TIME:              10/24/2024-09:51:48.473308
PKT SRC:           wire/pcap
SRC IP:            10.7.10.136
DST IP:            10.7.100.11
PROTO:             6
SRC PORT:          59006
DST PORT:          443
TCP SEQ:           1926771825
TCP ACK:           2546653787
FLOW:              to_server: TRUE, to_client: FALSE
FLOW Start TS:     10/24/2024-09:51:48.417325
FLOW PKTS TODST:   5
FLOW PKTS TOSRC:   6
FLOW Total Bytes:  7537
FLOW IPONLY SET:   TOSERVER: TRUE, TOCLIENT: TRUE
FLOW ACTION:       DROP: FALSE
FLOW NOINSPECTION: PACKET: FALSE, PAYLOAD: TRUE, APP_LAYER: TRUE
FLOW APP_LAYER:    DETECTED: TRUE, PROTO 4
FLOWINT:           "applayer.anomaly.count" => 1
FLOWINT:           "tls.anomaly.count" => 1
PACKET LEN:        64
PACKET:
 0000  00 15 B2 AB E7 DA 00 00  00 5E 00 01 81 00 00 64   ........ .^.....d
 0010  08 00 45 00 00 28 5B 05  40 00 3F 06 5E 2A 0A 07   ..E..([. @.?.^*..
 0020  0A 88 0A 07 64 0B E6 7E  01 BB 72 D8 34 71 97 CA   ....d..~ ..r.4q..
 0030  DA 5B 50 10 01 DA 29 B0  00 00 00 00 00 00 00 00   .[P...). ........
ALERT CNT:           2
ALERT MSG [00]:      SURICATA TLS invalid record type
ALERT GID [00]:      1
ALERT SID [00]:      2230002
ALERT REV [00]:      1
ALERT CLASS [00]:    Generic Protocol Command Decode
ALERT PRIO [00]:     3
ALERT FOUND IN [00]: STATE
ALERT IN TX [00]:    0
STREAM DATA LEN:     28
STREAM DATA:
 0000  0D 0A 0D 0A 00 0D 0A 51  55 49 54 0A 21 11 00 0C   .......Q UIT.!...
 0010  5F 63 90 46 58 D8 BD 58  C7 52 01 BB               _c.FX..X .R..
STREAM DATA LEN:     517
STREAM DATA:
 0000  16 03 01 02 00 01 00 01  FC 03 03 7B E1 11 7C BE   ........ ...{..|.
 0010  59 EC 0D CC 41 8E 54 42  1F 15 D0 2C 5A 2D 54 ED   Y...A.TB ...,Z-T.
 0020  57 FC 91 D3 8B AF 7E DC  9B E0 9E 20 22 D9 A2 63   W.....~. ... "..c
 0030  0D B5 A1 9C AB 1C EC 05  0B 46 9C B4 95 31 7A BF   ........ .F...1z.
 0040  07 B1 A3 40 97 CB 6F 97  18 43 A2 8D 00 3E 13 02   ...@..o. .C...>..
 0050  13 03 13 01 C0 2C C0 30  00 9F CC A9 CC A8 CC AA   .....,.0 ........
 0060  C0 2B C0 2F 00 9E C0 24  C0 28 00 6B C0 23 C0 27   .+./...$ .(.k.#.'
 0070  00 67 C0 0A C0 14 00 39  C0 09 C0 13 00 33 00 9D   .g.....9 .....3..
 0080  00 9C 00 3D 00 3C 00 35  00 2F 00 FF 01 00 01 75   ...=.<.5 ./.....u
 0090  00 00 00 13 00 11 00 00  0E 65 75 2E 73 6D 61 72   ........ .eu.smar
 00A0  74 6B 65 79 2E 69 6F 00  0B 00 04 03 00 01 02 00   tkey.io. ........
 00B0  0A 00 16 00 14 00 1D 00  17 00 1E 00 19 00 18 01   ........ ........
 00C0  00 01 01 01 02 01 03 01  04 33 74 00 00 00 10 00   ........ .3t.....
 00D0  0E 00 0C 02 68 32 08 68  74 74 70 2F 31 2E 31 00   ....h2.h ttp/1.1.
 00E0  16 00 00 00 17 00 00 00  31 00 00 00 0D 00 2A 00   ........ 1.....*.
 00F0  28 04 03 05 03 06 03 08  07 08 08 08 09 08 0A 08   (....... ........
 0100  0B 08 04 08 05 08 06 04  01 05 01 06 01 03 03 03   ........ ........
 0110  01 03 02 04 02 05 02 06  02 00 2B 00 05 04 03 04   ........ ..+.....
 0120  03 03 00 2D 00 02 01 01  00 33 00 26 00 24 00 1D   ...-.... .3.&.$..
 0130  00 20 BE B7 F7 69 11 B5  4D D7 6E 2A 2E 76 4F D0   . ...i.. M.n*.vO.
 0140  29 6C D0 63 4D 37 57 9D  EB 27 19 7B 94 E4 6F 46   )l.cM7W. .'.{..oF
 0150  3E 10 00 15 00 AF 00 00  00 00 00 00 00 00 00 00   >....... ........
 0160  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 0170  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 0180  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 0190  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 01A0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 01B0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 01C0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 01D0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 01E0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 01F0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   ........ ........
 0200  00 00 00 00 00                                     .....
ALERT MSG [01]:      SURICATA Applayer Detect protocol only one direction
ALERT GID [01]:      1
ALERT SID [01]:      2260002
ALERT REV [01]:      1
ALERT CLASS [01]:    Generic Protocol Command Decode
ALERT PRIO [01]:     3
ALERT FOUND IN [01]: PACKET
ALERT IN TX [01]:    N/A
