/
wireshark-capture-init-ikea.json
7 lines (7 loc) · 36.8 KB
/
wireshark-capture-init-ikea.json
1
2
3
4
5
6
7
{"ip": {"out": {"id": [21490, 21491], "ttl": 64}}, "time_end": 1533194095.70436, "expire_type": "i", "entropy": 1.37741, "payload": {"out": "02010600af2ba9f40003000000000000c0a803d5c0a8030100000000b8d7af2b"}, "num_pkts_out": 2, "pr": 17, "time_start": 1533194095.702529, "dhcp": [{"hlen": "6", "xid": "2938874356", "ciaddr": "0.0.0.0", "hops": "0", "giaddr": "0.0.0.0", "chaddr": "b8d7af2b32a900000000000000000000", "yiaddr": "192.168.3.213", "secs": "3", "flags": "0", "htype": "1", "siaddr": "192.168.3.1", "options": [{"msg_type": "DHCPOFFER"}, {"server_id": "c0a80301"}, {"address_time": "0000a8c0"}, {"renewal_time": "00005460"}, {"rebinding_time": "000093a8"}, {"subnet_mask": "ffffff00"}, {"broadcast_address": "c0a803ff"}, {"router": "c0a80301"}, {"domain_server": "c0a80301"}], "op": "2"}, {"hlen": "6", "xid": "2938874356", "ciaddr": "0.0.0.0", "hops": "0", "giaddr": "0.0.0.0", "chaddr": "b8d7af2b32a900000000000000000000", "yiaddr": "192.168.3.213", "secs": "4", "flags": "0", "htype": "1", "siaddr": "192.168.3.1", "options": [{"msg_type": "DHCPACK"}, {"server_id": "c0a80301"}, {"address_time": "0000a8c0"}, {"renewal_time": "00005460"}, {"rebinding_time": "000093a8"}, {"subnet_mask": "ffffff00"}, {"broadcast_address": "c0a803ff"}, {"router": "c0a80301"}, {"domain_server": "c0a80301"}], "op": "2"}], "bytes_out": 600, "byte_dist_std": 59.589532, "da": "192.168.3.213", "wht": [22.55, -2.1333, 0.11333, -1.9033], "byte_dist_mean": 22.55, "idp_len_out": 328, "total_entropy": 826.446176, "byte_dist": [229, 7, 1, 7, 8, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 8, 2, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5], "dp": 68, "sp": 67, "packets": [{"b": 300, "ipt": 0, "dir": "<"}, {"b": 300, "ipt": 1, "dir": "<"}], "idp_out": "4500014853f2000040119d8cc0a80301c0a803d5004300440134715602010600af2ba9f40003000000000000c0a803d5c0a8030100000000b8d7af2b32a900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501023604c0a8030133040000a8c03a04000054603b04000093a80104ffffff001c04c0a803ff0304c0a803010604c0a80301ff0000000000000000", "sa": "192.168.3.1", "flow_type": "DHCP"}
{"pr": 17, "time_start": 1533194096.804075, "bytes_out": 3669, "sp": 5353, "packets": [{"b": 102, "ipt": 0, "dir": "<"}, {"b": 102, "ipt": 499, "dir": "<"}, {"b": 102, "ipt": 499, "dir": "<"}, {"b": 62, "ipt": 499, "dir": "<"}, {"b": 62, "ipt": 999, "dir": "<"}, {"b": 114, "ipt": 1100, "dir": "<"}, {"b": 114, "ipt": 499, "dir": "<"}, {"b": 114, "ipt": 499, "dir": "<"}, {"b": 74, "ipt": 499, "dir": "<"}, {"b": 74, "ipt": 999, "dir": "<"}, {"b": 102, "ipt": 1099, "dir": "<"}, {"b": 102, "ipt": 499, "dir": "<"}, {"b": 102, "ipt": 500, "dir": "<"}, {"b": 62, "ipt": 499, "dir": "<"}, {"b": 62, "ipt": 999, "dir": "<"}, {"b": 114, "ipt": 1099, "dir": "<"}, {"b": 114, "ipt": 499, "dir": "<"}, {"b": 114, "ipt": 499, "dir": "<"}, {"b": 74, "ipt": 499, "dir": "<"}, {"b": 74, "ipt": 999, "dir": "<"}, {"b": 134, "ipt": 12637, "dir": "<"}, {"b": 134, "ipt": 499, "dir": "<"}, {"b": 134, "ipt": 500, "dir": "<"}, {"b": 385, "ipt": 500, "dir": "<"}, {"b": 385, "ipt": 999, "dir": "<"}, {"b": 385, "ipt": 999, "dir": "<"}, {"b": 136, "ipt": 153, "dir": "<"}, {"b": 136, "ipt": 499, "dir": "<"}], "time_end": 1533194126.893407, "byte_dist_std": 55.95328, "da": "224.0.0.251", "wht": [67.752, -2.2276, -4.5083, -3.4143], "idp_out": "4500008200134000ff11d5dec0a803d5e00000fb14e914e9006e9a150000000000010000000100001c545241444652492d476174657761792d623864376166326233326139056c6f63616c0000ff00011c545241444652492d476174657761792d623864376166326233326139056c6f63616c0000010001000000ff0004c0a803d5", "entropy": 1.697945, "num_pkts_out": 28, "idp_len_out": 130, "ip": {"out": {"id": [19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 46, 50], "ttl": 255}}, "expire_type": "a", "total_entropy": 6229.760638, "sa": "192.168.3.213", "byte_dist": [180, 28, 0, 3, 16, 19, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 14, 0, 0, 0, 4, 2, 0, 1, 0, 0, 0, 0, 0, 0, 2, 3, 0, 24, 0, 0, 2, 3, 30, 13, 2, 0, 0, 12, 13, 12, 3, 0, 0, 6, 0, 0, 0, 16, 0, 0, 16, 1, 16, 11, 0, 16, 0, 0, 0, 0, 0, 0, 1, 0, 32, 0, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 79, 25, 24, 15, 16, 14, 5, 4, 1, 0, 0, 34, 0, 0, 18, 11, 0, 0, 1, 20, 1, 0, 17, 0, 16, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 3, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 17], "payload": {"out": "0000000000010000000100001c545241444652492d476174657761792d623864"}, "dp": 5353, "byte_dist_mean": 67.751703, "flow_type": "MDNS"}
{"ip": {"in": {"id": [45], "ttl": 255}, "out": {"id": [24258], "ttl": 64}}, "idp_in": "45000047002d4000ff11f351c0a803d5c0a8030175330035003396ccc7db01000001000000000000026677036f746109686f6d65736d61727404696b6561036e65740000010001", "time_end": 1533194126.300691, "entropy": 5.036323, "payload": {"in": "c7db01000001000000000000026677036f746109686f6d65736d61727404696b", "out": "c7db81800001000500040000026677036f746109686f6d65736d61727404696b"}, "num_pkts_out": 1, "pr": 17, "time_start": 1533194126.486347, "bytes_in": 43, "num_pkts_in": 1, "dns": [{"rc": 0, "rr": [], "qn": "fw.ota.homesmart.ikea.net"}], "bytes_out": 284, "byte_dist_std": 49.752266, "da": "192.168.3.213", "wht": [56.954, -0.25076, 4.4709, 3.0703], "byte_dist_mean": 56.954128, "idp_len_out": 312, "total_entropy": 1646.877488, "byte_dist": [71, 21, 8, 6, 7, 2, 2, 6, 0, 6, 1, 0, 1, 4, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 2, 0, 0, 1, 0, 0, 0, 4, 0, 2, 0, 0, 0, 0, 4, 0, 0, 0, 0, 1, 8, 0, 0, 4, 3, 5, 2, 3, 2, 3, 8, 3, 0, 1, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 5, 4, 6, 6, 3, 1, 3, 2, 0, 3, 1, 7, 11, 9, 1, 0, 4, 15, 7, 3, 0, 6, 1, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 11, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0], "dp": 30003, "idp_len_in": 71, "sp": 53, "packets": [{"b": 43, "ipt": 4294967110, "dir": "<"}, {"b": 284, "ipt": 185, "dir": ">"}], "idp_out": "450001385ec24000401152ccc0a80301c0a803d50035753301240f96c7db81800001000500040000026677036f746109686f6d65736d61727404696b6561036e65740000010001c00c000500010000012c001c0e64323632636d62786d7a706873750a636c6f756466726f6e74c022c037000100010000003c00040d20623ac037000100010000003c00040d2062fac037000100010000003c00040d20629bc037000100010000003c00040d206219c03700020001000007270019076e732d3135343609617773646e732d303102636f02756b00c03700020001000007270017076e732d3130343809617773646e732d3033036f726700c03700020001000007270013066e732d38363009617773646e732d3433c022c03700020001000007270016066e732d32323509617773646e732d323803636f6d00", "sa": "192.168.3.1", "flow_type": "DNS (GW Init)"}
{"ip": {"in": {"id": [0, 18028, 18029, 18030, 18031], "ttl": 246}, "out": {"id": [47, 48, 49, 51, 52], "ttl": 128}}, "ppi": [{"b": 0, "seq": 3808147508, "ack": 0, "rseq": 0, "flags": "S", "t": 0, "olen": 8, "opts": [{"mss": 1460}, {"ws": 0}], "rack": 0, "dir": ">"}, {"b": 0, "seq": 2188096042, "ack": 3808147509, "rseq": 0, "flags": "SA", "t": 1, "olen": 8, "opts": [{"mss": 1460}, {"noop": null}, {"ws": 8}], "rack": 1, "dir": "<"}, {"b": 0, "seq": 3808147509, "ack": 2188096043, "rseq": 1, "flags": "A", "t": 1, "olen": 0, "opts": [], "rack": 1, "dir": ">"}, {"b": 230, "seq": 3808147509, "ack": 2188096043, "rseq": 0, "flags": "PA", "t": 1, "olen": 0, "opts": [], "rack": 1, "dir": ">"}, {"b": 0, "seq": 2188096043, "ack": 3808147739, "rseq": 1, "flags": "A", "t": 2, "olen": 0, "opts": [], "rack": 230, "dir": "<"}, {"b": 544, "seq": 2188096043, "ack": 3808147739, "rseq": 0, "flags": "PA", "t": 480, "olen": 0, "opts": [], "rack": 230, "dir": "<"}, {"b": 0, "seq": 3808147739, "ack": 2188096587, "rseq": 230, "flags": "FA", "t": 480, "olen": 0, "opts": [], "rack": 544, "dir": ">"}, {"b": 0, "seq": 2188096587, "ack": 3808147739, "rseq": 544, "flags": "FA", "t": 480, "olen": 0, "opts": [], "rack": 0, "dir": "<"}, {"b": 0, "seq": 3808147740, "ack": 2188096588, "rseq": 1, "flags": "A", "t": 480, "olen": 0, "opts": [], "rack": 1, "dir": ">"}, {"b": 0, "seq": 2188096588, "ack": 3808147740, "rseq": 1, "flags": "A", "t": 481, "olen": 0, "opts": [], "rack": 0, "dir": "<"}], "idp_in": "45000248466d4000f606086b0d20623ac0a803d5005085ab826bb22be2fbb91b50180077d5af0000485454502f312e3120333034204e6f74204d6f6469666965640d0a436f6e6e656374696f6e3a20636c6f73650d0a4167653a2037303538370d0a446174653a205468752c2030322041756720323031382030373a31353a323620474d540d0a455461673a20226431613861316439643233396239323762333662386465653263303438316630220d0a5365727665723a20416d617a6f6e53330d0a782d616d7a2d69642d323a203333784749674b765336566f62477a452b4146302b574b6e694e2b655644536e3150717030617145576d514b4b3137742b623366696a7a35427732674e2f4c6d64523976486a36635647633d0d0a782d616d7a2d7265706c69636174696f6e2d7374617475733a20434f4d504c455445440d0a782d616d7a2d726571756573742d69643a20434238453542343438364239303142330d0a782d616d7a2d76657273696f6e2d69643a205372304b38597a6d6c3046614a3274654c5f5f516e50794e6b6b5653633674790d0a582d43616368653a204869742066726f6d20636c6f756466726f6e740d0a5669613a20312e312034613035343464636431643663303332653862303366623964356665323161322e636c6f756466726f6e742e6e65742028436c6f756446726f6e74290d0a582d416d7a2d43662d49643a20376647572d775f516b59774b7a49325855762d386f6e51776c7275476f4d4b336b627059366531567554315a367142766f775f6344773d3d0d0a0d0a", "time_end": 1533194126.967318, "tcp": {"out": {"opt_len": 8, "flags": "S", "opts": [{"mss": 1460}, {"ws": 0}], "first_window_size": 7168}, "in": {"opt_len": 8, "flags": "SA", "opts": [{"mss": 1460}, {"noop": null}, {"ws": 8}], "first_window_size": 29200}, "first_seq": 3808147508}, "expire_type": "a", "entropy": 5.811509, "payload": {"in": "485454502f312e3120333034204e6f74204d6f6469666965640d0a436f6e6e65", "out": "474554202f666565642f76657273696f6e5f696e666f2e6a736f6e2048545450"}, "num_pkts_out": 5, "pr": 6, "time_start": 1533194126.486366, "bytes_in": 544, "num_pkts_in": 5, "http": [{"in": [{"version": "HTTP/1.1"}, {"code": "304"}, {"reason": "Not Modified"}, {"Connection": "close"}, {"Age": "70587"}, {"Date": "Thu, 02 Aug 2018 07:15:26 GMT"}, {"ETag": ".d1a8a1d9d239b927b36b8dee2c0481f0."}, {"Server": "AmazonS3"}, {"x-amz-id-2": "33xGIgKvS6VobGzE+AF0+WKniN+eVDSn1Pqp0aqEWmQKK17t+b3fijz5Bw2gN/LmdR9vHj6cVGc="}, {"x-amz-replication-status": "COMPLETED"}, {"x-amz-request-id": "CB8E5B4486B901B3"}, {"x-amz-version-id": "Sr0K8Yzml0FaJ2teL__QnPyNkkVSc6ty"}, {"X-Cache": "Hit from cloudfront"}, {"Via": "1.1 4a0544dcd1d6c032e8b03fb9d5fe21a2.cloudfront.net (CloudFront)"}, {"X-Amz-Cf-Id": "7fGW-w_QkYwKzI2XUv-8onQwlruGoMK3kbpY6e1VuT1Z6qBvow_cDw=="}, {"body": "00000000000000000000000000000000"}], "out": [{"method": "GET"}, {"uri": "/feed/version_info.json"}, {"version": "HTTP/1.0"}, {"User-Agent": "HertzClient/1.0 (GW (1).(4).(15); Id 886f4449-46ad-44e6-a200-96f208aa6bfe)"}, {"Host": "fw.ota.homesmart.ikea.net"}, {"If-Modified-Since": "Mon, 02 Jul 2018 11:32:25 GMT"}, {"Connection": "close"}, {"body": "00000000000000000000000000000000"}]}], "bytes_out": 230, "byte_dist_std": 23.791097, "da": "13.32.98.58", "wht": [76.915, 0.28165, -0.19121, -0.89664], "byte_dist_mean": 76.914729, "idp_len_out": 270, "total_entropy": 4498.108068, "byte_dist": [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 20, 0, 0, 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 39, 0, 2, 0, 0, 0, 0, 0, 5, 5, 0, 4, 2, 25, 13, 6, 22, 23, 19, 12, 14, 8, 14, 6, 14, 8, 20, 1, 0, 3, 0, 0, 0, 6, 6, 8, 4, 7, 3, 9, 6, 5, 2, 7, 3, 7, 4, 1, 5, 4, 1, 7, 11, 2, 6, 4, 3, 3, 1, 0, 0, 0, 0, 5, 0, 24, 9, 16, 23, 36, 18, 6, 3, 21, 3, 5, 10, 12, 25, 30, 3, 4, 15, 11, 23, 10, 7, 7, 5, 2, 11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0], "dp": 80, "idp_len_in": 584, "sp": 34219, "packets": [{"b": 230, "ipt": 1, "dir": ">"}, {"b": 544, "ipt": 479, "dir": "<"}], "idp_out": "4500010e00310000800605e2c0a803d50d20623a85ab0050e2fbb835826bb22b50181c002f010000474554202f666565642f76657273696f6e5f696e666f2e6a736f6e20485454502f312e300d0a557365722d4167656e743a20486572747a436c69656e742f312e3020284757202831292e2834292e283135293b2049642038383666343434392d343661642d343465362d613230302d393666323038616136626665290d0a486f73743a2066772e6f74612e686f6d65736d6172742e696b65612e6e65740d0a49662d4d6f6469666965642d53696e63653a204d6f6e2c203032204a756c20323031382031313a33323a323520474d540d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a", "sa": "192.168.3.213", "flow_type": "FW Version Check"}
{"pr": 2, "time_start": 1533194186.995705, "bytes_out": 8, "sp": null, "packets": [{"b": 8, "ipt": 0, "dir": "<"}], "time_end": 1533194186.995705, "byte_dist_std": 107.733467, "da": "224.0.0.251", "wht": [63.75, 0, -2.25, 61.5], "idp_out": "460000200039000001027f26c0a803d5e00000fb9404000016000904e00000fb", "entropy": 2.405639, "num_pkts_out": 1, "idp_len_out": 32, "ip": {"out": {"id": [57], "ttl": 1}}, "expire_type": "a", "total_entropy": 19.245111, "sa": "192.168.3.213", "byte_dist": [3, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0], "payload": {"out": "16000904e00000fb"}, "dp": null, "byte_dist_mean": 63.75, "flow_type": "Membership Report Group"}
{"ip": {"in": {"id": [58], "ttl": 255}, "out": {"id": [24717], "ttl": 64}}, "idp_in": "45000044003a4000ff11f347c0a803d5c0a803017534003500300242b9770100000100000000000007776562686f6f6b0a6c6f67656e747269657303636f6d0000010001", "time_end": 1533194249.885953, "entropy": 4.936282, "payload": {"in": "b9770100000100000000000007776562686f6f6b0a6c6f67656e747269657303", "out": "b9778180000100030003000007776562686f6f6b0a6c6f67656e747269657303"}, "num_pkts_out": 1, "pr": 17, "time_start": 1533194249.888631, "bytes_in": 40, "num_pkts_in": 1, "dns": [{"rc": 0, "rr": [], "qn": "webhook.logentries.com"}], "bytes_out": 191, "byte_dist_std": 51.311364, "da": "192.168.3.213", "wht": [59.732, -0.75325, 7.7749, -0.62338], "byte_dist_mean": 59.731602, "idp_len_out": 219, "total_entropy": 1140.281068, "byte_dist": [51, 16, 8, 5, 3, 0, 1, 4, 0, 3, 2, 0, 3, 0, 0, 0, 0, 0, 0, 1, 3, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 0, 0, 2, 7, 2, 0, 3, 1, 1, 1, 0, 1, 1, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 3, 3, 3, 3, 6, 0, 3, 2, 2, 0, 3, 2, 2, 8, 10, 0, 0, 3, 11, 2, 1, 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0], "dp": 30004, "idp_len_in": 68, "sp": 53, "packets": [{"b": 40, "ipt": 4294967293, "dir": "<"}, {"b": 191, "ipt": 2, "dir": ">"}], "idp_out": "450000db608d40004011515ec0a80301c0a803d50035753400c74927b9778180000100030003000007776562686f6f6b0a6c6f67656e747269657303636f6d0000010001c00c000100010000003c000434d43a4ac00c000100010000003c000422f24ba4c00c000100010000003c000422fb62b1c014000200010002a15c0017076e732d3135313009617773646e732d3630036f726700c014000200010002a15c0013066e732d31313909617773646e732d3134c01fc014000200010002a15c0019076e732d3137313409617773646e732d323202636f02756b00", "sa": "192.168.3.1", "flow_type": "DNS (GW Init)"}
{"ip": {"in": {"id": [0, 42992, 42993, 42994, 42996, 42997, 42998, 42999, 43000, 43001, 43002, 43003, 43004, 43005], "ttl": 236}, "out": {"id": [59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77], "ttl": 128}}, "ppi": [{"b": 0, "seq": 4014806794, "ack": 0, "rseq": 0, "flags": "S", "t": 0, "olen": 8, "opts": [{"mss": 1460}, {"ws": 0}], "rack": 0, "dir": ">"}, {"b": 0, "seq": 845032412, "ack": 4014806795, "rseq": 0, "flags": "SA", "t": 29, "olen": 8, "opts": [{"mss": 1460}, {"noop": null}, {"ws": 8}], "rack": 1, "dir": "<"}, {"b": 0, "seq": 4014806795, "ack": 845032413, "rseq": 1, "flags": "A", "t": 29, "olen": 0, "opts": [], "rack": 1, "dir": ">"}, {"b": 110, "seq": 4014806795, "ack": 845032413, "rseq": 0, "flags": "PA", "t": 30, "olen": 0, "opts": [], "rack": 1, "dir": ">"}, {"b": 0, "seq": 845032413, "ack": 4014806905, "rseq": 1, "flags": "A", "t": 59, "olen": 0, "opts": [], "rack": 110, "dir": "<"}, {"b": 1460, "seq": 845032413, "ack": 4014806905, "rseq": 0, "flags": "A", "t": 60, "olen": 0, "opts": [], "rack": 110, "dir": "<"}, {"b": 2636, "seq": 845033873, "ack": 4014806905, "rseq": 1460, "flags": "PA", "t": 60, "olen": 0, "opts": [], "rack": 110, "dir": "<"}, {"b": 639, "seq": 845036509, "ack": 4014806905, "rseq": 2636, "flags": "PA", "t": 60, "olen": 0, "opts": [], "rack": 110, "dir": "<"}, {"b": 0, "seq": 4014806905, "ack": 845035333, "rseq": 110, "flags": "A", "t": 60, "olen": 0, "opts": [], "rack": -1176, "dir": ">"}, {"b": 0, "seq": 4014806905, "ack": 845037148, "rseq": 0, "flags": "A", "t": 60, "olen": 0, "opts": [], "rack": 639, "dir": ">"}, {"b": 267, "seq": 4014806905, "ack": 845037148, "rseq": 0, "flags": "PA", "t": 116, "olen": 0, "opts": [], "rack": 639, "dir": ">"}, {"b": 6, "seq": 4014807172, "ack": 845037148, "rseq": 267, "flags": "PA", "t": 116, "olen": 0, "opts": [], "rack": 639, "dir": ">"}, {"b": 85, "seq": 4014807178, "ack": 845037148, "rseq": 6, "flags": "PA", "t": 116, "olen": 0, "opts": [], "rack": 639, "dir": ">"}, {"b": 0, "seq": 845037148, "ack": 4014807178, "rseq": 639, "flags": "A", "t": 146, "olen": 0, "opts": [], "rack": 0, "dir": "<"}, {"b": 91, "seq": 845037148, "ack": 4014807263, "rseq": 0, "flags": "PA", "t": 147, "olen": 0, "opts": [], "rack": 85, "dir": "<"}, {"b": 389, "seq": 4014807263, "ack": 845037239, "rseq": 85, "flags": "PA", "t": 148, "olen": 0, "opts": [], "rack": 91, "dir": ">"}, {"b": 245, "seq": 845037239, "ack": 4014807652, "rseq": 91, "flags": "PA", "t": 179, "olen": 0, "opts": [], "rack": 389, "dir": "<"}, {"b": 0, "seq": 4014807652, "ack": 845037484, "rseq": 389, "flags": "A", "t": 179, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 501, "seq": 4014807652, "ack": 845037484, "rseq": 0, "flags": "PA", "t": 195, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 245, "seq": 845037484, "ack": 4014808153, "rseq": 245, "flags": "PA", "t": 225, "olen": 0, "opts": [], "rack": 501, "dir": "<"}, {"b": 389, "seq": 4014808153, "ack": 845037729, "rseq": 501, "flags": "PA", "t": 226, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 245, "seq": 845037729, "ack": 4014808542, "rseq": 245, "flags": "PA", "t": 256, "olen": 0, "opts": [], "rack": 389, "dir": "<"}, {"b": 0, "seq": 4014808542, "ack": 845037974, "rseq": 389, "flags": "A", "t": 256, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 389, "seq": 4014808542, "ack": 845037974, "rseq": 0, "flags": "PA", "t": 257, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 245, "seq": 845037974, "ack": 4014808931, "rseq": 245, "flags": "PA", "t": 287, "olen": 0, "opts": [], "rack": 389, "dir": "<"}, {"b": 405, "seq": 4014808931, "ack": 845038219, "rseq": 389, "flags": "PA", "t": 288, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 245, "seq": 845038219, "ack": 4014809336, "rseq": 245, "flags": "PA", "t": 318, "olen": 0, "opts": [], "rack": 405, "dir": "<"}, {"b": 0, "seq": 4014809336, "ack": 845038464, "rseq": 405, "flags": "A", "t": 318, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 69, "seq": 4014809336, "ack": 845038464, "rseq": 0, "flags": "PA", "t": 319, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 0, "seq": 4014809405, "ack": 845038464, "rseq": 69, "flags": "FA", "t": 319, "olen": 0, "opts": [], "rack": 245, "dir": ">"}, {"b": 69, "seq": 845038464, "ack": 4014809406, "rseq": 245, "flags": "PA", "t": 349, "olen": 0, "opts": [], "rack": 1, "dir": "<"}, {"b": 0, "seq": 845038533, "ack": 4014809406, "rseq": 69, "flags": "FA", "t": 349, "olen": 0, "opts": [], "rack": 1, "dir": "<"}, {"b": 0, "seq": 4014809406, "ack": 845038534, "rseq": 1, "flags": "A", "t": 349, "olen": 0, "opts": [], "rack": 1, "dir": ">"}], "idp_in": "450005dca7f14000ec06ad8e34d43a4ac0a803d501bb85ac325e2bddef4d17795010006ae42f0000160303004a0200004603039b6827f516aef0afb155da1a5ad6aa6208f6976057d020d3f3735b28773fcd9c203affdb930b56103ab3254f6cfb1ebaf1739b142eaeb55ee85c5ae24f30e64900003c0016030312220b00121e00121b0004b3308204af30820397a003020102021007ff5d7da44a397b86d30dc088dfde12300d06092a864886f70d01010b05003046310b3009060355040613025553310f300d060355040a1306416d617a6f6e31153013060355040b130c536572766572204341203142310f300d06035504031306416d617a6f6e301e170d3138303431303030303030305a170d3139303531303132303030305a301c311a30180603550403131165752e6c6f67656e74726965732e636f6d30820122300d06092a864886f70d01010105000382010f003082010a02820101009db6867b9824dc660e487358ff14701ca6826e1f8b4cc881ca400f8a453ae05b907152fb91c277d720f9ee2d8d8b467d53f076193ecaca85211a25136ca5fa1517b4410901394b118108660cdecff11c8a4bc595e4e6af69f201a4d55dcdf63aab39fa412baaeb03fc8d64436cefcee43d56cf9dd2224a506e7e8c7125890bab97533bf26b4a98accf881f631785374d2f4cd0efb2ce48fc65dcc40a72dbfc290b9f9d8c593de43912256ed4496fb27d951acaf38bb06439bef52deb45f3d690b17fdbd876726bc112bb452b135f86dfe0ed9043dd5478e51a178c662a0e31c360b3b4f2af3f77ea7d1276c0b3c5f1443555c5c1e0919c0d5f271c53c12be8fb0203010001a38201c1308201bd301f0603551d2304183016801459a4660652a07b95923ca394072796745bf93dd0301d0603551d0e041604140db5636433d752a8161c0a5679b5b0ee1ec3b44a30680603551d110461305f821165752e6c6f67656e74726965732e636f6d820e6c6f67656e74726965732e636f6d82132a2e65752e6c6f67656e74726965732e636f6d82102a2e6c6f67656e74726965732e636f6d82132a2e65752e6c6f67656e74726965732e6e6574300e0603551d0f0101ff0404030205a0301d0603551d250416301406082b0601050507030106082b06010505070302303b0603551d1f043430323030a02ea02c862a687474703a2f2f63726c2e73636131622e616d617a6f6e74727573742e636f6d2f73636131622e63726c30200603551d2004193017300b06096086480186fd6c01023008060667810c010201307506082b0601050507010104693067302d06082b060105050730018621687474703a2f2f6f6373702e73636131622e616d617a6f6e74727573742e636f6d303606082b06010505073002862a687474703a2f2f6372742e73636131622e616d617a6f6e74727573742e636f6d2f73636131622e637274300c0603551d130101ff04023000300d06092a864886f70d01010b05000382010100a1964078c5663f544cd3bb3fc5108fed54409b7188d7dfea6b7c00348623fab1eb2dc0176a3c5a8fb71c1b9c0df705124d53cf56621b213b66393b27c04fb2fd7857f77c156e83a52cac180783a19cde0f93b24560a13df7f69f4b34bbecabb9425a805ccd60f06d6f5021d5088f1426615473e7970229059ec787939d7bddbccdbc8a8402c0903d20e277d47e58e2d5bae798c7ecde6bc37f9162f00e9c893380901bf5b0fc681965820fe6740a6c05beb3ee4c787cde4232406783b5cddcd7a86f7275c6bf7ed29a8d0b740aaf2d77d0f2efaf0475cf728be08f", "time_end": 1533194250.238984, "tcp": {"out": {"opt_len": 8, "flags": "S", "opts": [{"mss": 1460}, {"ws": 0}], "first_window_size": 7168}, "in": {"opt_len": 8, "flags": "SA", "opts": [{"mss": 1460}, {"noop": null}, {"ws": 8}], "first_window_size": 26883}, "first_seq": 4014806794}, "expire_type": "a", "entropy": 7.745861, "payload": {"in": "160303004a0200004603039b6827f516aef0afb155da1a5ad6aa6208f6976057", "out": "1603030069010000650303000000c4d56348cf03621956e4443884b461e6cf49"}, "num_pkts_out": 19, "pr": 6, "time_start": 1533194249.889844, "bytes_in": 6120, "num_pkts_in": 14, "hd": {"i": "16", "sm": "00", "cv": "14", "cm": "fc", "n": 10}, "bytes_out": 2610, "byte_dist_std": 56.287571, "da": "52.212.58.74", "wht": [106.15, 0.50229, 0.41775, -0.4354], "byte_dist_mean": 106.150401, "idp_len_out": 150, "total_entropy": 67621.362834, "byte_dist": [113, 175, 78, 162, 109, 60, 134, 48, 50, 44, 50, 56, 35, 64, 42, 38, 29, 25, 39, 72, 27, 26, 36, 54, 27, 26, 34, 24, 36, 58, 27, 25, 61, 32, 25, 29, 21, 31, 18, 21, 25, 21, 39, 36, 24, 34, 80, 59, 232, 83, 44, 26, 32, 37, 30, 23, 27, 41, 43, 15, 29, 18, 35, 30, 25, 37, 22, 27, 22, 39, 26, 32, 41, 27, 27, 14, 28, 29, 32, 16, 21, 30, 35, 54, 34, 94, 28, 22, 28, 25, 25, 18, 19, 29, 24, 37, 30, 69, 31, 79, 33, 71, 33, 44, 44, 51, 21, 31, 59, 55, 66, 107, 41, 21, 74, 69, 113, 36, 26, 22, 21, 25, 48, 20, 18, 29, 26, 31, 31, 32, 55, 24, 24, 20, 55, 24, 25, 30, 48, 24, 18, 21, 22, 21, 26, 30, 23, 33, 25, 17, 23, 17, 17, 20, 26, 20, 30, 15, 30, 19, 27, 26, 22, 29, 26, 27, 29, 15, 16, 28, 35, 20, 18, 14, 24, 25, 28, 24, 38, 19, 23, 34, 13, 18, 22, 15, 28, 24, 24, 24, 20, 15, 32, 24, 31, 29, 20, 21, 20, 31, 26, 16, 27, 24, 28, 31, 19, 46, 21, 31, 24, 30, 19, 19, 21, 34, 35, 19, 26, 21, 21, 22, 25, 19, 19, 26, 21, 16, 25, 25, 26, 24, 31, 24, 27, 21, 22, 32, 20, 17, 27, 16, 28, 13, 26, 20, 26, 40, 30, 29, 24, 15, 21, 25, 26, 46], "dp": 443, "idp_len_in": 1300, "tls": {"s_cert": [{"subject_public_key_algo": "rsaEncryption", "validity_not_before": "Apr 10 00:00:00 2018 GMT", "validity_not_after": "May 10 12:00:00 2019 GMT", "subject_public_key_size": 2048, "length": 1203, "extensions": [{"X509v3 Authority Key Identifier": "keyid:59:A4:66:06:52:A0:7B:95:92:3C:A3:94:07:27:96:74:5B:F9:3D:D0."}, {"X509v3 Subject Key Identifier": "0D:B5:63:64:33:D7:52:A8:16:1C:0A:56:79:B5:B0:EE:1E:C3:B4:4A"}, {"X509v3 Subject Alternative Name": "DNS:eu.logentries.com, DNS:logentries.com, DNS:*.eu.logentries.com, DNS:*.logentries.com, DNS:*.eu.logentries.net"}, {"X509v3 Key Usage": "Digital Signature, Key Encipherment"}, {"X509v3 Extended Key Usage": "TLS Web Server Authentication, TLS Web Client Authentication"}, {"X509v3 CRL Distribution Points": ".Full Name:. URI:http:..crl.sca1b.amazontrust.com.sca1b.crl."}, {"X509v3 Certificate Policies": "Policy: 2.16.840.1.114412.1.2.Policy: 2.23.140.1.2.1."}, {"Authority Information Access": "OCSP - URI:http:..ocsp.sca1b.amazontrust.com.CA Issuers - URI:http:..crt.sca1b.amazontrust.com.sca1b.crt."}, {"X509v3 Basic Constraints": "CA:FALSE"}], "signature": "a1964078c5663f544cd3bb3fc5108fed54409b7188d7dfea6b7c00348623fab1eb2dc0176a3c5a8fb71c1b9c0df705124d53cf56621b213b66393b27c04fb2fd7857f77c156e83a52cac180783a19cde0f93b24560a13df7f69f4b34bbecabb9425a805ccd60f06d6f5021d5088f1426615473e7970229059ec787939d7bddbccdbc8a8402c0903d20e277d47e58e2d5bae798c7ecde6bc37f9162f00e9c893380901bf5b0fc681965820fe6740a6c05beb3ee4c787cde4232406783b5cddcd7a86f7275c6bf7ed29a8d0b740aaf2d77d0f2efaf0475cf728be08f34bd30e8e58ab0fbb8b978fd579ddbb5802867c0109281a4c4457d4070b89bbacf9d7230ea", "serial_number": "07ff5d7da44a397b86d30dc088dfde12", "subject": [{"commonName": "eu.logentries.com"}], "signature_key_size": 2048, "signature_algo": "sha256WithRSAEncryption", "issuer": [{"countryName": "US"}, {"organizationName": "Amazon"}, {"organizationalUnitName": "Server CA 1B"}, {"commonName": "Amazon"}]}, {"subject_public_key_algo": "rsaEncryption", "validity_not_before": "Oct 22 00:00:00 2015 GMT", "validity_not_after": "Oct 19 00:00:00 2025 GMT", "subject_public_key_size": 2048, "length": 1101, "extensions": [{"X509v3 Basic Constraints": "CA:TRUE, pathlen:0"}, {"X509v3 Key Usage": "Digital Signature, Certificate Sign, CRL Sign"}, {"X509v3 Subject Key Identifier": "59:A4:66:06:52:A0:7B:95:92:3C:A3:94:07:27:96:74:5B:F9:3D:D0"}, {"X509v3 Authority Key Identifier": "keyid:84:18:CC:85:34:EC:BC:0C:94:94:2E:08:59:9C:C7:B2:10:4E:0A:08."}, {"Authority Information Access": "OCSP - URI:http:..ocsp.rootca1.amazontrust.com.CA Issuers - URI:http:..crt.rootca1.amazontrust.com.rootca1.cer."}, {"X509v3 CRL Distribution Points": ".Full Name:. URI:http:..crl.rootca1.amazontrust.com.rootca1.crl."}, {"X509v3 Certificate Policies": "Policy: 2.23.140.1.2.1."}], "signature": "8592be35bb79cfa381421ce4e3637353395235e7d1adfdae998aac89122fbbe76f9ad54e72ea203061f997b2cda5270245a8ca763e984a839eb6e645e0f243f608de6de86edb310713f02f310d936d61377b58f0fc51989128024f0576b7d3f01bc2e65ed06685110f2e81c6108129fe206048f3f2f0841353653515116b82514055575f18b5b0223eadf25ea301e3c3b3f9cb415ae65291bbe436874f2da9a4076835ba9472cd0eea0e7d57f279fc37c57b609eb2ebc02d90770d491027a538adc412a3b4a3c848b3150b1ee2e219dcc47652c8bc8a417870d96d97b34a8b782d5eb40fa34c60cae147cb782d1217b1528bca392cbdb52fc2330296abda947f", "serial_number": "067f94578587e8ac77deb253325bbc998b560d", "subject": [{"countryName": "US"}, {"organizationName": "Amazon"}, {"organizationalUnitName": "Server CA 1B"}, {"commonName": "Amazon"}], "signature_key_size": 2048, "signature_algo": "sha256WithRSAEncryption", "issuer": [{"countryName": "US"}, {"organizationName": "Amazon"}, {"commonName": "Amazon Root CA 1"}]}, {"subject_public_key_algo": "rsaEncryption", "validity_not_before": "May 25 12:00:00 2015 GMT", "validity_not_after": "Dec 31 01:00:00 2037 GMT", "subject_public_key_size": 2048, "length": 1174, "extensions": [{"X509v3 Basic Constraints": "CA:TRUE"}, {"X509v3 Key Usage": "Digital Signature, Certificate Sign, CRL Sign"}, {"X509v3 Subject Key Identifier": "84:18:CC:85:34:EC:BC:0C:94:94:2E:08:59:9C:C7:B2:10:4E:0A:08"}, {"X509v3 Authority Key Identifier": "keyid:9C:5F:00:DF:AA:01:D7:30:2B:38:88:A2:B8:6D:4A:9C:F2:11:91:83."}, {"Authority Information Access": "OCSP - URI:http:..ocsp.rootg2.amazontrust.com.CA Issuers - URI:http:..crt.rootg2.amazontrust.com.rootg2.cer."}, {"X509v3 CRL Distribution Points": ".Full Name:. URI:http:..crl.rootg2.amazontrust.com.rootg2.crl."}, {"X509v3 Certificate Policies": "Policy: X509v3 Any Policy."}], "signature": "6237425cbc10b53e8b2ce90c9b6c45e207007af9c5580bb9088c3eedb3253cb56f50e4cd356aa79334963221a94844ab9ced3db4aa736de47f1680896ccf280318834779a3107e305bac3bb060e077d408a6e11d7c5ec0bbf99a7b229da700097eac461783dc9c265799303962968feddadeaac5cc1b3eca43686c5716bcd50e202efeffc26a5d2ea04a6d14588794e639315f7c73cb90886a84119627a6edd98146a67ea372000a523e83880763778969170f3985d2ab08454dd0513afd5d5d37644c7e30b25524429d36b05d9c178161f1caf9100224abeb0d74918d7b4529503988b2a68935251e146a4723312f5c9afaad9a0e6251a42aa9c4f9349d2118", "serial_number": "067f944a2a27cdf3fac2ae2b01f908eeb9c4c6", "subject": [{"countryName": "US"}, {"organizationName": "Amazon"}, {"commonName": "Amazon Root CA 1"}], "signature_key_size": 2048, "signature_algo": "sha256WithRSAEncryption", "issuer": [{"countryName": "US"}, {"stateOrProvinceName": "Arizona"}, {"localityName": "Scottsdale"}, {"organizationName": "Starfield Technologies, Inc."}, {"commonName": "Starfield Services Root Certificate Authority - G2"}]}, {"subject_public_key_algo": "rsaEncryption", "validity_not_before": "Sep 2 00:00:00 2009 GMT", "validity_not_after": "Jun 28 17:39:16 2034 GMT", "subject_public_key_size": 2048, "length": 1145, "extensions": [{"X509v3 Basic Constraints": "CA:TRUE"}, {"X509v3 Key Usage": "Digital Signature, Certificate Sign, CRL Sign"}, {"X509v3 Subject Key Identifier": "9C:5F:00:DF:AA:01:D7:30:2B:38:88:A2:B8:6D:4A:9C:F2:11:91:83"}, {"X509v3 Authority Key Identifier": "keyid:BF:5F:B7:D1:CE:DD:1F:86:F4:5B:55:AC:DC:D7:10:C2:0E:A9:88:E7."}, {"Authority Information Access": "OCSP - URI:http:..o.ss2.us..CA Issuers - URI:http:..x.ss2.us.x.cer."}, {"X509v3 CRL Distribution Points": ".Full Name:. URI:http:..s.ss2.us.r.crl."}, {"X509v3 Certificate Policies": "Policy: X509v3 Any Policy."}], "signature": "231de38a57ca7de917794cf11e55fdcc536e3e470fdfc655f2b20436ed801f53c45d34286bbec755fc67eacb3f7f90b233cd1b58108202f8f82ff51360d405cef18108c1dda775974f18b96ddef7939108ba7e402cedc1eabb769e3306771d0d087f53dd1b64ab8227f169d54d5eaef4a1c375a758442df23c7098acba69b695777f0f315e2cfca0873a4769f0795ff41454a4955e1178126027ce9fc277ff2353775dbaffea59e7dbcfaf9296ef249a35107a9c91c60e7d99f63f19dff57254e115a907597b83bf522e468cb20064761c48d3d879e86e56ccae2c0390d7193899e4ca09195bff0796b0a87f3449df56a9f7b05fed33ed8c47b730035df4038c", "serial_number": "a70e4a4c3482b77f", "subject": [{"countryName": "US"}, {"stateOrProvinceName": "Arizona"}, {"localityName": "Scottsdale"}, {"organizationName": "Starfield Technologies, Inc."}, {"commonName": "Starfield Services Root Certificate Authority - G2"}], "signature_key_size": 2048, "signature_algo": "sha256WithRSAEncryption", "issuer": [{"countryName": "US"}, {"organizationName": "Starfield Technologies, Inc."}, {"organizationalUnitName": "Starfield Class 2 Certification Authority"}]}], "c_version": 5, "c_random": "000000c4d56348cf03621956e4443884b461e6cf498e6a617cea975c9ebbc4de", "srlt": [{"hs_types": [1], "b": 105, "hs_lens": [101], "tp": 22, "ipt": 0, "dir": ">"}, {"hs_types": [2], "b": 74, "hs_lens": [70], "tp": 22, "ipt": 29, "dir": "<"}, {"hs_types": [11], "b": 4642, "hs_lens": [4638], "tp": 22, "ipt": 0, "dir": "<"}, {"b": 4, "tp": 22, "ipt": 0, "dir": "<"}, {"hs_types": [16], "b": 262, "hs_lens": [258], "tp": 22, "ipt": 55, "dir": ">"}, {"b": 1, "tp": 20, "ipt": 0, "dir": ">"}, {"b": 80, "tp": 22, "ipt": 0, "dir": ">"}, {"b": 1, "tp": 20, "ipt": 30, "dir": "<"}, {"b": 80, "tp": 22, "ipt": 0, "dir": "<"}, {"b": 384, "tp": 23, "ipt": 0, "dir": ">"}, {"b": 240, "tp": 23, "ipt": 31, "dir": "<"}, {"b": 496, "tp": 23, "ipt": 16, "dir": ">"}, {"b": 240, "tp": 23, "ipt": 30, "dir": "<"}, {"b": 384, "tp": 23, "ipt": 0, "dir": ">"}, {"b": 240, "tp": 23, "ipt": 30, "dir": "<"}, {"b": 384, "tp": 23, "ipt": 0, "dir": ">"}, {"b": 240, "tp": 23, "ipt": 30, "dir": "<"}, {"b": 400, "tp": 23, "ipt": 0, "dir": ">"}, {"b": 240, "tp": 23, "ipt": 30, "dir": "<"}, {"b": 64, "tp": 21, "ipt": 0, "dir": ">"}, {"b": 64, "tp": 21, "ipt": 29, "dir": "<"}], "c_extensions": [{"supported_groups": "00020017"}, {"ec_point_formats": "0100"}, {"signature_algorithms": "000c020102030301030304010403"}], "s_version": 5, "scs": "003c", "s_random": "9b6827f516aef0afb155da1a5ad6aa6208f6976057d020d3f3735b28773fcd9c", "cs": ["006b", "0039", "0067", "0033", "003d", "0035", "003c", "002f", "c009", "c00a", "c023", "c004", "c02b", "c0ae"], "c_key_length": 2064, "c_key_exchange": "01005c5ca54916a6fec09552fbfd0be0da12baf628dc96d31ad6dcd94abc64972b163ad0cd049634479fc2a221ddc8eded2426428fb75b34a31f7d2535a26ce6b86d8e5633aa1f683d74021a464ab741f84067c54506f833a86359245abbab46578ec2fb712128bd4b2cc1771279ffd79ac31d5c377c9090747ae16e4ebffe4ba174de50e8a1aafc97750aec9b816542dd69792106457553db678ac097f1caa644711ba0d92117c4d33fb4d372402ca441e48456a7c6827068a3bf76f5548f3e2a29a86f8431f55f6b27b8483a33955b69929e77e2bee855ea2129ffd8fb58fef6c08cf62347c5e06100b2466c7ffbb8b8eb7a2891c860fe138a95172da789347bee"}, "sp": 34220, "packets": [{"b": 110, "ipt": 30, "dir": ">"}, {"b": 1460, "ipt": 29, "dir": "<"}, {"b": 2636, "ipt": 0, "dir": "<"}, {"b": 639, "ipt": 0, "dir": "<"}, {"b": 267, "ipt": 55, "dir": ">"}, {"b": 6, "ipt": 0, "dir": ">"}, {"b": 85, "ipt": 0, "dir": ">"}, {"b": 91, "ipt": 30, "dir": "<"}, {"b": 389, "ipt": 0, "dir": ">"}, {"b": 245, "ipt": 31, "dir": "<"}, {"b": 501, "ipt": 16, "dir": ">"}, {"b": 245, "ipt": 30, "dir": "<"}, {"b": 389, "ipt": 0, "dir": ">"}, {"b": 245, "ipt": 30, "dir": "<"}, {"b": 389, "ipt": 0, "dir": ">"}, {"b": 245, "ipt": 30, "dir": "<"}, {"b": 405, "ipt": 0, "dir": ">"}, {"b": 245, "ipt": 30, "dir": "<"}, {"b": 69, "ipt": 0, "dir": ">"}, {"b": 69, "ipt": 29, "dir": "<"}], "idp_out": "45000096003d00008006068ac0a803d534d43a4a85ac01bbef4d170b325e2bdd50181c0076ca00001603030069010000650303000000c4d56348cf03621956e4443884b461e6cf498e6a617cea975c9ebbc4de00001c006b003900670033003d0035003c002fc009c00ac023c004c02bc0ae01000020000a000400020017000b00020100000d000e000c020102030301030304010403", "sa": "192.168.3.213", "flow_type": "TLS (Webhook Ikea Cloud)"}