No. Time Source Destination Protocol Length Info 1 0.000000 192.168.1.11 192.185.10.227 TCP 66 64321 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM Frame 1: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.660854000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.660854000 UTC Epoch Arrival Time: 1723828118.660854000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 66 bytes (528 bits) Capture Length: 66 bytes (528 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP SYN/FIN] [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 52 Identification: 0x2c02 (11266) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 0, Len: 0 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 0 (relative sequence number) Sequence Number (raw): 3957447906 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 0 Acknowledgment number (raw): 0 1000 .... = Header Length: 32 bytes (8) Flags: 0x002 (SYN) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...0 .... = Acknowledgment: Not set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..1. = Syn: Set [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443] [Connection establish request (SYN): server port 443] [Severity level: Chat] [Group: Sequence] .... .... ...0 = Fin: Not set [TCP Flags: ··········S·] Window: 64240 [Calculated window size: 64240] Checksum: 0x8d76 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted TCP Option - Maximum segment size: 1460 bytes Kind: Maximum Segment Size (2) Length: 4 MSS Value: 1460 TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - Window scale: 8 (multiply by 256) Kind: Window Scale (3) Length: 3 Shift count: 8 [Multiplier: 256] TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - SACK permitted Kind: SACK Permitted (4) Length: 2 [Timestamps] [Time since first frame in this TCP stream: 0.000000000 seconds] [Time since previous frame in this TCP stream: 0.000000000 seconds] No. Time Source Destination Protocol Length Info 2 0.150592 192.185.10.227 192.168.1.11 TCP 66 443 → 64321 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1452 WS=256 SACK_PERM Frame 2: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.811446000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.811446000 UTC Epoch Arrival Time: 1723828118.811446000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.150592000 seconds] [Time delta from previous displayed frame: 0.150592000 seconds] [Time since reference or first frame: 0.150592000 seconds] Frame Number: 2 Frame Length: 66 bytes (528 bits) Capture Length: 66 bytes (528 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP SYN/FIN] [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 52 Identification: 0x30a8 (12456) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0xa3cc [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 0, Ack: 1, Len: 0 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 0 (relative sequence number) Sequence Number (raw): 1540853244 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 1 (relative ack number) Acknowledgment number (raw): 3957447907 1000 .... = Header Length: 32 bytes (8) Flags: 0x012 (SYN, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..1. = Syn: Set [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port 443] [Connection establish acknowledge (SYN+ACK): server port 443] [Severity level: Chat] [Group: Sequence] .... .... ...0 = Fin: Not set [TCP Flags: ·······A··S·] Window: 8192 [Calculated window size: 8192] Checksum: 0x1222 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted TCP Option - Maximum segment size: 1452 bytes Kind: Maximum Segment Size (2) Length: 4 MSS Value: 1452 TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - Window scale: 8 (multiply by 256) Kind: Window Scale (3) Length: 3 Shift count: 8 [Multiplier: 256] TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - SACK permitted Kind: SACK Permitted (4) Length: 2 [Timestamps] [Time since first frame in this TCP stream: 0.150592000 seconds] [Time since previous frame in this TCP stream: 0.150592000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 1] [The RTT to ACK the segment was: 0.150592000 seconds] [iRTT: 0.150646000 seconds] No. Time Source Destination Protocol Length Info 3 0.150646 192.168.1.11 192.185.10.227 TCP 54 64321 → 443 [ACK] Seq=1 Ack=1 Win=132096 Len=0 Frame 3: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.811500000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.811500000 UTC Epoch Arrival Time: 1723828118.811500000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000054000 seconds] [Time delta from previous displayed frame: 0.000054000 seconds] [Time since reference or first frame: 0.150646000 seconds] Frame Number: 3 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c03 (11267) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 1, Ack: 1, Len: 0 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 1 (relative sequence number) Sequence Number (raw): 3957447907 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 1 (relative ack number) Acknowledgment number (raw): 1540853245 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.150646000 seconds] [Time since previous frame in this TCP stream: 0.000054000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 2] [The RTT to ACK the segment was: 0.000054000 seconds] [iRTT: 0.150646000 seconds] No. Time Source Destination Protocol Length Info 4 0.165917 192.168.1.11 192.185.10.227 TLSv1.2 329 Client Hello (SNI=www.diversemechanics.com) Frame 4: 329 bytes on wire (2632 bits), 329 bytes captured (2632 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.826771000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.826771000 UTC Epoch Arrival Time: 1723828118.826771000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.015271000 seconds] [Time delta from previous displayed frame: 0.015271000 seconds] [Time since reference or first frame: 0.165917000 seconds] Frame Number: 4 Frame Length: 329 bytes (2632 bits) Capture Length: 329 bytes (2632 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 315 Identification: 0x2c04 (11268) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 1, Ack: 1, Len: 275 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 275] Sequence Number: 1 (relative sequence number) Sequence Number (raw): 3957447907 [Next Sequence Number: 276 (relative sequence number)] Acknowledgment Number: 1 (relative ack number) Acknowledgment number (raw): 1540853245 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8e7d [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.165917000 seconds] [Time since previous frame in this TCP stream: 0.015271000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 275] [Bytes sent since last PSH flag: 275] TCP payload (275 bytes) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 270 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 266 Version: TLS 1.2 (0x0303) Random: 45cc926e7a0097950782e818c7496e4049d9bc8720204c78c7322ec6cd1fa414 GMT Unix Time: Feb 9, 2007 17:25:34.000000000 GTB Standard Time Random Bytes: 7a0097950782e818c7496e4049d9bc8720204c78c7322ec6cd1fa414 Session ID Length: 32 Session ID: 7d85d226c026d1c9ddcf92ccc6648fe7a1ed774bd51a38eb2312a8786afcb61d Cipher Suites Length: 40 Cipher Suites (20 suites) Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302) Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d) Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 153 Extension: server_name (len=29) name=www.diversemechanics.com Type: server_name (0) Length: 29 Server Name Indication extension Server Name list length: 27 Server Name Type: host_name (0) Server Name length: 24 Server Name: www.diversemechanics.com Extension: supported_versions (len=9) TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0 Type: supported_versions (43) Length: 9 Supported Versions length: 8 Supported Version: TLS 1.3 (0x0304) Supported Version: TLS 1.2 (0x0303) Supported Version: TLS 1.1 (0x0302) Supported Version: TLS 1.0 (0x0301) Extension: signature_algorithms (len=26) Type: signature_algorithms (13) Length: 26 Signature Hash Algorithms Length: 24 Signature Hash Algorithms (12 algorithms) Signature Algorithm: rsa_pss_rsae_sha256 (0x0804) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (4) Signature Algorithm: rsa_pss_rsae_sha384 (0x0805) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (5) Signature Algorithm: rsa_pss_rsae_sha512 (0x0806) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (6) Signature Algorithm: rsa_pkcs1_sha256 (0x0401) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: rsa_pkcs1_sha384 (0x0501) Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: rsa_pkcs1_sha1 (0x0201) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503) Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: ecdsa_sha1 (0x0203) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: SHA1 DSA (0x0202) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: DSA (2) Signature Algorithm: rsa_pkcs1_sha512 (0x0601) Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603) Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: ECDSA (3) Extension: session_ticket (len=0) Type: session_ticket (35) Length: 0 Session Ticket: Extension: supported_groups (len=8) Type: supported_groups (10) Length: 8 Supported Groups List Length: 6 Supported Groups (3 groups) Supported Group: x25519 (0x001d) Supported Group: secp256r1 (0x0017) Supported Group: secp384r1 (0x0018) Extension: key_share (len=38) x25519 Type: key_share (51) Length: 38 Key Share extension Client Key Share Length: 36 Key Share Entry: Group: x25519, Key Exchange length: 32 Group: x25519 (29) Key Exchange Length: 32 Key Exchange: 101b5e163a05540eb5664814af50f362340174cabc18d192f31e0fe46e173d12 Extension: post_handshake_auth (len=0) Type: post_handshake_auth (49) Length: 0 Extension: extended_master_secret (len=0) Type: extended_master_secret (23) Length: 0 Extension: renegotiation_info (len=1) Type: renegotiation_info (65281) Length: 1 Renegotiation Info extension Renegotiation info extension length: 0 Extension: psk_key_exchange_modes (len=2) Type: psk_key_exchange_modes (45) Length: 2 PSK Key Exchange Modes Length: 1 PSK Key Exchange Mode: PSK with (EC)DHE key establishment (psk_dhe_ke) (1) [JA4: t13d201000_2b729b4bf6f3_29829a46703f] [JA4_r: t13d201000_002f,0035,003c,003d,009c,009d,1301,1302,c009,c00a,c013,c014,c023,c024,c027,c028,c02b,c02c,c02f,c030_000a,000d,0017,0023,002b,002d,0031,0033,ff01_0804,0805,0806,0401,0501,0201,0403,0503,0203,0202,0601,0603] [JA3 Fullstring: 771,4866-4865-49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47,0-43-13-35-10-51-49-23-65281-45,29-23-24,] [JA3: 3c4eb72b882d4d1442c67ce73f1292a9] No. Time Source Destination Protocol Length Info 5 0.316675 192.185.10.227 192.168.1.11 TCP 1506 443 → 64321 [ACK] Seq=1 Ack=276 Win=262656 Len=1452 [TCP segment of a reassembled PDU] Frame 5: 1506 bytes on wire (12048 bits), 1506 bytes captured (12048 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.977529000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.977529000 UTC Epoch Arrival Time: 1723828118.977529000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.150758000 seconds] [Time delta from previous displayed frame: 0.150758000 seconds] [Time since reference or first frame: 0.316675000 seconds] Frame Number: 5 Frame Length: 1506 bytes (12048 bits) Capture Length: 1506 bytes (12048 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1492 Identification: 0x30a9 (12457) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0x9e2b [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 1, Ack: 276, Len: 1452 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1452] Sequence Number: 1 (relative sequence number) Sequence Number (raw): 1540853245 [Next Sequence Number: 1453 (relative sequence number)] Acknowledgment Number: 276 (relative ack number) Acknowledgment number (raw): 3957448182 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x5747 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.316675000 seconds] [Time since previous frame in this TCP stream: 0.150758000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 4] [The RTT to ACK the segment was: 0.150758000 seconds] [iRTT: 0.150646000 seconds] [Bytes in flight: 1452] [Bytes sent since last PSH flag: 1452] TCP payload (1452 bytes) [Reassembled PDU in frame: 7] TCP segment data (1452 bytes) No. Time Source Destination Protocol Length Info 6 0.316675 192.185.10.227 192.168.1.11 TCP 1506 443 → 64321 [ACK] Seq=1453 Ack=276 Win=262656 Len=1452 [TCP segment of a reassembled PDU] Frame 6: 1506 bytes on wire (12048 bits), 1506 bytes captured (12048 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.977529000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.977529000 UTC Epoch Arrival Time: 1723828118.977529000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.316675000 seconds] Frame Number: 6 Frame Length: 1506 bytes (12048 bits) Capture Length: 1506 bytes (12048 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1492 Identification: 0x30aa (12458) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0x9e2a [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 1453, Ack: 276, Len: 1452 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1452] Sequence Number: 1453 (relative sequence number) Sequence Number (raw): 1540854697 [Next Sequence Number: 2905 (relative sequence number)] Acknowledgment Number: 276 (relative ack number) Acknowledgment number (raw): 3957448182 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x25eb [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.316675000 seconds] [Time since previous frame in this TCP stream: 0.000000000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 2904] [Bytes sent since last PSH flag: 2904] TCP payload (1452 bytes) [Reassembled PDU in frame: 7] TCP segment data (1452 bytes) No. Time Source Destination Protocol Length Info 7 0.316675 192.185.10.227 192.168.1.11 TLSv1.2 151 Server Hello, Certificate, Server Key Exchange, Server Hello Done Frame 7: 151 bytes on wire (1208 bits), 151 bytes captured (1208 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.977529000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.977529000 UTC Epoch Arrival Time: 1723828118.977529000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.316675000 seconds] Frame Number: 7 Frame Length: 151 bytes (1208 bits) Capture Length: 151 bytes (1208 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame [truncated]: eth:ethertype:ip:tcp:tls:x509sat:x509sat:x509sat:x509sat:x509ce:x509ce:x509ce:x509ce:x509ce:pkix1implicit:x509ce:x509ce:tls:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509ce:x509ce:x509ce:x509ce:x509ce:] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 137 Identification: 0x30ab (12459) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0xa374 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 2905, Ack: 276, Len: 97 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 97] Sequence Number: 2905 (relative sequence number) Sequence Number (raw): 1540856149 [Next Sequence Number: 3002 (relative sequence number)] Acknowledgment Number: 276 (relative ack number) Acknowledgment number (raw): 3957448182 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0xa808 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.316675000 seconds] [Time since previous frame in this TCP stream: 0.000000000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 3001] [Bytes sent since last PSH flag: 3001] TCP payload (97 bytes) TCP segment data (97 bytes) [3 Reassembled TCP Segments (3001 bytes): #5(1452), #6(1452), #7(97)] [Frame: 5, payload: 0-1451 (1452 bytes)] [Frame: 6, payload: 1452-2903 (1452 bytes)] [Frame: 7, payload: 2904-3000 (97 bytes)] [Segment count: 3] [Reassembled TCP length: 3001] [Reassembled TCP Data [truncated]: 1603030bb402000055030366bf8796d62a4430d43ecfd019d613b95151def26106ed5bddd09a3b1a497a6920883400001ba0114b01f1e8d702f9a986c91f84b1c40c7689efe574bf55d4e453c03000000d00170000ff01000100000000000b000a27000a24000] Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 2996 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 85 Version: TLS 1.2 (0x0303) Random: 66bf8796d62a4430d43ecfd019d613b95151def26106ed5bddd09a3b1a497a69 GMT Unix Time: Aug 16, 2024 20:08:38.000000000 GTB Daylight Time Random Bytes: d62a4430d43ecfd019d613b95151def26106ed5bddd09a3b1a497a69 Session ID Length: 32 Session ID: 883400001ba0114b01f1e8d702f9a986c91f84b1c40c7689efe574bf55d4e453 Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Compression Method: null (0) Extensions Length: 13 Extension: extended_master_secret (len=0) Type: extended_master_secret (23) Length: 0 Extension: renegotiation_info (len=1) Type: renegotiation_info (65281) Length: 1 Renegotiation Info extension Renegotiation info extension length: 0 Extension: server_name (len=0) Type: server_name (0) Length: 0 [JA3S Fullstring: 771,49200,23-65281-0] [JA3S: 678aeaf909676262acfb913ccb78a126] Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 2599 Certificates Length: 2596 Certificates (2596 bytes) Certificate Length: 1300 Certificate [truncated]: 30820510308203f8a00302010202120307c1374781eaed545a62d16673b74749f3300d06092a864886f70d01010b05003033310b300906035504061302555331163014060355040a130d4c6574277320456e6372797074310c300a06035504031303523131301e170d3234 signedCertificate version: v3 (2) serialNumber: 0x0307c1374781eaed545a62d16673b74749f3 signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 3 items (id-at-commonName=R11,id-at-organizationName=Let's Encrypt,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Object Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-organizationName=Let's Encrypt) RelativeDistinguishedName item (id-at-organizationName=Let's Encrypt) Object Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Let's Encrypt RDNSequence item: 1 item (id-at-commonName=R11) RelativeDistinguishedName item (id-at-commonName=R11) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: R11 validity notBefore: utcTime (0) utcTime: 2024-06-19 00:05:15 (UTC) notAfter: utcTime (0) utcTime: 2024-09-17 00:05:14 (UTC) subject: rdnSequence (0) rdnSequence: 1 item (id-at-commonName=diversemechanics.com) RDNSequence item: 1 item (id-at-commonName=diversemechanics.com) RelativeDistinguishedName item (id-at-commonName=diversemechanics.com) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: diversemechanics.com subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) subjectPublicKey [truncated]: 3082010a0282010100ceed6c98a40ada8602622e37bc78e6f31de3450598a61f87df553f0eb060cf165e334515a1255acefdbd345489ac60106675a7036359bf453de97a3db2100966a8312c0a22f791abeb09ed205b5c9bccc42e235447bf615d89bcba3fe597011 modulus: 0x00ceed6c98a40ada8602622e37bc78e6f31de3450598a61f87df553f0eb060cf165e3345… publicExponent: 65537 extensions: 9 items Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) critical: True Padding: 5 KeyUsage: a0 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..1. .... = keyEncipherment: True ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .0.. = keyCertSign: False .... ..0. = cRLSign: False .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax [0 length] Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: 7abe6188c1f9f7f386a23ca2d92cea226095cbcc Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier keyIdentifier: c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 Extension (id-pe-authorityInfoAccess) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess) AuthorityInfoAccessSyntax: 2 items AccessDescription accessMethod: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp) accessLocation: 6 uniformResourceIdentifier: http://r11.o.lencr.org AccessDescription accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers) accessLocation: 6 uniformResourceIdentifier: http://r11.i.lencr.org/ Extension (id-ce-subjectAltName) Extension Id: 2.5.29.17 (id-ce-subjectAltName) GeneralNames: 2 items GeneralName: dNSName (2) dNSName: *.diversemechanics.com GeneralName: dNSName (2) dNSName: diversemechanics.com Extension (id-ce-certificatePolicies) Extension Id: 2.5.29.32 (id-ce-certificatePolicies) CertificatePoliciesSyntax: 1 item PolicyInformation policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1) Extension (SignedCertificateTimestampList) Extension Id: 1.3.6.1.4.1.11129.2.4.2 (SignedCertificateTimestampList) Serialized SCT List Length: 240 Signed Certificate Timestamp (Let's Encrypt 'Oak2024H2' log) Serialized SCT Length: 118 SCT Version: 0 Log ID: 3f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e Timestamp: Jun 19, 2024 01:05:15.453000000 UTC Extensions length: 0 Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Length: 71 Signature: 3045022100eaf4ea7baf00e3d3090ce2971deef5f501f39a0f1bdaec711c991b488cefb6ee02207cdaaa369ee1cbd7eb0f92c6151cbbd88328e349998aba84eb63cccbc11b26f4 Signed Certificate Timestamp (DigiCert Yeti2024 Log) Serialized SCT Length: 118 SCT Version: 0 Log ID: 48b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473 Timestamp: Jun 19, 2024 01:05:15.607000000 UTC Extensions length: 0 Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Length: 71 Signature: 3045022100c89cbd70c9cd92f44ad53275a40a299fdbe038664108db0304f59091b65da0da02201c18baf029734a74da371d934d83bf688e56fcaaa98c368552d4d025b0c8a443 algorithmIdentifier (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) Padding: 0 encrypted [truncated]: 7f651bf22288876a446fed974746197ffe910ea3903c24efbc2628d44c75e3255aa2506dc98d742815a9e361d6f2784634efed90df591961f83ca6a65c7bb5f1b8824f462a3971214db368074d13e6ff1410e8f1e0ebb83adb56d8a300a5c55cf799284cd45d55f543507718 Certificate Length: 1290 Certificate [truncated]: 30820506308202eea0030201020211008a7d3e13d62f30ef2386bd29076b34f8300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f75703115 signedCertificate version: v3 (2) serialNumber: 0x008a7d3e13d62f30ef2386bd29076b34f8 signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 3 items (id-at-commonName=ISRG Root X1,id-at-organizationName=Internet Security Research Group,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Object Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-organizationName=Internet Security Research Group) RelativeDistinguishedName item (id-at-organizationName=Internet Security Research Group) Object Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Internet Security Research Group RDNSequence item: 1 item (id-at-commonName=ISRG Root X1) RelativeDistinguishedName item (id-at-commonName=ISRG Root X1) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: ISRG Root X1 validity notBefore: utcTime (0) utcTime: 2024-03-13 00:00:00 (UTC) notAfter: utcTime (0) utcTime: 2027-03-12 23:59:59 (UTC) subject: rdnSequence (0) rdnSequence: 3 items (id-at-commonName=R11,id-at-organizationName=Let's Encrypt,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Object Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-organizationName=Let's Encrypt) RelativeDistinguishedName item (id-at-organizationName=Let's Encrypt) Object Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Let's Encrypt RDNSequence item: 1 item (id-at-commonName=R11) RelativeDistinguishedName item (id-at-commonName=R11) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: R11 subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) subjectPublicKey [truncated]: 3082010a0282010100ba87bc5c1b0039cbca0acdd46710f9013ca54ea561cb26ca52fb1501b7b928f5281eed27b324183967090c08ece03ab03b770ebdf3e53954410c4eae41d69974de51dbef7bff58bda8b713f6de31d5f272c9726a0b8374959c4600641499f3b modulus: 0x00ba87bc5c1b0039cbca0acdd46710f9013ca54ea561cb26ca52fb1501b7b928f5281eed… publicExponent: 65537 extensions: 8 items Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) critical: True Padding: 1 KeyUsage: 86 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..0. .... = keyEncipherment: False ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .1.. = keyCertSign: True .... ..1. = cRLSign: True .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax cA: True pathLenConstraint: 0 Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier keyIdentifier: 79b459e67bb6e5e40173800888c81a58f6e99b6e Extension (id-pe-authorityInfoAccess) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess) AuthorityInfoAccessSyntax: 1 item AccessDescription accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers) accessLocation: 6 uniformResourceIdentifier: http://x1.i.lencr.org/ Extension (id-ce-certificatePolicies) Extension Id: 2.5.29.32 (id-ce-certificatePolicies) CertificatePoliciesSyntax: 1 item PolicyInformation policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1) Extension (id-ce-cRLDistributionPoints) Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints) CRLDistPointsSyntax: 1 item DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://x1.c.lencr.org/ algorithmIdentifier (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) Padding: 0 encrypted [truncated]: 4ee2895d0a031c9038d0f51ff9715cf8c38fb237887a6fb0251fedbeb7d886068ee90984cd72bf81f3fccacf5348edbdf66942d4a5113e35c813b2921d055fea2ed4d8f849c3adf599969cef26d8e1b4240b48204dfcd354b4a9c621c8e1361bff77642917b9f04bef5deacd Handshake Protocol: Server Key Exchange Handshake Type: Server Key Exchange (12) Length: 296 EC Diffie-Hellman Server Params Curve Type: named_curve (0x03) Named Curve: x25519 (0x001d) Pubkey Length: 32 Pubkey: c100f222f9628b724792577f117b4c294dc14ddf21e3705308ce6dc34c35a561 Signature Algorithm: rsa_pkcs1_sha256 (0x0401) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Length: 256 Signature [truncated]: 05aa3e24c22a24495d61d4974359b2d5ec22fe324c8b2771ee4698d4c896fd46042a22c9d8f799b8a18f59a4f921fa731e8f959663f00be2ffaff6213aae7f9022bd45c88b482af13931360bb78ed64beb2328c145855a510aa099732bd97a0f845af82a2bb2aeecb140c246 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0 No. Time Source Destination Protocol Length Info 8 0.316769 192.168.1.11 192.185.10.227 TCP 54 64321 → 443 [ACK] Seq=276 Ack=3002 Win=132096 Len=0 Frame 8: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.977623000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.977623000 UTC Epoch Arrival Time: 1723828118.977623000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000094000 seconds] [Time delta from previous displayed frame: 0.000094000 seconds] [Time since reference or first frame: 0.316769000 seconds] Frame Number: 8 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c05 (11269) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 276, Ack: 3002, Len: 0 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 276 (relative sequence number) Sequence Number (raw): 3957448182 [Next Sequence Number: 276 (relative sequence number)] Acknowledgment Number: 3002 (relative ack number) Acknowledgment number (raw): 1540856246 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.316769000 seconds] [Time since previous frame in this TCP stream: 0.000094000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 7] [The RTT to ACK the segment was: 0.000094000 seconds] [iRTT: 0.150646000 seconds] No. Time Source Destination Protocol Length Info 9 0.319197 192.168.1.11 192.185.10.227 TLSv1.2 147 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message Frame 9: 147 bytes on wire (1176 bits), 147 bytes captured (1176 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:38.980051000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:38.980051000 UTC Epoch Arrival Time: 1723828118.980051000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.002428000 seconds] [Time delta from previous displayed frame: 0.002428000 seconds] [Time since reference or first frame: 0.319197000 seconds] Frame Number: 9 Frame Length: 147 bytes (1176 bits) Capture Length: 147 bytes (1176 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 133 Identification: 0x2c06 (11270) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 276, Ack: 3002, Len: 93 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 93] Sequence Number: 276 (relative sequence number) Sequence Number (raw): 3957448182 [Next Sequence Number: 369 (relative sequence number)] Acknowledgment Number: 3002 (relative ack number) Acknowledgment number (raw): 1540856246 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8dc7 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.319197000 seconds] [Time since previous frame in this TCP stream: 0.002428000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 93] [Bytes sent since last PSH flag: 93] TCP payload (93 bytes) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Client Key Exchange Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 37 Handshake Protocol: Client Key Exchange Handshake Type: Client Key Exchange (16) Length: 33 EC Diffie-Hellman Client Params Pubkey Length: 32 Pubkey: 7637f466e5a84e789a3ead17f7082c5194fe190f65aed07d2332d675d4e1c427 TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec Content Type: Change Cipher Spec (20) Version: TLS 1.2 (0x0303) Length: 1 Change Cipher Spec Message TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 40 Handshake Protocol: Encrypted Handshake Message No. Time Source Destination Protocol Length Info 10 0.478626 192.185.10.227 192.168.1.11 TLSv1.2 105 Change Cipher Spec, Encrypted Handshake Message Frame 10: 105 bytes on wire (840 bits), 105 bytes captured (840 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.139480000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.139480000 UTC Epoch Arrival Time: 1723828119.139480000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.159429000 seconds] [Time delta from previous displayed frame: 0.159429000 seconds] [Time since reference or first frame: 0.478626000 seconds] Frame Number: 10 Frame Length: 105 bytes (840 bits) Capture Length: 105 bytes (840 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 91 Identification: 0x30ac (12460) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0xa3a1 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 3002, Ack: 369, Len: 51 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 51] Sequence Number: 3002 (relative sequence number) Sequence Number (raw): 1540856246 [Next Sequence Number: 3053 (relative sequence number)] Acknowledgment Number: 369 (relative ack number) Acknowledgment number (raw): 3957448275 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x9bee [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.478626000 seconds] [Time since previous frame in this TCP stream: 0.159429000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 9] [The RTT to ACK the segment was: 0.159429000 seconds] [iRTT: 0.150646000 seconds] [Bytes in flight: 51] [Bytes sent since last PSH flag: 51] TCP payload (51 bytes) Transport Layer Security TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec Content Type: Change Cipher Spec (20) Version: TLS 1.2 (0x0303) Length: 1 Change Cipher Spec Message TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 40 Handshake Protocol: Encrypted Handshake Message No. Time Source Destination Protocol Length Info 11 0.523017 192.168.1.11 192.185.10.227 TLSv1.2 1928 Application Data Frame 11: 1928 bytes on wire (15424 bits), 1928 bytes captured (15424 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.183871000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.183871000 UTC Epoch Arrival Time: 1723828119.183871000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.044391000 seconds] [Time delta from previous displayed frame: 0.044391000 seconds] [Time since reference or first frame: 0.523017000 seconds] Frame Number: 11 Frame Length: 1928 bytes (15424 bits) Capture Length: 1928 bytes (15424 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) [Total Length: 1914 bytes (reported as 0, presumed to be because of "TCP segmentation offload" (TSO))] Identification: 0x2c07 (11271) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 369, Ack: 3053, Len: 1874 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1874] Sequence Number: 369 (relative sequence number) Sequence Number (raw): 3957448275 [Next Sequence Number: 2243 (relative sequence number)] Acknowledgment Number: 3053 (relative ack number) Acknowledgment number (raw): 1540856297 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 515 [Calculated window size: 131840] [Window size scaling factor: 256] Checksum: 0x8d56 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.523017000 seconds] [Time since previous frame in this TCP stream: 0.044391000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 10] [The RTT to ACK the segment was: 0.044391000 seconds] [iRTT: 0.150646000 seconds] [Bytes in flight: 1874] [Bytes sent since last PSH flag: 1874] TCP payload (1874 bytes) Transport Layer Security TLSv1.2 Record Layer: Application Data Protocol: Hypertext Transfer Protocol Content Type: Application Data (23) Version: TLS 1.2 (0x0303) Length: 1869 Encrypted Application Data [truncated]: 0000000000000001e64be1b68746e2339e9d1c7138df49af114b91b66e2de4617df8f65277162d3c504ad7deb3bb6d7d1f63e3bd4526f7ab5f66eb298578e1db379221a42f1a9ee8f57a1bda6f160a77828e228b0830da0426675db168852aa44137b95 [Application Data Protocol: Hypertext Transfer Protocol] No. Time Source Destination Protocol Length Info 12 0.675334 192.185.10.227 192.168.1.11 TCP 60 443 → 64321 [ACK] Seq=3053 Ack=2243 Win=262656 Len=0 Frame 12: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.336188000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.336188000 UTC Epoch Arrival Time: 1723828119.336188000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.152317000 seconds] [Time delta from previous displayed frame: 0.152317000 seconds] [Time since reference or first frame: 0.675334000 seconds] Frame Number: 12 Frame Length: 60 bytes (480 bits) Capture Length: 60 bytes (480 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Trailer: 0000189caf36 [Expert Info (Note/Protocol): Didn't find padding of zeros, and an undecoded trailer exists. There may be padding of non-zeros.] [Didn't find padding of zeros, and an undecoded trailer exists. There may be padding of non-zeros.] [Severity level: Note] [Group: Protocol] Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x30ad (12461) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0xa3d3 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 3053, Ack: 2243, Len: 0 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 3053 (relative sequence number) Sequence Number (raw): 1540856297 [Next Sequence Number: 3053 (relative sequence number)] Acknowledgment Number: 2243 (relative ack number) Acknowledgment number (raw): 3957450149 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x5a3d [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.675334000 seconds] [Time since previous frame in this TCP stream: 0.152317000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 11] [The RTT to ACK the segment was: 0.152317000 seconds] [iRTT: 0.150646000 seconds] No. Time Source Destination Protocol Length Info 13 0.683437 192.185.10.227 192.168.1.11 TCP 1506 443 → 64321 [ACK] Seq=3053 Ack=2243 Win=262656 Len=1452 [TCP segment of a reassembled PDU] Frame 13: 1506 bytes on wire (12048 bits), 1506 bytes captured (12048 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.344291000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.344291000 UTC Epoch Arrival Time: 1723828119.344291000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.008103000 seconds] [Time delta from previous displayed frame: 0.008103000 seconds] [Time since reference or first frame: 0.683437000 seconds] Frame Number: 13 Frame Length: 1506 bytes (12048 bits) Capture Length: 1506 bytes (12048 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1492 Identification: 0x30ae (12462) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0x9e26 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 3053, Ack: 2243, Len: 1452 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1452] Sequence Number: 3053 (relative sequence number) Sequence Number (raw): 1540856297 [Next Sequence Number: 4505 (relative sequence number)] Acknowledgment Number: 2243 (relative ack number) Acknowledgment number (raw): 3957450149 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x529b [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.683437000 seconds] [Time since previous frame in this TCP stream: 0.008103000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 1452] [Bytes sent since last PSH flag: 1452] TCP payload (1452 bytes) [Reassembled PDU in frame: 14] TCP segment data (1452 bytes) No. Time Source Destination Protocol Length Info 14 0.683805 192.185.10.227 192.168.1.11 TLSv1.2 1167 Application Data Frame 14: 1167 bytes on wire (9336 bits), 1167 bytes captured (9336 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.344659000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.344659000 UTC Epoch Arrival Time: 1723828119.344659000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000368000 seconds] [Time delta from previous displayed frame: 0.000368000 seconds] [Time since reference or first frame: 0.683805000 seconds] Frame Number: 14 Frame Length: 1167 bytes (9336 bits) Capture Length: 1167 bytes (9336 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1153 Identification: 0x30af (12463) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0x9f78 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 4505, Ack: 2243, Len: 1113 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1113] Sequence Number: 4505 (relative sequence number) Sequence Number (raw): 1540857749 [Next Sequence Number: 5618 (relative sequence number)] Acknowledgment Number: 2243 (relative ack number) Acknowledgment number (raw): 3957450149 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x9838 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.683805000 seconds] [Time since previous frame in this TCP stream: 0.000368000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 2565] [Bytes sent since last PSH flag: 2565] TCP payload (1113 bytes) TCP segment data (1113 bytes) [2 Reassembled TCP Segments (2565 bytes): #13(1452), #14(1113)] [Frame: 13, payload: 0-1451 (1452 bytes)] [Frame: 14, payload: 1452-2564 (1113 bytes)] [Segment count: 2] [Reassembled TCP length: 2565] [Reassembled TCP Data [truncated]: 1703030a00000000000000000141550926706ed0864f6f87c15a9d82406d448d238b3e88094b34357613e0c1dae53b1b156aae5d24cd016680e95d8692d7b62843bbfbede19f553f457baaa31fd50ae63f2508ab8fb06c83fc74ab0814ffec5d88e191724cdea] Transport Layer Security TLSv1.2 Record Layer: Application Data Protocol: Hypertext Transfer Protocol Content Type: Application Data (23) Version: TLS 1.2 (0x0303) Length: 2560 Encrypted Application Data [truncated]: 000000000000000141550926706ed0864f6f87c15a9d82406d448d238b3e88094b34357613e0c1dae53b1b156aae5d24cd016680e95d8692d7b62843bbfbede19f553f457baaa31fd50ae63f2508ab8fb06c83fc74ab0814ffec5d88e191724cdeab9f7 [Application Data Protocol: Hypertext Transfer Protocol] No. Time Source Destination Protocol Length Info 15 0.683833 192.168.1.11 192.185.10.227 TCP 54 64321 → 443 [ACK] Seq=2243 Ack=5618 Win=132096 Len=0 Frame 15: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.344687000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.344687000 UTC Epoch Arrival Time: 1723828119.344687000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000028000 seconds] [Time delta from previous displayed frame: 0.000028000 seconds] [Time since reference or first frame: 0.683833000 seconds] Frame Number: 15 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c09 (11273) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 2243, Ack: 5618, Len: 0 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 2243 (relative sequence number) Sequence Number (raw): 3957450149 [Next Sequence Number: 2243 (relative sequence number)] Acknowledgment Number: 5618 (relative ack number) Acknowledgment number (raw): 1540858862 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.683833000 seconds] [Time since previous frame in this TCP stream: 0.000028000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 14] [The RTT to ACK the segment was: 0.000028000 seconds] [iRTT: 0.150646000 seconds] No. Time Source Destination Protocol Length Info 16 0.834106 192.168.1.11 192.185.10.227 TLSv1.2 2156 Application Data Frame 16: 2156 bytes on wire (17248 bits), 2156 bytes captured (17248 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.494960000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.494960000 UTC Epoch Arrival Time: 1723828119.494960000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.150273000 seconds] [Time delta from previous displayed frame: 0.150273000 seconds] [Time since reference or first frame: 0.834106000 seconds] Frame Number: 16 Frame Length: 2156 bytes (17248 bits) Capture Length: 2156 bytes (17248 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) [Total Length: 2142 bytes (reported as 0, presumed to be because of "TCP segmentation offload" (TSO))] Identification: 0x2c0a (11274) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 2243, Ack: 5618, Len: 2102 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 2102] Sequence Number: 2243 (relative sequence number) Sequence Number (raw): 3957450149 [Next Sequence Number: 4345 (relative sequence number)] Acknowledgment Number: 5618 (relative ack number) Acknowledgment number (raw): 1540858862 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d56 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.834106000 seconds] [Time since previous frame in this TCP stream: 0.150273000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 2102] [Bytes sent since last PSH flag: 2102] TCP payload (2102 bytes) Transport Layer Security TLSv1.2 Record Layer: Application Data Protocol: Hypertext Transfer Protocol Content Type: Application Data (23) Version: TLS 1.2 (0x0303) Length: 2097 Encrypted Application Data [truncated]: 0000000000000002522d87de3000bb7575372eb440a057be01968ffd12590292823861492ac03297b75642943d1e36d6c99926a82811969dd488c24588e8d271d1140078cd46ae3ed8282856dd16d01d340876e2624adb66643330d60f7ffd9af42cfc7 [Application Data Protocol: Hypertext Transfer Protocol] No. Time Source Destination Protocol Length Info 17 0.985494 192.185.10.227 192.168.1.11 TCP 60 443 → 64321 [ACK] Seq=5618 Ack=4345 Win=262656 Len=0 Frame 17: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.646348000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.646348000 UTC Epoch Arrival Time: 1723828119.646348000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.151388000 seconds] [Time delta from previous displayed frame: 0.151388000 seconds] [Time since reference or first frame: 0.985494000 seconds] Frame Number: 17 Frame Length: 60 bytes (480 bits) Capture Length: 60 bytes (480 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Trailer: 0000a2436fa3 [Expert Info (Note/Protocol): Didn't find padding of zeros, and an undecoded trailer exists. There may be padding of non-zeros.] [Didn't find padding of zeros, and an undecoded trailer exists. There may be padding of non-zeros.] [Severity level: Note] [Group: Protocol] Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x30b0 (12464) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0xa3d0 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 5618, Ack: 4345, Len: 0 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 5618 (relative sequence number) Sequence Number (raw): 1540858862 [Next Sequence Number: 5618 (relative sequence number)] Acknowledgment Number: 4345 (relative ack number) Acknowledgment number (raw): 3957452251 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x4802 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.985494000 seconds] [Time since previous frame in this TCP stream: 0.151388000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 16] [The RTT to ACK the segment was: 0.151388000 seconds] [iRTT: 0.150646000 seconds] No. Time Source Destination Protocol Length Info 18 0.996330 192.185.10.227 192.168.1.11 TLSv1.2 1113 Application Data Frame 18: 1113 bytes on wire (8904 bits), 1113 bytes captured (8904 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.657184000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.657184000 UTC Epoch Arrival Time: 1723828119.657184000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.010836000 seconds] [Time delta from previous displayed frame: 0.010836000 seconds] [Time since reference or first frame: 0.996330000 seconds] Frame Number: 18 Frame Length: 1113 bytes (8904 bits) Capture Length: 1113 bytes (8904 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1099 Identification: 0x30b1 (12465) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 25 Protocol: TCP (6) Header Checksum: 0x9fac [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64321, Seq: 5618, Ack: 4345, Len: 1059 Source Port: 443 Destination Port: 64321 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1059] Sequence Number: 5618 (relative sequence number) Sequence Number (raw): 1540858862 [Next Sequence Number: 6677 (relative sequence number)] Acknowledgment Number: 4345 (relative ack number) Acknowledgment number (raw): 3957452251 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x81aa [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.996330000 seconds] [Time since previous frame in this TCP stream: 0.010836000 seconds] [SEQ/ACK analysis] [iRTT: 0.150646000 seconds] [Bytes in flight: 1059] [Bytes sent since last PSH flag: 1059] TCP payload (1059 bytes) Transport Layer Security TLSv1.2 Record Layer: Application Data Protocol: Hypertext Transfer Protocol Content Type: Application Data (23) Version: TLS 1.2 (0x0303) Length: 1054 Encrypted Application Data [truncated]: 00000000000000027cc53eaf14b5d19726348b32a33dcaeb1de0377a684d1d440fb7a1264da3d7ff2102bf4e4f18e6f58efbba34a96c9c8364e690bdb89512e07793b5db446be79c913bfcc382862d5a3a8729c9af12312e5565aa9750a17136abc4c4c [Application Data Protocol: Hypertext Transfer Protocol] No. Time Source Destination Protocol Length Info 19 1.049864 192.168.1.11 192.185.10.227 TCP 54 64321 → 443 [ACK] Seq=4345 Ack=6677 Win=131072 Len=0 Frame 19: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:08:39.710718000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:08:39.710718000 UTC Epoch Arrival Time: 1723828119.710718000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.053534000 seconds] [Time delta from previous displayed frame: 0.053534000 seconds] [Time since reference or first frame: 1.049864000 seconds] Frame Number: 19 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c0c (11276) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64321, Dst Port: 443, Seq: 4345, Ack: 6677, Len: 0 Source Port: 64321 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 4345 (relative sequence number) Sequence Number (raw): 3957452251 [Next Sequence Number: 4345 (relative sequence number)] Acknowledgment Number: 6677 (relative ack number) Acknowledgment number (raw): 1540859921 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 512 [Calculated window size: 131072] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 1.049864000 seconds] [Time since previous frame in this TCP stream: 0.053534000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 18] [The RTT to ACK the segment was: 0.053534000 seconds] [iRTT: 0.150646000 seconds]