#separator \x09
#set_separator	,
#empty_field	(empty)
#unset_field	-
#path	ssl
#open	2017-03-08-13-47-04
#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	version	cipher	curve	server_name	resumed	last_alert	next_protocol	established	cert_chain_fuids	client_cert_chain_fuids	subject	issuer	client_subject	client_issuer	validation_status	notary.first_seen	notary.last_seen	notary.times_seen	notary.valid	label	detailedlabel
#types	time	string	addr	port	addr	port	string	string	string	string	bool	string	string	bool	vector[string]	vector[string]	string	string	string	string	string	count	count	count	bool	string	string
273.615843	Cx8yQ24GZlNRG5vl94	192.168.1.115	49158	85.31.204.81	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp384r1	www.touslesdrivers.com	F	-	-	T	FzDYgG3yibHPHRGd1a,FMPS964V6iDD1mzhVk,FUeFO234lH6WmxQFr	(empty)	CN=*.touslesdrivers.com,OU=PositiveSSL Wildcard,OU=Domain Control Validated	CN=K Software Certificate Authority (DV) 2,O=K Software,L=Ashland,ST=KY,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
273.615843	Cx8yQ24GZlNRG5vl94	192.168.1.115	49158	85.31.204.81	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp384r1	www.touslesdrivers.com	F	-	-	T	FzDYgG3yibHPHRGd1a,FMPS964V6iDD1mzhVk,FUeFO234lH6WmxQFr	(empty)	CN=*.touslesdrivers.com,OU=PositiveSSL Wildcard,OU=Domain Control Validated	CN=K Software Certificate Authority (DV) 2,O=K Software,L=Ashland,ST=KY,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
287.895265	CuWdQ94RvihpeaN6c1	192.168.1.115	49161	85.31.204.81	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp384r1	www.touslesdrivers.com	F	-	-	T	FJX00s40aVDr2ETgd5,FPypGS3xuWmITxJ1Lb,FN1qMh1C96V89Z8zF4	(empty)	CN=*.touslesdrivers.com,OU=PositiveSSL Wildcard,OU=Domain Control Validated	CN=K Software Certificate Authority (DV) 2,O=K Software,L=Ashland,ST=KY,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
309.713684	Cy4HW715fC1PZz9qXh	192.168.1.115	60038	54.247.115.15	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	-	beacon.krxd.net	T	-	-	T	-	-	-	-	-	-	-	-	-	-	-	Malicious	CC
302.386771	Cvobcw3TA1B4LXll14	192.168.1.115	60006	216.58.201.70	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	secp256r1	ad.doubleclick.net	F	-	-	T	FPs10f3EaqJoc7IZN3,F1550c4UuOLm5855Ce,FaCdRj27JPJGeTwl78	(empty)	CN=*.doubleclick.net,O=Google Inc,L=Mountain View,ST=California,C=US	CN=Google Internet Authority G2,O=Google Inc,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
302.816938	CAVRs3QCZAuLHF5Ak	192.168.1.115	60013	216.58.201.70	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	secp256r1	s0.2mdn.net	F	-	-	T	FkfNmK18FHBTj7R671,FfVUQE24B74sPdT8Ng,F2aiBW3AGwVnzNpPbd	(empty)	CN=*.doubleclick.net,O=Google Inc,L=Mountain View,ST=California,C=US	CN=Google Internet Authority G2,O=Google Inc,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
303.129643	CqN0Er1LkaaomFpZJd	192.168.1.115	60024	54.247.115.15	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp256r1	beacon.krxd.net	F	-	-	T	FP6YToP696Aq8Pbv4,FKtegtwif5oNUP4A7,FjVfBr3SiOWhxfYKyg,FodEWu3CSz7Fd2Voy8	(empty)	CN=*.krxd.net,OU=Domain Control Validated	CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\\, Inc.,L=Scottsdale,ST=Arizona,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
303.675026	C6SjiKqKOcfJF3e1h	192.168.1.115	60026	52.57.198.59	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp256r1	odr.mookie1.com	F	-	-	T	FsM0pawNYuqPZiGfg,FgMgLyixUN9TVqjh,FYlqdi3t7SxomQPpLl	(empty)	CN=*.mookie1.com,OU=Techops,O=Xaxis,L=New York,ST=New York,C=US	CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
303.129643	CqN0Er1LkaaomFpZJd	192.168.1.115	60024	54.247.115.15	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp256r1	beacon.krxd.net	F	-	-	T	FP6YToP696Aq8Pbv4,FKtegtwif5oNUP4A7,FjVfBr3SiOWhxfYKyg,FodEWu3CSz7Fd2Voy8	(empty)	CN=*.krxd.net,OU=Domain Control Validated	CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\\, Inc.,L=Scottsdale,ST=Arizona,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
302.386771	Cvobcw3TA1B4LXll14	192.168.1.115	60006	216.58.201.70	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	secp256r1	ad.doubleclick.net	F	-	-	T	FPs10f3EaqJoc7IZN3,F1550c4UuOLm5855Ce,FaCdRj27JPJGeTwl78	(empty)	CN=*.doubleclick.net,O=Google Inc,L=Mountain View,ST=California,C=US	CN=Google Internet Authority G2,O=Google Inc,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
302.816938	CAVRs3QCZAuLHF5Ak	192.168.1.115	60013	216.58.201.70	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA	secp256r1	s0.2mdn.net	F	-	-	T	FkfNmK18FHBTj7R671,FfVUQE24B74sPdT8Ng,F2aiBW3AGwVnzNpPbd	(empty)	CN=*.doubleclick.net,O=Google Inc,L=Mountain View,ST=California,C=US	CN=Google Internet Authority G2,O=Google Inc,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
303.675026	C6SjiKqKOcfJF3e1h	192.168.1.115	60026	52.57.198.59	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp256r1	odr.mookie1.com	F	-	-	T	FsM0pawNYuqPZiGfg,FgMgLyixUN9TVqjh,FYlqdi3t7SxomQPpLl	(empty)	CN=*.mookie1.com,OU=Techops,O=Xaxis,L=New York,ST=New York,C=US	CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC
287.895265	CuWdQ94RvihpeaN6c1	192.168.1.115	49161	85.31.204.81	443	TLSv12	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256	secp384r1	www.touslesdrivers.com	F	-	-	T	FJX00s40aVDr2ETgd5,FPypGS3xuWmITxJ1Lb,FN1qMh1C96V89Z8zF4	(empty)	CN=*.touslesdrivers.com,OU=PositiveSSL Wildcard,OU=Domain Control Validated	CN=K Software Certificate Authority (DV) 2,O=K Software,L=Ashland,ST=KY,C=US	-	-	certificate is not yet valid	-	-	-	-	Malicious	CC