rmoff/example.pcap

## example.pcap
{
  "timestamp": "1547735265961",
  "layers": {
    "frame": {
      "frame_frame_interface_id": "0",
      "frame_interface_id_frame_interface_name": "en0",
      "frame_frame_encap_type": "1",
      "frame_frame_time": "Jan 17, 2019 14:27:45.961581000 GMT",
      "frame_frame_offset_shift": "0.000000000",
      "frame_frame_time_epoch": "1547735265.961581000",
      "frame_frame_time_delta": "0.000403000",
      "frame_frame_time_delta_displayed": "0.000403000",
      "frame_frame_time_relative": "12.857668000",
      "frame_frame_number": "76",
      "frame_frame_len": "413",
      "frame_frame_cap_len": "413",
      "frame_frame_marked": "0",
      "frame_frame_ignored": "0",
      "frame_frame_protocols": "eth:ethertype:ip:tcp:http"
    },
    "eth": {
      "eth_eth_dst": "d4:ca:6d:b0:a7:f3",
      "eth_dst_eth_dst_resolved": "Routerbo_b0:a7:f3",
      "eth_dst_eth_addr": "d4:ca:6d:b0:a7:f3",
      "eth_dst_eth_addr_resolved": "Routerbo_b0:a7:f3",
      "eth_dst_eth_lg": "0",
      "eth_dst_eth_ig": "0",
      "eth_eth_src": "xx:xx:xx:xx:xx:xx",
      "eth_src_eth_src_resolved": "Apple_d2:2a:35",
      "eth_src_eth_addr": "xx:xx:xx:xx:xx:xx",
      "eth_src_eth_addr_resolved": "Apple_d2:2a:35",
      "eth_src_eth_lg": "0",
      "eth_src_eth_ig": "0",
      "eth_eth_type": "0x00000800"
    },
    "ip": {
      "ip_ip_version": "4",
      "ip_ip_hdr_len": "20",
      "ip_ip_dsfield": "0x00000002",
      "ip_dsfield_ip_dsfield_dscp": "0",
      "ip_dsfield_ip_dsfield_ecn": "2",
      "ip_ip_len": "399",
      "ip_ip_id": "0x00000000",
      "ip_ip_flags": "0x00004000",
      "ip_flags_ip_flags_rb": "0",
      "ip_flags_ip_flags_df": "1",
      "ip_flags_ip_flags_mf": "0",
      "ip_flags_ip_frag_offset": "0",
      "ip_ip_ttl": "64",
      "ip_ip_proto": "6",
      "ip_ip_checksum": "0x0000bd66",
      "ip_ip_checksum_status": "2",
      "ip_ip_src": "10.5.60.53",
      "ip_ip_addr": [
        "10.5.60.53",
        "17.253.35.202"
      ],
      "ip_ip_src_host": "10.5.60.53",
      "ip_ip_host": [
        "10.5.60.53",
        "17.253.35.202"
      ],
      "ip_ip_dst": "17.253.35.202",
      "ip_ip_dst_host": "17.253.35.202"
    },
    "tcp": {
      "tcp_tcp_srcport": "64355",
      "tcp_tcp_dstport": "80",
      "tcp_tcp_port": [
        "64355",
        "80"
      ],
      "tcp_tcp_stream": "3",
      "tcp_tcp_len": "347",
      "tcp_tcp_seq": "1",
      "tcp_tcp_nxtseq": "348",
      "tcp_tcp_ack": "1",
      "tcp_tcp_hdr_len": "32",
      "tcp_tcp_flags": "0x00000018",
      "tcp_flags_tcp_flags_res": "0",
      "tcp_flags_tcp_flags_ns": "0",
      "tcp_flags_tcp_flags_cwr": "0",
      "tcp_flags_tcp_flags_ecn": "0",
      "tcp_flags_tcp_flags_urg": "0",
      "tcp_flags_tcp_flags_ack": "1",
      "tcp_flags_tcp_flags_push": "1",
      "tcp_flags_tcp_flags_reset": "0",
      "tcp_flags_tcp_flags_syn": "0",
      "tcp_flags_tcp_flags_fin": "0",
      "tcp_flags_tcp_flags_str": "\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7AP\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7",
      "tcp_tcp_window_size_value": "4117",
      "tcp_tcp_window_size": "131744",
      "tcp_tcp_window_size_scalefactor": "32",
      "tcp_tcp_checksum": "0x000059d7",
      "tcp_tcp_checksum_status": "2",
      "tcp_tcp_urgent_pointer": "0",
      "tcp_tcp_options": "01:01:08:0a:68:56:d8:c8:0f:aa:69:ac",
      "tcp_options_tcp_options_nop": [
        "01",
        "01"
      ],
      "tcp_options_nop_tcp_option_kind": [
        "1",
        "1"
      ],
      "tcp_options_tcp_options_timestamp": "08:0a:68:56:d8:c8:0f:aa:69:ac",
      "tcp_options_timestamp_tcp_option_kind": "8",
      "tcp_options_timestamp_tcp_option_len": "10",
      "tcp_options_timestamp_tcp_options_timestamp_tsval": "1750522056",
      "tcp_options_timestamp_tcp_options_timestamp_tsecr": "262826412",
      "tcp_tcp_analysis": "",
      "tcp_analysis_tcp_analysis_initial_rtt": "0.016684000",
      "tcp_analysis_tcp_analysis_bytes_in_flight": "347",
      "tcp_analysis_tcp_analysis_push_bytes_sent": "347",
      "tcp_text": "Timestamps",
      "text_tcp_time_relative": "0.017087000",
      "text_tcp_time_delta": "0.000403000",
      "tcp_tcp_payload": "47:45:54:20:2f:68:6f:74:73:70:6f:74:2d:64:65:74:65:63:74:2e:68:74:6d:6c:20:48:54:54:50:2f:31:2e:31:0d:0a:48:6f:73:74:3a:20:63:61:70:74:69:76:65:2e:61:70:70:6c:65:2e:63:6f:6d:0d:0a:55:70:67:72:61:64:65:2d:49:6e:73:65:63:75:72:65:2d:52:65:71:75:65:73:74:73:3a:20:31:0d:0a:41:63:63:65:70:74:3a:20:74:65:78:74:2f:68:74:6d:6c:2c:61:70:70:6c:69:63:61:74:69:6f:6e:2f:78:68:74:6d:6c:2b:78:6d:6c:2c:61:70:70:6c:69:63:61:74:69:6f:6e:2f:78:6d:6c:3b:71:3d:30:2e:39:2c:2a:2f:2a:3b:71:3d:30:2e:38:0d:0a:55:73:65:72:2d:41:67:65:6e:74:3a:20:4d:6f:7a:69:6c:6c:61:2f:35:2e:30:20:28:4d:61:63:69:6e:74:6f:73:68:3b:20:49:6e:74:65:6c:20:4d:61:63:20:4f:53:20:58:20:31:30:5f:31:33:5f:36:29:20:41:70:70:6c:65:57:65:62:4b:69:74:2f:36:30:35:2e:31:2e:31:35:20:28:4b:48:54:4d:4c:2c:20:6c:69:6b:65:20:47:65:63:6b:6f:29:0d:0a:41:63:63:65:70:74:2d:4c:61:6e:67:75:61:67:65:3a:20:65:6e:2d:67:62:0d:0a:41:63:63:65:70:74:2d:45:6e:63:6f:64:69:6e:67:3a:20:67:7a:69:70:2c:20:64:65:66:6c:61:74:65:0d:0a:43:6f:6e:6e:65:63:74:69:6f:6e:3a:20:6b:65:65:70:2d:61:6c:69:76:65:0d:0a:0d:0a"
    },
    "http": {
      "http_text": [
        "GET \/hotspot-detect.html HTTP\/1.1\\r\\n",
        "\\r\\n"
      ],
      "text__ws_expert": {
        "_ws_expert_http_chat": "",
        "_ws_expert__ws_expert_message": "GET \/hotspot-detect.html HTTP\/1.1\\r\\n",
        "_ws_expert__ws_expert_severity": "2097152",
        "_ws_expert__ws_expert_group": "33554432"
      },
      "text_http_request_method": "GET",
      "text_http_request_uri": "\/hotspot-detect.html",
      "text_http_request_version": "HTTP\/1.1",
      "http_http_host": "captive.apple.com",
      "http_http_request_line": [
        "Host: captive.apple.com\r\n",
        "Upgrade-Insecure-Requests: 1\r\n",
        "Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8\r\n",
        "User-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit\/605.1.15 (KHTML, like Gecko)\r\n",
        "Accept-Language: en-gb\r\n",
        "Accept-Encoding: gzip, deflate\r\n",
        "Connection: keep-alive\r\n"
      ],
      "http_http_accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
      "http_http_user_agent": "Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit\/605.1.15 (KHTML, like Gecko)",
      "http_http_accept_language": "en-gb",
      "http_http_accept_encoding": "gzip, deflate",
      "http_http_connection": "keep-alive",
      "http_http_request_full_uri": "http:\/\/captive.apple.com\/hotspot-detect.html",
      "http_http_request": "1",
      "http_http_request_number": "1"
    }
  }
}
	{
	"timestamp": "1547735265961",
	"layers": {
	"frame": {
	"frame_frame_interface_id": "0",
	"frame_interface_id_frame_interface_name": "en0",
	"frame_frame_encap_type": "1",
	"frame_frame_time": "Jan 17, 2019 14:27:45.961581000 GMT",
	"frame_frame_offset_shift": "0.000000000",
	"frame_frame_time_epoch": "1547735265.961581000",
	"frame_frame_time_delta": "0.000403000",
	"frame_frame_time_delta_displayed": "0.000403000",
	"frame_frame_time_relative": "12.857668000",
	"frame_frame_number": "76",
	"frame_frame_len": "413",
	"frame_frame_cap_len": "413",
	"frame_frame_marked": "0",
	"frame_frame_ignored": "0",
	"frame_frame_protocols": "eth:ethertype:ip:tcp:http"
	},
	"eth": {
	"eth_eth_dst": "d4:ca:6d:b0:a7:f3",
	"eth_dst_eth_dst_resolved": "Routerbo_b0:a7:f3",
	"eth_dst_eth_addr": "d4:ca:6d:b0:a7:f3",
	"eth_dst_eth_addr_resolved": "Routerbo_b0:a7:f3",
	"eth_dst_eth_lg": "0",
	"eth_dst_eth_ig": "0",
	"eth_eth_src": "xx:xx:xx:xx:xx:xx",
	"eth_src_eth_src_resolved": "Apple_d2:2a:35",
	"eth_src_eth_addr": "xx:xx:xx:xx:xx:xx",
	"eth_src_eth_addr_resolved": "Apple_d2:2a:35",
	"eth_src_eth_lg": "0",
	"eth_src_eth_ig": "0",
	"eth_eth_type": "0x00000800"
	},
	"ip": {
	"ip_ip_version": "4",
	"ip_ip_hdr_len": "20",
	"ip_ip_dsfield": "0x00000002",
	"ip_dsfield_ip_dsfield_dscp": "0",
	"ip_dsfield_ip_dsfield_ecn": "2",
	"ip_ip_len": "399",
	"ip_ip_id": "0x00000000",
	"ip_ip_flags": "0x00004000",
	"ip_flags_ip_flags_rb": "0",
	"ip_flags_ip_flags_df": "1",
	"ip_flags_ip_flags_mf": "0",
	"ip_flags_ip_frag_offset": "0",
	"ip_ip_ttl": "64",
	"ip_ip_proto": "6",
	"ip_ip_checksum": "0x0000bd66",
	"ip_ip_checksum_status": "2",
	"ip_ip_src": "10.5.60.53",
	"ip_ip_addr": [
	"10.5.60.53",
	"17.253.35.202"
	],
	"ip_ip_src_host": "10.5.60.53",
	"ip_ip_host": [
	"10.5.60.53",
	"17.253.35.202"
	],
	"ip_ip_dst": "17.253.35.202",
	"ip_ip_dst_host": "17.253.35.202"
	},
	"tcp": {
	"tcp_tcp_srcport": "64355",
	"tcp_tcp_dstport": "80",
	"tcp_tcp_port": [
	"64355",
	"80"
	],
	"tcp_tcp_stream": "3",
	"tcp_tcp_len": "347",
	"tcp_tcp_seq": "1",
	"tcp_tcp_nxtseq": "348",
	"tcp_tcp_ack": "1",
	"tcp_tcp_hdr_len": "32",
	"tcp_tcp_flags": "0x00000018",
	"tcp_flags_tcp_flags_res": "0",
	"tcp_flags_tcp_flags_ns": "0",
	"tcp_flags_tcp_flags_cwr": "0",
	"tcp_flags_tcp_flags_ecn": "0",
	"tcp_flags_tcp_flags_urg": "0",
	"tcp_flags_tcp_flags_ack": "1",
	"tcp_flags_tcp_flags_push": "1",
	"tcp_flags_tcp_flags_reset": "0",
	"tcp_flags_tcp_flags_syn": "0",
	"tcp_flags_tcp_flags_fin": "0",
	"tcp_flags_tcp_flags_str": "\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7AP\u00c2\u00b7\u00c2\u00b7\u00c2\u00b7",
	"tcp_tcp_window_size_value": "4117",
	"tcp_tcp_window_size": "131744",
	"tcp_tcp_window_size_scalefactor": "32",
	"tcp_tcp_checksum": "0x000059d7",
	"tcp_tcp_checksum_status": "2",
	"tcp_tcp_urgent_pointer": "0",
	"tcp_tcp_options": "01:01:08:0a:68:56:d8:c8:0f:aa:69:ac",
	"tcp_options_tcp_options_nop": [
	"01",
	"01"
	],
	"tcp_options_nop_tcp_option_kind": [
	"1",
	"1"
	],
	"tcp_options_tcp_options_timestamp": "08:0a:68:56:d8:c8:0f:aa:69:ac",
	"tcp_options_timestamp_tcp_option_kind": "8",
	"tcp_options_timestamp_tcp_option_len": "10",
	"tcp_options_timestamp_tcp_options_timestamp_tsval": "1750522056",
	"tcp_options_timestamp_tcp_options_timestamp_tsecr": "262826412",
	"tcp_tcp_analysis": "",
	"tcp_analysis_tcp_analysis_initial_rtt": "0.016684000",
	"tcp_analysis_tcp_analysis_bytes_in_flight": "347",
	"tcp_analysis_tcp_analysis_push_bytes_sent": "347",
	"tcp_text": "Timestamps",
	"text_tcp_time_relative": "0.017087000",
	"text_tcp_time_delta": "0.000403000",
	"tcp_tcp_payload": "47:45:54:20:2f:68:6f:74:73:70:6f:74:2d:64:65:74:65:63:74:2e:68:74:6d:6c:20:48:54:54:50:2f:31:2e:31:0d:0a:48:6f:73:74:3a:20:63:61:70:74:69:76:65:2e:61:70:70:6c:65:2e:63:6f:6d:0d:0a:55:70:67:72:61:64:65:2d:49:6e:73:65:63:75:72:65:2d:52:65:71:75:65:73:74:73:3a:20:31:0d:0a:41:63:63:65:70:74:3a:20:74:65:78:74:2f:68:74:6d:6c:2c:61:70:70:6c:69:63:61:74:69:6f:6e:2f:78:68:74:6d:6c:2b:78:6d:6c:2c:61:70:70:6c:69:63:61:74:69:6f:6e:2f:78:6d:6c:3b:71:3d:30:2e:39:2c:2a:2f:2a:3b:71:3d:30:2e:38:0d:0a:55:73:65:72:2d:41:67:65:6e:74:3a:20:4d:6f:7a:69:6c:6c:61:2f:35:2e:30:20:28:4d:61:63:69:6e:74:6f:73:68:3b:20:49:6e:74:65:6c:20:4d:61:63:20:4f:53:20:58:20:31:30:5f:31:33:5f:36:29:20:41:70:70:6c:65:57:65:62:4b:69:74:2f:36:30:35:2e:31:2e:31:35:20:28:4b:48:54:4d:4c:2c:20:6c:69:6b:65:20:47:65:63:6b:6f:29:0d:0a:41:63:63:65:70:74:2d:4c:61:6e:67:75:61:67:65:3a:20:65:6e:2d:67:62:0d:0a:41:63:63:65:70:74:2d:45:6e:63:6f:64:69:6e:67:3a:20:67:7a:69:70:2c:20:64:65:66:6c:61:74:65:0d:0a:43:6f:6e:6e:65:63:74:69:6f:6e:3a:20:6b:65:65:70:2d:61:6c:69:76:65:0d:0a:0d:0a"
	},
	"http": {
	"http_text": [
	"GET \/hotspot-detect.html HTTP\/1.1\\r\\n",
	"\\r\\n"
	],
	"text__ws_expert": {
	"_ws_expert_http_chat": "",
	"_ws_expert__ws_expert_message": "GET \/hotspot-detect.html HTTP\/1.1\\r\\n",
	"_ws_expert__ws_expert_severity": "2097152",
	"_ws_expert__ws_expert_group": "33554432"
	},
	"text_http_request_method": "GET",
	"text_http_request_uri": "\/hotspot-detect.html",
	"text_http_request_version": "HTTP\/1.1",
	"http_http_host": "captive.apple.com",
	"http_http_request_line": [
	"Host: captive.apple.com\r\n",
	"Upgrade-Insecure-Requests: 1\r\n",
	"Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,\/;q=0.8\r\n",
	"User-Agent: Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit\/605.1.15 (KHTML, like Gecko)\r\n",
	"Accept-Language: en-gb\r\n",
	"Accept-Encoding: gzip, deflate\r\n",
	"Connection: keep-alive\r\n"
	],
	"http_http_accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,\/;q=0.8",
	"http_http_user_agent": "Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit\/605.1.15 (KHTML, like Gecko)",
	"http_http_accept_language": "en-gb",
	"http_http_accept_encoding": "gzip, deflate",
	"http_http_connection": "keep-alive",
	"http_http_request_full_uri": "http:\/\/captive.apple.com\/hotspot-detect.html",
	"http_http_request": "1",
	"http_http_request_number": "1"
	}
	}
	}