZd0eBiKDm82JXN6z1cXvTP9P8DKS91R2FYuk5EFHnLQDI/hHD6Akrw1oO+3Jl9TCnP9ERtJ+ym/QCARGUi+0drECWRnLFUB6pp+OjXEBW4ksqQSMu+5gcJBGLaHGA7FoaPPZiBflGiSYtleD59yTFdn1gExGUjAEV0vtRyn78xLfIm4BjH4ig5ourSePT4sukw+pl7byg1oHlvRBXdivKISGeGDDp4iRgn6o3EeHHv8+SqbtKYN5O2Lt/6nIOAeSBUHgAwMuXjbgbYOTbEZwIDAQABo4IB5DCCAeAwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFL0p+ADBly695ldqsOYJRJDY3p3eMCgGA1UdEQQhMB+CDWdldC5hZG9iZS5jb22CDmdldDIuYWRvYmUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNS5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzUuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAGFvKSUJ3FHGYnmuPNFfUJ9TUF38sGQI3LYN4fxiTkFyt+KzxI465di9ik7gC+IpyPHZkHd4Xt8U5s4xe9v1OCnhrpKsmG+jUYq4VVHZZ9JJhhpdpPqKgkCYc3ulUM981/59HH74HzOQpSifdceEh+i1jVuVbWTEKkIV0yzW8W18fGCWmWD922P7Vi0be2EnvLDlilWDRfTnECAt5b/PpJmt9ww7X2NmAQaIlU++zkaQO635jNqdrxoTEq7Ae6Am6aIbazcGjgohFhoE0dzl2L6/cl8kbEWo+cbfUvIpMRvFaP962YyXFq8D7il10tVgmBQUkY4BNn5cZ9eEqmePPnw="},{"base64":"MIIElDCCA3ygAwIBAgIQ"}]}},"src_ip":"192.147.130.63","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56050,"event_start":1565200422.054512} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIFLzCCBBegAwIBAgIQB0B1cdqi3EvrQNMDvCLFLzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTYwOTIzMDAwMDAwWhcNMTkwOTI3MTIwMDAwWjByMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMRYwFAYDVQQDEw1nZXQuYWRvYmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveM8fv/wEUZyOU3P1HZbEfXssMIqSVViH1GmY4WTN4BjXvKAqhyZZ4d9L9cwwc0wYpZd0eBiKDm82JXN6z1cXvTP9P8DKS91R2FYuk5EFHnLQDI/hHD6Akrw1oO+3Jl9TCnP9ERtJ+ym/QCARGUi+0drECWRnLFUB6pp+OjXEBW4ksqQSMu+5gcJBGLaHGA7FoaPPZiBflGiSYtleD59yTFdn1gExGUjAEV0vtRyn78xLfIm4BjH4ig5ourSePT4sukw+pl7byg1oHlvRBXdivKISGeGDDp4iRgn6o3EeHHv8+SqbtKYN5O2Lt/6nIOAeSBUHgAwMuXjbgbYOTbEZwIDAQABo4IB5DCCAeAwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFL0p+ADBly695ldqsOYJRJDY3p3eMCgGA1UdEQQhMB+CDWdldC5hZG9iZS5jb22CDmdldDIuYWRvYmUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNS5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzUuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAGFvKSUJ3FHGYnmuPNFfUJ9TUF38sGQI3LYN4fxiTkFyt+KzxI465di9ik7gC+IpyPHZkHd4Xt8U5s4xe9v1OCnhrpKsmG+jUYq4VVHZZ9JJhhpdpPqKgkCYc3ulUM981/59HH74HzOQpSifdceEh+i1jVuVbWTEKkIV0yzW8W18fGCWmWD922P7Vi0be2EnvLDlilWDRfTnECAt5b/PpJmt9ww7X2NmAQaIlU++zkaQO635jNqdrxoTEq7Ae6Am6aIbazcGjgohFhoE0dzl2L6/cl8kbEWo+cbfUvIpMRvFaP962YyXFq8D7il10tVgmBQUkY4BNn5cZ9eEqmePPnw="},{"base64":"MIIElDCCA3ygAwIBAgIQ"}]}},"reassembly_properties":{"truncated":true},"src_ip":"192.147.130.63","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56050,"event_start":1565200422.054512} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b00020100))"},"tls":{"server":{"certs":[{"base64":"MIIFLzCCBBegAwIBAgIQB0B1cdqi3EvrQNMDvCLFLzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTYwOTIzMDAwMDAwWhcNMTkwOTI3MTIwMDAwWjByMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMRYwFAYDVQQDEw1nZXQuYWRvYmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveM8fv/wEUZyOU3P1HZbEfXssMIqSVViH1GmY4WTN4BjXvKAqhyZZ4d9L9cwwc0wYpZd0eBiKDm82JXN6z1cXvTP9P8DKS91R2FYuk5EFHnLQDI/hHD6Akrw1oO+3Jl9TCnP9ERtJ+ym/QCARGUi+0drECWRnLFUB6pp+OjXEBW4ksqQSMu+5gcJBGLaHGA7FoaPPZiBflGiSYtleD59yTFdn1gExGUjAEV0vtRyn78xLfIm4BjH4ig5ourSePT4sukw+pl7byg1oHlvRBXdivKISGeGDDp4iRgn6o3EeHHv8+SqbtKYN5O2Lt/6nIOAeSBUHgAwMuXjbgbYOTbEZwIDAQABo4IB5DCCAeAwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFL0p+ADBly695ldqsOYJRJDY3p3eMCgGA1UdEQQhMB+CDWdldC5hZG9iZS5jb22CDmdldDIuYWRvYmUuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwawYDVR0fBGQwYjAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNS5jcmwwL6AtoCuGKWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzUuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHwGCCsGAQUFBwEBBHAwbjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEYGCCsGAQUFBzAChjpodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAGFvKSUJ3FHGYnmuPNFfUJ9TUF38sGQI3LYN4fxiTkFyt+KzxI465di9ik7gC+IpyPHZkHd4Xt8U5s4xe9v1OCnhrpKsmG+jUYq4VVHZZ9JJhhpdpPqKgkCYc3ulUM981/59HH74HzOQpSifdceEh+i1jVuVbWTEKkIV0yzW8W18fGCWmWD922P7Vi0be2EnvLDlilWDRfTnECAt5b/PpJmt9ww7X2NmAQaIlU++zkaQO635jNqdrxoTEq7Ae6Am6aIbazcGjgohFhoE0dzl2L6/cl8kbEWo+cbfUvIpMRvFaP962YyXFq8D7il10tVgmBQUkY4BNn5cZ9eEqmePPnw="},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"192.147.130.63","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":56050,"event_start":1565200422.054770} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"184.50.35.161","protocol":6,"src_port":57026,"dst_port":443,"event_start":1565200422.379884} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.adobe.com"}},"src_ip":"192.168.113.237","dst_ip":"184.50.35.161","protocol":6,"src_port":57026,"dst_port":443,"event_start":1565200422.420984} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGNzCCBR+gAwIBAgIQCg503M6e7LVhG69g0BbsbzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA2MDAwMDAwWhcNMjAwMjA1MTIwMDAwWjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMQswCQYDVQQLEwJJUzEUMBIGA1UEAwwLKi5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHy02hH5awt6eB0ZB5yfF3ZQO+955tDn+W6IfR+yLQFIi931YwkIxAM7M2VD1bm760h29lI6RiYFpiW0oPUnkt8zEpdayi2OHH5Ap6nQSDlEHW9BQpMXLBVep0HG6e8Qz2uiW84K8qlERWRBoDf7LZkJ+j3VGVPX50rD4BW1SjiHw5Hil+mb9tR6z2OMHFhoMYMYhOL4HSRnv3Nj4Xg1f1BfKwYVt4KZe1rnUmqJFVXk0iwdPv71JYh96Rj1CeaYCSG3PhL1CctmEtzfeVFX++kCM1PXeQsJtGEGiITu2FBBFzdheqTxdC9/LOnM9WgmqhVYoScwqo43O34sUx2oJAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUKL0O8nlF4pVkpaFcldo1cKl5FJQwIQYDVR0RBBowGIILKi5hZG9iZS5jb22CCWFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm6OYBSAAABAMARjBEAiAGzoFtL3H38sDIqCoGUtHh+mft+u6+95qWVkiz6tckEAIgNIqKfTS1ssN9aslsQmNTqxw00g0VQRqLRx/yqDpOEmAAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWbo5gIhAAAEAwBHMEUCIFCsSzZXC6mRE0/g7xTRXY94byQOwpjY13VAd0nv+VdIAiEA0hop7zM0YHyWGkiK1emLlPEj8tpv2L0uo/eC5AfqdMAwDQYJKoZIhvcNAQELBQADggEBAApznoYz6ONoMxctjevgb6j9S3Nne3QdHSbAHzQeYzClDxIJNg=="}]}},"src_ip":"184.50.35.161","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":57026,"event_start":1565200422.462731} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGNzCCBR+gAwIBAgIQCg503M6e7LVhG69g0BbsbzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA2MDAwMDAwWhcNMjAwMjA1MTIwMDAwWjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMQswCQYDVQQLEwJJUzEUMBIGA1UEAwwLKi5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHy02hH5awt6eB0ZB5yfF3ZQO+955tDn+W6IfR+yLQFIi931YwkIxAM7M2VD1bm760h29lI6RiYFpiW0oPUnkt8zEpdayi2OHH5Ap6nQSDlEHW9BQpMXLBVep0HG6e8Qz2uiW84K8qlERWRBoDf7LZkJ+j3VGVPX50rD4BW1SjiHw5Hil+mb9tR6z2OMHFhoMYMYhOL4HSRnv3Nj4Xg1f1BfKwYVt4KZe1rnUmqJFVXk0iwdPv71JYh96Rj1CeaYCSG3PhL1CctmEtzfeVFX++kCM1PXeQsJtGEGiITu2FBBFzdheqTxdC9/LOnM9WgmqhVYoScwqo43O34sUx2oJAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUKL0O8nlF4pVkpaFcldo1cKl5FJQwIQYDVR0RBBowGIILKi5hZG9iZS5jb22CCWFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm6OYBSAAABAMARjBEAiAGzoFtL3H38sDIqCoGUtHh+mft+u6+95qWVkiz6tckEAIgNIqKfTS1ssN9aslsQmNTqxw00g0VQRqLRx/yqDpOEmAAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWbo5gIhAAAEAwBHMEUCIFCsSzZXC6mRE0/g7xTRXY94byQOwpjY13VAd0nv+VdIAiEA0hop7zM0YHyWGkiK1emLlPEj8tpv2L0uo/eC5AfqdMAwDQYJKoZIhvcNAQELBQADggEBAApznoYz6ONoMxctjevgb6j9S3Nne3QdHSbAHzQeYzClDxIJNg=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"184.50.35.161","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":57026,"event_start":1565200422.462731} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((ff01)(0000)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGNzCCBR+gAwIBAgIQCg503M6e7LVhG69g0BbsbzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTA2MDAwMDAwWhcNMjAwMjA1MTIwMDAwWjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEpvc2UxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMQswCQYDVQQLEwJJUzEUMBIGA1UEAwwLKi5hZG9iZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHy02hH5awt6eB0ZB5yfF3ZQO+955tDn+W6IfR+yLQFIi931YwkIxAM7M2VD1bm760h29lI6RiYFpiW0oPUnkt8zEpdayi2OHH5Ap6nQSDlEHW9BQpMXLBVep0HG6e8Qz2uiW84K8qlERWRBoDf7LZkJ+j3VGVPX50rD4BW1SjiHw5Hil+mb9tR6z2OMHFhoMYMYhOL4HSRnv3Nj4Xg1f1BfKwYVt4KZe1rnUmqJFVXk0iwdPv71JYh96Rj1CeaYCSG3PhL1CctmEtzfeVFX++kCM1PXeQsJtGEGiITu2FBBFzdheqTxdC9/LOnM9WgmqhVYoScwqo43O34sUx2oJAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQUKL0O8nlF4pVkpaFcldo1cKl5FJQwIQYDVR0RBBowGIILKi5hZG9iZS5jb22CCWFkb2JlLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAJBgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFm6OYBSAAABAMARjBEAiAGzoFtL3H38sDIqCoGUtHh+mft+u6+95qWVkiz6tckEAIgNIqKfTS1ssN9aslsQmNTqxw00g0VQRqLRx/yqDpOEmAAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWbo5gIhAAAEAwBHMEUCIFCsSzZXC6mRE0/g7xTRXY94byQOwpjY13VAd0nv+VdIAiEA0hop7zM0YHyWGkiK1emLlPEj8tpv2L0uo/eC5AfqdMAwDQYJKoZIhvcNAQELBQADggEBAApznoYz6ONoMxctjevgb6j9S3Nne3QdHSbAHzQeYzClDxIJNp/Ob+38tShcMwpu2lBFb0QL3QNRwOZ5xQk4O0h+ul0t1YVDKJw9Mz2qwuOt4mUp+u764vmHDrvZxJxGQ/c6oTsm4biRKBZbI6PTXwz61DhsQ2jtWNATNGWDsdv6MS2F12blpNFdOVzXVOWRb+E7fbZC9VU0l760VFrYB/UuLJ7xb7+3fN04l1KFQE2wtfwdbVZEdYe72eNxIZDmIPxFFotlyzhdsWoGV3WGXTbjVzc3vb3SRQ3E4QTouANow1YA3wwRJWEarmiPN7L+P4sMrDAYF2im1b2YY2Iem+Y="},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"184.50.35.161","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":57026,"event_start":1565200422.462963} {"dns":{"base64":"Dg8BAAABAAAAAAAABmFwYWNoZQNvcmcAAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":42949,"dst_port":53,"event_start":1565200422.709093} {"dns":{"base64":"q/0BAAABAAAAAAAABmFwYWNoZQNvcmcAABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":36419,"dst_port":53,"event_start":1565200422.709264} @@ -487,7 +487,7 @@ {"dns":{"base64":"q/2BgAABAAAAAQAABmFwYWNoZQNvcmcAABwAAcAMAAYAAQAAAAUAPANuczIHc3VyZm5ldAJubAAVaG9zdG1hc3Rlci0yMDA1LWFscGhhwAx4WLk0AAAOEAAAA4QACTqAAAAOEA=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":36419,"event_start":1565200422.755408} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"95.216.24.32","protocol":6,"src_port":50428,"dst_port":443,"event_start":1565200422.755645} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"apache.org"}},"src_ip":"192.168.113.237","dst_ip":"95.216.24.32","protocol":6,"src_port":50428,"dst_port":443,"event_start":1565200422.920415} -{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGbzCCBVegAwIBAgIRAIk8VkaPe0wk+AMX0nAFalswDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTAeFw0xOTA3MDEwMDAwMDBaFw0yMTA2MzAyMzU5NTlaMFkxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQxFTATBgNVBAMMDCouYXBhY2hlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANCOPYE/2bjXXHBCii4IappWRj1rvuNtPfN4CyBvSeT8PX8GzgioOv6/QNBQ8xMQyFQoQOKAQ3kKY1VbHtyHBnXB7PVENeXF9ATB8D/G1b2Mh7D7HXHFgKH4oA=="}]}},"src_ip":"95.216.24.32","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50428,"event_start":1565200423.089947} +{"fingerprints":{"tls_server":"tls_server/(0303)(c030)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGbzCCBVegAwIBAgIRAIk8VkaPe0wk+AMX0nAFalswDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTAeFw0xOTA3MDEwMDAwMDBaFw0yMTA2MzAyMzU5NTlaMFkxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQxFTATBgNVBAMMDCouYXBhY2hlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANCOPYE/2bjXXHBCii4IappWRj1rvuNtPfN4CyBvSeT8PX8GzgioOv6/QNBQ8xMQyFQoQOKAQ3kKY1VbHtyHBnXB7PVENeXF9ATB8D/G1b2Mh7D7HXHFgKH4oA=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"95.216.24.32","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50428,"event_start":1565200423.089947} {"fingerprints":{"tls_server":"tls_server/(0303)(c030)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGbzCCBVegAwIBAgIRAIk8VkaPe0wk+AMX0nAFalswDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTAeFw0xOTA3MDEwMDAwMDBaFw0yMTA2MzAyMzU5NTlaMFkxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQxFTATBgNVBAMMDCouYXBhY2hlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANCOPYE/2bjXXHBCii4IappWRj1rvuNtPfN4CyBvSeT8PX8GzgioOv6/QNBQ8xMQyFQoQOKAQ3kKY1VbHtyHBnXB7PVENeXF9ATB8D/G1b2Mh7D7HXHFgKH4oDEIRZABak4kuOcplgnqV8dhIvpdyN7bUkDzGutKS5cKROIMG7k6VrcdxsFrmnaYedh/mqEEGTz/WF3cWKiWIQftHNMvuqF/CWLqkuQFt2IPHr/Flg70HxSYpMW+ZhLZ0VSJTXf6Bs0XRUk3ADuZJhQY5bPAh3xzvpVCY7C1c7F3kbX9X2MKvJDzpcMgLQ9zvjFfqAsGehTC1pm9SC/QBu0yHCqnVykCAwEAAaOCAvkwggL1MB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBRe2N1Z7wYz82ZGAeeh++C/zsujhTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wIwYDVR0RBBwwGoIMKi5hcGFjaGUub3JnggphcGFjaGUub3JnMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWuvQIWkAAAEAwBIMEYCIQCitZL3CSKKG5roV4KZhA7D/nDIpnehh3ewg/kUekofkwIhALTO4DcZ297TxvHvJCyvI9KLuFAVZqPwKBJJpREKRWmQAHUARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAFrr0CFzgAABAMARjBEAiA2YAeKi+G8qGoeDL8Zy63z2sglcYthlhiACASoFlI5EQIgFWoG+X3ZoD+V+Yt1nSj/DEoplgCea7yumRzGyEJqE/8AdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWuvQIYVAAAEAwBGMEQCICsBcD3xmBKyEmPFCsH3rnXjrpaRr+CbPhUSrvgViIuGAiAmaGGhyn97cREmFO0sCK2Kcejh9pxreGNC0wxm7T/ZtzANBgkqhkiG9w0BAQsFAAOCAQEAHBUIUmW7N3FMHGJ7UTEdvcWSHv1IpyeIa2FC6iUV1+GDmbyXAwFB2sXTWcqkxg64U0uvlE+Iu1jcypmEPaPUK7QPDko6kGH4Iuq7L/kA2dc9jngs8Ks0zbUx489lCw3WllkVEsa6NRWZLrNusGh7NnYBDTaaT8vmGU1VbMoEbUAc1lTeZ2zVYUkhS0SxTDK0L2pxmOowjUVp9AeMm/pR9Zt1fyKhO4gOAinR0Z33Cu2hRgH4eho2yCUEKGuNDYOqqQgOlta0b+t88lOps24Soq1A+W6dVVOwjf1g/gHcMZ6eYIFFXpFH6WLd8jsUrdP6CeJDRhUBeSQQADUcKc+lLA=="},{"base64":"MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+NTQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkjeocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0EoKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBskHaswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotYuK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/HukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGiH19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUxRP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLvxvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyALl6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhYLcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K00u/I5sUKUErmgQfky3xxzlIPK1aEn8="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"95.216.24.32","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":50428,"event_start":1565200423.090512} {"dns":{"base64":"f28BAAABAAAAAAAABWRyaXZlBmdvb2dsZQNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":50142,"dst_port":53,"event_start":1565200423.942464} {"dns":{"base64":"hSkBAAABAAAAAAAABWRyaXZlBmdvb2dsZQNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":51736,"dst_port":53,"event_start":1565200423.942653} @@ -505,7 +505,7 @@ {"dns":{"base64":"mNyBgAABAAAAAQAAC3NvdXJjZWZvcmdlA25ldAAAHAABwAwABgABAAAABQBEA25zMAtkbnNtYWRlZWFzeQNjb20ACmhvc3RtYXN0ZXINc2xhc2hkb3RtZWRpYcA9eDCKtAAAOEAAAAJYAAk6gAAAASw="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":36467,"event_start":1565200424.589661} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"216.105.38.13","protocol":6,"src_port":38020,"dst_port":443,"event_start":1565200424.590092} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"sourceforge.net"}},"src_ip":"192.168.113.237","dst_ip":"216.105.38.13","protocol":6,"src_port":38020,"dst_port":443,"event_start":1565200424.693022} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02c)((ff01)(0000)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIEoDCCA4igAwIBAgISBKbL6QrgO3xDTJZOO3tXGmUvMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDEwNDI1MDJaFw0xOTA5MjkwNDI1MDJaMBoxGDAWBgNVBAMTD3NvdXJjZWZvcmdlLm5ldDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDjTvn1kq6tYg6aY+N9LbwE7Z1LrGaiic+r55oOrh3/d30LYpUqE33eayUf+8vPXkC1cC4cpEf/ZgaS5zJPm3cijggJ5MIICdTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAtiZwF/pwuFNKll1NpJF0u4GAZXMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYDVR0RBCYwJIIRKi5zb3VyY2Vmb3JnZS5uZXSCD3NvdXJjZWZvcmdlLm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa6v+XZ0AAAQDAEgwRgIhAMGoaiHGWej89vxqnqxUT6x5ueZ+hCHan11o6QB0zMs1AiEA47PrK3t+kqZ9Nac7uZLzxRGDgJEb0net+TO7cW43f3oAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWur/l1pAAAEAwBIMEYCIQDzDZUXOPY9hBGjyp1joEoi84Do1u/ECBjTFDWVWRicygIhAK6GvHud6ooxSeP2S79OnqFOePMsgZla2mVFTgMxM9vGMA0GCSqGSIb3DQEBCwUAA4IBAQAM3uIbCfc1nkCLpLR6YyeLMiqQa06toFC6C0WhAYR+72s530m3Ak25kLB/XoXm2C41SkA1UC0vBcwRFdzkK2dbxz3+iHt282zMntVXVY90aKoRTEh/9IdwbdrdaHYJveuF/pEcIxV4UymD/RiT3cIg+B0Ebpju96HiktQC4Si+Z8g79EeoDtH2/au9F9N0H2Z3XROHRlz672Jp6DEJ3xardlzdmHDiyxM0rg1s402rGGYIf/4zhT0ffEfksrr3tM6tSw4Oynzj"}]}},"src_ip":"216.105.38.13","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":38020,"event_start":1565200424.792307} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02c)((ff01)(0000)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIEoDCCA4igAwIBAgISBKbL6QrgO3xDTJZOO3tXGmUvMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDEwNDI1MDJaFw0xOTA5MjkwNDI1MDJaMBoxGDAWBgNVBAMTD3NvdXJjZWZvcmdlLm5ldDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDjTvn1kq6tYg6aY+N9LbwE7Z1LrGaiic+r55oOrh3/d30LYpUqE33eayUf+8vPXkC1cC4cpEf/ZgaS5zJPm3cijggJ5MIICdTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAtiZwF/pwuFNKll1NpJF0u4GAZXMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYDVR0RBCYwJIIRKi5zb3VyY2Vmb3JnZS5uZXSCD3NvdXJjZWZvcmdlLm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa6v+XZ0AAAQDAEgwRgIhAMGoaiHGWej89vxqnqxUT6x5ueZ+hCHan11o6QB0zMs1AiEA47PrK3t+kqZ9Nac7uZLzxRGDgJEb0net+TO7cW43f3oAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWur/l1pAAAEAwBIMEYCIQDzDZUXOPY9hBGjyp1joEoi84Do1u/ECBjTFDWVWRicygIhAK6GvHud6ooxSeP2S79OnqFOePMsgZla2mVFTgMxM9vGMA0GCSqGSIb3DQEBCwUAA4IBAQAM3uIbCfc1nkCLpLR6YyeLMiqQa06toFC6C0WhAYR+72s530m3Ak25kLB/XoXm2C41SkA1UC0vBcwRFdzkK2dbxz3+iHt282zMntVXVY90aKoRTEh/9IdwbdrdaHYJveuF/pEcIxV4UymD/RiT3cIg+B0Ebpju96HiktQC4Si+Z8g79EeoDtH2/au9F9N0H2Z3XROHRlz672Jp6DEJ3xardlzdmHDiyxM0rg1s402rGGYIf/4zhT0ffEfksrr3tM6tSw4Oynzj"}]}},"reassembly_properties":{"truncated":true},"src_ip":"216.105.38.13","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":38020,"event_start":1565200424.792307} {"fingerprints":{"tls_server":"tls_server/(0303)(c02c)((ff01)(0000)(000b000403000102)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIEoDCCA4igAwIBAgISBKbL6QrgO3xDTJZOO3tXGmUvMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MDEwNDI1MDJaFw0xOTA5MjkwNDI1MDJaMBoxGDAWBgNVBAMTD3NvdXJjZWZvcmdlLm5ldDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDjTvn1kq6tYg6aY+N9LbwE7Z1LrGaiic+r55oOrh3/d30LYpUqE33eayUf+8vPXkC1cC4cpEf/ZgaS5zJPm3cijggJ5MIICdTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAtiZwF/pwuFNKll1NpJF0u4GAZXMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYDVR0RBCYwJIIRKi5zb3VyY2Vmb3JnZS5uZXSCD3NvdXJjZWZvcmdlLm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa6v+XZ0AAAQDAEgwRgIhAMGoaiHGWej89vxqnqxUT6x5ueZ+hCHan11o6QB0zMs1AiEA47PrK3t+kqZ9Nac7uZLzxRGDgJEb0net+TO7cW43f3oAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWur/l1pAAAEAwBIMEYCIQDzDZUXOPY9hBGjyp1joEoi84Do1u/ECBjTFDWVWRicygIhAK6GvHud6ooxSeP2S79OnqFOePMsgZla2mVFTgMxM9vGMA0GCSqGSIb3DQEBCwUAA4IBAQAM3uIbCfc1nkCLpLR6YyeLMiqQa06toFC6C0WhAYR+72s530m3Ak25kLB/XoXm2C41SkA1UC0vBcwRFdzkK2dbxz3+iHt282zMntVXVY90aKoRTEh/9IdwbdrdaHYJveuF/pEcIxV4UymD/RiT3cIg+B0Ebpju96HiktQC4Si+Z8g79EeoDtH2/au9F9N0H2Z3XROHRlz672Jp6DEJ3xardlzdmHDiyxM0rg1s402rGGYIf/4zhT0ffEfksrr3tM6tSw4OynzjWVAIUCvA6qmUoIg7Wt/NhaFKF9mpyZU/tmjTwiDMVU6v4/bQEgyS3tz3IRfXbYs9S6K/DKSGDMDZ"},{"base64":"MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0NlowSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMTGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EFq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWAa6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIGCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNvbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9kc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAwVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcCARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwuY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsFAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJouM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwuX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlGPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg=="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"216.105.38.13","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":38020,"event_start":1565200424.792424} {"dns":{"base64":"CMoBAAABAAAAAAAAB255dGltZXMDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":36113,"dst_port":53,"event_start":1565200425.457399} {"dns":{"base64":"kacBAAABAAAAAAAAB255dGltZXMDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":36967,"dst_port":53,"event_start":1565200425.457601} @@ -513,7 +513,7 @@ {"dns":{"base64":"kaeBgAABAAAAAQAAB255dGltZXMDY29tAAAcAAHADAAGAAEAAAAFADUDbnMxA3AyNAZkeW5lY3QDbmV0AApob3N0bWFzdGVywAx4OmA/AAABLAAAAJYAEnUAAAABLA=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":36967,"event_start":1565200425.503786} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.65.164","protocol":6,"src_port":32810,"dst_port":443,"event_start":1565200425.504157} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"nytimes.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.65.164","protocol":6,"src_port":32810,"dst_port":443,"event_start":1565200425.542021} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIJhTCCCG2gAwIBAgIRAL/WIxvqWarWy1Zu0IeNYO0wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI5MDAwMDAwWhcNMjAwMTE4MjM1OTU5WjCBxDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDE4MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAkTCzYyMCA4dGggQXZlMRswGQYDVQQKExJUaGUgTmV3IFlvcmsgVGltZXMxGzAZBgNVBAsTElRoZSBOZXcgWW9yayBUaW1lczEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEUMBIGA1UEAxMLbnl0aW1lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbxBef7yIpiL7/xkUbY2RvDRMmjPiv/HMaFM4KjqowJg2JTbqJmFhiJFuzKndVcUIpO37lVQ/Oallob9fPBYcqAf0e6gFgueeucjHXPnID44qnZGFwj0wtnNmy7ItckEEVhT2OaCpROaeUI4jWHj83NkAnxKHDDuH472BfRNeBgmsoXwdywV421vL9A1yhOpkvNrZBrj6u32i3Fz1+GtSnh4j4LvVC8ewXz3k70YH32gnkAaPOW/X0xTGJ63cqMIuVKq6dBCmhzCbPzVBerr581FuXJ2Cyq/7242H/+XOu+h86nbETzG44TuoxOG2fnd+WhuUUKGKo6M5D3zjlw9AgMBAAGjggWcMIIFmDAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUhiKsBlfdhdBgPQMAt93uFtyZBTQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vYw=="}]}},"src_ip":"151.101.65.164","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":32810,"event_start":1565200425.582018} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIJhTCCCG2gAwIBAgIRAL/WIxvqWarWy1Zu0IeNYO0wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI5MDAwMDAwWhcNMjAwMTE4MjM1OTU5WjCBxDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDE4MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAkTCzYyMCA4dGggQXZlMRswGQYDVQQKExJUaGUgTmV3IFlvcmsgVGltZXMxGzAZBgNVBAsTElRoZSBOZXcgWW9yayBUaW1lczEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEUMBIGA1UEAxMLbnl0aW1lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbxBef7yIpiL7/xkUbY2RvDRMmjPiv/HMaFM4KjqowJg2JTbqJmFhiJFuzKndVcUIpO37lVQ/Oallob9fPBYcqAf0e6gFgueeucjHXPnID44qnZGFwj0wtnNmy7ItckEEVhT2OaCpROaeUI4jWHj83NkAnxKHDDuH472BfRNeBgmsoXwdywV421vL9A1yhOpkvNrZBrj6u32i3Fz1+GtSnh4j4LvVC8ewXz3k70YH32gnkAaPOW/X0xTGJ63cqMIuVKq6dBCmhzCbPzVBerr581FuXJ2Cyq/7242H/+XOu+h86nbETzG44TuoxOG2fnd+WhuUUKGKo6M5D3zjlw9AgMBAAGjggWcMIIFmDAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUhiKsBlfdhdBgPQMAt93uFtyZBTQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vYw=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.65.164","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":32810,"event_start":1565200425.582018} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIJhTCCCG2gAwIBAgIRAL/WIxvqWarWy1Zu0IeNYO0wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI5MDAwMDAwWhcNMjAwMTE4MjM1OTU5WjCBxDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDE4MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAkTCzYyMCA4dGggQXZlMRswGQYDVQQKExJUaGUgTmV3IFlvcmsgVGltZXMxGzAZBgNVBAsTElRoZSBOZXcgWW9yayBUaW1lczEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEUMBIGA1UEAxMLbnl0aW1lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbxBef7yIpiL7/xkUbY2RvDRMmjPiv/HMaFM4KjqowJg2JTbqJmFhiJFuzKndVcUIpO37lVQ/Oallob9fPBYcqAf0e6gFgueeucjHXPnID44qnZGFwj0wtnNmy7ItckEEVhT2OaCpROaeUI4jWHj83NkAnxKHDDuH472BfRNeBgmsoXwdywV421vL9A1yhOpkvNrZBrj6u32i3Fz1+GtSnh4j4LvVC8ewXz3k70YH32gnkAaPOW/X0xTGJ63cqMIuVKq6dBCmhzCbPzVBerr581FuXJ2Cyq/7242H/+XOu+h86nbETzG44TuoxOG2fnd+WhuUUKGKo6M5D3zjlw9AgMBAAGjggWcMIIFmDAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUhiKsBlfdhdBgPQMAt93uFtyZBTQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTCCAtQGA1UdEQSCAsswggLHggtueXRpbWVzLmNvbYIVKi5hcGkuZGV2Lm55dGltZXMuY29tghEqLmFwaS5ueXRpbWVzLmNvbYIVKi5hcGkuc3RnLm55dGltZXMuY29tgg4qLmJldGEubnl0Lm5ldIITKi5ibG9ncy5ueXRpbWVzLmNvbYIXKi5ibG9ncy5zdGcubnl0aW1lcy5jb22CGCouYmxvZ3M1LnN0Zy5ueXRpbWVzLmNvbYISKi5kZXYuYmV0YS5ueXQubmV0ghcqLmRldi5ibG9ncy5ueXRpbWVzLmNvbYINKi5kZXYubnl0LmNvbYINKi5kZXYubnl0Lm5ldIIRKi5kZXYubnl0aW1lcy5jb22CDSoubmV3c2Rldi5uZXSCESoubmV3c2Rldi5ueXQubmV0ghUqLm5ld3NkZXYubnl0aW1lcy5jb22CCSoubnl0LmNvbYIJKi5ueXQubmV0ggsqLm55dGNvLmNvbYINKi5ueXRpbWVzLmNvbYIZKi5wYXlmbG93LnNieC5ueXRpbWVzLmNvbYIRKi5zYngubnl0aW1lcy5jb22CEiouc3RnLmJldGEubnl0Lm5ldIIXKi5zdGcuYmxvZ3Mubnl0aW1lcy5jb22CESouc3RnLm5ld3NkZXYubmV0ghUqLnN0Zy5uZXdzZGV2Lm55dC5uZXSCGSouc3RnLm5ld3NkZXYubnl0aW1lcy5jb22CDSouc3RnLm55dC5jb22CDSouc3RnLm55dC5uZXSCESouc3RnLm55dGltZXMuY29tghAqLnRpbWVzdGFsa3MuY29tggtuZXdzZGV2Lm5ldIIHbnl0LmNvbYIHbnl0Lm5ldIIJbnl0Y28uY29tgg50aW1lc3RhbGtzLmNvbYIbd3d3LmJlc3RzZWxsZXJzLm55dGltZXMuY29tghx3d3cuaG9tZWRlbGl2ZXJ5Lm55dGltZXMuY29tMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFnYAxysQAABAMARzBFAiBsjMEzQ01LJnfg8SWtJi+wQ/2NrVih667zOk9JD/KAxwIhAOvJND92OVh2cozY7QXv0vsfzWszxn9tEVaNc3ezXlQDAHUAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFnYAxzBgAABAMARjBEAiBFD4mv+quaSJL/sb4Jb0zh1w6xe+NBCLxCgr2DLtCZIwIgICd9NO8Mj0obKpS0eB49ZNlj3J7JjKMXCQJGGSlfyIgwDQYJKoZIhvcNAQELBQADggEBAEdGZx2Iilb59sTUqgyo92XdwUxpEXUD25W06NhOezqUJHfw7YxsCuXdSNPAcoMgVuvEo2A4JG9skf62rBFar6sdsBy1OucP/njdSXTN5XuTOwaxO/g4uF8iGGrdR6pYjyeh9DcaIPCPagOxMi0QLd32twYeBzRuZG4sc6JGdmEo9z4Xw5SHkm+x88cLuBiTlcsYgVTFhW+LFwNbILArbP+BCRCTJvOfyevlPpxHGRs2HA/k0LUOvx6MjCj7Xk8i36OxwBkYLr5HDZ2dapAOGKy+tZrOX2z13u4v0J/Ctz93eUTpt9nCObmbPHxOlP3MRRQwnUyMbFh8qrnLPXjl23o="},{"base64":"MIIGDjCCA/agAwIBAgIQNoJef7WkgZN+9tFza7k8pjANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEyMDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNVBAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkU2YXyQURX/zBEHtw8RKMXuG4B+KNfwqkhHc5Z9OzziKkJMjyxi2OkPic284/5OGYuB5dBj0um3cNfnnM858ogDU98MgXPwS5IZUqF0B9WMW2O5cYy1Bu8n32W/JjXT/j0WFb440W+kRiC5Iq+r81SN1GHTx6Xweg6rvn/RuRlPz/DR4MvzLhCXi1+91porl1LwKY1IfWGo8hJi5hjYA3JIUjCkjBlRrKGNQRCJX6tp05LEkAAeohoXG+fo6R4ESGuPQsOvkUUI8/rddf2oPG8RWxevKEy7PNYeEIoCzoBdvDFoJ7BaXDej0umed/ydrbjDxN8GDuxUWxqIDnOnmkCAwEAAaOCAWUwggFhMB8GA1UdIwQYMBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSa8yvaz61Pti+7KkhIKhK3G0LBJDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECAjBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAGmKNmiaHjtlC+B8z6arcTuvYaQ/5GQBSRDTHY/i1e1n055bl71CHgf50Ltt9zKVWiIpYvgMnFlWJzagIhIR+kf0UclZeylKpUg1fMWXZuAnJTsVejJ1SpH7pmue4lP6DYwT+yO4CxIsru3bHUeQ1dCTaXaROBU01xjqfrxrWN4qOZADRARKVtho5fV8aX6efVRL0NiGq2dmE1deiSoXrS2uvUAOZu2K/1S0wQHLqeBHuhFhj62uI0gqxiV5iRxBBJXAEepXK9a0l/qx6RVi7Epxd/3zoZza9msAKcUy5/pO6rMqpxiXHFinQjZf7BTP+HsO993MiBWamlzI8SDH0YZyoRebrrr+bKgy0QB2SXP3PyeHPLbJLfqqkJDJCgmfyWkfBxmpv966+AuIgkQWEH8HwIAiX3+8MN66zQd5ZFbY//NPnDC7bh5RS+bNvRfExb/IP46xH4pGtwZDb2Itz1GdRcqK6ROLwMeRvlu2+jdKif7wndoTJiIsBpA+ixOYoBnW3dpKSH89D4mdJHJLDntE/9Q2toN2I1iLFGy4XfdhbTl27d0SPWuHiJeRvsBGAh52HN22r1xP9QDWnE2p4J6ijvyxFnlcIdNFgZoMOWxtKNcl0rcRkND23m9e9Pqki2Z3ci+bkEAsUhJg+f+1cC6JmnkJiYEt7Fx4b4GH8fxV"},{"base64":"MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowgYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYDVQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNwAHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR62RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onrayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIqm1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IEIlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfOKJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPOGHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73gJMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQzbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfjJw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLYUspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9HvxPUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vRpu/xO28QOG8="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.65.164","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":32810,"event_start":1565200425.583059} {"dns":{"base64":"dA4BAAABAAAAAAAAA3d3dwdueXRpbWVzA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":58499,"dst_port":53,"event_start":1565200425.677119} {"dns":{"base64":"yMcBAAABAAAAAAAAA3d3dwdueXRpbWVzA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":56888,"dst_port":53,"event_start":1565200425.677305} @@ -523,7 +523,7 @@ {"dns":{"base64":"ineBgAABAAAAAQAAB255dGltZXMDbWFwBmZhc3RseQNuZXQAABwAAcAYAAYAAQAAAAUAMQNuczHAGApob3N0bWFzdGVyBmZhc3RseQNjb20AeDnGKQAADhAAAAJYAAk6gAAAAB4="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":55471,"event_start":1565200425.758737} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.129.164","protocol":6,"src_port":53270,"dst_port":443,"event_start":1565200425.759152} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.nytimes.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.129.164","protocol":6,"src_port":53270,"dst_port":443,"event_start":1565200425.802611} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIJhTCCCG2gAwIBAgIRAL/WIxvqWarWy1Zu0IeNYO0wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI5MDAwMDAwWhcNMjAwMTE4MjM1OTU5WjCBxDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDE4MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAkTCzYyMCA4dGggQXZlMRswGQYDVQQKExJUaGUgTmV3IFlvcmsgVGltZXMxGzAZBgNVBAsTElRoZSBOZXcgWW9yayBUaW1lczEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEUMBIGA1UEAxMLbnl0aW1lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbxBef7yIpiL7/xkUbY2RvDRMmjPiv/HMaFM4KjqowJg2JTbqJmFhiJFuzKndVcUIpO37lVQ/Oallob9fPBYcqAf0e6gFgueeucjHXPnID44qnZGFwj0wtnNmy7ItckEEVhT2OaCpROaeUI4jWHj83NkAnxKHDDuH472BfRNeBgmsoXwdywV421vL9A1yhOpkvNrZBrj6u32i3Fz1+GtSnh4j4LvVC8ewXz3k70YH32gnkAaPOW/X0xTGJ63cqMIuVKq6dBCmhzCbPzVBerr581FuXJ2Cyq/7242H/+XOu+h86nbETzG44TuoxOG2fnd+WhuUUKGKo6M5D3zjlw9AgMBAAGjggWcMIIFmDAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUhiKsBlfdhdBgPQMAt93uFtyZBTQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vYw=="}]}},"src_ip":"151.101.129.164","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":53270,"event_start":1565200425.845971} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIJhTCCCG2gAwIBAgIRAL/WIxvqWarWy1Zu0IeNYO0wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI5MDAwMDAwWhcNMjAwMTE4MjM1OTU5WjCBxDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDE4MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAkTCzYyMCA4dGggQXZlMRswGQYDVQQKExJUaGUgTmV3IFlvcmsgVGltZXMxGzAZBgNVBAsTElRoZSBOZXcgWW9yayBUaW1lczEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEUMBIGA1UEAxMLbnl0aW1lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbxBef7yIpiL7/xkUbY2RvDRMmjPiv/HMaFM4KjqowJg2JTbqJmFhiJFuzKndVcUIpO37lVQ/Oallob9fPBYcqAf0e6gFgueeucjHXPnID44qnZGFwj0wtnNmy7ItckEEVhT2OaCpROaeUI4jWHj83NkAnxKHDDuH472BfRNeBgmsoXwdywV421vL9A1yhOpkvNrZBrj6u32i3Fz1+GtSnh4j4LvVC8ewXz3k70YH32gnkAaPOW/X0xTGJ63cqMIuVKq6dBCmhzCbPzVBerr581FuXJ2Cyq/7242H/+XOu+h86nbETzG44TuoxOG2fnd+WhuUUKGKo6M5D3zjlw9AgMBAAGjggWcMIIFmDAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUhiKsBlfdhdBgPQMAt93uFtyZBTQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vYw=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.129.164","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":53270,"event_start":1565200425.845971} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIJhTCCCG2gAwIBAgIRAL/WIxvqWarWy1Zu0IeNYO0wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYDVQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI5MDAwMDAwWhcNMjAwMTE4MjM1OTU5WjCBxDELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTEwMDE4MREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFDASBgNVBAkTCzYyMCA4dGggQXZlMRswGQYDVQQKExJUaGUgTmV3IFlvcmsgVGltZXMxGzAZBgNVBAsTElRoZSBOZXcgWW9yayBUaW1lczEZMBcGA1UECxMQTXVsdGktRG9tYWluIFNTTDEUMBIGA1UEAxMLbnl0aW1lcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpbxBef7yIpiL7/xkUbY2RvDRMmjPiv/HMaFM4KjqowJg2JTbqJmFhiJFuzKndVcUIpO37lVQ/Oallob9fPBYcqAf0e6gFgueeucjHXPnID44qnZGFwj0wtnNmy7ItckEEVhT2OaCpROaeUI4jWHj83NkAnxKHDDuH472BfRNeBgmsoXwdywV421vL9A1yhOpkvNrZBrj6u32i3Fz1+GtSnh4j4LvVC8ewXz3k70YH32gnkAaPOW/X0xTGJ63cqMIuVKq6dBCmhzCbPzVBerr581FuXJ2Cyq/7242H/+XOu+h86nbETzG44TuoxOG2fnd+WhuUUKGKo6M5D3zjlw9AgMBAAGjggWcMIIFmDAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUhiKsBlfdhdBgPQMAt93uFtyZBTQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTCCAtQGA1UdEQSCAsswggLHggtueXRpbWVzLmNvbYIVKi5hcGkuZGV2Lm55dGltZXMuY29tghEqLmFwaS5ueXRpbWVzLmNvbYIVKi5hcGkuc3RnLm55dGltZXMuY29tgg4qLmJldGEubnl0Lm5ldIITKi5ibG9ncy5ueXRpbWVzLmNvbYIXKi5ibG9ncy5zdGcubnl0aW1lcy5jb22CGCouYmxvZ3M1LnN0Zy5ueXRpbWVzLmNvbYISKi5kZXYuYmV0YS5ueXQubmV0ghcqLmRldi5ibG9ncy5ueXRpbWVzLmNvbYINKi5kZXYubnl0LmNvbYINKi5kZXYubnl0Lm5ldIIRKi5kZXYubnl0aW1lcy5jb22CDSoubmV3c2Rldi5uZXSCESoubmV3c2Rldi5ueXQubmV0ghUqLm5ld3NkZXYubnl0aW1lcy5jb22CCSoubnl0LmNvbYIJKi5ueXQubmV0ggsqLm55dGNvLmNvbYINKi5ueXRpbWVzLmNvbYIZKi5wYXlmbG93LnNieC5ueXRpbWVzLmNvbYIRKi5zYngubnl0aW1lcy5jb22CEiouc3RnLmJldGEubnl0Lm5ldIIXKi5zdGcuYmxvZ3Mubnl0aW1lcy5jb22CESouc3RnLm5ld3NkZXYubmV0ghUqLnN0Zy5uZXdzZGV2Lm55dC5uZXSCGSouc3RnLm5ld3NkZXYubnl0aW1lcy5jb22CDSouc3RnLm55dC5jb22CDSouc3RnLm55dC5uZXSCESouc3RnLm55dGltZXMuY29tghAqLnRpbWVzdGFsa3MuY29tggtuZXdzZGV2Lm5ldIIHbnl0LmNvbYIHbnl0Lm5ldIIJbnl0Y28uY29tgg50aW1lc3RhbGtzLmNvbYIbd3d3LmJlc3RzZWxsZXJzLm55dGltZXMuY29tghx3d3cuaG9tZWRlbGl2ZXJ5Lm55dGltZXMuY29tMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFnYAxysQAABAMARzBFAiBsjMEzQ01LJnfg8SWtJi+wQ/2NrVih667zOk9JD/KAxwIhAOvJND92OVh2cozY7QXv0vsfzWszxn9tEVaNc3ezXlQDAHUAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFnYAxzBgAABAMARjBEAiBFD4mv+quaSJL/sb4Jb0zh1w6xe+NBCLxCgr2DLtCZIwIgICd9NO8Mj0obKpS0eB49ZNlj3J7JjKMXCQJGGSlfyIgwDQYJKoZIhvcNAQELBQADggEBAEdGZx2Iilb59sTUqgyo92XdwUxpEXUD25W06NhOezqUJHfw7YxsCuXdSNPAcoMgVuvEo2A4JG9skf62rBFar6sdsBy1OucP/njdSXTN5XuTOwaxO/g4uF8iGGrdR6pYjyeh9DcaIPCPagOxMi0QLd32twYeBzRuZG4sc6JGdmEo9z4Xw5SHkm+x88cLuBiTlcsYgVTFhW+LFwNbILArbP+BCRCTJvOfyevlPpxHGRs2HA/k0LUOvx6MjCj7Xk8i36OxwBkYLr5HDZ2dapAOGKy+tZrOX2z13u4v0J/Ctz93eUTpt9nCObmbPHxOlP3MRRQwnUyMbFh8qrnLPXjl23o="},{"base64":"MIIGDjCCA/agAwIBAgIQNoJef7WkgZN+9tFza7k8pjANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEyMDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNVBAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkU2YXyQURX/zBEHtw8RKMXuG4B+KNfwqkhHc5Z9OzziKkJMjyxi2OkPic284/5OGYuB5dBj0um3cNfnnM858ogDU98MgXPwS5IZUqF0B9WMW2O5cYy1Bu8n32W/JjXT/j0WFb440W+kRiC5Iq+r81SN1GHTx6Xweg6rvn/RuRlPz/DR4MvzLhCXi1+91porl1LwKY1IfWGo8hJi5hjYA3JIUjCkjBlRrKGNQRCJX6tp05LEkAAeohoXG+fo6R4ESGuPQsOvkUUI8/rddf2oPG8RWxevKEy7PNYeEIoCzoBdvDFoJ7BaXDej0umed/ydrbjDxN8GDuxUWxqIDnOnmkCAwEAAaOCAWUwggFhMB8GA1UdIwQYMBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSa8yvaz61Pti+7KkhIKhK3G0LBJDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECAjBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAGmKNmiaHjtlC+B8z6arcTuvYaQ/5GQBSRDTHY/i1e1n055bl71CHgf50Ltt9zKVWiIpYvgMnFlWJzagIhIR+kf0UclZeylKpUg1fMWXZuAnJTsVejJ1SpH7pmue4lP6DYwT+yO4CxIsru3bHUeQ1dCTaXaROBU01xjqfrxrWN4qOZADRARKVtho5fV8aX6efVRL0NiGq2dmE1deiSoXrS2uvUAOZu2K/1S0wQHLqeBHuhFhj62uI0gqxiV5iRxBBJXAEepXK9a0l/qx6RVi7Epxd/3zoZza9msAKcUy5/pO6rMqpxiXHFinQjZf7BTP+HsO993MiBWamlzI8SDH0YZyoRebrrr+bKgy0QB2SXP3PyeHPLbJLfqqkJDJCgmfyWkfBxmpv966+AuIgkQWEH8HwIAiX3+8MN66zQd5ZFbY//NPnDC7bh5RS+bNvRfExb/IP46xH4pGtwZDb2Itz1GdRcqK6ROLwMeRvlu2+jdKif7wndoTJiIsBpA+ixOYoBnW3dpKSH89D4mdJHJLDntE/9Q2toN2I1iLFGy4XfdhbTl27d0SPWuHiJeRvsBGAh52HN22r1xP9QDWnE2p4J6ijvyxFnlcIdNFgZoMOWxtKNcl0rcRkND23m9e9Pqki2Z3ci+bkEAsUhJg+f+1cC6JmnkJiYEt7Fx4b4GH8fxV"},{"base64":"MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowgYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYDVQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNwAHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR62RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onrayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIqm1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IEIlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfOKJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPOGHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73gJMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQzbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfjJw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLYUspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9HvxPUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vRpu/xO28QOG8="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.129.164","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":53270,"event_start":1565200425.846286} {"dns":{"base64":"MUcBAAABAAAAAAAABmV1cm9wYQJldQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":56461,"dst_port":53,"event_start":1565200426.811933} {"dns":{"base64":"7t0BAAABAAAAAAAABmV1cm9wYQJldQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":33812,"dst_port":53,"event_start":1565200426.812123} @@ -531,7 +531,7 @@ {"dns":{"base64":"7t2BgAABAAIABQAIBmV1cm9wYQJldQAAHAABwAwAHAABAAAABQAQKgFwgAAkAQAAAAAABmYARcAMABwAAQAAAAUAECoBcIAAFAEAAAAAAAZmAEXAEwACAAEAAAAFAAkCdWsDZG5zwBPAEwACAAEAAAAFAAQBecBiwBMAAgABAAAABQAEAXjAYsATAAIAAQAAAAUABQJzacBiwBMAAgABAAAABQAFAm5swGLAhAABAAEAAAAFAAS5l40BwHQAAQABAAAABQAEwpJqWsClAAEAAQAAAAUABFvIEGTAlAABAAEAAAAFAATBAt08wF8AAQABAAAABQAEw0LxssCEABwAAQAAAAUAECoCBWj+AAAAAAAAAAAAZXXAdAAcAAEAAAAFABAgAQZ8EBAAIwAAAAAAAABTwJQAHAABAAAABQAQIAEUcIAAAQAAAAAAAAAAAQ=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":33812,"event_start":1565200426.947227} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"147.67.34.45","protocol":6,"src_port":34564,"dst_port":443,"event_start":1565200426.947850} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"europa.eu"}},"src_ip":"192.168.113.237","dst_ip":"147.67.34.45","protocol":6,"src_port":34564,"dst_port":443,"event_start":1565200427.078109} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b00020100)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHJTCCBg2gAwIBAgIMd0nv2yasK3XL7I9wMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwMzI3MTIwMTA0WhcNMjAwNTIwMTAxNTAyWjBlMQswCQYDVQQGEwJCRTERMA8GA1UECBMIQnJ1c3NlbHMxETAPBgNVBAcTCEJydXNzZWxzMRwwGgYDVQQKExNFdXJvcGVhbiBDb21taXNzaW9uMRIwEAYDVQQDEwlldXJvcGEuZXUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQPY1KTxUA4oUUhOen+zKWa5rK+1/5bddmU7v3Zezm1L2ai7q18zm7tnCzK4j2iUbFEzKOdGI3Tzt4+9nFBmM5xPUy2G0qRuZ3ySzcS5QAZJQK6cCwA6sWUYhqvpDcSc1osxPHBKjn7cABk7LXAbHfEONEg+90ZwW5seCgtBG0mV6Tu9OOIGVBbfO4CAPBAzGX2DFsw8mW9VRKz/HAikDlskOMLNWlwtrh+4DYxEic9q3WU9xOVYLzCeC1QoBTPkdE56ACJeAENPdWYcXfORfoCxmCT2TNkbBKaoMsWJvtNcWWzGmva41KdnL1GQAxrItZhAYLQNQ3SR+YPoLVSL0xAgMBAAGjggPSMIIDzjAOBgNVHQ8BAf8EBAMCBaAwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMBQGA1UdEQQNMAuCCWV1cm9wYS5ldTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNtSkcbZ0FxkMPm0QBidhAk+OUcVMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07gwBA5hp8MIIB9AYKKwYBBAHWeQIEAgSCAeQEggHgAd4AdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWJnVU1oAAAEAwBGMEQCIEhSJBZ29XcNILkGQDUCBHCnx+/GaiCR7aHYjIr5sJ9LAiAzsjDjo53+gy+E0vhFJjbBh1bxFOFGzUac/I73vcnpHQB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYmdVTe8AAAQDAEYwRAIgSxJnW+hIGUyMrpKsIsGdT6j+BGaijGF5NO9xocJm4Z0CIBz0zWJXXkDlMqb6sjvGpAwpB0t4SzgM3DHETAYGYV+kAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsg="}]}},"src_ip":"147.67.34.45","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":34564,"event_start":1565200427.208658} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b00020100)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHJTCCBg2gAwIBAgIMd0nv2yasK3XL7I9wMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwMzI3MTIwMTA0WhcNMjAwNTIwMTAxNTAyWjBlMQswCQYDVQQGEwJCRTERMA8GA1UECBMIQnJ1c3NlbHMxETAPBgNVBAcTCEJydXNzZWxzMRwwGgYDVQQKExNFdXJvcGVhbiBDb21taXNzaW9uMRIwEAYDVQQDEwlldXJvcGEuZXUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQPY1KTxUA4oUUhOen+zKWa5rK+1/5bddmU7v3Zezm1L2ai7q18zm7tnCzK4j2iUbFEzKOdGI3Tzt4+9nFBmM5xPUy2G0qRuZ3ySzcS5QAZJQK6cCwA6sWUYhqvpDcSc1osxPHBKjn7cABk7LXAbHfEONEg+90ZwW5seCgtBG0mV6Tu9OOIGVBbfO4CAPBAzGX2DFsw8mW9VRKz/HAikDlskOMLNWlwtrh+4DYxEic9q3WU9xOVYLzCeC1QoBTPkdE56ACJeAENPdWYcXfORfoCxmCT2TNkbBKaoMsWJvtNcWWzGmva41KdnL1GQAxrItZhAYLQNQ3SR+YPoLVSL0xAgMBAAGjggPSMIIDzjAOBgNVHQ8BAf8EBAMCBaAwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMBQGA1UdEQQNMAuCCWV1cm9wYS5ldTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNtSkcbZ0FxkMPm0QBidhAk+OUcVMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07gwBA5hp8MIIB9AYKKwYBBAHWeQIEAgSCAeQEggHgAd4AdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWJnVU1oAAAEAwBGMEQCIEhSJBZ29XcNILkGQDUCBHCnx+/GaiCR7aHYjIr5sJ9LAiAzsjDjo53+gy+E0vhFJjbBh1bxFOFGzUac/I73vcnpHQB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYmdVTe8AAAQDAEYwRAIgSxJnW+hIGUyMrpKsIsGdT6j+BGaijGF5NO9xocJm4Z0CIBz0zWJXXkDlMqb6sjvGpAwpB0t4SzgM3DHETAYGYV+kAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsg="}]}},"reassembly_properties":{"truncated":true},"src_ip":"147.67.34.45","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":34564,"event_start":1565200427.208658} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b00020100)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHJTCCBg2gAwIBAgIMd0nv2yasK3XL7I9wMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwMzI3MTIwMTA0WhcNMjAwNTIwMTAxNTAyWjBlMQswCQYDVQQGEwJCRTERMA8GA1UECBMIQnJ1c3NlbHMxETAPBgNVBAcTCEJydXNzZWxzMRwwGgYDVQQKExNFdXJvcGVhbiBDb21taXNzaW9uMRIwEAYDVQQDEwlldXJvcGEuZXUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQPY1KTxUA4oUUhOen+zKWa5rK+1/5bddmU7v3Zezm1L2ai7q18zm7tnCzK4j2iUbFEzKOdGI3Tzt4+9nFBmM5xPUy2G0qRuZ3ySzcS5QAZJQK6cCwA6sWUYhqvpDcSc1osxPHBKjn7cABk7LXAbHfEONEg+90ZwW5seCgtBG0mV6Tu9OOIGVBbfO4CAPBAzGX2DFsw8mW9VRKz/HAikDlskOMLNWlwtrh+4DYxEic9q3WU9xOVYLzCeC1QoBTPkdE56ACJeAENPdWYcXfORfoCxmCT2TNkbBKaoMsWJvtNcWWzGmva41KdnL1GQAxrItZhAYLQNQ3SR+YPoLVSL0xAgMBAAGjggPSMIIDzjAOBgNVHQ8BAf8EBAMCBaAwgaAGCCsGAQUFBwEBBIGTMIGQME0GCCsGAQUFBzAChkFodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMnIxLmNydDA/BggrBgEFBQcwAYYzaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzb3JnYW5pemF0aW9udmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMBQGA1UdEQQNMAuCCWV1cm9wYS5ldTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNtSkcbZ0FxkMPm0QBidhAk+OUcVMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07gwBA5hp8MIIB9AYKKwYBBAHWeQIEAgSCAeQEggHgAd4AdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWJnVU1oAAAEAwBGMEQCIEhSJBZ29XcNILkGQDUCBHCnx+/GaiCR7aHYjIr5sJ9LAiAzsjDjo53+gy+E0vhFJjbBh1bxFOFGzUac/I73vcnpHQB1AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYmdVTe8AAAQDAEYwRAIgSxJnW+hIGUyMrpKsIsGdT6j+BGaijGF5NO9xocJm4Z0CIBz0zWJXXkDlMqb6sjvGpAwpB0t4SzgM3DHETAYGYV+kAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFiZ1VNzQAABAMARzBFAiA7q/H3L6S7zGut9me6GLicWD3J0Iu1Ni9JZZC0MvZVvgIhALag+3P33Q0hA83sStZAHppu4gXNcZBCsKuMs4qW7KuzAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFiZ1VPOwAABAMARzBFAiEAreQTpIcYxnr39P0H47Motp7QLdHqTi2ibt1bjTpk01YCIGP5P8pyfRf1TdFz202jvpSmBpVGqIVr7HmMcvU39M4IMA0GCSqGSIb3DQEBCwUAA4IBAQCmn0XKJPWSgaHnL7uuLJ5Ckox8c14NJP7Oj6WoD1KubzfSPYJh+dELmAXAkPrCLy0GVHGfSqN3DgZQhkx2teVvr0luXLJVjsTf8cLTBkAnMP783p6Zwgwbfdf3hbhPHcUbjvbR5qtEFbyDl2yksbUaPSJnoIuy8v0pyeXEd4YxJaSiSjQ+8Tp8ILcuIrmCZEGS4IKKSRzBkmOT6OX2PdVs9ow0+9RRCFHmXceQNa5qjRXs22QjCTE45mcF2ajbDyg5b9sueL93pWvN3ihJcxa3lCd5FHIG3b3GctksRAusVvMhSI26kMZJBLyvfwvphqQjVoaOYAx4mVejLA7L7fqK"},{"base64":"MIIEaTCCA1GgAwIBAgILBAAAAAABRE7wQkcwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAwMDBaFw0yNDAyMjAxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHDmw/I5N/zHClnSDDDlM/fsBOwphJykfVI+8DNIV0yKMCLkZcC33JiJ1Pi/D4nGyMVTXbv/Kz6vvjVudKRtkTIso21ZvBqOOWQ5PyDLzm+ebomchjSHh/VzZpGhkdWtHUfcKc1H/hgBKueuqI6lfYygoKOhJJomIZeg0k9zfrtHOSewUjmxK1zusp36QUArkBpdSmnENkiN74fv7j9R7l/tyjqORmMdlMJekYuYlZCa7pnRxtNw9KHjUgKOKv1CGLAcRFrW4rY6uSa2EKTSDtc7p8zv4WtdufgPDWi2zZCHlKT3hl2pK8vjX5s8T5J4BO/5ZS5gIg4Qdz6V0rvbLxAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUlt5h8b0cFilTHMDMfTuDAEDmGnwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQELBQADggEBAEYq7l69rgFgNzERhnF0tkZJyBAW/i9iIxerH4f4gu3K3w4s32R1juUYcqeMOovJrKV3UPfvnqTgoI8UV6MqX+x+bRDmuo2wCId2Dkyy2VG7EQLyXN0cvfNVlg/UBsD84iOKJHDTu/B5GqdhcIOKrwbFINihY9Bsrk8y1658GEV1BSl330JAZGSGvip2CTFvHST0mdCF/vIhCPnG9vHQWe3WVjwIKANnuvD58ZAWR65n5ryASOlCdjSXVWkkDoPWoC209fN5ikkodBpBocLTJIg1MGCUF7ThBCIxPTsvFwayuJ2GK1pp74P1S8SqtCr4fKGxhZSM9AyHDPSsQPhZSZg="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"147.67.34.45","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":34564,"event_start":1565200427.209015} {"dns":{"base64":"T1UBAAABAAAAAAAAB3N1cHBvcnQGZ29vZ2xlA2NvbQAAAQAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":41110,"dst_port":53,"event_start":1565200427.622713} {"dns":{"base64":"h64BAAABAAAAAAAAB3N1cHBvcnQGZ29vZ2xlA2NvbQAAHAAB"},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":60189,"dst_port":53,"event_start":1565200427.622892} @@ -546,7 +546,7 @@ {"dns":{"base64":"O9OBgAABAAQADQAMBnJlZGRpdANjb20AAAEAAcAMAAEAAQAAAAUABJdlwYzADAABAAEAAAAFAASXZQGMwAwAAQABAAAABQAEl2VBjMAMAAEAAQAAAAUABJdlgYzAEwACAAEAAAAFABQBZAxndGxkLXNlcnZlcnMDbmV0AMATAAIAAQAAAAUABAFowGrAEwACAAEAAAAFAAQBZcBqwBMAAgABAAAABQAEAWzAasATAAIAAQAAAAUABAFjwGrAEwACAAEAAAAFAAQBasBqwBMAAgABAAAABQAEAWvAasATAAIAAQAAAAUABAFpwGrAEwACAAEAAAAFAAQBZsBqwBMAAgABAAAABQAEAW3AasATAAIAAQAAAAUABAFnwGrAEwACAAEAAAAFAAQBYcBqwBMAAgABAAAABQAEAWLAasEoAAEAAQAAAAUABMAFBh7BOAABAAEAAAAFAATAIQ4ewLgAAQABAAAABQAEwBpcHsBoAAEAAQAAAAUABMAfUB7AmAABAAEAAAAFAATADF4ewPgAAQABAAAABQAEwCMzHsEYAAEAAQAAAAUABMAqXR7AiAABAAEAAAAFAATANnAewOgAAQABAAAABQAEwCusHsDIAAEAAQAAAAUABMAwTx7A2AABAAEAAAAFAATANLIewKgAAQABAAAABQAEwCmiHg=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":54670,"event_start":1565200428.230914} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.193.140","protocol":6,"src_port":47852,"dst_port":443,"event_start":1565200428.231162} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"reddit.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.193.140","protocol":6,"src_port":47852,"dst_port":443,"event_start":1565200428.274631} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHQzCCBiugAwIBAgIQB1sC352kFlEvZM5wcfyMBzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE3MDAwMDAwWhcNMjAwOTAyMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLUmVkZGl0IEluYy4xFTATBgNVBAMMDCoucmVkZGl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/pmlSjpBriKS1FgXKzqItMziu7otc9nmls8zLRaKwDHRpwVfiGWkLckOfvhn79U2zqwDilJ7TKepbjXgpa7mUgs5bX5DqZPXhyfV1hFD66RRQi2wVbvdbJdBGL3VrKZVJRIIpTtc3Q169FIslNKbc9eGq1nwO/REhI5dxDCHAoHwLpp+XfbjkBJGzlgKIBdBHed67KFVUKFvh1RVanVJUNG6IkAXXnPZSigwfA2wBH3QguOc1YxswPB4cOH5sdZeAJQ6j9rSxNqjZthoV43La5nsVYxRtreJ8ooV5ZX/dsL7BBBkWfF/acVSU3f7X7XiFz23vruQyBNQKT2HKXwgcCAwEAAaOCBAMwggP/MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRx4FDR54BS+yMUZZ1Dp40xqlZpJjCBxAYDVR0RBIG8MIG5ggwqLnJlZGRpdC5jb22CCnJlZGRpdC5jb22CESoucmVkZGl0bWVkaWEuY29tgg9yZWRkaXRtZWRpYS5jb22CCSoucmVkZC5pdIIHcmVkZC5pdIIUd3d3LnJlZGRpdHN0YXRpYy5jb22CE2kucmVkZGl0dXBsb2Fkcy5jb22CGCoudGh1bWJzLnJlZGRpdG1lZGlhLmNvbYIRd3d3LnJlZGRpdGluYy5jb22CDXJlZGRpdGluYy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaQ=="}]}},"src_ip":"151.101.193.140","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47852,"event_start":1565200428.313201} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHQzCCBiugAwIBAgIQB1sC352kFlEvZM5wcfyMBzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE3MDAwMDAwWhcNMjAwOTAyMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLUmVkZGl0IEluYy4xFTATBgNVBAMMDCoucmVkZGl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/pmlSjpBriKS1FgXKzqItMziu7otc9nmls8zLRaKwDHRpwVfiGWkLckOfvhn79U2zqwDilJ7TKepbjXgpa7mUgs5bX5DqZPXhyfV1hFD66RRQi2wVbvdbJdBGL3VrKZVJRIIpTtc3Q169FIslNKbc9eGq1nwO/REhI5dxDCHAoHwLpp+XfbjkBJGzlgKIBdBHed67KFVUKFvh1RVanVJUNG6IkAXXnPZSigwfA2wBH3QguOc1YxswPB4cOH5sdZeAJQ6j9rSxNqjZthoV43La5nsVYxRtreJ8ooV5ZX/dsL7BBBkWfF/acVSU3f7X7XiFz23vruQyBNQKT2HKXwgcCAwEAAaOCBAMwggP/MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRx4FDR54BS+yMUZZ1Dp40xqlZpJjCBxAYDVR0RBIG8MIG5ggwqLnJlZGRpdC5jb22CCnJlZGRpdC5jb22CESoucmVkZGl0bWVkaWEuY29tgg9yZWRkaXRtZWRpYS5jb22CCSoucmVkZC5pdIIHcmVkZC5pdIIUd3d3LnJlZGRpdHN0YXRpYy5jb22CE2kucmVkZGl0dXBsb2Fkcy5jb22CGCoudGh1bWJzLnJlZGRpdG1lZGlhLmNvbYIRd3d3LnJlZGRpdGluYy5jb22CDXJlZGRpdGluYy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaQ=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.193.140","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47852,"event_start":1565200428.313201} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHQzCCBiugAwIBAgIQB1sC352kFlEvZM5wcfyMBzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE3MDAwMDAwWhcNMjAwOTAyMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLUmVkZGl0IEluYy4xFTATBgNVBAMMDCoucmVkZGl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/pmlSjpBriKS1FgXKzqItMziu7otc9nmls8zLRaKwDHRpwVfiGWkLckOfvhn79U2zqwDilJ7TKepbjXgpa7mUgs5bX5DqZPXhyfV1hFD66RRQi2wVbvdbJdBGL3VrKZVJRIIpTtc3Q169FIslNKbc9eGq1nwO/REhI5dxDCHAoHwLpp+XfbjkBJGzlgKIBdBHed67KFVUKFvh1RVanVJUNG6IkAXXnPZSigwfA2wBH3QguOc1YxswPB4cOH5sdZeAJQ6j9rSxNqjZthoV43La5nsVYxRtreJ8ooV5ZX/dsL7BBBkWfF/acVSU3f7X7XiFz23vruQyBNQKT2HKXwgcCAwEAAaOCBAMwggP/MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRx4FDR54BS+yMUZZ1Dp40xqlZpJjCBxAYDVR0RBIG8MIG5ggwqLnJlZGRpdC5jb22CCnJlZGRpdC5jb22CESoucmVkZGl0bWVkaWEuY29tgg9yZWRkaXRtZWRpYS5jb22CCSoucmVkZC5pdIIHcmVkZC5pdIIUd3d3LnJlZGRpdHN0YXRpYy5jb22CE2kucmVkZGl0dXBsb2Fkcy5jb22CGCoudGh1bWJzLnJlZGRpdG1lZGlhLmNvbYIRd3d3LnJlZGRpdGluYy5jb22CDXJlZGRpdGluYy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFlRULTsAAABAMARjBEAiBcrugEb8o8AymzIh0fUN/F0i9SHl/xCQnCIMbXoSd+rwIgVwN50xsjJVuBP7cVxR5oSlj2USU3KVkZoAq+PIwMHucAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWVFQtSDAAAEAwBHMEUCIGo9XmyFN5b38sdORa5NThm594MGPYK4se987nB8WsvPAiEA8Imvn9QF63D4vIwY8d+aticvw2dbwHdoZFpCj96yRn8AdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWVFQtSGAAAEAwBIMEYCIQCH+S3U0ac6/F5Bsc5xyHpO+UTpgz8DKiJSCfaObn3u5wIhANl9+8L/zSfwf7KPUhdPWfNnkMUFaFgRY1/HdOej6a4UMA0GCSqGSIb3DQEBCwUAA4IBAQC9OsE5bjOOvx0VowfFacujFxU1kYDikX90BH106XP7YQIExGmjZ9mo5Ai6UgMHUSIYO4sNFcZYYk6N7bd75K0i8U8X2AcoIfiC6VYdrw4e2rNMXW10CzIh1Co/t65QZ9KtuWXWwxQJYJuIcLsQT7MG7+K48ZJNSsB9VuuzqNebxSZTyhEBMsN030/Oy1CiUsq+nekZfibcAHxc5L6JG8sFnW6R4uTuGg1qZsvr95KZi5lpoUOE2UkdOK2TG7ntn7JLY4C4Yv2VGKrnxGiqajcKwkdh0a6xC1EXY9JObNczgauCO56+f8+xcRoZpTAE/JtywwVl++brUeoLLUdCVthx"},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.193.140","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":47852,"event_start":1565200428.313665} {"dns":{"base64":"qs4BAAABAAAAAAAAA3d3dwZyZWRkaXQDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":34264,"dst_port":53,"event_start":1565200428.403266} {"dns":{"base64":"sO0BAAABAAAAAAAAA3d3dwZyZWRkaXQDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":40557,"dst_port":53,"event_start":1565200428.403543} @@ -556,7 +556,7 @@ {"dns":{"base64":"q9yBgAABAAAAAQAABnJlZGRpdANtYXAGZmFzdGx5A25ldAAAHAABwBcABgABAAAABQAxA25zMcAXCmhvc3RtYXN0ZXIGZmFzdGx5A2NvbQB4OcYpAAAOEAAAAlgACTqAAAAAHg=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":60293,"event_start":1565200428.478180} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"151.101.129.140","protocol":6,"src_port":42288,"dst_port":443,"event_start":1565200428.478770} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"www.reddit.com"}},"src_ip":"192.168.113.237","dst_ip":"151.101.129.140","protocol":6,"src_port":42288,"dst_port":443,"event_start":1565200428.518183} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHQzCCBiugAwIBAgIQB1sC352kFlEvZM5wcfyMBzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE3MDAwMDAwWhcNMjAwOTAyMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLUmVkZGl0IEluYy4xFTATBgNVBAMMDCoucmVkZGl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/pmlSjpBriKS1FgXKzqItMziu7otc9nmls8zLRaKwDHRpwVfiGWkLckOfvhn79U2zqwDilJ7TKepbjXgpa7mUgs5bX5DqZPXhyfV1hFD66RRQi2wVbvdbJdBGL3VrKZVJRIIpTtc3Q169FIslNKbc9eGq1nwO/REhI5dxDCHAoHwLpp+XfbjkBJGzlgKIBdBHed67KFVUKFvh1RVanVJUNG6IkAXXnPZSigwfA2wBH3QguOc1YxswPB4cOH5sdZeAJQ6j9rSxNqjZthoV43La5nsVYxRtreJ8ooV5ZX/dsL7BBBkWfF/acVSU3f7X7XiFz23vruQyBNQKT2HKXwgcCAwEAAaOCBAMwggP/MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRx4FDR54BS+yMUZZ1Dp40xqlZpJjCBxAYDVR0RBIG8MIG5ggwqLnJlZGRpdC5jb22CCnJlZGRpdC5jb22CESoucmVkZGl0bWVkaWEuY29tgg9yZWRkaXRtZWRpYS5jb22CCSoucmVkZC5pdIIHcmVkZC5pdIIUd3d3LnJlZGRpdHN0YXRpYy5jb22CE2kucmVkZGl0dXBsb2Fkcy5jb22CGCoudGh1bWJzLnJlZGRpdG1lZGlhLmNvbYIRd3d3LnJlZGRpdGluYy5jb22CDXJlZGRpdGluYy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaQ=="}]}},"src_ip":"151.101.129.140","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42288,"event_start":1565200428.561018} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHQzCCBiugAwIBAgIQB1sC352kFlEvZM5wcfyMBzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE3MDAwMDAwWhcNMjAwOTAyMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLUmVkZGl0IEluYy4xFTATBgNVBAMMDCoucmVkZGl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/pmlSjpBriKS1FgXKzqItMziu7otc9nmls8zLRaKwDHRpwVfiGWkLckOfvhn79U2zqwDilJ7TKepbjXgpa7mUgs5bX5DqZPXhyfV1hFD66RRQi2wVbvdbJdBGL3VrKZVJRIIpTtc3Q169FIslNKbc9eGq1nwO/REhI5dxDCHAoHwLpp+XfbjkBJGzlgKIBdBHed67KFVUKFvh1RVanVJUNG6IkAXXnPZSigwfA2wBH3QguOc1YxswPB4cOH5sdZeAJQ6j9rSxNqjZthoV43La5nsVYxRtreJ8ooV5ZX/dsL7BBBkWfF/acVSU3f7X7XiFz23vruQyBNQKT2HKXwgcCAwEAAaOCBAMwggP/MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRx4FDR54BS+yMUZZ1Dp40xqlZpJjCBxAYDVR0RBIG8MIG5ggwqLnJlZGRpdC5jb22CCnJlZGRpdC5jb22CESoucmVkZGl0bWVkaWEuY29tgg9yZWRkaXRtZWRpYS5jb22CCSoucmVkZC5pdIIHcmVkZC5pdIIUd3d3LnJlZGRpdHN0YXRpYy5jb22CE2kucmVkZGl0dXBsb2Fkcy5jb22CGCoudGh1bWJzLnJlZGRpdG1lZGlhLmNvbYIRd3d3LnJlZGRpdGluYy5jb22CDXJlZGRpdGluYy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaQ=="}]}},"reassembly_properties":{"truncated":true},"src_ip":"151.101.129.140","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42288,"event_start":1565200428.561018} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(0000)(000b000403000102)(0023)(0017))"},"tls":{"server":{"certs":[{"base64":"MIIHQzCCBiugAwIBAgIQB1sC352kFlEvZM5wcfyMBzANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwODE3MDAwMDAwWhcNMjAwOTAyMTIwMDAwWjBnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLUmVkZGl0IEluYy4xFTATBgNVBAMMDCoucmVkZGl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/pmlSjpBriKS1FgXKzqItMziu7otc9nmls8zLRaKwDHRpwVfiGWkLckOfvhn79U2zqwDilJ7TKepbjXgpa7mUgs5bX5DqZPXhyfV1hFD66RRQi2wVbvdbJdBGL3VrKZVJRIIpTtc3Q169FIslNKbc9eGq1nwO/REhI5dxDCHAoHwLpp+XfbjkBJGzlgKIBdBHed67KFVUKFvh1RVanVJUNG6IkAXXnPZSigwfA2wBH3QguOc1YxswPB4cOH5sdZeAJQ6j9rSxNqjZthoV43La5nsVYxRtreJ8ooV5ZX/dsL7BBBkWfF/acVSU3f7X7XiFz23vruQyBNQKT2HKXwgcCAwEAAaOCBAMwggP/MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRx4FDR54BS+yMUZZ1Dp40xqlZpJjCBxAYDVR0RBIG8MIG5ggwqLnJlZGRpdC5jb22CCnJlZGRpdC5jb22CESoucmVkZGl0bWVkaWEuY29tgg9yZWRkaXRtZWRpYS5jb22CCSoucmVkZC5pdIIHcmVkZC5pdIIUd3d3LnJlZGRpdHN0YXRpYy5jb22CE2kucmVkZGl0dXBsb2Fkcy5jb22CGCoudGh1bWJzLnJlZGRpdG1lZGlhLmNvbYIRd3d3LnJlZGRpdGluYy5jb22CDXJlZGRpdGluYy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFlRULTsAAABAMARjBEAiBcrugEb8o8AymzIh0fUN/F0i9SHl/xCQnCIMbXoSd+rwIgVwN50xsjJVuBP7cVxR5oSlj2USU3KVkZoAq+PIwMHucAdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWVFQtSDAAAEAwBHMEUCIGo9XmyFN5b38sdORa5NThm594MGPYK4se987nB8WsvPAiEA8Imvn9QF63D4vIwY8d+aticvw2dbwHdoZFpCj96yRn8AdwC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWVFQtSGAAAEAwBIMEYCIQCH+S3U0ac6/F5Bsc5xyHpO+UTpgz8DKiJSCfaObn3u5wIhANl9+8L/zSfwf7KPUhdPWfNnkMUFaFgRY1/HdOej6a4UMA0GCSqGSIb3DQEBCwUAA4IBAQC9OsE5bjOOvx0VowfFacujFxU1kYDikX90BH106XP7YQIExGmjZ9mo5Ai6UgMHUSIYO4sNFcZYYk6N7bd75K0i8U8X2AcoIfiC6VYdrw4e2rNMXW10CzIh1Co/t65QZ9KtuWXWwxQJYJuIcLsQT7MG7+K48ZJNSsB9VuuzqNebxSZTyhEBMsN030/Oy1CiUsq+nekZfibcAHxc5L6JG8sFnW6R4uTuGg1qZsvr95KZi5lpoUOE2UkdOK2TG7ntn7JLY4C4Yv2VGKrnxGiqajcKwkdh0a6xC1EXY9JObNczgauCO56+f8+xcRoZpTAE/JtywwVl++brUeoLLUdCVthx"},{"base64":"MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPitc+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz"}]}},"reassembly_properties":{"reassembled":true},"src_ip":"151.101.129.140","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42288,"event_start":1565200428.561330} {"dns":{"base64":"A1sBAAABAAAAAAAACnNvdW5kY2xvdWQDY29tAAABAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":56882,"dst_port":53,"event_start":1565200429.814534} {"dns":{"base64":"K8UBAAABAAAAAAAACnNvdW5kY2xvdWQDY29tAAAcAAE="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":47231,"dst_port":53,"event_start":1565200429.814713} @@ -564,7 +564,7 @@ {"dns":{"base64":"A1uBgAABAAQADQAMCnNvdW5kY2xvdWQDY29tAAABAAHADAABAAEAAAAFAARjVNMswAwAAQABAAAABQAEY1TTKcAMAAEAAQAAAAUABGNU0yTADAABAAEAAAAFAARjVNM0wBcAAgABAAAABQAUAWsMZ3RsZC1zZXJ2ZXJzA25ldADAFwACAAEAAAAFAAQBZsBuwBcAAgABAAAABQAEAWrAbsAXAAIAAQAAAAUABAFhwG7AFwACAAEAAAAFAAQBbMBuwBcAAgABAAAABQAEAWjAbsAXAAIAAQAAAAUABAFiwG7AFwACAAEAAAAFAAQBY8BuwBcAAgABAAAABQAEAWTAbsAXAAIAAQAAAAUABAFnwG7AFwACAAEAAAAFAAQBbcBuwBcAAgABAAAABQAEAWXAbsAXAAIAAQAAAAUABAFpwG7ArAABAAEAAAAFAATABQYewNwAAQABAAAABQAEwCEOHsDsAAEAAQAAAAUABMAaXB7A/AABAAEAAAAFAATAH1AewSwAAQABAAAABQAEwAxeHsCMAAEAAQAAAAUABMAjMx7BDAABAAEAAAAFAATAKl0ewMwAAQABAAAABQAEwDZwHsE8AAEAAQAAAAUABMArrB7AnAABAAEAAAAFAATAME8ewGwAAQABAAAABQAEwDSyHsC8AAEAAQAAAAUABMApoh4="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":56882,"event_start":1565200429.846469} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"99.84.211.44","protocol":6,"src_port":44258,"dst_port":443,"event_start":1565200429.846814} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"soundcloud.com"}},"src_ip":"192.168.113.237","dst_ip":"99.84.211.44","protocol":6,"src_port":44258,"dst_port":443,"event_start":1565200429.890835} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGiDCCBXCgAwIBAgIMX9V1QajyD2DHViFbMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwNDEyMTEwMTE3WhcNMjAwNjA4MTAwODQ4WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMMECouc291bmRjbG91ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsR4qP16sZBEqdjVLnmk228XH1//F6mhBLWTCy3YStrinvLhX1fzl/DrHfMN8LLvJnX6QR+eaTlKKZ26OmrkFCwC5PzOsSRyCNMBsWOaAsdK4KBSI9gPdedshCRa4DyZxg6dezowTZeD87d+/wW+nuPbvtd2+xUVCP2xf3FtVZY/AfVBQ8Zp5yuKU7Af+kNYouDSGowkL85zDT3Pi0lbr/Vguh+yLlYArTriTst0HbqqXE78IGL2/yqjVsIhyju004Xkl0xUt1KK3ags8Q5mCEL81OkC8rCMm4I08NjXP9Hl5GtlAFLkz+8JvD1ktGeO4bcAUVjazhe1sLmsbphhPDAgMBAAGjggNiMIIDXjAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRMEAjAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nkb21haW52YWxzaGEyZzIuY3JsMCsGA1UdEQQkMCKCECouc291bmRjbG91ZC5jb22CDnNvdW5kY2xvdWQuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUIjN2mq9izXkQSwgkrbTsXyoG330wHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYrmEUCcAAAQDAEcwRQIgGA5TTonGf9B75rB9dri4AhAj4v3uGo2FBrBJi4OXksoCIQCZGEsia4o6Hj8Vgnmi5/TO8Fg8iosCr6iowXM/SGfY9QB2AKQ="}]}},"src_ip":"99.84.211.44","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":44258,"event_start":1565200429.931582} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGiDCCBXCgAwIBAgIMX9V1QajyD2DHViFbMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwNDEyMTEwMTE3WhcNMjAwNjA4MTAwODQ4WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMMECouc291bmRjbG91ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsR4qP16sZBEqdjVLnmk228XH1//F6mhBLWTCy3YStrinvLhX1fzl/DrHfMN8LLvJnX6QR+eaTlKKZ26OmrkFCwC5PzOsSRyCNMBsWOaAsdK4KBSI9gPdedshCRa4DyZxg6dezowTZeD87d+/wW+nuPbvtd2+xUVCP2xf3FtVZY/AfVBQ8Zp5yuKU7Af+kNYouDSGowkL85zDT3Pi0lbr/Vguh+yLlYArTriTst0HbqqXE78IGL2/yqjVsIhyju004Xkl0xUt1KK3ags8Q5mCEL81OkC8rCMm4I08NjXP9Hl5GtlAFLkz+8JvD1ktGeO4bcAUVjazhe1sLmsbphhPDAgMBAAGjggNiMIIDXjAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRMEAjAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nkb21haW52YWxzaGEyZzIuY3JsMCsGA1UdEQQkMCKCECouc291bmRjbG91ZC5jb22CDnNvdW5kY2xvdWQuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUIjN2mq9izXkQSwgkrbTsXyoG330wHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYrmEUCcAAAQDAEcwRQIgGA5TTonGf9B75rB9dri4AhAj4v3uGo2FBrBJi4OXksoCIQCZGEsia4o6Hj8Vgnmi5/TO8Fg8iosCr6iowXM/SGfY9QB2AKQ="}]}},"reassembly_properties":{"truncated":true},"src_ip":"99.84.211.44","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":44258,"event_start":1565200429.931582} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((0000)(ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGiDCCBXCgAwIBAgIMX9V1QajyD2DHViFbMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwNDEyMTEwMTE3WhcNMjAwNjA4MTAwODQ4WjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMMECouc291bmRjbG91ZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsR4qP16sZBEqdjVLnmk228XH1//F6mhBLWTCy3YStrinvLhX1fzl/DrHfMN8LLvJnX6QR+eaTlKKZ26OmrkFCwC5PzOsSRyCNMBsWOaAsdK4KBSI9gPdedshCRa4DyZxg6dezowTZeD87d+/wW+nuPbvtd2+xUVCP2xf3FtVZY/AfVBQ8Zp5yuKU7Af+kNYouDSGowkL85zDT3Pi0lbr/Vguh+yLlYArTriTst0HbqqXE78IGL2/yqjVsIhyju004Xkl0xUt1KK3ags8Q5mCEL81OkC8rCMm4I08NjXP9Hl5GtlAFLkz+8JvD1ktGeO4bcAUVjazhe1sLmsbphhPDAgMBAAGjggNiMIIDXjAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMFYGA1UdIARPME0wQQYJKwYBBAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRMEAjAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nkb21haW52YWxzaGEyZzIuY3JsMCsGA1UdEQQkMCKCECouc291bmRjbG91ZC5jb22CDnNvdW5kY2xvdWQuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUIjN2mq9izXkQSwgkrbTsXyoG330wHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYrmEUCcAAAQDAEcwRQIgGA5TTonGf9B75rB9dri4AhAj4v3uGo2FBrBJi4OXksoCIQCZGEsia4o6Hj8Vgnmi5/TO8Fg8iosCr6iowXM/SGfY9QB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABYrmEU5IAAAQDAEcwRQIhAMn4lH1VJVO1W3qnuYq6e6Ckz17x2DPORbjXzVvrKQk5AiAXa0ZU1+SggVkR5whHBpjDAbs9b1N3KoVnWkXXAgr39QB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABYrmEUGYAAAQDAEgwRgIhAKDoi5dmaUESH6HUFGlTFABBM/Av16ZehG2uAXsHcVEwAiEA+XfvmAjbP5pbhYQ32VJyfEAKHmz7Dx1vjiovmFdTFPowDQYJKoZIhvcNAQELBQADggEBAAzRFkpGQeSW4IlCLdJbiWUJpTFeSoqyuyPoBokrNpIk0fL0lkFj9Y4dgae8XKoKkbe28ovt8cYuA08VhrFWPvZHcjtcZgkHoXuNBj42zAkeumCc8QTQVN0Oiwf3ImE5AiYyPa+URyRMSBYNdttOwnqnmQj3OEFFnLBlREQamUFs4hQpu1ymbqNUwbrA/o9O1mkqwoD0klvo+d5aBvmVvigw3TgjMCDxAaYQ+5vYY5n3s3GrrikbISumqJ1VDEBz4LqZoAHaDrs78daelXrJjPFJGREvFqguh3qOIUYsJ/SksLiw2wPuzzeZNTO2ZMB9rzTCSbk5LGcRrGuEdQMaQJk="},{"base64":"MIIEYzCCA0ugAwIBAgILBAAAAAABRE7wPiAwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAwMDBaFw0yNDAyMjAxMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp3cwOs+IyOd1JIqgTaZOHiOEM7nF9vZCHll1Z8syz0lhXV/lG72wm2DZCjn4wsy+aPlN7H262okxFHzzTFZMcie089Ffeyr3sBppqKqAZUn9R0XQ5CJ+r69eGExWXrjbDVGYOWvKgc4Ux47JkFGr/paKOJLu9hVIVonnu8LXuPbj0fYC82ZA1ZbgXqa2zmJ+gfn1u+z+tfMIbWTaW2jcyS0tdNQJjjtunz2LuzC7Ujcm9PGqRcqIip3ItINH6yjfaGJjmFiRxJUvE5XuJUgkC/VkrBG7KB4HUs9ra2+PMgKhWBwZ8lgg3nds4tmI0kWIHdAE42HIw4uuQcSZiwFfzAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU6k581IAt5RWBhiaMgm3AmKTPlw8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQELBQADggEBANdFnqDc4ONhWgt9d4QXLWVagpqNoycqhffJ7+mG/dRHzQFSlsVDvTex4bjyqdKKEYRxkRWJ3AKdC8tsM4U0KJ4gsrGX3G0LEME8zV/qXdeYMcU0mVwAYVXEGwJbxeOJyLS4bx448lYm6UHvPc2smU9ZSlctS32ux4j71pg79eXw6ImJuYsDy1ojH6T9uOr7Lp2uanMJvPzVoLVEgqtEkS5QLlfBQ9iRBIvpES5ftD953x77PzAAi1PjtywdO02L3ORkHQRYM68bVeerDL8wBHTk8w4vMDmNSwSMHnVmZkngvkA0x1xaUZK6EjxS1QSCVS1npd+3lXzuP8MIugS+wEY="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"99.84.211.44","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":44258,"event_start":1565200429.932332} {"dns":{"base64":"+4gBAAABAAAAAAAAAXQCY28AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":42127,"dst_port":53,"event_start":1565200430.189814} {"dns":{"base64":"6MQBAAABAAAAAAAAAXQCY28AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":45036,"dst_port":53,"event_start":1565200430.190010} @@ -572,7 +572,7 @@ {"dns":{"base64":"6MSBgAABAAAAAQAAAXQCY28AABwAAcAMAAYAAQAAAAUAOQNuczEDcDI2BmR5bmVjdANuZXQAC29wc0B0d2l0dGVyA2NvbQAAAAm7AAAOEAAAAlgACTqAAAAAPA=="},"src_ip":"192.168.113.2","dst_ip":"192.168.113.237","protocol":17,"src_port":53,"dst_port":45036,"event_start":1565200430.223296} {"fingerprints":{"tcp":"tcp/(40)()(40)(faf0)((020405b4)(04)(08)(01)(030307))"},"src_ip":"192.168.113.237","dst_ip":"104.244.42.197","protocol":6,"src_port":42970,"dst_port":443,"event_start":1565200430.223621} {"fingerprints":{"tls":"tls/(0303)(130213031301c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff)((0000)(000b000403000102)(000a000c000a001d0017001e00190018)(0023)(0016)(0017)(000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602)(002b0009080304030303020301)(002d00020101)(0033))"},"tls":{"client":{"server_name":"t.co"}},"src_ip":"192.168.113.237","dst_ip":"104.244.42.197","protocol":6,"src_port":42970,"dst_port":443,"event_start":1565200430.274862} -{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGXDCCBUSgAwIBAgIQC7Nk8BsA68WaJkeDtWr17jANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA1MjQwMDAwMDBaFw0yMDA1MjMxMjAwMDBaMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0dGVyLCBJbmMuMQ0wCwYDVQQLEwRhdGxhMQ0wCwYDVQQDEwR0LmNvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS1xDTCZvIEaPzioBNHvpSoyPd/8Gk6myTcKKXKw8icBR19T+XfTEKk3hnwPk14ZAruiBPd7vMsUkD2HtOUdrkNjDpUV9NKTYgLhlB2RxP5RsO2PdPeaPPXIg9NtHOlVUgkThoxqEDavgpMYoNb1K12gzFxYp9LQT4rUsK0F4QdU/FHq/3GBRAnauZx3KYbWnJjGdxUIySQnAXmvGhgqjLBVLjGNRJWifglzds8AIZpo8COJHp3SuMLaBFZycZiIe84Q0uJ/C5OD+2m9YvXWXG2isTVrSAMOuBSy3ssUfw/MUWCMHz3ZwjxqNVT4X+Q7nxQjHi1g9LgNmMIAO9jezwIDAQABo4IC8DCCAuwwHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFFxj/fM0WMmyQTpAZCOhG8USFol4MBkGA1UdEQQSMBCCBHQuY2+CCHd3dy50LmNvMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWrrDaPPAAAEAwBHMEUC"}]}},"src_ip":"104.244.42.197","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42970,"event_start":1565200430.334027} +{"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGXDCCBUSgAwIBAgIQC7Nk8BsA68WaJkeDtWr17jANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA1MjQwMDAwMDBaFw0yMDA1MjMxMjAwMDBaMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0dGVyLCBJbmMuMQ0wCwYDVQQLEwRhdGxhMQ0wCwYDVQQDEwR0LmNvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS1xDTCZvIEaPzioBNHvpSoyPd/8Gk6myTcKKXKw8icBR19T+XfTEKk3hnwPk14ZAruiBPd7vMsUkD2HtOUdrkNjDpUV9NKTYgLhlB2RxP5RsO2PdPeaPPXIg9NtHOlVUgkThoxqEDavgpMYoNb1K12gzFxYp9LQT4rUsK0F4QdU/FHq/3GBRAnauZx3KYbWnJjGdxUIySQnAXmvGhgqjLBVLjGNRJWifglzds8AIZpo8COJHp3SuMLaBFZycZiIe84Q0uJ/C5OD+2m9YvXWXG2isTVrSAMOuBSy3ssUfw/MUWCMHz3ZwjxqNVT4X+Q7nxQjHi1g9LgNmMIAO9jezwIDAQABo4IC8DCCAuwwHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFFxj/fM0WMmyQTpAZCOhG8USFol4MBkGA1UdEQQSMBCCBHQuY2+CCHd3dy50LmNvMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWrrDaPPAAAEAwBHMEUC"}]}},"reassembly_properties":{"truncated":true},"src_ip":"104.244.42.197","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42970,"event_start":1565200430.334027} {"fingerprints":{"tls_server":"tls_server/(0303)(c02f)((ff01)(000b000403000102)(0023))"},"tls":{"server":{"certs":[{"base64":"MIIGXDCCBUSgAwIBAgIQC7Nk8BsA68WaJkeDtWr17jANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTA1MjQwMDAwMDBaFw0yMDA1MjMxMjAwMDBaMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRYwFAYDVQQKEw1Ud2l0dGVyLCBJbmMuMQ0wCwYDVQQLEwRhdGxhMQ0wCwYDVQQDEwR0LmNvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS1xDTCZvIEaPzioBNHvpSoyPd/8Gk6myTcKKXKw8icBR19T+XfTEKk3hnwPk14ZAruiBPd7vMsUkD2HtOUdrkNjDpUV9NKTYgLhlB2RxP5RsO2PdPeaPPXIg9NtHOlVUgkThoxqEDavgpMYoNb1K12gzFxYp9LQT4rUsK0F4QdU/FHq/3GBRAnauZx3KYbWnJjGdxUIySQnAXmvGhgqjLBVLjGNRJWifglzds8AIZpo8COJHp3SuMLaBFZycZiIe84Q0uJ/C5OD+2m9YvXWXG2isTVrSAMOuBSy3ssUfw/MUWCMHz3ZwjxqNVT4X+Q7nxQjHi1g9LgNmMIAO9jezwIDAQABo4IC8DCCAuwwHwYDVR0jBBgwFoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFFxj/fM0WMmyQTpAZCOhG8USFol4MBkGA1UdEQQSMBCCBHQuY2+CCHd3dy50LmNvMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItaGEtc2VydmVyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCBgwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQCMAAwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWrrDaPPAAAEAwBHMEUCIGrY2nK+yCnTjjFZfrrprBCQnEgvylwAgxwuR0/13mOhAiEAwaXpcztuZ3hguP3aPFN3smGh/KZ0HkOMwVt4ipraoJsAdwBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWrrDaNNAAAEAwBIMEYCIQDY/CK+7BOV7qSytUQX5bT0Pmdx1SHQxLg3p3YPIklpDwIhAK7sJrCDJXhJB7LEEHkJkqbsq34KbjW3K/eSorLnrFQTMA0GCSqGSIb3DQEBCwUAA4IBAQAT9sfHyYtR8SwuhBrFaN5rgce3ZKUdN30GXuT8yGxV+SRILTmZ3ttK76HLnmCPQ7VrcHUVcCx5stYT0sQaeylMKuJdyOCHocEy+M1/5/r87q4fucvNQrjDG1TF16VWKc08Sf/nEIkDlHUYN8W1AspK1r2M8PmnvdUNVC2CxitQNWFX3cb/fD9pbJ6T6TDEP+DdkabelLQmAC3Ix0yO7N4vbtGqn4U79V/rZ9PDFdUrPhGKTyOHW4Fo5+Ps4VVm9cYrKo/qS8Sn6+ErRtxS09BlXJlzqDX/IXTx0QJJ6e+6iILJtBOF6RRplkzIBwHdIpQipkazO1ltUlC5dVLVFLq2"},{"base64":"MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBsMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3VyYW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMICKq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0Xsh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcftbZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwdaOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNHE+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zuxICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0AecPUeybQ="}]}},"reassembly_properties":{"reassembled":true},"src_ip":"104.244.42.197","dst_ip":"192.168.113.237","protocol":6,"src_port":443,"dst_port":42970,"event_start":1565200430.334371} {"dns":{"base64":"HiABAAABAAAAAAAABXNpdGVzBmdvb2dsZQNjb20AAAEAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":58257,"dst_port":53,"event_start":1565200430.455097} {"dns":{"base64":"GlkBAAABAAAAAAAABXNpdGVzBmdvb2dsZQNjb20AABwAAQ=="},"src_ip":"192.168.113.237","dst_ip":"192.168.113.2","protocol":17,"src_port":58815,"dst_port":53,"event_start":1565200430.455310} diff --git a/test/json-test.py b/test/json-test.py index fc74d85d..0099609b 100644 --- a/test/json-test.py +++ b/test/json-test.py @@ -103,6 +103,7 @@ 'reassembly_properties': {'type': 'object', 'properties': { 'reassembled': {'type': 'boolean'}, + 'truncated': {'type': 'boolean'}, 'segment_overlap': {'type': 'boolean'}, 'segment_count_exceed': {'type': 'boolean'}, },