No. Time Source Destination Protocol Length Info 1 0.000000 192.168.1.11 192.185.10.227 TCP 66 64547 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM Frame 1: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.365414000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.365414000 UTC Epoch Arrival Time: 1723828265.365414000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.000000000 seconds] Frame Number: 1 Frame Length: 66 bytes (528 bits) Capture Length: 66 bytes (528 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP SYN/FIN] [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 52 Identification: 0x2c12 (11282) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 0, Len: 0 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 0 (relative sequence number) Sequence Number (raw): 1505134452 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 0 Acknowledgment number (raw): 0 1000 .... = Header Length: 32 bytes (8) Flags: 0x002 (SYN) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...0 .... = Acknowledgment: Not set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..1. = Syn: Set [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443] [Connection establish request (SYN): server port 443] [Severity level: Chat] [Group: Sequence] .... .... ...0 = Fin: Not set [TCP Flags: ··········S·] Window: 64240 [Calculated window size: 64240] Checksum: 0x8d76 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted TCP Option - Maximum segment size: 1460 bytes Kind: Maximum Segment Size (2) Length: 4 MSS Value: 1460 TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - Window scale: 8 (multiply by 256) Kind: Window Scale (3) Length: 3 Shift count: 8 [Multiplier: 256] TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - SACK permitted Kind: SACK Permitted (4) Length: 2 [Timestamps] [Time since first frame in this TCP stream: 0.000000000 seconds] [Time since previous frame in this TCP stream: 0.000000000 seconds] No. Time Source Destination Protocol Length Info 2 0.152765 192.185.10.227 192.168.1.11 TCP 66 443 → 64547 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1452 WS=256 SACK_PERM Frame 2: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.518179000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.518179000 UTC Epoch Arrival Time: 1723828265.518179000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.152765000 seconds] [Time delta from previous displayed frame: 0.152765000 seconds] [Time since reference or first frame: 0.152765000 seconds] Frame Number: 2 Frame Length: 66 bytes (528 bits) Capture Length: 66 bytes (528 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP SYN/FIN] [Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 52 Identification: 0x30b6 (12470) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0xa2be [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 0, Ack: 1, Len: 0 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 0 (relative sequence number) Sequence Number (raw): 4266276116 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 1 (relative ack number) Acknowledgment number (raw): 1505134453 1000 .... = Header Length: 32 bytes (8) Flags: 0x012 (SYN, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..1. = Syn: Set [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port 443] [Connection establish acknowledge (SYN+ACK): server port 443] [Severity level: Chat] [Group: Sequence] .... .... ...0 = Fin: Not set [TCP Flags: ·······A··S·] Window: 8192 [Calculated window size: 8192] Checksum: 0xaf4e [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted TCP Option - Maximum segment size: 1452 bytes Kind: Maximum Segment Size (2) Length: 4 MSS Value: 1452 TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - Window scale: 8 (multiply by 256) Kind: Window Scale (3) Length: 3 Shift count: 8 [Multiplier: 256] TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - No-Operation (NOP) Kind: No-Operation (1) TCP Option - SACK permitted Kind: SACK Permitted (4) Length: 2 [Timestamps] [Time since first frame in this TCP stream: 0.152765000 seconds] [Time since previous frame in this TCP stream: 0.152765000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 1] [The RTT to ACK the segment was: 0.152765000 seconds] [iRTT: 0.152804000 seconds] No. Time Source Destination Protocol Length Info 3 0.152804 192.168.1.11 192.185.10.227 TCP 54 64547 → 443 [ACK] Seq=1 Ack=1 Win=132096 Len=0 Frame 3: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.518218000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.518218000 UTC Epoch Arrival Time: 1723828265.518218000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000039000 seconds] [Time delta from previous displayed frame: 0.000039000 seconds] [Time since reference or first frame: 0.152804000 seconds] Frame Number: 3 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c13 (11283) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 1, Ack: 1, Len: 0 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 1 (relative sequence number) Sequence Number (raw): 1505134453 [Next Sequence Number: 1 (relative sequence number)] Acknowledgment Number: 1 (relative ack number) Acknowledgment number (raw): 4266276117 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.152804000 seconds] [Time since previous frame in this TCP stream: 0.000039000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 2] [The RTT to ACK the segment was: 0.000039000 seconds] [iRTT: 0.152804000 seconds] No. Time Source Destination Protocol Length Info 4 0.159088 192.168.1.11 192.185.10.227 TLSv1.2 571 Client Hello (SNI=www.diversemechanics.com) Frame 4: 571 bytes on wire (4568 bits), 571 bytes captured (4568 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.524502000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.524502000 UTC Epoch Arrival Time: 1723828265.524502000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.006284000 seconds] [Time delta from previous displayed frame: 0.006284000 seconds] [Time since reference or first frame: 0.159088000 seconds] Frame Number: 4 Frame Length: 571 bytes (4568 bits) Capture Length: 571 bytes (4568 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 557 Identification: 0x2c14 (11284) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 1, Ack: 1, Len: 517 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 517] Sequence Number: 1 (relative sequence number) Sequence Number (raw): 1505134453 [Next Sequence Number: 518 (relative sequence number)] Acknowledgment Number: 1 (relative ack number) Acknowledgment number (raw): 4266276117 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8f6f [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.159088000 seconds] [Time since previous frame in this TCP stream: 0.006284000 seconds] [SEQ/ACK analysis] [iRTT: 0.152804000 seconds] [Bytes in flight: 517] [Bytes sent since last PSH flag: 517] TCP payload (517 bytes) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 512 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 508 Version: TLS 1.2 (0x0303) Random: 42c308ebe30177566bff1d66e36c219ef75baaf1793517395ddfba788f153e4f GMT Unix Time: Jun 29, 2005 23:47:39.000000000 GTB Daylight Time Random Bytes: e30177566bff1d66e36c219ef75baaf1793517395ddfba788f153e4f Session ID Length: 32 Session ID: ee1469946a8a779ec6e88f4a587bdd839d43f8fab136e0d5de2cd7670b6d5883 Cipher Suites Length: 34 Cipher Suites (17 suites) Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301) Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302) Cipher Suite: TLS_CHACHA20_POLY1305_SHA256 (0x1303) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c) Cipher Suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 401 Extension: server_name (len=29) name=www.diversemechanics.com Type: server_name (0) Length: 29 Server Name Indication extension Server Name list length: 27 Server Name Type: host_name (0) Server Name length: 24 Server Name: www.diversemechanics.com Extension: extended_master_secret (len=0) Type: extended_master_secret (23) Length: 0 Extension: renegotiation_info (len=1) Type: renegotiation_info (65281) Length: 1 Renegotiation Info extension Renegotiation info extension length: 0 Extension: supported_groups (len=8) Type: supported_groups (10) Length: 8 Supported Groups List Length: 6 Supported Groups (3 groups) Supported Group: x25519 (0x001d) Supported Group: secp256r1 (0x0017) Supported Group: secp384r1 (0x0018) Extension: ec_point_formats (len=2) Type: ec_point_formats (11) Length: 2 EC point formats Length: 1 Elliptic curves point formats (1) EC point format: uncompressed (0) Extension: session_ticket (len=0) Type: session_ticket (35) Length: 0 Session Ticket: Extension: application_layer_protocol_negotiation (len=11) Type: application_layer_protocol_negotiation (16) Length: 11 ALPN Extension Length: 9 ALPN Protocol ALPN string length: 8 ALPN Next Protocol: http/1.1 Extension: status_request (len=5) Type: status_request (5) Length: 5 Certificate Status Type: OCSP (1) Responder ID list Length: 0 Request Extensions Length: 0 Extension: signature_algorithms (len=20) Type: signature_algorithms (13) Length: 20 Signature Hash Algorithms Length: 18 Signature Hash Algorithms (9 algorithms) Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: rsa_pss_rsae_sha256 (0x0804) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (4) Signature Algorithm: rsa_pkcs1_sha256 (0x0401) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503) Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: ECDSA (3) Signature Algorithm: rsa_pss_rsae_sha384 (0x0805) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (5) Signature Algorithm: rsa_pkcs1_sha384 (0x0501) Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: rsa_pss_rsae_sha512 (0x0806) Signature Hash Algorithm Hash: Unknown (8) Signature Hash Algorithm Signature: Unknown (6) Signature Algorithm: rsa_pkcs1_sha512 (0x0601) Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: RSA (1) Signature Algorithm: rsa_pkcs1_sha1 (0x0201) Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1) Extension: key_share (len=38) x25519 Type: key_share (51) Length: 38 Key Share extension Client Key Share Length: 36 Key Share Entry: Group: x25519, Key Exchange length: 32 Group: x25519 (29) Key Exchange Length: 32 Key Exchange: 7914cd3c0eca1aa4f93149c39017a7cc017b9e6e8a56e7a4ceb90986bb5ad00e Extension: psk_key_exchange_modes (len=2) Type: psk_key_exchange_modes (45) Length: 2 PSK Key Exchange Modes Length: 1 PSK Key Exchange Mode: PSK with (EC)DHE key establishment (psk_dhe_ke) (1) Extension: supported_versions (len=9) TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0 Type: supported_versions (43) Length: 9 Supported Versions length: 8 Supported Version: TLS 1.3 (0x0304) Supported Version: TLS 1.2 (0x0303) Supported Version: TLS 1.1 (0x0302) Supported Version: TLS 1.0 (0x0301) Extension: padding (len=224) Type: padding (21) Length: 224 Padding Data [truncated]: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [JA4: t13d1713h1_5b57614c22b0_eca864cca44a] [JA4_r: t13d1713h1_002f,0035,009c,009d,1301,1302,1303,c009,c00a,c013,c014,c02b,c02c,c02f,c030,cca8,cca9_0005,000a,000b,000d,0015,0017,0023,002b,002d,0033,ff01_0403,0804,0401,0503,0805,0501,0806,0601,0201] [JA3 Fullstring: 771,4865-4866-4867-49195-49196-52393-49199-49200-52392-49161-49162-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-51-45-43-21,29-23-24,0] [JA3: 9b02ebd3a43b62d825e1ac605b621dc8] No. Time Source Destination Protocol Length Info 5 0.315831 192.185.10.227 192.168.1.11 TCP 1506 443 → 64547 [ACK] Seq=1 Ack=518 Win=262656 Len=1452 [TCP segment of a reassembled PDU] Frame 5: 1506 bytes on wire (12048 bits), 1506 bytes captured (12048 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.681245000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.681245000 UTC Epoch Arrival Time: 1723828265.681245000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.156743000 seconds] [Time delta from previous displayed frame: 0.156743000 seconds] [Time since reference or first frame: 0.315831000 seconds] Frame Number: 5 Frame Length: 1506 bytes (12048 bits) Capture Length: 1506 bytes (12048 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1492 Identification: 0x30b7 (12471) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0x9d1d [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 1, Ack: 518, Len: 1452 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1452] Sequence Number: 1 (relative sequence number) Sequence Number (raw): 4266276117 [Next Sequence Number: 1453 (relative sequence number)] Acknowledgment Number: 518 (relative ack number) Acknowledgment number (raw): 1505134970 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0xcee3 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.315831000 seconds] [Time since previous frame in this TCP stream: 0.156743000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 4] [The RTT to ACK the segment was: 0.156743000 seconds] [iRTT: 0.152804000 seconds] [Bytes in flight: 1452] [Bytes sent since last PSH flag: 1452] TCP payload (1452 bytes) [Reassembled PDU in frame: 7] TCP segment data (1452 bytes) No. Time Source Destination Protocol Length Info 6 0.315831 192.185.10.227 192.168.1.11 TCP 1506 443 → 64547 [ACK] Seq=1453 Ack=518 Win=262656 Len=1452 [TCP segment of a reassembled PDU] Frame 6: 1506 bytes on wire (12048 bits), 1506 bytes captured (12048 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.681245000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.681245000 UTC Epoch Arrival Time: 1723828265.681245000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.315831000 seconds] Frame Number: 6 Frame Length: 1506 bytes (12048 bits) Capture Length: 1506 bytes (12048 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1492 Identification: 0x30b8 (12472) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0x9d1c [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 1453, Ack: 518, Len: 1452 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1452] Sequence Number: 1453 (relative sequence number) Sequence Number (raw): 4266277569 [Next Sequence Number: 2905 (relative sequence number)] Acknowledgment Number: 518 (relative ack number) Acknowledgment number (raw): 1505134970 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x5e0c [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.315831000 seconds] [Time since previous frame in this TCP stream: 0.000000000 seconds] [SEQ/ACK analysis] [iRTT: 0.152804000 seconds] [Bytes in flight: 2904] [Bytes sent since last PSH flag: 2904] TCP payload (1452 bytes) [Reassembled PDU in frame: 7] TCP segment data (1452 bytes) No. Time Source Destination Protocol Length Info 7 0.315831 192.185.10.227 192.168.1.11 TLSv1.2 166 Server Hello, Certificate, Server Key Exchange, Server Hello Done Frame 7: 166 bytes on wire (1328 bits), 166 bytes captured (1328 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.681245000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.681245000 UTC Epoch Arrival Time: 1723828265.681245000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000000000 seconds] [Time delta from previous displayed frame: 0.000000000 seconds] [Time since reference or first frame: 0.315831000 seconds] Frame Number: 7 Frame Length: 166 bytes (1328 bits) Capture Length: 166 bytes (1328 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame [truncated]: eth:ethertype:ip:tcp:tls:x509sat:x509sat:x509sat:x509sat:x509ce:x509ce:x509ce:x509ce:x509ce:pkix1implicit:x509ce:x509ce:tls:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509ce:x509ce:x509ce:x509ce:x509ce:] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 152 Identification: 0x30b9 (12473) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0xa257 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 2905, Ack: 518, Len: 112 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 112] Sequence Number: 2905 (relative sequence number) Sequence Number (raw): 4266279021 [Next Sequence Number: 3017 (relative sequence number)] Acknowledgment Number: 518 (relative ack number) Acknowledgment number (raw): 1505134970 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x432d [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.315831000 seconds] [Time since previous frame in this TCP stream: 0.000000000 seconds] [SEQ/ACK analysis] [iRTT: 0.152804000 seconds] [Bytes in flight: 3016] [Bytes sent since last PSH flag: 3016] TCP payload (112 bytes) TCP segment data (112 bytes) [3 Reassembled TCP Segments (3016 bytes): #5(1452), #6(1452), #7(112)] [Frame: 5, payload: 0-1451 (1452 bytes)] [Frame: 6, payload: 1452-2903 (1452 bytes)] [Frame: 7, payload: 2904-3015 (112 bytes)] [Segment count: 3] [Reassembled TCP length: 3016] [Reassembled TCP Data [truncated]: 1603030bc302000064030366bf8829ca22e806c076282a36b34b2577ea9ec6325baf52e27ee7be6e925afb20d1330000fea7310ba2e3bedc28a416ad15efd294e22ae3c31df26793d104be75c03000001c0010000b000908687474702f312e3100170000ff010] Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 3011 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 100 Version: TLS 1.2 (0x0303) Random: 66bf8829ca22e806c076282a36b34b2577ea9ec6325baf52e27ee7be6e925afb GMT Unix Time: Aug 16, 2024 20:11:05.000000000 GTB Daylight Time Random Bytes: ca22e806c076282a36b34b2577ea9ec6325baf52e27ee7be6e925afb Session ID Length: 32 Session ID: d1330000fea7310ba2e3bedc28a416ad15efd294e22ae3c31df26793d104be75 Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Compression Method: null (0) Extensions Length: 28 Extension: application_layer_protocol_negotiation (len=11) Type: application_layer_protocol_negotiation (16) Length: 11 ALPN Extension Length: 9 ALPN Protocol ALPN string length: 8 ALPN Next Protocol: http/1.1 Extension: extended_master_secret (len=0) Type: extended_master_secret (23) Length: 0 Extension: renegotiation_info (len=1) Type: renegotiation_info (65281) Length: 1 Renegotiation Info extension Renegotiation info extension length: 0 Extension: server_name (len=0) Type: server_name (0) Length: 0 [JA3S Fullstring: 771,49200,16-23-65281-0] [JA3S: 2fe9b0e731d3d41b2b84e8e1d6186836] Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 2599 Certificates Length: 2596 Certificates (2596 bytes) Certificate Length: 1300 Certificate [truncated]: 30820510308203f8a00302010202120307c1374781eaed545a62d16673b74749f3300d06092a864886f70d01010b05003033310b300906035504061302555331163014060355040a130d4c6574277320456e6372797074310c300a06035504031303523131301e170d3234 signedCertificate version: v3 (2) serialNumber: 0x0307c1374781eaed545a62d16673b74749f3 signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 3 items (id-at-commonName=R11,id-at-organizationName=Let's Encrypt,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Object Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-organizationName=Let's Encrypt) RelativeDistinguishedName item (id-at-organizationName=Let's Encrypt) Object Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Let's Encrypt RDNSequence item: 1 item (id-at-commonName=R11) RelativeDistinguishedName item (id-at-commonName=R11) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: R11 validity notBefore: utcTime (0) utcTime: 2024-06-19 00:05:15 (UTC) notAfter: utcTime (0) utcTime: 2024-09-17 00:05:14 (UTC) subject: rdnSequence (0) rdnSequence: 1 item (id-at-commonName=diversemechanics.com) RDNSequence item: 1 item (id-at-commonName=diversemechanics.com) RelativeDistinguishedName item (id-at-commonName=diversemechanics.com) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: diversemechanics.com subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) subjectPublicKey [truncated]: 3082010a0282010100ceed6c98a40ada8602622e37bc78e6f31de3450598a61f87df553f0eb060cf165e334515a1255acefdbd345489ac60106675a7036359bf453de97a3db2100966a8312c0a22f791abeb09ed205b5c9bccc42e235447bf615d89bcba3fe597011 modulus: 0x00ceed6c98a40ada8602622e37bc78e6f31de3450598a61f87df553f0eb060cf165e3345… publicExponent: 65537 extensions: 9 items Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) critical: True Padding: 5 KeyUsage: a0 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..1. .... = keyEncipherment: True ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .0.. = keyCertSign: False .... ..0. = cRLSign: False .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax [0 length] Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: 7abe6188c1f9f7f386a23ca2d92cea226095cbcc Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier keyIdentifier: c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 Extension (id-pe-authorityInfoAccess) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess) AuthorityInfoAccessSyntax: 2 items AccessDescription accessMethod: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp) accessLocation: 6 uniformResourceIdentifier: http://r11.o.lencr.org AccessDescription accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers) accessLocation: 6 uniformResourceIdentifier: http://r11.i.lencr.org/ Extension (id-ce-subjectAltName) Extension Id: 2.5.29.17 (id-ce-subjectAltName) GeneralNames: 2 items GeneralName: dNSName (2) dNSName: *.diversemechanics.com GeneralName: dNSName (2) dNSName: diversemechanics.com Extension (id-ce-certificatePolicies) Extension Id: 2.5.29.32 (id-ce-certificatePolicies) CertificatePoliciesSyntax: 1 item PolicyInformation policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1) Extension (SignedCertificateTimestampList) Extension Id: 1.3.6.1.4.1.11129.2.4.2 (SignedCertificateTimestampList) Serialized SCT List Length: 240 Signed Certificate Timestamp (Let's Encrypt 'Oak2024H2' log) Serialized SCT Length: 118 SCT Version: 0 Log ID: 3f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e Timestamp: Jun 19, 2024 01:05:15.453000000 UTC Extensions length: 0 Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Length: 71 Signature: 3045022100eaf4ea7baf00e3d3090ce2971deef5f501f39a0f1bdaec711c991b488cefb6ee02207cdaaa369ee1cbd7eb0f92c6151cbbd88328e349998aba84eb63cccbc11b26f4 Signed Certificate Timestamp (DigiCert Yeti2024 Log) Serialized SCT Length: 118 SCT Version: 0 Log ID: 48b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473 Timestamp: Jun 19, 2024 01:05:15.607000000 UTC Extensions length: 0 Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Length: 71 Signature: 3045022100c89cbd70c9cd92f44ad53275a40a299fdbe038664108db0304f59091b65da0da02201c18baf029734a74da371d934d83bf688e56fcaaa98c368552d4d025b0c8a443 algorithmIdentifier (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) Padding: 0 encrypted [truncated]: 7f651bf22288876a446fed974746197ffe910ea3903c24efbc2628d44c75e3255aa2506dc98d742815a9e361d6f2784634efed90df591961f83ca6a65c7bb5f1b8824f462a3971214db368074d13e6ff1410e8f1e0ebb83adb56d8a300a5c55cf799284cd45d55f543507718 Certificate Length: 1290 Certificate [truncated]: 30820506308202eea0030201020211008a7d3e13d62f30ef2386bd29076b34f8300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f75703115 signedCertificate version: v3 (2) serialNumber: 0x008a7d3e13d62f30ef2386bd29076b34f8 signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 3 items (id-at-commonName=ISRG Root X1,id-at-organizationName=Internet Security Research Group,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Object Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-organizationName=Internet Security Research Group) RelativeDistinguishedName item (id-at-organizationName=Internet Security Research Group) Object Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Internet Security Research Group RDNSequence item: 1 item (id-at-commonName=ISRG Root X1) RelativeDistinguishedName item (id-at-commonName=ISRG Root X1) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: ISRG Root X1 validity notBefore: utcTime (0) utcTime: 2024-03-13 00:00:00 (UTC) notAfter: utcTime (0) utcTime: 2027-03-12 23:59:59 (UTC) subject: rdnSequence (0) rdnSequence: 3 items (id-at-commonName=R11,id-at-organizationName=Let's Encrypt,id-at-countryName=US) RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Object Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-organizationName=Let's Encrypt) RelativeDistinguishedName item (id-at-organizationName=Let's Encrypt) Object Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Let's Encrypt RDNSequence item: 1 item (id-at-commonName=R11) RelativeDistinguishedName item (id-at-commonName=R11) Object Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: R11 subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) subjectPublicKey [truncated]: 3082010a0282010100ba87bc5c1b0039cbca0acdd46710f9013ca54ea561cb26ca52fb1501b7b928f5281eed27b324183967090c08ece03ab03b770ebdf3e53954410c4eae41d69974de51dbef7bff58bda8b713f6de31d5f272c9726a0b8374959c4600641499f3b modulus: 0x00ba87bc5c1b0039cbca0acdd46710f9013ca54ea561cb26ca52fb1501b7b928f5281eed… publicExponent: 65537 extensions: 8 items Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) critical: True Padding: 1 KeyUsage: 86 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..0. .... = keyEncipherment: False ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .1.. = keyCertSign: True .... ..1. = cRLSign: True .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax cA: True pathLenConstraint: 0 Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier keyIdentifier: 79b459e67bb6e5e40173800888c81a58f6e99b6e Extension (id-pe-authorityInfoAccess) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccess) AuthorityInfoAccessSyntax: 1 item AccessDescription accessMethod: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers) accessLocation: 6 uniformResourceIdentifier: http://x1.i.lencr.org/ Extension (id-ce-certificatePolicies) Extension Id: 2.5.29.32 (id-ce-certificatePolicies) CertificatePoliciesSyntax: 1 item PolicyInformation policyIdentifier: 2.23.140.1.2.1 (joint-iso-itu-t.23.140.1.2.1) Extension (id-ce-cRLDistributionPoints) Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints) CRLDistPointsSyntax: 1 item DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://x1.c.lencr.org/ algorithmIdentifier (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) Padding: 0 encrypted [truncated]: 4ee2895d0a031c9038d0f51ff9715cf8c38fb237887a6fb0251fedbeb7d886068ee90984cd72bf81f3fccacf5348edbdf66942d4a5113e35c813b2921d055fea2ed4d8f849c3adf599969cef26d8e1b4240b48204dfcd354b4a9c621c8e1361bff77642917b9f04bef5deacd Handshake Protocol: Server Key Exchange Handshake Type: Server Key Exchange (12) Length: 296 EC Diffie-Hellman Server Params Curve Type: named_curve (0x03) Named Curve: x25519 (0x001d) Pubkey Length: 32 Pubkey: 031e2397429d87f03ef1954f4d97d963a6dc80bb58878e2f4b4604db2e930754 Signature Algorithm: rsa_pkcs1_sha256 (0x0401) Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Length: 256 Signature [truncated]: c42fcf64842d5a2b20e871f54a32ef563b84a0a80b9203ec6556210e8cdfbd2f23789e5a777f1a3894b1de8e1dedb38c704414f741bea3c38b4671a84baf6a5e233305eea7c8f0e40ae78e61676e5be49fd6a83de41dd74744c402311e891dec93663273f78340097284a1b7 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0 No. Time Source Destination Protocol Length Info 8 0.315877 192.168.1.11 192.185.10.227 TCP 54 64547 → 443 [ACK] Seq=518 Ack=3017 Win=132096 Len=0 Frame 8: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.681291000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.681291000 UTC Epoch Arrival Time: 1723828265.681291000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000046000 seconds] [Time delta from previous displayed frame: 0.000046000 seconds] [Time since reference or first frame: 0.315877000 seconds] Frame Number: 8 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c15 (11285) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 518, Ack: 3017, Len: 0 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 518 (relative sequence number) Sequence Number (raw): 1505134970 [Next Sequence Number: 518 (relative sequence number)] Acknowledgment Number: 3017 (relative ack number) Acknowledgment number (raw): 4266279133 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.315877000 seconds] [Time since previous frame in this TCP stream: 0.000046000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 7] [The RTT to ACK the segment was: 0.000046000 seconds] [iRTT: 0.152804000 seconds] No. Time Source Destination Protocol Length Info 9 0.364260 192.168.1.11 192.185.10.227 TLSv1.2 147 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message Frame 9: 147 bytes on wire (1176 bits), 147 bytes captured (1176 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.729674000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.729674000 UTC Epoch Arrival Time: 1723828265.729674000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.048383000 seconds] [Time delta from previous displayed frame: 0.048383000 seconds] [Time since reference or first frame: 0.364260000 seconds] Frame Number: 9 Frame Length: 147 bytes (1176 bits) Capture Length: 147 bytes (1176 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 133 Identification: 0x2c16 (11286) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 518, Ack: 3017, Len: 93 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 93] Sequence Number: 518 (relative sequence number) Sequence Number (raw): 1505134970 [Next Sequence Number: 611 (relative sequence number)] Acknowledgment Number: 3017 (relative ack number) Acknowledgment number (raw): 4266279133 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8dc7 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.364260000 seconds] [Time since previous frame in this TCP stream: 0.048383000 seconds] [SEQ/ACK analysis] [iRTT: 0.152804000 seconds] [Bytes in flight: 93] [Bytes sent since last PSH flag: 93] TCP payload (93 bytes) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Client Key Exchange Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 37 Handshake Protocol: Client Key Exchange Handshake Type: Client Key Exchange (16) Length: 33 EC Diffie-Hellman Client Params Pubkey Length: 32 Pubkey: 663054a021f46b9814942a3a9ee4ef889348766c01048d566a18c444bf250e02 TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec Content Type: Change Cipher Spec (20) Version: TLS 1.2 (0x0303) Length: 1 Change Cipher Spec Message TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 40 Handshake Protocol: Encrypted Handshake Message No. Time Source Destination Protocol Length Info 10 0.515826 192.185.10.227 192.168.1.11 TLSv1.2 105 Change Cipher Spec, Encrypted Handshake Message Frame 10: 105 bytes on wire (840 bits), 105 bytes captured (840 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.881240000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.881240000 UTC Epoch Arrival Time: 1723828265.881240000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.151566000 seconds] [Time delta from previous displayed frame: 0.151566000 seconds] [Time since reference or first frame: 0.515826000 seconds] Frame Number: 10 Frame Length: 105 bytes (840 bits) Capture Length: 105 bytes (840 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 91 Identification: 0x30ba (12474) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0xa293 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 3017, Ack: 611, Len: 51 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 51] Sequence Number: 3017 (relative sequence number) Sequence Number (raw): 4266279133 [Next Sequence Number: 3068 (relative sequence number)] Acknowledgment Number: 611 (relative ack number) Acknowledgment number (raw): 1505135063 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0x52f6 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.515826000 seconds] [Time since previous frame in this TCP stream: 0.151566000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 9] [The RTT to ACK the segment was: 0.151566000 seconds] [iRTT: 0.152804000 seconds] [Bytes in flight: 51] [Bytes sent since last PSH flag: 51] TCP payload (51 bytes) Transport Layer Security TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec Content Type: Change Cipher Spec (20) Version: TLS 1.2 (0x0303) Length: 1 Change Cipher Spec Message TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 40 Handshake Protocol: Encrypted Handshake Message No. Time Source Destination Protocol Length Info 11 0.531326 192.168.1.11 192.185.10.227 TCP 1514 64547 → 443 [PSH, ACK] Seq=611 Ack=3068 Win=131840 Len=1460 [TCP segment of a reassembled PDU] Frame 11: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.896740000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.896740000 UTC Epoch Arrival Time: 1723828265.896740000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.015500000 seconds] [Time delta from previous displayed frame: 0.015500000 seconds] [Time since reference or first frame: 0.531326000 seconds] Frame Number: 11 Frame Length: 1514 bytes (12112 bits) Capture Length: 1514 bytes (12112 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) [Total Length: 1500 bytes (reported as 0, presumed to be because of "TCP segmentation offload" (TSO))] Identification: 0x2c17 (11287) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 611, Ack: 3068, Len: 1460 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1460] Sequence Number: 611 (relative sequence number) Sequence Number (raw): 1505135063 [Next Sequence Number: 2071 (relative sequence number)] Acknowledgment Number: 3068 (relative ack number) Acknowledgment number (raw): 4266279184 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 515 [Calculated window size: 131840] [Window size scaling factor: 256] Checksum: 0x8d56 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.531326000 seconds] [Time since previous frame in this TCP stream: 0.015500000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 10] [The RTT to ACK the segment was: 0.015500000 seconds] [iRTT: 0.152804000 seconds] [Bytes in flight: 1460] [Bytes sent since last PSH flag: 1460] TCP payload (1460 bytes) [Reassembled PDU in frame: 12] TCP segment data (1460 bytes) No. Time Source Destination Protocol Length Info 12 0.531357 192.168.1.11 192.185.10.227 TLSv1.2 548 Application Data Frame 12: 548 bytes on wire (4384 bits), 548 bytes captured (4384 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:05.896771000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:05.896771000 UTC Epoch Arrival Time: 1723828265.896771000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000031000 seconds] [Time delta from previous displayed frame: 0.000031000 seconds] [Time since reference or first frame: 0.531357000 seconds] Frame Number: 12 Frame Length: 548 bytes (4384 bits) Capture Length: 548 bytes (4384 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 534 Identification: 0x2c19 (11289) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 2071, Ack: 3068, Len: 494 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 494] Sequence Number: 2071 (relative sequence number) Sequence Number (raw): 1505136523 [Next Sequence Number: 2565 (relative sequence number)] Acknowledgment Number: 3068 (relative ack number) Acknowledgment number (raw): 4266279184 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 515 [Calculated window size: 131840] [Window size scaling factor: 256] Checksum: 0x8f58 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.531357000 seconds] [Time since previous frame in this TCP stream: 0.000031000 seconds] [SEQ/ACK analysis] [iRTT: 0.152804000 seconds] [Bytes in flight: 1954] [Bytes sent since last PSH flag: 494] TCP payload (494 bytes) TCP segment data (494 bytes) [2 Reassembled TCP Segments (1954 bytes): #11(1460), #12(494)] [Frame: 11, payload: 0-1459 (1460 bytes)] [Frame: 12, payload: 1460-1953 (494 bytes)] [Segment count: 2] [Reassembled TCP length: 1954] [Reassembled TCP Data [truncated]: 170303079d000000000000000117dc9902ffd926f9b506840fa93bd200cc06bf6c7c549e63a8fe464fcb4125a82d5dd7862a534affb57b51d873877cc9a60c74c374d39d87853cc4b743472183d8eacd0783e7bfcc905d70e570c934eb991366fead76c79bec4] Transport Layer Security TLSv1.2 Record Layer: Application Data Protocol: Hypertext Transfer Protocol Content Type: Application Data (23) Version: TLS 1.2 (0x0303) Length: 1949 Encrypted Application Data [truncated]: 000000000000000117dc9902ffd926f9b506840fa93bd200cc06bf6c7c549e63a8fe464fcb4125a82d5dd7862a534affb57b51d873877cc9a60c74c374d39d87853cc4b743472183d8eacd0783e7bfcc905d70e570c934eb991366fead76c79bec405f0 [Application Data Protocol: Hypertext Transfer Protocol] No. Time Source Destination Protocol Length Info 13 0.686343 192.185.10.227 192.168.1.11 TCP 60 443 → 64547 [ACK] Seq=3068 Ack=2071 Win=262656 Len=0 Frame 13: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:06.051757000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:06.051757000 UTC Epoch Arrival Time: 1723828266.051757000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.154986000 seconds] [Time delta from previous displayed frame: 0.154986000 seconds] [Time since reference or first frame: 0.686343000 seconds] Frame Number: 13 Frame Length: 60 bytes (480 bits) Capture Length: 60 bytes (480 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Trailer: 0000254d1706 [Expert Info (Note/Protocol): Didn't find padding of zeros, and an undecoded trailer exists. There may be padding of non-zeros.] [Didn't find padding of zeros, and an undecoded trailer exists. There may be padding of non-zeros.] [Severity level: Note] [Group: Protocol] Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x30bb (12475) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0xa2c5 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 3068, Ack: 2071, Len: 0 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 3068 (relative sequence number) Sequence Number (raw): 4266279184 [Next Sequence Number: 3068 (relative sequence number)] Acknowledgment Number: 2071 (relative ack number) Acknowledgment number (raw): 1505136523 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1026 [Calculated window size: 262656] [Window size scaling factor: 256] Checksum: 0xf806 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.686343000 seconds] [Time since previous frame in this TCP stream: 0.154986000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 11] [The RTT to ACK the segment was: 0.155017000 seconds] [iRTT: 0.152804000 seconds] No. Time Source Destination Protocol Length Info 14 0.695775 192.185.10.227 192.168.1.11 TCP 1506 443 → 64547 [ACK] Seq=3068 Ack=2565 Win=262144 Len=1452 [TCP segment of a reassembled PDU] Frame 14: 1506 bytes on wire (12048 bits), 1506 bytes captured (12048 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:06.061189000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:06.061189000 UTC Epoch Arrival Time: 1723828266.061189000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.009432000 seconds] [Time delta from previous displayed frame: 0.009432000 seconds] [Time since reference or first frame: 0.695775000 seconds] Frame Number: 14 Frame Length: 1506 bytes (12048 bits) Capture Length: 1506 bytes (12048 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1492 Identification: 0x30bc (12476) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0x9d18 [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 3068, Ack: 2565, Len: 1452 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1452] Sequence Number: 3068 (relative sequence number) Sequence Number (raw): 4266279184 [Next Sequence Number: 4520 (relative sequence number)] Acknowledgment Number: 2565 (relative ack number) Acknowledgment number (raw): 1505137017 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 1024 [Calculated window size: 262144] [Window size scaling factor: 256] Checksum: 0xed70 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.695775000 seconds] [Time since previous frame in this TCP stream: 0.009432000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 12] [The RTT to ACK the segment was: 0.164418000 seconds] [iRTT: 0.152804000 seconds] [Bytes in flight: 1452] [Bytes sent since last PSH flag: 1452] TCP payload (1452 bytes) [Reassembled PDU in frame: 15] TCP segment data (1452 bytes) No. Time Source Destination Protocol Length Info 15 0.696250 192.185.10.227 192.168.1.11 TLSv1.2 1167 Application Data Frame 15: 1167 bytes on wire (9336 bits), 1167 bytes captured (9336 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:06.061664000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:06.061664000 UTC Epoch Arrival Time: 1723828266.061664000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000475000 seconds] [Time delta from previous displayed frame: 0.000475000 seconds] [Time since reference or first frame: 0.696250000 seconds] Frame Number: 15 Frame Length: 1167 bytes (9336 bits) Capture Length: 1167 bytes (9336 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:tls] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: zte_24:37:fb (b0:ac:d2:24:37:fb), Dst: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Destination: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.185.10.227, Dst: 192.168.1.11 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 1153 Identification: 0x30bd (12477) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 26 Protocol: TCP (6) Header Checksum: 0x9e6a [validation disabled] [Header checksum status: Unverified] Source Address: 192.185.10.227 Destination Address: 192.168.1.11 Transmission Control Protocol, Src Port: 443, Dst Port: 64547, Seq: 4520, Ack: 2565, Len: 1113 Source Port: 443 Destination Port: 64547 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 1113] Sequence Number: 4520 (relative sequence number) Sequence Number (raw): 4266280636 [Next Sequence Number: 5633 (relative sequence number)] Acknowledgment Number: 2565 (relative ack number) Acknowledgment number (raw): 1505137017 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window: 1024 [Calculated window size: 262144] [Window size scaling factor: 256] Checksum: 0xba56 [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.696250000 seconds] [Time since previous frame in this TCP stream: 0.000475000 seconds] [SEQ/ACK analysis] [iRTT: 0.152804000 seconds] [Bytes in flight: 2565] [Bytes sent since last PSH flag: 2565] TCP payload (1113 bytes) TCP segment data (1113 bytes) [2 Reassembled TCP Segments (2565 bytes): #14(1452), #15(1113)] [Frame: 14, payload: 0-1451 (1452 bytes)] [Frame: 15, payload: 1452-2564 (1113 bytes)] [Segment count: 2] [Reassembled TCP length: 2565] [Reassembled TCP Data [truncated]: 1703030a00000000000000000118cbaa1889623dc921bcfa73f3d1d025cf212deb81105448b9a9d08492076d3f492efcfa30b0980fe7ecc2b49984260d0a9e3fa37650c8bd31f5e4b9c4168a4bc4ff5e43c7bf0b6b7171c05af40d7d60b7e47c4b62b8dec79ec] Transport Layer Security TLSv1.2 Record Layer: Application Data Protocol: Hypertext Transfer Protocol Content Type: Application Data (23) Version: TLS 1.2 (0x0303) Length: 2560 Encrypted Application Data [truncated]: 000000000000000118cbaa1889623dc921bcfa73f3d1d025cf212deb81105448b9a9d08492076d3f492efcfa30b0980fe7ecc2b49984260d0a9e3fa37650c8bd31f5e4b9c4168a4bc4ff5e43c7bf0b6b7171c05af40d7d60b7e47c4b62b8dec79ec5d8c [Application Data Protocol: Hypertext Transfer Protocol] No. Time Source Destination Protocol Length Info 16 0.696268 192.168.1.11 192.185.10.227 TCP 54 64547 → 443 [ACK] Seq=2565 Ack=5633 Win=132096 Len=0 Frame 16: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}, id 0 Section number: 1 Interface id: 0 (\Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6}) Interface name: \Device\NPF_{0F43BF0F-AF11-4809-A316-6BE130BF3DA6} Interface description: Ethernet Encapsulation type: Ethernet (1) Arrival Time: Aug 16, 2024 20:11:06.061682000 GTB Daylight Time UTC Arrival Time: Aug 16, 2024 17:11:06.061682000 UTC Epoch Arrival Time: 1723828266.061682000 [Time shift for this packet: 0.000000000 seconds] [Time delta from previous captured frame: 0.000018000 seconds] [Time delta from previous displayed frame: 0.000018000 seconds] [Time since reference or first frame: 0.696268000 seconds] Frame Number: 16 Frame Length: 54 bytes (432 bits) Capture Length: 54 bytes (432 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc), Dst: zte_24:37:fb (b0:ac:d2:24:37:fb) Destination: zte_24:37:fb (b0:ac:d2:24:37:fb) Address: zte_24:37:fb (b0:ac:d2:24:37:fb) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) Address: ASUSTekCOMPU_67:2f:cc (4c:ed:fb:67:2f:cc) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.1.11, Dst: 192.185.10.227 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 40 Identification: 0x2c1a (11290) 010. .... = Flags: 0x2, Don't fragment 0... .... = Reserved bit: Not set .1.. .... = Don't fragment: Set ..0. .... = More fragments: Not set ...0 0000 0000 0000 = Fragment Offset: 0 Time to Live: 128 Protocol: TCP (6) Header Checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source Address: 192.168.1.11 Destination Address: 192.185.10.227 Transmission Control Protocol, Src Port: 64547, Dst Port: 443, Seq: 2565, Ack: 5633, Len: 0 Source Port: 64547 Destination Port: 443 [Stream index: 0] [Conversation completeness: Incomplete, DATA (15)] ..0. .... = RST: Absent ...0 .... = FIN: Absent .... 1... = Data: Present .... .1.. = ACK: Present .... ..1. = SYN-ACK: Present .... ...1 = SYN: Present [Completeness Flags: ··DASS] [TCP Segment Len: 0] Sequence Number: 2565 (relative sequence number) Sequence Number (raw): 1505137017 [Next Sequence Number: 2565 (relative sequence number)] Acknowledgment Number: 5633 (relative ack number) Acknowledgment number (raw): 4266281749 0101 .... = Header Length: 20 bytes (5) Flags: 0x010 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Accurate ECN: Not set .... 0... .... = Congestion Window Reduced: Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······A····] Window: 516 [Calculated window size: 132096] [Window size scaling factor: 256] Checksum: 0x8d6a [unverified] [Checksum Status: Unverified] Urgent Pointer: 0 [Timestamps] [Time since first frame in this TCP stream: 0.696268000 seconds] [Time since previous frame in this TCP stream: 0.000018000 seconds] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 15] [The RTT to ACK the segment was: 0.000018000 seconds] [iRTT: 0.152804000 seconds]