{"timestamp":"2025-09-02T16:20:17.409020+0000","flow_id":343057614983180,"pcap_cnt":58689,"event_type":"http","src_ip":"192.168.91.134","src_port":60552,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":90,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12 Transfer-Encoding: chunked"}],"response_headers":[{"name":"Content-length","value":"90"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Type","value":"text/html"}]}}
{"timestamp":"2025-09-02T16:20:17.407322+0000","flow_id":324486870193253,"pcap_cnt":58682,"event_type":"http","src_ip":"192.168.91.134","src_port":60536,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":90,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":"chunked, something"}],"response_headers":[{"name":"Content-length","value":"90"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Type","value":"text/html"}]}}
{"timestamp":"2025-09-02T16:20:17.395835+0000","flow_id":287787348159679,"pcap_cnt":58660,"event_type":"http","src_ip":"192.168.91.134","src_port":60510,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":"x"}]}}
{"timestamp":"2025-09-02T16:20:17.389757+0000","flow_id":545037719484863,"pcap_cnt":58651,"event_type":"http","src_ip":"192.168.91.134","src_port":60508,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":"chun ked"}]}}
{"timestamp":"2025-09-02T16:20:17.386853+0000","flow_id":530788017071325,"pcap_cnt":58642,"event_type":"http","src_ip":"192.168.91.134","src_port":60500,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":"chun\tked"}]}}
{"timestamp":"2025-09-02T16:20:17.385493+0000","flow_id":511240216773407,"pcap_cnt":58637,"event_type":"http","src_ip":"192.168.91.134","src_port":60484,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"application/octet-stream, text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"length":2141,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":"chunked"}],"response_headers":[{"name":"server","value":"nginx/1.24.0 (Ubuntu)"},{"name":"date","value":"Tue, 02 Sep 2025 16:20:17 GMT"},{"name":"content-type","value":"application/octet-stream, text/html"},{"name":"content-length","value":"2141"},{"name":"connection","value":"close"}]}}
{"timestamp":"2025-09-02T16:20:17.381208+0000","flow_id":489416138552906,"pcap_cnt":58629,"event_type":"http","src_ip":"192.168.91.134","src_port":60474,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"application/octet-stream, text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"length":2141,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Some","value":"thing"},{"name":"Transfer-Encoding","value":"chunked"}],"response_headers":[{"name":"server","value":"nginx/1.24.0 (Ubuntu)"},{"name":"date","value":"Tue, 02 Sep 2025 16:20:17 GMT"},{"name":"content-type","value":"application/octet-stream, text/html"},{"name":"content-length","value":"2141"},{"name":"connection","value":"close"}]}}
{"timestamp":"2025-09-02T16:20:17.375817+0000","flow_id":464788401511219,"pcap_cnt":58619,"event_type":"http","src_ip":"192.168.91.134","src_port":60464,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"application/octet-stream, text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"length":2141,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":"CHUNKED"}],"response_headers":[{"name":"server","value":"nginx/1.24.0 (Ubuntu)"},{"name":"date","value":"Tue, 02 Sep 2025 16:20:17 GMT"},{"name":"content-type","value":"application/octet-stream, text/html"},{"name":"content-length","value":"2141"},{"name":"connection","value":"close"}]}}
{"timestamp":"2025-09-02T16:20:17.368277+0000","flow_id":447234008215729,"pcap_cnt":58608,"event_type":"http","src_ip":"192.168.91.134","src_port":60462,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":90,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding\r","value":"chunked"}],"response_headers":[{"name":"Content-length","value":"90"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Type","value":"text/html"}]}}
{"timestamp":"2025-09-02T16:20:17.363698+0000","flow_id":430408419679622,"pcap_cnt":58597,"event_type":"http","src_ip":"192.168.91.134","src_port":60450,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"12"},{"name":"Transfer-Encoding","value":""},{"name":"","value":"chunked"}]}}
{"timestamp":"2025-09-02T16:20:17.344671+0000","flow_id":348288559077256,"pcap_cnt":58563,"event_type":"http","src_ip":"192.168.91.134","src_port":60416,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":90,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4 Transfer-Encoding: chunked"}],"response_headers":[{"name":"Content-length","value":"90"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Type","value":"text/html"}]}}
{"timestamp":"2025-09-02T16:20:17.342180+0000","flow_id":334919899734426,"pcap_cnt":58554,"event_type":"http","src_ip":"192.168.91.134","src_port":60410,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":90,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":"chunked, something"}],"response_headers":[{"name":"Content-length","value":"90"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Type","value":"text/html"}]}}
{"timestamp":"2025-09-02T16:20:17.332632+0000","flow_id":290471334995819,"pcap_cnt":58530,"event_type":"http","src_ip":"192.168.91.134","src_port":60392,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":"x"}]}}
{"timestamp":"2025-09-02T16:20:17.327027+0000","flow_id":554512079887414,"pcap_cnt":58521,"event_type":"http","src_ip":"192.168.91.134","src_port":60390,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":"chun ked"}]}}
{"timestamp":"2025-09-02T16:20:17.323036+0000","flow_id":533938719683014,"pcap_cnt":58512,"event_type":"http","src_ip":"192.168.91.134","src_port":60376,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":"chun\tked"}]}}
{"timestamp":"2025-09-02T16:20:17.316921+0000","flow_id":504251670351224,"pcap_cnt":58505,"event_type":"http","src_ip":"192.168.91.134","src_port":60368,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"application/octet-stream, text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"length":2141,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":"chunked"}],"response_headers":[{"name":"server","value":"nginx/1.24.0 (Ubuntu)"},{"name":"date","value":"Tue, 02 Sep 2025 16:20:17 GMT"},{"name":"content-type","value":"application/octet-stream, text/html"},{"name":"content-length","value":"2141"},{"name":"connection","value":"close"}]}}
{"timestamp":"2025-09-02T16:20:17.311393+0000","flow_id":478058758045355,"pcap_cnt":58496,"event_type":"http","src_ip":"192.168.91.134","src_port":60360,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"application/octet-stream, text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"length":2141,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Some","value":"thing"},{"name":"Transfer-Encoding","value":"chunked"}],"response_headers":[{"name":"server","value":"nginx/1.24.0 (Ubuntu)"},{"name":"date","value":"Tue, 02 Sep 2025 16:20:17 GMT"},{"name":"content-type","value":"application/octet-stream, text/html"},{"name":"content-length","value":"2141"},{"name":"connection","value":"close"}]}}
{"timestamp":"2025-09-02T16:20:17.305277+0000","flow_id":454193268163303,"pcap_cnt":58487,"event_type":"http","src_ip":"192.168.91.134","src_port":60348,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"application/octet-stream, text/html","http_method":"POST","protocol":"HTTP/1.1","status":200,"length":2141,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":"CHUNKED"}],"response_headers":[{"name":"server","value":"nginx/1.24.0 (Ubuntu)"},{"name":"date","value":"Tue, 02 Sep 2025 16:20:17 GMT"},{"name":"content-type","value":"application/octet-stream, text/html"},{"name":"content-length","value":"2141"},{"name":"connection","value":"close"}]}}
{"timestamp":"2025-09-02T16:20:17.301055+0000","flow_id":441816376141879,"pcap_cnt":58478,"event_type":"http","src_ip":"192.168.91.134","src_port":60332,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":90,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding\r","value":"chunked"}],"response_headers":[{"name":"Content-length","value":"90"},{"name":"Cache-Control","value":"no-cache"},{"name":"Connection","value":"close"},{"name":"Content-Type","value":"text/html"}]}}
{"timestamp":"2025-09-02T16:20:17.297445+0000","flow_id":427226883908850,"pcap_cnt":58467,"event_type":"http","src_ip":"192.168.91.134","src_port":60330,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.129","url":"/","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"User-Agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"},{"name":"Accept-Encoding","value":"gzip"},{"name":"Host","value":"192.168.91.129"},{"name":"Accept","value":"*/*"},{"name":"Content-Length","value":"4"},{"name":"Transfer-Encoding","value":""},{"name":"","value":"chunked"}]}}
{"timestamp":"2025-09-02T16:14:58.875330+0000","flow_id":628523831880116,"pcap_cnt":30799,"event_type":"http","src_ip":"192.168.91.134","src_port":53964,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":3,"http":{"version":"2","request_headers":[{"name":":scheme","value":"https"},{"name":":method","value":"GET"},{"name":":path","value":"/crlf/?qleex1amma8=1"},{"name":":authority","value":"192.168.91.129:9000"},{"name":"user-agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"},{"name":"accept","value":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"},{"name":"accept-language","value":"en-US,en;q=0.5"},{"name":"accept-encoding","value":"identity"},{"name":"referer","value":"http://192.168.91.129:9000/crlf/"},{"name":"upgrade-insecure-requests","value":"1"},{"name":"priority","value":"u=0, i"},{"name":"content-type","value":"application/x-www-form-urlencoded"},{"name":"content-length","value":"30"},{"name":"origin","value":"https://qleex1amma8.com"},{"name":"via","value":"qleex1amma8"},{"name":"transfer-encoding","value":"chunked"},{"name":"x-http-method-override","value":"HEAD"},{"name":"x-http-method","value":"HEAD"},{"name":"x-method-override","value":"HEAD"},{"name":"real-method","value":"HEAD"},{"name":"request-method","value":"HEAD"},{"name":"method","value":"HEAD"}],"length":30,"url":"/crlf/?qleex1amma8=1","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36","http_method":"GET","http2":{"stream_id":1,"request":{},"response":{"error_code":"ProtocolError","has_multiple":"error_code"}}}}
{"timestamp":"2025-09-02T16:14:58.867235+0000","flow_id":603309684971612,"pcap_cnt":30778,"event_type":"http","src_ip":"192.168.91.134","src_port":53962,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":2,"http":{"version":"2","request_headers":[{"name":":scheme","value":"https"},{"name":":method","value":"GET"},{"name":":path","value":"/crlf/?miuv3=1"},{"name":":authority","value":"192.168.91.129:9000"},{"name":"user-agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"},{"name":"accept","value":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"},{"name":"accept-language","value":"en-US,en;q=0.5"},{"name":"accept-encoding","value":"identity"},{"name":"referer","value":"http://192.168.91.129:9000/crlf/"},{"name":"upgrade-insecure-requests","value":"1"},{"name":"priority","value":"u=0, i"},{"name":"content-type","value":"application/x-www-form-urlencoded"},{"name":"content-length","value":"30"},{"name":"origin","value":"https://miuv3.com"},{"name":"via","value":"miuv3"},{"name":"transfer-encoding","value":"=?iso-8859-1?B?Y2h1bmtlZA==?="},{"name":"x-http-method-override","value":"HEAD"},{"name":"x-http-method","value":"HEAD"},{"name":"x-method-override","value":"HEAD"},{"name":"real-method","value":"HEAD"},{"name":"request-method","value":"HEAD"},{"name":"method","value":"HEAD"}],"http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36","url":"/crlf/?miuv3=1","http_method":"GET","length":30,"http2":{"stream_id":1,"request":{},"response":{"error_code":"ProtocolError","has_multiple":"error_code"}}}}
{"timestamp":"2025-09-02T16:14:58.861434+0000","flow_id":579278020655123,"pcap_cnt":30760,"event_type":"http","src_ip":"192.168.91.134","src_port":53950,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":3,"http":{"version":"2","request_headers":[{"name":":scheme","value":"https"},{"name":":method","value":"get"},{"name":":path","value":"/crlf/?nznns6k5=1"},{"name":":authority","value":""},{"name":"user-agent","value":"mozilla/5.0 (macintosh; intel mac os x 10_14_2) applewebkit/537.36 (khtml, like gecko) chrome/71.0.3578.98 safari/537.36"},{"name":"accept","value":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"},{"name":"accept-language","value":"en-us,en;q=0.5"},{"name":"accept-encoding","value":"identity"},{"name":"connection","value":"keep-alive"},{"name":"referer","value":"http://192.168.91.129:9000/crlf/"},{"name":"upgrade-insecure-requests","value":"1"},{"name":"priority","value":"u=0, i"},{"name":"content-type","value":"application/x-www-form-urlencoded"},{"name":"content-length","value":"5"},{"name":"origin","value":"https://nznns6k5.com"},{"name":"via","value":"nznns6k5"},{"name":"transfer-encoding","value":"chunked"},{"name":"x-http-method-override","value":"head"},{"name":"x-http-method","value":"head"},{"name":"x-method-override","value":"head"},{"name":"real-method","value":"head"},{"name":"request-method","value":"head"},{"name":"method","value":"head"},{"name":"content-length","value":"30"}],"http_user_agent":"mozilla/5.0 (macintosh; intel mac os x 10_14_2) applewebkit/537.36 (khtml, like gecko) chrome/71.0.3578.98 safari/537.36","url":"/crlf/?nznns6k5=1","length":30,"http_method":"get","http2":{"stream_id":1,"request":{},"response":{"error_code":"ProtocolError","has_multiple":"error_code"}}}}
{"timestamp":"2025-09-02T16:14:58.853517+0000","flow_id":828631647115287,"pcap_cnt":30738,"event_type":"http","src_ip":"192.168.91.134","src_port":53934,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":2,"http":{"version":"2","request_headers":[{"name":":scheme","value":"https"},{"name":":method","value":"GET"},{"name":":path","value":"/crlf/?suddv7b4=1"},{"name":":authority","value":"192.168.91.129:9000"},{"name":"user-agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"},{"name":"accept","value":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"},{"name":"accept-language","value":"en-US,en;q=0.5"},{"name":"accept-encoding","value":"identity"},{"name":"referer","value":"http://192.168.91.129:9000/crlf/"},{"name":"upgrade-insecure-requests","value":"1"},{"name":"priority","value":"u=0, i"},{"name":"content-type","value":"application/x-www-form-urlencoded"},{"name":"content-length","value":"30"},{"name":"origin","value":"https://suddv7b4.com"},{"name":"via","value":"suddv7b4"},{"name":"transfer-encoding","value":" chunked"},{"name":"x-http-method-override","value":"HEAD"},{"name":"x-http-method","value":"HEAD"},{"name":"x-method-override","value":"HEAD"},{"name":"real-method","value":"HEAD"},{"name":"request-method","value":"HEAD"},{"name":"method","value":"HEAD"}],"url":"/crlf/?suddv7b4=1","http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36","length":30,"http_method":"GET","http2":{"stream_id":1,"request":{},"response":{"error_code":"ProtocolError","has_multiple":"error_code"}}}}
{"timestamp":"2025-09-02T16:14:58.846762+0000","flow_id":797281778439685,"pcap_cnt":30717,"event_type":"http","src_ip":"192.168.91.134","src_port":53932,"dest_ip":"192.168.91.129","dest_port":9000,"proto":"TCP","pkt_src":"wire/pcap","tx_id":2,"http":{"version":"2","request_headers":[{"name":":scheme","value":"https"},{"name":":method","value":"GET"},{"name":":path","value":"/crlf/?rp52635=1"},{"name":":authority","value":"192.168.91.129:9000"},{"name":"user-agent","value":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"},{"name":"accept","value":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"},{"name":"accept-language","value":"en-US,en;q=0.5"},{"name":"accept-encoding","value":"identity"},{"name":"referer","value":"http://192.168.91.129:9000/crlf/"},{"name":"upgrade-insecure-requests","value":"1"},{"name":"priority","value":"u=0, i"},{"name":"content-type","value":"application/x-www-form-urlencoded"},{"name":"content-length","value":"30"},{"name":"origin","value":"https://rp52635.com"},{"name":"via","value":"rp52635"},{"name":"foo","value":"bar"},{"name":"\ttransfer-encoding","value":"chunked"},{"name":"x-http-method-override","value":"HEAD"},{"name":"x-http-method","value":"HEAD"},{"name":"x-method-override","value":"HEAD"},{"name":"real-method","value":"HEAD"},{"name":"request-method","value":"HEAD"},{"name":"method","value":"HEAD"}],"length":30,"http_user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36","url":"/crlf/?rp52635=1","http_method":"GET","http2":{"stream_id":1,"request":{},"response":{"error_code":"ProtocolError","has_multiple":"error_code"}}}}
{"timestamp":"2025-08-29T09:47:20.040224-0400","flow_id":167962773209323,"pcap_cnt":1055,"event_type":"http","src_ip":"192.168.91.1","src_port":53900,"dest_ip":"192.168.91.132","dest_port":80,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.132","url":"/","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":400,"length":339,"request_headers":[{"name":"Host","value":"192.168.91.132"},{"name":"Content-Length","value":"25"},{"name":"Content-Length","value":"3"}],"response_headers":[{"name":"Content-Type","value":"text/html; charset=us-ascii"},{"name":"Server","value":"Microsoft-HTTPAPI/2.0"},{"name":"Date","value":"Fri, 29 Aug 2025 13:47:19 GMT"},{"name":"Connection","value":"close"},{"name":"Content-Length","value":"0"},{"name":"Content-Length","value":"339"}]}}
{"timestamp":"2025-08-29T09:49:35.354292-0400","flow_id":2074254639223156,"pcap_cnt":3818,"event_type":"http","src_ip":"192.168.91.1","src_port":55026,"dest_ip":"192.168.91.132","dest_port":8080,"proto":"TCP","pkt_src":"wire/pcap","tx_id":0,"http":{"hostname":"192.168.91.132","url":"/secrets","http_content_type":"text/html","http_method":"POST","protocol":"HTTP/1.1","status":404,"length":1245,"request_headers":[{"name":"Host","value":"192.168.91.132"},{"name":"Transfer-Encoding","value":"chunked"},{"name":"Transfer-Encoding","value":"x"}],"response_headers":[{"name":"Content-Type","value":"text/html"},{"name":"Server","value":"Microsoft-IIS/10.0"},{"name":"X-Powered-By","value":"ASP.NET/IIS-Vulnerable"},{"name":"Date","value":"Fri, 29 Aug 2025 13:49:34 GMT"},{"name":"Content-Length","value":"1245"}]}}
{"timestamp":"2025-08-29T09:46:04.116935-0400","flow_id":437930138972007,"event_type":"http","src_ip":"192.168.91.1","src_port":55230,"dest_ip":"192.168.91.132","dest_port":8084,"proto":"TCP","pkt_src":"stream (flow timeout)","tx_id":0,"http":{"hostname":"192.168.91.132","url":"/Default.aspx","http_method":"POST","protocol":"HTTP/1.1","length":0,"request_headers":[{"name":"Host","value":"192.168.91.132"},{"name":"X-HTTP-Method-Override","value":"GET"},{"name":"X-HTTP-Method","value":"GET"},{"name":"X-Method-Override","value":"GET"},{"name":"Content-Length","value":"0"}]}}
{"timestamp":"2025-08-29T09:46:04.116935-0400","flow_id":437930138972007,"event_type":"flow","src_ip":"192.168.91.1","src_port":55230,"dest_ip":"192.168.91.132","dest_port":8084,"proto":"TCP","app_proto":"http","flow":{"pkts_toserver":5,"pkts_toclient":1,"bytes_toserver":445,"bytes_toclient":66,"start":"2025-08-29T09:49:53.101963-0400","end":"2025-08-29T09:49:53.118650-0400","age":0,"state":"closed","reason":"shutdown","alerted":false},"tcp":{"tcp_flags":"1e","tcp_flags_ts":"1e","tcp_flags_tc":"12","syn":true,"rst":true,"psh":true,"ack":true,"state":"closed","ts_max_regions":1,"tc_max_regions":1}}