+++ /dev/null
-[
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:07:51.560156000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508458071.560156000",
- "frame.time_delta": "1.053360000",
- "frame.time_delta_displayed": "0.000000000",
- "frame.time_relative": "359.154952000",
- "frame.number": "380",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x0000c5d4",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000f2e8",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "35041",
- "udp.dstport": "53",
- "udp.port": "35041",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x0000d04f",
- "udp.checksum.status": "2",
- "udp.stream": "19"
- },
- "dns": {
- "dns.response_in": "381",
- "dns.id": "0x00000487",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:07:51.597999000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508458071.597999000",
- "frame.time_delta": "0.037843000",
- "frame.time_delta_displayed": "0.037843000",
- "frame.time_relative": "359.192795000",
- "frame.number": "381",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x00001e6a",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000989e",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "35041",
- "udp.port": "53",
- "udp.port": "35041",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "19"
- },
- "dns": {
- "dns.response_to": "380",
- "dns.time": "0.037843000",
- "dns.id": "0x00000487",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "115",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "13313",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "485",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3795",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2515",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3016",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 165.254.134.241": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3200",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.241"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 204.1.137.41": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2106",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.41"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 204.1.137.33": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3857",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.33"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 165.254.16.95": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3654",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.95"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.134.239": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3718",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.239"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2491",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:22:51.607393000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508458971.607393000",
- "frame.time_delta": "4.029605000",
- "frame.time_delta_displayed": "900.009394000",
- "frame.time_relative": "1259.202189000",
- "frame.number": "1239",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x00000103",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000b7ba",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "57902",
- "udp.dstport": "53",
- "udp.port": "57902",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x00007701",
- "udp.checksum.status": "2",
- "udp.stream": "36"
- },
- "dns": {
- "dns.response_in": "1240",
- "dns.id": "0x00000488",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:22:51.678853000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508458971.678853000",
- "frame.time_delta": "0.071460000",
- "frame.time_delta_displayed": "0.071460000",
- "frame.time_relative": "1259.273649000",
- "frame.number": "1240",
- "frame.len": "467",
- "frame.cap_len": "467",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "453",
- "ip.id": "0x00004f7c",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x000067ba",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "57902",
- "udp.port": "53",
- "udp.port": "57902",
- "udp.length": "433",
- "udp.checksum": "0x000083b4",
- "udp.checksum.status": "2",
- "udp.stream": "36"
- },
- "dns": {
- "dns.response_to": "1239",
- "dns.time": "0.071460000",
- "dns.id": "0x00000488",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "8",
- "dns.count.add_rr": "8",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "115",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "12413",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "587",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2895",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1615",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2116",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 165.254.134.241": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2300",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.241"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 204.1.137.41": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1206",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.41"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 204.1.137.33": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2957",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.33"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 165.254.16.95": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2754",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.95"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.134.239": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2818",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.239"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.045476000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.045476000",
- "frame.time_delta": "1.106645000",
- "frame.time_delta_displayed": "631.366623000",
- "frame.time_relative": "1890.640272000",
- "frame.number": "1873",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x00001f1b",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000999f",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "44067",
- "udp.dstport": "53",
- "udp.port": "44067",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x00001491",
- "udp.checksum.status": "2",
- "udp.stream": "51"
- },
- "dns": {
- "dns.response_in": "1874",
- "dns.id": "0x00000489",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.047090000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.047090000",
- "frame.time_delta": "0.001614000",
- "frame.time_delta_displayed": "0.001614000",
- "frame.time_relative": "1890.641886000",
- "frame.number": "1874",
- "frame.len": "137",
- "frame.cap_len": "137",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "123",
- "ip.id": "0x00002b52",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00008d2e",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "44067",
- "udp.port": "53",
- "udp.port": "44067",
- "udp.length": "103",
- "udp.checksum": "0x0000826a",
- "udp.checksum.status": "2",
- "udp.stream": "51"
- },
- "dns": {
- "dns.response_to": "1873",
- "dns.time": "0.001614000",
- "dns.id": "0x00000489",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "1",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- },
- "Authoritative nameservers": {
- "cpp.philips.com: type SOA, class IN, mname ns1.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "6",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "643",
- "dns.resp.len": "46",
- "dns.soa.mname": "ns1.ext.philips.com",
- "dns.soa.rname": "ddi-authority.philips.com",
- "dns.soa.serial_number": "387",
- "dns.soa.refresh_interval": "1200",
- "dns.soa.retry_interval": "300",
- "dns.soa.expire_limit": "1209600",
- "dns.soa.mininum_ttl": "3600"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.048272000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.048272000",
- "frame.time_delta": "0.001182000",
- "frame.time_delta_displayed": "0.001182000",
- "frame.time_relative": "1890.643068000",
- "frame.number": "1875",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x00001f1c",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000999e",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "51510",
- "udp.dstport": "53",
- "udp.port": "51510",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x0000127d",
- "udp.checksum.status": "2",
- "udp.stream": "52"
- },
- "dns": {
- "dns.response_in": "1876",
- "dns.id": "0x0000048a",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.049516000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.049516000",
- "frame.time_delta": "0.001244000",
- "frame.time_delta_displayed": "0.001244000",
- "frame.time_relative": "1890.644312000",
- "frame.number": "1876",
- "frame.len": "285",
- "frame.cap_len": "285",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "271",
- "ip.id": "0x00002b53",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00008c99",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "51510",
- "udp.port": "53",
- "udp.port": "51510",
- "udp.length": "251",
- "udp.checksum": "0x000082fe",
- "udp.checksum.status": "2",
- "udp.stream": "52"
- },
- "dns": {
- "dns.response_to": "1875",
- "dns.time": "0.001244000",
- "dns.id": "0x0000048a",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "1",
- "dns.count.auth_rr": "3",
- "dns.count.add_rr": "6",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "dcp.cpp.philips.com: type A, class IN, addr 5.79.62.93": {
- "dns.resp.name": "dcp.cpp.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "644",
- "dns.resp.len": "4",
- "dns.a": "5.79.62.93"
- }
- },
- "Authoritative nameservers": {
- "cpp.philips.com: type NS, class IN, ns ns1.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "644",
- "dns.resp.len": "10",
- "dns.ns": "ns1.ext.philips.com"
- },
- "cpp.philips.com: type NS, class IN, ns ns2.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "644",
- "dns.resp.len": "6",
- "dns.ns": "ns2.ext.philips.com"
- },
- "cpp.philips.com: type NS, class IN, ns ns3.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "644",
- "dns.resp.len": "6",
- "dns.ns": "ns3.ext.philips.com"
- }
- },
- "Additional records": {
- "ns1.ext.philips.com: type A, class IN, addr 57.67.40.20": {
- "dns.resp.name": "ns1.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "155007",
- "dns.resp.len": "4",
- "dns.a": "57.67.40.20"
- },
- "ns2.ext.philips.com: type A, class IN, addr 57.77.21.76": {
- "dns.resp.name": "ns2.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3438",
- "dns.resp.len": "4",
- "dns.a": "57.77.21.76"
- },
- "ns3.ext.philips.com: type A, class IN, addr 57.73.36.68": {
- "dns.resp.name": "ns3.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3438",
- "dns.resp.len": "4",
- "dns.a": "57.73.36.68"
- },
- "ns1.ext.philips.com: type AAAA, class IN, addr 2a01:ce89:8001::57:67:40:20": {
- "dns.resp.name": "ns1.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "158626",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce89:8001::57:67:40:20"
- },
- "ns2.ext.philips.com: type AAAA, class IN, addr 2a01:ce95:4001:100:57:77:21:76": {
- "dns.resp.name": "ns2.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "151199",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce95:4001:100:57:77:21:76"
- },
- "ns3.ext.philips.com: type AAAA, class IN, addr 2a01:ce9d:1::57:73:36:68": {
- "dns.resp.name": "ns3.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "151199",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce9d:1::57:73:36:68"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.470381000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.470381000",
- "frame.time_delta": "0.000880000",
- "frame.time_delta_displayed": "0.420865000",
- "frame.time_relative": "1891.065177000",
- "frame.number": "1892",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x00001f22",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00009998",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "44843",
- "udp.dstport": "53",
- "udp.port": "44843",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x00001187",
- "udp.checksum.status": "2",
- "udp.stream": "53"
- },
- "dns": {
- "dns.response_in": "1893",
- "dns.id": "0x0000048b",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.470880000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.470880000",
- "frame.time_delta": "0.000499000",
- "frame.time_delta_displayed": "0.000499000",
- "frame.time_relative": "1891.065676000",
- "frame.number": "1893",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x00002b76",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00008d44",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "44843",
- "udp.port": "53",
- "udp.port": "44843",
- "udp.length": "45",
- "udp.checksum": "0x00008230",
- "udp.checksum.status": "2",
- "udp.stream": "53"
- },
- "dns": {
- "dns.response_to": "1892",
- "dns.time": "0.000499000",
- "dns.id": "0x0000048b",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.471684000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.471684000",
- "frame.time_delta": "0.000804000",
- "frame.time_delta_displayed": "0.000804000",
- "frame.time_relative": "1891.066480000",
- "frame.number": "1894",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x00001f23",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00009997",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "40021",
- "udp.dstport": "53",
- "udp.port": "40021",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x00003f5c",
- "udp.checksum.status": "2",
- "udp.stream": "54"
- },
- "dns": {
- "dns.response_in": "1895",
- "dns.id": "0x0000048c",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:33:23.472192000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459603.472192000",
- "frame.time_delta": "0.000508000",
- "frame.time_delta_displayed": "0.000508000",
- "frame.time_relative": "1891.066988000",
- "frame.number": "1895",
- "frame.len": "95",
- "frame.cap_len": "95",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "81",
- "ip.id": "0x00002b77",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00008d33",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "40021",
- "udp.port": "53",
- "udp.port": "40021",
- "udp.length": "61",
- "udp.checksum": "0x00008240",
- "udp.checksum.status": "2",
- "udp.stream": "54"
- },
- "dns": {
- "dns.response_to": "1894",
- "dns.time": "0.000508000",
- "dns.id": "0x0000048c",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "1",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "dcp.cpp.philips.com: type A, class IN, addr 5.79.62.93": {
- "dns.resp.name": "dcp.cpp.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "644",
- "dns.resp.len": "4",
- "dns.a": "5.79.62.93"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:37:51.689099000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459871.689099000",
- "frame.time_delta": "0.145237000",
- "frame.time_delta_displayed": "268.216907000",
- "frame.time_relative": "2159.283895000",
- "frame.number": "2153",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x000053f4",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x000064c9",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "49510",
- "udp.dstport": "53",
- "udp.port": "49510",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x000097c4",
- "udp.checksum.status": "2",
- "udp.stream": "60"
- },
- "dns": {
- "dns.response_in": "2154",
- "dns.id": "0x0000048d",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:37:51.695550000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508459871.695550000",
- "frame.time_delta": "0.006451000",
- "frame.time_delta_displayed": "0.006451000",
- "frame.time_relative": "2159.290346000",
- "frame.number": "2154",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x0000851c",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x000031ec",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "49510",
- "udp.port": "53",
- "udp.port": "49510",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "60"
- },
- "dns": {
- "dns.response_to": "2153",
- "dns.time": "0.006451000",
- "dns.id": "0x0000048d",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "141",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "13111",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2774",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "294",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 165.254.134.240": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4838",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.240"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "7614",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 165.254.16.90": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3676",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.90"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 165.254.16.94": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4084",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.94"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4641",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 165.254.134.246": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "218",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.246"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.134.232": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2322",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.232"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4774",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:52:51.705423000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508460771.705423000",
- "frame.time_delta": "3.937809000",
- "frame.time_delta_displayed": "900.009873000",
- "frame.time_relative": "3059.300219000",
- "frame.number": "2958",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x0000b28e",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000062f",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "59344",
- "udp.dstport": "53",
- "udp.port": "59344",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x00007159",
- "udp.checksum.status": "2",
- "udp.stream": "72"
- },
- "dns": {
- "dns.response_in": "2959",
- "dns.id": "0x0000048e",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 17:52:51.715857000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508460771.715857000",
- "frame.time_delta": "0.010434000",
- "frame.time_delta_displayed": "0.010434000",
- "frame.time_relative": "3059.310653000",
- "frame.number": "2959",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x0000ca5c",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000ecab",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "59344",
- "udp.port": "53",
- "udp.port": "59344",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "72"
- },
- "dns": {
- "dns.response_to": "2958",
- "dns.time": "0.010434000",
- "dns.id": "0x0000048e",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "116",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "10613",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2787",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1095",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 184.51.200.159": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "7816",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.159"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "316",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 165.254.134.241": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "500",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.241"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5409",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 204.1.137.33": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1157",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.33"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 165.254.16.95": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "954",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.95"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.134.239": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1018",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.239"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5792",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:07:51.725149000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508461671.725149000",
- "frame.time_delta": "2.951813000",
- "frame.time_delta_displayed": "900.009292000",
- "frame.time_relative": "3959.319945000",
- "frame.number": "3816",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x0000ba5a",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000fe62",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "34709",
- "udp.dstport": "53",
- "udp.port": "34709",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x0000d193",
- "udp.checksum.status": "2",
- "udp.stream": "84"
- },
- "dns": {
- "dns.response_in": "3817",
- "dns.id": "0x0000048f",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:07:51.735281000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508461671.735281000",
- "frame.time_delta": "0.010132000",
- "frame.time_delta_displayed": "0.010132000",
- "frame.time_relative": "3959.330077000",
- "frame.number": "3817",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x00004a90",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00006c78",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "34709",
- "udp.port": "53",
- "udp.port": "34709",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "84"
- },
- "dns": {
- "dns.response_to": "3816",
- "dns.time": "0.010132000",
- "dns.id": "0x0000048f",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "142",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "11311",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "974",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2496",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 165.254.134.240": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3038",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.240"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5814",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 165.254.16.90": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1876",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.90"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 165.254.16.94": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2284",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.94"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2841",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 165.254.16.93": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2419",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.93"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.134.232": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "522",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.232"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2974",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:12:56.852097000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508461976.852097000",
- "frame.time_delta": "3.045152000",
- "frame.time_delta_displayed": "305.116816000",
- "frame.time_relative": "4264.446893000",
- "frame.number": "5571",
- "frame.len": "83",
- "frame.cap_len": "83",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "69",
- "ip.id": "0x0000f879",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000c03c",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "46881",
- "udp.dstport": "53",
- "udp.port": "46881",
- "udp.port": "53",
- "udp.length": "49",
- "udp.checksum": "0x0000d1bd",
- "udp.checksum.status": "2",
- "udp.stream": "89"
- },
- "dns": {
- "dns.response_in": "5572",
- "dns.id": "0x00000490",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "diagnostics.meethue.com: type A, class IN": {
- "dns.qry.name": "diagnostics.meethue.com",
- "dns.qry.name.len": "23",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:12:56.936468000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508461976.936468000",
- "frame.time_delta": "0.084371000",
- "frame.time_delta_displayed": "0.084371000",
- "frame.time_relative": "4264.531264000",
- "frame.number": "5572",
- "frame.len": "297",
- "frame.cap_len": "297",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "283",
- "ip.id": "0x00008c6e",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00002b72",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "46881",
- "udp.port": "53",
- "udp.port": "46881",
- "udp.length": "263",
- "udp.checksum": "0x0000830a",
- "udp.checksum.status": "2",
- "udp.stream": "89"
- },
- "dns": {
- "dns.response_to": "5571",
- "dns.time": "0.084371000",
- "dns.id": "0x00000490",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "1",
- "dns.count.auth_rr": "3",
- "dns.count.add_rr": "6",
- "Queries": {
- "diagnostics.meethue.com: type A, class IN": {
- "dns.qry.name": "diagnostics.meethue.com",
- "dns.qry.name.len": "23",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "diagnostics.meethue.com: type A, class IN, addr 130.211.67.12": {
- "dns.resp.name": "diagnostics.meethue.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "300",
- "dns.resp.len": "4",
- "dns.a": "130.211.67.12"
- }
- },
- "Authoritative nameservers": {
- "meethue.com: type NS, class IN, ns ns2.ext.philips.com": {
- "dns.resp.name": "meethue.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3600",
- "dns.resp.len": "18",
- "dns.ns": "ns2.ext.philips.com"
- },
- "meethue.com: type NS, class IN, ns ns3.ext.philips.com": {
- "dns.resp.name": "meethue.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3600",
- "dns.resp.len": "6",
- "dns.ns": "ns3.ext.philips.com"
- },
- "meethue.com: type NS, class IN, ns ns1.ext.philips.com": {
- "dns.resp.name": "meethue.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3600",
- "dns.resp.len": "6",
- "dns.ns": "ns1.ext.philips.com"
- }
- },
- "Additional records": {
- "ns1.ext.philips.com: type A, class IN, addr 57.67.40.20": {
- "dns.resp.name": "ns1.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "172800",
- "dns.resp.len": "4",
- "dns.a": "57.67.40.20"
- },
- "ns2.ext.philips.com: type A, class IN, addr 57.77.21.76": {
- "dns.resp.name": "ns2.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "172800",
- "dns.resp.len": "4",
- "dns.a": "57.77.21.76"
- },
- "ns3.ext.philips.com: type A, class IN, addr 57.73.36.68": {
- "dns.resp.name": "ns3.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "172800",
- "dns.resp.len": "4",
- "dns.a": "57.73.36.68"
- },
- "ns1.ext.philips.com: type AAAA, class IN, addr 2a01:ce89:8001::57:67:40:20": {
- "dns.resp.name": "ns1.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2611",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce89:8001::57:67:40:20"
- },
- "ns2.ext.philips.com: type AAAA, class IN, addr 2a01:ce95:4001:100:57:77:21:76": {
- "dns.resp.name": "ns2.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "62777",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce95:4001:100:57:77:21:76"
- },
- "ns3.ext.philips.com: type AAAA, class IN, addr 2a01:ce9d:1::57:73:36:68": {
- "dns.resp.name": "ns3.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "62777",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce9d:1::57:73:36:68"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:22:51.746902000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508462571.746902000",
- "frame.time_delta": "2.037142000",
- "frame.time_delta_displayed": "594.810434000",
- "frame.time_relative": "4859.341698000",
- "frame.number": "6175",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x0000f884",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000c038",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "54444",
- "udp.dstport": "53",
- "udp.port": "54444",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x0000847a",
- "udp.checksum.status": "2",
- "udp.stream": "97"
- },
- "dns": {
- "dns.response_in": "6176",
- "dns.id": "0x00000491",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:22:51.772932000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508462571.772932000",
- "frame.time_delta": "0.026030000",
- "frame.time_delta_displayed": "0.026030000",
- "frame.time_relative": "4859.367728000",
- "frame.number": "6176",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x00004cfa",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00006a0e",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "54444",
- "udp.port": "53",
- "udp.port": "54444",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "97"
- },
- "dns": {
- "dns.response_to": "6175",
- "dns.time": "0.026030000",
- "dns.id": "0x00000491",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "116",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "8813",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "987",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3296",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 184.51.200.159": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6016",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.159"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 96.17.70.188": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6518",
- "dns.resp.len": "4",
- "dns.a": "96.17.70.188"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 96.17.70.190": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2701",
- "dns.resp.len": "4",
- "dns.a": "96.17.70.190"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3609",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "7358",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 184.51.200.166": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3156",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.166"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.16.92": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5219",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.92"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3992",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:21.624384000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463201.624384000",
- "frame.time_delta": "0.266457000",
- "frame.time_delta_displayed": "629.851452000",
- "frame.time_relative": "5489.219180000",
- "frame.number": "6744",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x0000bf31",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000f988",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "37292",
- "udp.dstport": "53",
- "udp.port": "37292",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x00002eff",
- "udp.checksum.status": "2",
- "udp.stream": "102"
- },
- "dns": {
- "dns.response_in": "6745",
- "dns.id": "0x00000492",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:21.626468000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463201.626468000",
- "frame.time_delta": "0.002084000",
- "frame.time_delta_displayed": "0.002084000",
- "frame.time_relative": "5489.221264000",
- "frame.number": "6745",
- "frame.len": "137",
- "frame.cap_len": "137",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "123",
- "ip.id": "0x00003f71",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000790f",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "37292",
- "udp.port": "53",
- "udp.port": "37292",
- "udp.length": "103",
- "udp.checksum": "0x0000826a",
- "udp.checksum.status": "2",
- "udp.stream": "102"
- },
- "dns": {
- "dns.response_to": "6744",
- "dns.time": "0.002084000",
- "dns.id": "0x00000492",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "1",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- },
- "Authoritative nameservers": {
- "cpp.philips.com: type SOA, class IN, mname ns1.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "6",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3220",
- "dns.resp.len": "46",
- "dns.soa.mname": "ns1.ext.philips.com",
- "dns.soa.rname": "ddi-authority.philips.com",
- "dns.soa.serial_number": "387",
- "dns.soa.refresh_interval": "1200",
- "dns.soa.retry_interval": "300",
- "dns.soa.expire_limit": "1209600",
- "dns.soa.mininum_ttl": "3600"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:21.627301000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463201.627301000",
- "frame.time_delta": "0.000833000",
- "frame.time_delta_displayed": "0.000833000",
- "frame.time_relative": "5489.222097000",
- "frame.number": "6746",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x0000bf32",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000f987",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "54874",
- "udp.dstport": "53",
- "udp.port": "54874",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x00000550",
- "udp.checksum.status": "2",
- "udp.stream": "103"
- },
- "dns": {
- "dns.response_in": "6747",
- "dns.id": "0x00000493",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:21.628812000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463201.628812000",
- "frame.time_delta": "0.001511000",
- "frame.time_delta_displayed": "0.001511000",
- "frame.time_relative": "5489.223608000",
- "frame.number": "6747",
- "frame.len": "285",
- "frame.cap_len": "285",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "271",
- "ip.id": "0x00003f72",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000787a",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "54874",
- "udp.port": "53",
- "udp.port": "54874",
- "udp.length": "251",
- "udp.checksum": "0x000082fe",
- "udp.checksum.status": "2",
- "udp.stream": "103"
- },
- "dns": {
- "dns.response_to": "6746",
- "dns.time": "0.001511000",
- "dns.id": "0x00000493",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "1",
- "dns.count.auth_rr": "3",
- "dns.count.add_rr": "6",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "dcp.cpp.philips.com: type A, class IN, addr 5.79.62.93": {
- "dns.resp.name": "dcp.cpp.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2985",
- "dns.resp.len": "4",
- "dns.a": "5.79.62.93"
- }
- },
- "Authoritative nameservers": {
- "cpp.philips.com: type NS, class IN, ns ns1.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "413",
- "dns.resp.len": "10",
- "dns.ns": "ns1.ext.philips.com"
- },
- "cpp.philips.com: type NS, class IN, ns ns2.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "413",
- "dns.resp.len": "6",
- "dns.ns": "ns2.ext.philips.com"
- },
- "cpp.philips.com: type NS, class IN, ns ns3.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "413",
- "dns.resp.len": "6",
- "dns.ns": "ns3.ext.philips.com"
- }
- },
- "Additional records": {
- "ns1.ext.philips.com: type A, class IN, addr 57.67.40.20": {
- "dns.resp.name": "ns1.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "171575",
- "dns.resp.len": "4",
- "dns.a": "57.67.40.20"
- },
- "ns2.ext.philips.com: type A, class IN, addr 57.77.21.76": {
- "dns.resp.name": "ns2.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "171575",
- "dns.resp.len": "4",
- "dns.a": "57.77.21.76"
- },
- "ns3.ext.philips.com: type A, class IN, addr 57.73.36.68": {
- "dns.resp.name": "ns3.ext.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "171575",
- "dns.resp.len": "4",
- "dns.a": "57.73.36.68"
- },
- "ns1.ext.philips.com: type AAAA, class IN, addr 2a01:ce89:8001::57:67:40:20": {
- "dns.resp.name": "ns1.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1386",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce89:8001::57:67:40:20"
- },
- "ns2.ext.philips.com: type AAAA, class IN, addr 2a01:ce95:4001:100:57:77:21:76": {
- "dns.resp.name": "ns2.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "61552",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce95:4001:100:57:77:21:76"
- },
- "ns3.ext.philips.com: type AAAA, class IN, addr 2a01:ce9d:1::57:73:36:68": {
- "dns.resp.name": "ns3.ext.philips.com",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "61552",
- "dns.resp.len": "16",
- "dns.aaaa": "2a01:ce9d:1::57:73:36:68"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:22.044352000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463202.044352000",
- "frame.time_delta": "0.001668000",
- "frame.time_delta_displayed": "0.415540000",
- "frame.time_relative": "5489.639148000",
- "frame.number": "6763",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x0000bf41",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000f978",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "55176",
- "udp.dstport": "53",
- "udp.port": "55176",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x0000e920",
- "udp.checksum.status": "2",
- "udp.stream": "104"
- },
- "dns": {
- "dns.response_in": "6764",
- "dns.id": "0x00000494",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:22.044953000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463202.044953000",
- "frame.time_delta": "0.000601000",
- "frame.time_delta_displayed": "0.000601000",
- "frame.time_relative": "5489.639749000",
- "frame.number": "6764",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x00003f96",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00007924",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "55176",
- "udp.port": "53",
- "udp.port": "55176",
- "udp.length": "45",
- "udp.checksum": "0x00008230",
- "udp.checksum.status": "2",
- "udp.stream": "104"
- },
- "dns": {
- "dns.response_to": "6763",
- "dns.time": "0.000601000",
- "dns.id": "0x00000494",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:22.045769000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463202.045769000",
- "frame.time_delta": "0.000816000",
- "frame.time_delta_displayed": "0.000816000",
- "frame.time_relative": "5489.640565000",
- "frame.number": "6765",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x0000bf42",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000f977",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "60660",
- "udp.dstport": "53",
- "udp.port": "60660",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x0000eeb3",
- "udp.checksum.status": "2",
- "udp.stream": "105"
- },
- "dns": {
- "dns.response_in": "6766",
- "dns.id": "0x00000495",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:33:22.046379000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463202.046379000",
- "frame.time_delta": "0.000610000",
- "frame.time_delta_displayed": "0.000610000",
- "frame.time_relative": "5489.641175000",
- "frame.number": "6766",
- "frame.len": "95",
- "frame.cap_len": "95",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "81",
- "ip.id": "0x00003f97",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00007913",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "60660",
- "udp.port": "53",
- "udp.port": "60660",
- "udp.length": "61",
- "udp.checksum": "0x00008240",
- "udp.checksum.status": "2",
- "udp.stream": "105"
- },
- "dns": {
- "dns.response_to": "6765",
- "dns.time": "0.000610000",
- "dns.id": "0x00000495",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "1",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "dcp.cpp.philips.com: type A, class IN, addr 5.79.62.93": {
- "dns.resp.name": "dcp.cpp.philips.com",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2984",
- "dns.resp.len": "4",
- "dns.a": "5.79.62.93"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:37:51.778249000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463471.778249000",
- "frame.time_delta": "3.324074000",
- "frame.time_delta_displayed": "269.731870000",
- "frame.time_relative": "5759.373045000",
- "frame.number": "7048",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x00001dd7",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00009ae6",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "36809",
- "udp.dstport": "53",
- "udp.port": "36809",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x0000c958",
- "udp.checksum.status": "2",
- "udp.stream": "113"
- },
- "dns": {
- "dns.response_in": "7049",
- "dns.id": "0x00000496",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:37:51.799436000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508463471.799436000",
- "frame.time_delta": "0.021187000",
- "frame.time_delta_displayed": "0.021187000",
- "frame.time_relative": "5759.394232000",
- "frame.number": "7049",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x0000431d",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x000073eb",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "36809",
- "udp.port": "53",
- "udp.port": "36809",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "113"
- },
- "dns": {
- "dns.response_to": "7048",
- "dns.time": "0.021187000",
- "dns.id": "0x00000496",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "116",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "7913",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "87",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2396",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 184.51.200.159": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5116",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.159"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 96.17.70.188": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5618",
- "dns.resp.len": "4",
- "dns.a": "96.17.70.188"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 96.17.70.190": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1801",
- "dns.resp.len": "4",
- "dns.a": "96.17.70.190"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2709",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6458",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 184.51.200.166": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2256",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.166"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.16.92": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4319",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.92"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3092",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:52:51.807701000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508464371.807701000",
- "frame.time_delta": "0.379478000",
- "frame.time_delta_displayed": "900.008265000",
- "frame.time_relative": "6659.402497000",
- "frame.number": "7913",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x00009e02",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00001abb",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "47598",
- "udp.dstport": "53",
- "udp.port": "47598",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x00009f32",
- "udp.checksum.status": "2",
- "udp.stream": "123"
- },
- "dns": {
- "dns.response_in": "7914",
- "dns.id": "0x00000497",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 18:52:51.814443000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508464371.814443000",
- "frame.time_delta": "0.006742000",
- "frame.time_delta_displayed": "0.006742000",
- "frame.time_relative": "6659.409239000",
- "frame.number": "7914",
- "frame.len": "467",
- "frame.cap_len": "467",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "453",
- "ip.id": "0x0000e205",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000d530",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "47598",
- "udp.port": "53",
- "udp.port": "47598",
- "udp.length": "433",
- "udp.checksum": "0x000083b4",
- "udp.checksum.status": "2",
- "udp.stream": "123"
- },
- "dns": {
- "dns.response_to": "7913",
- "dns.time": "0.006742000",
- "dns.id": "0x00000497",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "8",
- "dns.count.add_rr": "8",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "142",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "8611",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.113": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.113"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "275",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3797",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 165.254.134.240": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "338",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.240"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3114",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3177",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 173.197.192.230": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "5586",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.230"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "141",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 173.197.192.234": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3720",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.234"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.16.92": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3824",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.92"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:07:51.823654000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508465271.823654000",
- "frame.time_delta": "3.748666000",
- "frame.time_delta_displayed": "900.009211000",
- "frame.time_relative": "7559.418450000",
- "frame.number": "8671",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x0000e910",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000cfac",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "33804",
- "udp.dstport": "53",
- "udp.port": "33804",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x0000d513",
- "udp.checksum.status": "2",
- "udp.stream": "132"
- },
- "dns": {
- "dns.response_in": "8672",
- "dns.id": "0x00000498",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:07:51.884431000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508465271.884431000",
- "frame.time_delta": "0.060777000",
- "frame.time_delta_displayed": "0.060777000",
- "frame.time_relative": "7559.479227000",
- "frame.number": "8672",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x00004cdb",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00006a2d",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "33804",
- "udp.port": "53",
- "udp.port": "33804",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "132"
- },
- "dns": {
- "dns.response_to": "8671",
- "dns.time": "0.060777000",
- "dns.id": "0x00000498",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "116",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6113",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.73": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.73"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.2": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.2"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2288",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "596",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 184.51.200.159": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3316",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.159"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 96.17.70.188": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3818",
- "dns.resp.len": "4",
- "dns.a": "96.17.70.188"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 96.17.70.190": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1",
- "dns.resp.len": "4",
- "dns.a": "96.17.70.190"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 165.254.134.244": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "909",
- "dns.resp.len": "4",
- "dns.a": "165.254.134.244"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4658",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 184.51.200.166": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "456",
- "dns.resp.len": "4",
- "dns.a": "184.51.200.166"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.16.92": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2519",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.92"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1292",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:22:51.895282000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508466171.895282000",
- "frame.time_delta": "7.109343000",
- "frame.time_delta_displayed": "900.010851000",
- "frame.time_relative": "8459.490078000",
- "frame.number": "9475",
- "frame.len": "76",
- "frame.cap_len": "76",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "62",
- "ip.id": "0x0000ffbc",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000b900",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "33283",
- "udp.dstport": "53",
- "udp.port": "33283",
- "udp.port": "53",
- "udp.length": "42",
- "udp.checksum": "0x0000d71b",
- "udp.checksum.status": "2",
- "udp.stream": "144"
- },
- "dns": {
- "dns.response_in": "9476",
- "dns.id": "0x00000499",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:22:51.906565000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508466171.906565000",
- "frame.time_delta": "0.011283000",
- "frame.time_delta_displayed": "0.011283000",
- "frame.time_relative": "8459.501361000",
- "frame.number": "9476",
- "frame.len": "513",
- "frame.cap_len": "513",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "499",
- "ip.id": "0x0000a915",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x00000df3",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "33283",
- "udp.port": "53",
- "udp.port": "33283",
- "udp.length": "479",
- "udp.checksum": "0x000083e2",
- "udp.checksum.status": "2",
- "udp.stream": "144"
- },
- "dns": {
- "dns.response_to": "9475",
- "dns.time": "0.011283000",
- "dns.id": "0x00000499",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "4",
- "dns.count.auth_rr": "9",
- "dns.count.add_rr": "9",
- "Queries": {
- "www2.meethue.com: type A, class IN": {
- "dns.qry.name": "www2.meethue.com",
- "dns.qry.name.len": "16",
- "dns.count.labels": "3",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- },
- "Answers": {
- "www2.meethue.com: type CNAME, class IN, cname brands.lighting.philips.com.edgekey.net": {
- "dns.resp.name": "www2.meethue.com",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "142",
- "dns.resp.len": "41",
- "dns.cname": "brands.lighting.philips.com.edgekey.net"
- },
- "brands.lighting.philips.com.edgekey.net: type CNAME, class IN, cname e15361.b.akamaiedge.net": {
- "dns.resp.name": "brands.lighting.philips.com.edgekey.net",
- "dns.resp.type": "5",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6811",
- "dns.resp.len": "22",
- "dns.cname": "e15361.b.akamaiedge.net"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.112": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.112"
- },
- "e15361.b.akamaiedge.net: type A, class IN, addr 173.223.52.125": {
- "dns.resp.name": "e15361.b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "20",
- "dns.resp.len": "4",
- "dns.a": "173.223.52.125"
- }
- },
- "Authoritative nameservers": {
- "b.akamaiedge.net: type NS, class IN, ns n5b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n5b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns a0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "a0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n4b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n4b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n2b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n2b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n0b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n0b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n3b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n3b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n7b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n7b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n6b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n6b.akamaiedge.net"
- },
- "b.akamaiedge.net: type NS, class IN, ns n1b.akamaiedge.net": {
- "dns.resp.name": "b.akamaiedge.net",
- "dns.resp.type": "2",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2475",
- "dns.resp.len": "6",
- "dns.ns": "n1b.akamaiedge.net"
- }
- },
- "Additional records": {
- "n0b.akamaiedge.net: type A, class IN, addr 88.221.81.192": {
- "dns.resp.name": "n0b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1997",
- "dns.resp.len": "4",
- "dns.a": "88.221.81.192"
- },
- "n1b.akamaiedge.net: type A, class IN, addr 204.1.137.41": {
- "dns.resp.name": "n1b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6539",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.41"
- },
- "n2b.akamaiedge.net: type A, class IN, addr 165.254.16.89": {
- "dns.resp.name": "n2b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1314",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.89"
- },
- "n3b.akamaiedge.net: type A, class IN, addr 173.197.192.229": {
- "dns.resp.name": "n3b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1377",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.229"
- },
- "n4b.akamaiedge.net: type A, class IN, addr 173.197.192.230": {
- "dns.resp.name": "n4b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "3786",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.230"
- },
- "n5b.akamaiedge.net: type A, class IN, addr 204.1.137.37": {
- "dns.resp.name": "n5b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "6342",
- "dns.resp.len": "4",
- "dns.a": "204.1.137.37"
- },
- "n6b.akamaiedge.net: type A, class IN, addr 173.197.192.234": {
- "dns.resp.name": "n6b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1920",
- "dns.resp.len": "4",
- "dns.a": "173.197.192.234"
- },
- "n7b.akamaiedge.net: type A, class IN, addr 165.254.16.92": {
- "dns.resp.name": "n7b.akamaiedge.net",
- "dns.resp.type": "1",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "2024",
- "dns.resp.len": "4",
- "dns.a": "165.254.16.92"
- },
- "a0b.akamaiedge.net: type AAAA, class IN, addr 2600:1480:e800::c0": {
- "dns.resp.name": "a0b.akamaiedge.net",
- "dns.resp.type": "28",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "4475",
- "dns.resp.len": "16",
- "dns.aaaa": "2600:1480:e800::c0"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:33:22.239450000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508466802.239450000",
- "frame.time_delta": "4.788057000",
- "frame.time_delta_displayed": "630.332885000",
- "frame.time_relative": "9089.834246000",
- "frame.number": "10050",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x0000751c",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000439e",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "51418",
- "udp.dstport": "53",
- "udp.port": "51418",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x0000f7c8",
- "udp.checksum.status": "2",
- "udp.stream": "151"
- },
- "dns": {
- "dns.response_in": "10051",
- "dns.id": "0x0000049a",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:33:22.241425000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508466802.241425000",
- "frame.time_delta": "0.001975000",
- "frame.time_delta_displayed": "0.001975000",
- "frame.time_relative": "9089.836221000",
- "frame.number": "10051",
- "frame.len": "137",
- "frame.cap_len": "137",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
- "eth.src_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "123",
- "ip.id": "0x000030bf",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x000087c1",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.src_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "ip.dst": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.dst_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "53",
- "udp.dstport": "51418",
- "udp.port": "53",
- "udp.port": "51418",
- "udp.length": "103",
- "udp.checksum": "0x0000826a",
- "udp.checksum.status": "2",
- "udp.stream": "151"
- },
- "dns": {
- "dns.response_to": "10050",
- "dns.time": "0.001975000",
- "dns.id": "0x0000049a",
- "dns.flags": "0x00008180",
- "dns.flags_tree": {
- "dns.flags.response": "1",
- "dns.flags.opcode": "0",
- "dns.flags.authoritative": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.recavail": "1",
- "dns.flags.z": "0",
- "dns.flags.authenticated": "0",
- "dns.flags.checkdisable": "0",
- "dns.flags.rcode": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "1",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type AAAA, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "28",
- "dns.qry.class": "0x00000001"
- }
- },
- "Authoritative nameservers": {
- "cpp.philips.com: type SOA, class IN, mname ns1.ext.philips.com": {
- "dns.resp.name": "cpp.philips.com",
- "dns.resp.type": "6",
- "dns.resp.class": "0x00000001",
- "dns.resp.ttl": "1786",
- "dns.resp.len": "46",
- "dns.soa.mname": "ns1.ext.philips.com",
- "dns.soa.rname": "ddi-authority.philips.com",
- "dns.soa.serial_number": "387",
- "dns.soa.refresh_interval": "1200",
- "dns.soa.retry_interval": "300",
- "dns.soa.expire_limit": "1209600",
- "dns.soa.mininum_ttl": "3600"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:33:22.242432000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508466802.242432000",
- "frame.time_delta": "0.001007000",
- "frame.time_delta_displayed": "0.001007000",
- "frame.time_relative": "9089.837228000",
- "frame.number": "10052",
- "frame.len": "79",
- "frame.cap_len": "79",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "b0:b9:8a:73:69:8e",
- "eth.dst_tree": {
- "eth.dst_resolved": "Netgear_73:69:8e",
- "eth.addr": "b0:b9:8a:73:69:8e",
- "eth.addr_resolved": "Netgear_73:69:8e",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "00:17:88:69:ee:e4",
- "eth.src_tree": {
- "eth.src_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.type": "0x00000800"
- },
- "ip": {
- "ip.version": "4",
- "ip.hdr_len": "20",
- "ip.dsfield": "0x00000000",
- "ip.dsfield_tree": {
- "ip.dsfield.dscp": "0",
- "ip.dsfield.ecn": "0"
- },
- "ip.len": "65",
- "ip.id": "0x0000751d",
- "ip.flags": "0x00000002",
- "ip.flags_tree": {
- "ip.flags.rb": "0",
- "ip.flags.df": "1",
- "ip.flags.mf": "0"
- },
- "ip.frag_offset": "0",
- "ip.ttl": "64",
- "ip.proto": "17",
- "ip.checksum": "0x0000439d",
- "ip.checksum.status": "2",
- "ip.src": "192.168.0.160",
- "ip.addr": "192.168.0.160",
- "ip.src_host": "192.168.0.160",
- "ip.host": "192.168.0.160",
- "ip.dst": "192.168.0.1",
- "ip.addr": "192.168.0.1",
- "ip.dst_host": "192.168.0.1",
- "ip.host": "192.168.0.1",
- "Source GeoIP: Unknown": "",
- "Destination GeoIP: Unknown": ""
- },
- "udp": {
- "udp.srcport": "60729",
- "udp.dstport": "53",
- "udp.port": "60729",
- "udp.port": "53",
- "udp.length": "45",
- "udp.checksum": "0x0000ee68",
- "udp.checksum.status": "2",
- "udp.stream": "152"
- },
- "dns": {
- "dns.response_in": "10053",
- "dns.id": "0x0000049b",
- "dns.flags": "0x00000100",
- "dns.flags_tree": {
- "dns.flags.response": "0",
- "dns.flags.opcode": "0",
- "dns.flags.truncated": "0",
- "dns.flags.recdesired": "1",
- "dns.flags.z": "0",
- "dns.flags.checkdisable": "0"
- },
- "dns.count.queries": "1",
- "dns.count.answers": "0",
- "dns.count.auth_rr": "0",
- "dns.count.add_rr": "0",
- "Queries": {
- "dcp.cpp.philips.com: type A, class IN": {
- "dns.qry.name": "dcp.cpp.philips.com",
- "dns.qry.name.len": "19",
- "dns.count.labels": "4",
- "dns.qry.type": "1",
- "dns.qry.class": "0x00000001"
- }
- }
- }
- }
- }
- }
- ,
- {
- "_index": "packets-2017-10-26",
- "_type": "pcap_file",
- "_score": null,
- "_source": {
- "layers": {
- "frame": {
- "frame.encap_type": "1",
- "frame.time": "Oct 19, 2017 19:33:22.244090000 PDT",
- "frame.offset_shift": "0.000000000",
- "frame.time_epoch": "1508466802.244090000",
- "frame.time_delta": "0.001658000",
- "frame.time_delta_displayed": "0.001658000",
- "frame.time_relative": "9089.838886000",
- "frame.number": "10053",
- "frame.len": "285",
- "frame.cap_len": "285",
- "frame.marked": "0",
- "frame.ignored": "0",
- "frame.protocols": "eth:ethertype:ip:udp:dns",
- "frame.coloring_rule.name": "UDP",
- "frame.coloring_rule.string": "udp"
- },
- "eth": {
- "eth.dst": "00:17:88:69:ee:e4",
- "eth.dst_tree": {
- "eth.dst_resolved": "PhilipsL_69:ee:e4",
- "eth.addr": "00:17:88:69:ee:e4",
- "eth.addr_resolved": "PhilipsL_69:ee:e4",
- "eth.lg": "0",
- "eth.ig": "0"
- },
- "eth.src": "b0:b9:8a:73:69:8e",
- "eth.src_tree": {
-