API tools faq
paste
Advertisement
K_Werner

tunnel-up-responder

K_Werner
Jul 17th, 2018
343
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 41.75 KB | None | 0 0
raw download clone embed print report
  1. Frame 149: 590 bytes on wire (4720 bits), 590 bytes captured (4720 bits)
  2. Ethernet II, Src: 42:01:0a:00:00:02 (42:01:0a:00:00:02), Dst: 42:01:0a:00:00:01 (42:01:0a:00:00:01)
  3. Internet Protocol Version 4, Src: 10.0.0.2, Dst: 108.177.112.136
  4. 0100 .... = Version: 4
  5. .... 0101 = Header Length: 20 bytes (5)
  6. Differentiated Services Field: 0xc0 (DSCP: CS6, ECN: Not-ECT)
  7. 1100 00.. = Differentiated Services Codepoint: Class Selector 6 (48)
  8. .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
  9. Total Length: 576
  10. Identification: 0x4295 (17045)
  11. Flags: 0x00
  12. 0... .... = Reserved bit: Not set
  13. .0.. .... = Don't fragment: Not set
  14. ..0. .... = More fragments: Not set
  15. Fragment offset: 0
  16. Time to live: 64
  17. Protocol: ICMP (1)
  18. Header checksum: 0x4e2d [validation disabled]
  19. [Header checksum status: Unverified]
  20. Source: 10.0.0.2
  21. Destination: 108.177.112.136
  22. [Source GeoIP: Unknown]
  23. [Destination GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  24. [Destination GeoIP Country: United States]
  25. [Destination GeoIP AS Number: AS15169 Google Inc.]
  26. [Destination GeoIP City: Mountain View, CA]
  27. [Destination GeoIP Latitude: 37.419201]
  28. [Destination GeoIP Longitude: -122.057404]
  29. Internet Control Message Protocol
  30. Type: 3 (Destination unreachable)
  31. Code: 4 (Fragmentation needed)
  32. Checksum: 0x4295 [correct]
  33. [Checksum Status: Good]
  34. Unused: 0000
  35. MTU of next hop: 1390
  36. Internet Protocol Version 4, Src: 108.177.112.136, Dst: 10.0.0.2
  37. 0100 .... = Version: 4
  38. .... 0101 = Header Length: 20 bytes (5)
  39. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  40. Total Length: 1400
  41. Identification: 0x0000 (0)
  42. Flags: 0x02 (Don't Fragment)
  43. Fragment offset: 0
  44. Time to live: 63
  45. Protocol: TCP (6)
  46. Header checksum: 0x4f45 [validation disabled]
  47. [Header checksum status: Unverified]
  48. Source: 108.177.112.136
  49. Destination: 10.0.0.2
  50. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  51. [Destination GeoIP: Unknown]
  52. Transmission Control Protocol, Src Port: 443, Dst Port: 46230, Seq: 2905003006, Ack: 1909895621
  53. Source Port: 443
  54. Destination Port: 46230
  55. Sequence number: 2905003006
  56. [Stream index: 13]
  57. Sequence number: 2905003006 (relative sequence number)
  58. Acknowledgment number: 1909895621 (relative ack number)
  59. Header Length: 32 bytes
  60. Flags: 0x010 (ACK)
  61. Window size value: 115
  62. [Calculated window size: 115]
  63. [Window size scaling factor: 256]
  64. Checksum: 0x73da [unverified]
  65. [Checksum Status: Unverified]
  66. Urgent pointer: 0
  67. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  68. No-Operation (NOP)
  69. No-Operation (NOP)
  70. Timestamps: TSval 751336620, TSecr 74445
  71. Secure Sockets Layer
  72. Ignored Unknown Record
  73. [Expert Info (Warning/Protocol): Ignored Unknown Record]
  74. [Ignored Unknown Record]
  75. [Severity level: Warning]
  76. [Group: Protocol]
  77.  
  78. Frame 159: 590 bytes on wire (4720 bits), 590 bytes captured (4720 bits)
  79. Ethernet II, Src: 42:01:0a:00:00:02 (42:01:0a:00:00:02), Dst: 42:01:0a:00:00:01 (42:01:0a:00:00:01)
  80. Internet Protocol Version 4, Src: 10.0.0.2, Dst: 108.177.112.136
  81. Internet Control Message Protocol
  82. Type: 3 (Destination unreachable)
  83. Code: 4 (Fragmentation needed)
  84. Checksum: 0xe3b1 [correct]
  85. [Checksum Status: Good]
  86. Unused: 0000
  87. MTU of next hop: 1390
  88. Internet Protocol Version 4, Src: 108.177.112.136, Dst: 10.0.0.2
  89. 0100 .... = Version: 4
  90. .... 0101 = Header Length: 20 bytes (5)
  91. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  92. 0000 00.. = Differentiated Services Codepoint: Default (0)
  93. .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
  94. Total Length: 1400
  95. Identification: 0x0000 (0)
  96. Flags: 0x02 (Don't Fragment)
  97. 0... .... = Reserved bit: Not set
  98. .1.. .... = Don't fragment: Set
  99. ..0. .... = More fragments: Not set
  100. Fragment offset: 0
  101. Time to live: 63
  102. Protocol: TCP (6)
  103. Header checksum: 0x4f45 [validation disabled]
  104. [Header checksum status: Unverified]
  105. Source: 108.177.112.136
  106. Destination: 10.0.0.2
  107. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  108. [Source GeoIP Country: United States]
  109. [Source GeoIP AS Number: AS15169 Google Inc.]
  110. [Source GeoIP City: Mountain View, CA]
  111. [Source GeoIP Latitude: 37.419201]
  112. [Source GeoIP Longitude: -122.057404]
  113. [Destination GeoIP: Unknown]
  114. Transmission Control Protocol, Src Port: 443, Dst Port: 46230, Seq: 2905001658, Ack: 1909895621
  115. Source Port: 443
  116. Destination Port: 46230
  117. Sequence number: 2905001658
  118. [Stream index: 13]
  119. Sequence number: 2905001658 (relative sequence number)
  120. Acknowledgment number: 1909895621 (relative ack number)
  121. Header Length: 32 bytes
  122. Flags: 0x010 (ACK)
  123. Window size value: 115
  124. [Calculated window size: 115]
  125. [Window size scaling factor: 256]
  126. Checksum: 0x8071 [unverified]
  127. [Checksum Status: Unverified]
  128. Urgent pointer: 0
  129. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  130. No-Operation (NOP)
  131. No-Operation (NOP)
  132. Timestamps: TSval 751337061, TSecr 74540
  133. Secure Sockets Layer
  134. TLSv1.2 Record Layer: Handshake Protocol: Server Hello
  135. Content Type: Handshake (22)
  136. Version: TLS 1.2 (0x0303)
  137. Length: 72
  138. Handshake Protocol: Server Hello
  139.  
  140. Frame 160: 1414 bytes on wire (11312 bits), 1414 bytes captured (11312 bits)
  141. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  142. Internet Protocol Version 4, Src: 108.177.112.136, Dst: 10.0.0.2
  143. 0100 .... = Version: 4
  144. .... 0101 = Header Length: 20 bytes (5)
  145. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  146. 0000 00.. = Differentiated Services Codepoint: Default (0)
  147. .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
  148. Total Length: 1400
  149. Identification: 0x0000 (0)
  150. Flags: 0x02 (Don't Fragment)
  151. 0... .... = Reserved bit: Not set
  152. .1.. .... = Don't fragment: Set
  153. ..0. .... = More fragments: Not set
  154. Fragment offset: 0
  155. Time to live: 64
  156. Protocol: TCP (6)
  157. Header checksum: 0x4e45 [validation disabled]
  158. [Header checksum status: Unverified]
  159. Source: 108.177.112.136
  160. Destination: 10.0.0.2
  161. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  162. [Source GeoIP Country: United States]
  163. [Source GeoIP AS Number: AS15169 Google Inc.]
  164. [Source GeoIP City: Mountain View, CA]
  165. [Source GeoIP Latitude: 37.419201]
  166. [Source GeoIP Longitude: -122.057404]
  167. [Destination GeoIP: Unknown]
  168. Transmission Control Protocol, Src Port: 443, Dst Port: 46230, Seq: 1349, Ack: 205, Len: 1348
  169. Source Port: 443
  170. Destination Port: 46230
  171. [Stream index: 13]
  172. [TCP Segment Len: 1348]
  173. Sequence number: 1349 (relative sequence number)
  174. [Next sequence number: 2697 (relative sequence number)]
  175. Acknowledgment number: 205 (relative ack number)
  176. Header Length: 32 bytes
  177. Flags: 0x010 (ACK)
  178. Window size value: 115
  179. [Calculated window size: 29440]
  180. [Window size scaling factor: 256]
  181. Checksum: 0x71b6 [unverified]
  182. [Checksum Status: Unverified]
  183. Urgent pointer: 0
  184. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  185. No-Operation (NOP)
  186. No-Operation (NOP)
  187. Timestamps: TSval 751337073, TSecr 74540
  188. [SEQ/ACK analysis]
  189. [iRTT: 0.359988000 seconds]
  190. [Bytes in flight: 3284]
  191. [Bytes sent since last PSH flag: 2696]
  192. [TCP Analysis Flags]
  193. [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
  194. [This frame is a (suspected) retransmission]
  195. [Severity level: Note]
  196. [Group: Sequence]
  197. [The RTO for this segment was: 0.440629000 seconds]
  198. [RTO based on delta from frame: 150]
  199. Retransmitted TCP segment data (1348 bytes)
  200.  
  201. Frame 405: 312 bytes on wire (2496 bits), 312 bytes captured (2496 bits)
  202. Ethernet II, Src: 42:01:0a:00:00:02 (42:01:0a:00:00:02), Dst: 42:01:0a:00:00:01 (42:01:0a:00:00:01)
  203. Internet Protocol Version 4, Src: 10.0.0.2, Dst: 169.254.169.254
  204. 0100 .... = Version: 4
  205. .... 0101 = Header Length: 20 bytes (5)
  206. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  207. Total Length: 298
  208. Identification: 0x96f0 (38640)
  209. Flags: 0x02 (Don't Fragment)
  210. Fragment offset: 0
  211. Time to live: 64
  212. Protocol: TCP (6)
  213. Header checksum: 0x44df [validation disabled]
  214. [Header checksum status: Unverified]
  215. Source: 10.0.0.2
  216. Destination: 169.254.169.254
  217. [Source GeoIP: Unknown]
  218. [Destination GeoIP: Unknown]
  219. Transmission Control Protocol, Src Port: 38082, Dst Port: 80, Seq: 1, Ack: 1, Len: 258
  220. Source Port: 38082
  221. Destination Port: 80
  222. [Stream index: 21]
  223. [TCP Segment Len: 258]
  224. Sequence number: 1 (relative sequence number)
  225. [Next sequence number: 259 (relative sequence number)]
  226. Acknowledgment number: 1 (relative ack number)
  227. Header Length: 20 bytes
  228. Flags: 0x018 (PSH, ACK)
  229. Window size value: 28400
  230. [Calculated window size: 28400]
  231. [Window size scaling factor: -2 (no window scaling used)]
  232. Checksum: 0x5f1b [unverified]
  233. [Checksum Status: Unverified]
  234. Urgent pointer: 0
  235. [SEQ/ACK analysis]
  236. [iRTT: 0.000325000 seconds]
  237. [Bytes in flight: 258]
  238. [Bytes sent since last PSH flag: 258]
  239. Hypertext Transfer Protocol
  240. GET /computeMetadata/v1/?timeout_sec=89&last_etag=d9d7ea9ecebafaf7&alt=json&recursive=True&wait_for_change=True HTTP/1.1\r\n
  241. [Expert Info (Chat/Sequence): GET /computeMetadata/v1/?timeout_sec=89&last_etag=d9d7ea9ecebafaf7&alt=json&recursive=True&wait_for_change=True HTTP/1.1\r\n]
  242. [GET /computeMetadata/v1/?timeout_sec=89&last_etag=d9d7ea9ecebafaf7&alt=json&recursive=True&wait_for_change=True HTTP/1.1\r\n]
  243. [Severity level: Chat]
  244. [Group: Sequence]
  245. Request Method: GET
  246. Request URI: /computeMetadata/v1/?timeout_sec=89&last_etag=d9d7ea9ecebafaf7&alt=json&recursive=True&wait_for_change=True
  247. Request URI Path: /computeMetadata/v1/
  248. Request URI Query: timeout_sec=89&last_etag=d9d7ea9ecebafaf7&alt=json&recursive=True&wait_for_change=True
  249. Request URI Query Parameter: timeout_sec=89
  250. Request URI Query Parameter: last_etag=d9d7ea9ecebafaf7
  251. Request URI Query Parameter: alt=json
  252. Request URI Query Parameter: recursive=True
  253. Request URI Query Parameter: wait_for_change=True
  254. Request Version: HTTP/1.1
  255. Accept-Encoding: identity\r\n
  256. Host: metadata.google.internal\r\n
  257. Metadata-Flavor: Google\r\n
  258. Connection: close\r\n
  259. User-Agent: Python-urllib/2.7\r\n
  260. \r\n
  261. [Full request URI: http://metadata.google.internal/computeMetadata/v1/?timeout_sec=89&last_etag=d9d7ea9ecebafaf7&alt=json&recursive=True&wait_for_change=True]
  262. [HTTP request 1/1]
  263. [Response in frame: 1087]
  264.  
  265. Frame 420: 637 bytes on wire (5096 bits), 637 bytes captured (5096 bits)
  266. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  267. Internet Protocol Version 4, Src: 169.254.169.254, Dst: 10.0.0.2
  268. 0100 .... = Version: 4
  269. .... 0101 = Header Length: 20 bytes (5)
  270. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  271. Total Length: 623
  272. Identification: 0x0000 (0)
  273. Flags: 0x00
  274. Fragment offset: 0
  275. Time to live: 64
  276. Protocol: TCP (6)
  277. Header checksum: 0x1a8b [validation disabled]
  278. [Header checksum status: Unverified]
  279. Source: 169.254.169.254
  280. Destination: 10.0.0.2
  281. [Source GeoIP: Unknown]
  282. [Destination GeoIP: Unknown]
  283. Transmission Control Protocol, Src Port: 80, Dst Port: 38076, Seq: 1, Ack: 287, Len: 583
  284. Source Port: 80
  285. Destination Port: 38076
  286. [Stream index: 6]
  287. [TCP Segment Len: 583]
  288. Sequence number: 1 (relative sequence number)
  289. [Next sequence number: 584 (relative sequence number)]
  290. Acknowledgment number: 287 (relative ack number)
  291. Header Length: 20 bytes
  292. Flags: 0x018 (PSH, ACK)
  293. Window size value: 65535
  294. [Calculated window size: 65535]
  295. [Window size scaling factor: -2 (no window scaling used)]
  296. Checksum: 0xbf2b [unverified]
  297. [Checksum Status: Unverified]
  298. Urgent pointer: 0
  299. [SEQ/ACK analysis]
  300. [iRTT: 0.000330000 seconds]
  301. [Bytes in flight: 583]
  302. [Bytes sent since last PSH flag: 583]
  303. Hypertext Transfer Protocol
  304. HTTP/1.1 200 OK\r\n
  305. [Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n]
  306. [HTTP/1.1 200 OK\r\n]
  307. [Severity level: Chat]
  308. [Group: Sequence]
  309. Request Version: HTTP/1.1
  310. Status Code: 200
  311. Response Phrase: OK
  312. Metadata-Flavor: Google\r\n
  313. Content-Type: application/json\r\n
  314. ETag: 31109d51c4b4df85\r\n
  315. Date: Tue, 17 Jul 2018 22:20:15 GMT\r\n
  316. Server: Metadata Server for VM\r\n
  317. Connection: Close\r\n
  318. Content-Length: 312\r\n
  319. [Content length: 312]
  320. X-XSS-Protection: 1; mode=block\r\n
  321. X-Frame-Options: SAMEORIGIN\r\n
  322. \r\n
  323. [HTTP response 1/1]
  324. [Time since request: 82.019145000 seconds]
  325. [Request in frame: 70]
  326. File Data: 312 bytes
  327. JavaScript Object Notation: application/json
  328. Array
  329. Object
  330. Member Key: accessConfigs
  331. Array
  332. Object
  333. Member Key: externalIp
  334. String value: 35.188.78.199
  335. Key: externalIp
  336. Member Key: type
  337. String value: ONE_TO_ONE_NAT
  338. Key: type
  339. Key: accessConfigs
  340. Member Key: dnsServers
  341. Array
  342. String value: 169.254.169.254
  343. Key: dnsServers
  344. Member Key: forwardedIps
  345. Array
  346. Key: forwardedIps
  347. Member Key: gateway
  348. String value: 10.0.0.1
  349. Key: gateway
  350. Member Key: ip
  351. String value: 10.0.0.2
  352. Key: ip
  353. Member Key: ipAliases
  354. Array
  355. Key: ipAliases
  356. Member Key: mac
  357. String value: 42:01:0a:00:00:02
  358. Key: mac
  359. Member Key: network
  360. String value: projects/338703512437/networks/vpn-network
  361. Key: network
  362. Member Key: subnetmask
  363. String value: 255.255.255.0
  364. Key: subnetmask
  365. Member Key: targetInstanceIps
  366. Array
  367. Key: targetInstanceIps
  368.  
  369. Frame 432: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
  370. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  371. Internet Protocol Version 4, Src: 172.31.0.1, Dst: 8.8.4.4
  372. 0100 .... = Version: 4
  373. .... 0101 = Header Length: 20 bytes (5)
  374. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  375. Total Length: 60
  376. Identification: 0x06aa (1706)
  377. Flags: 0x02 (Don't Fragment)
  378. Fragment offset: 0
  379. Time to live: 64
  380. Protocol: UDP (17)
  381. Header checksum: 0x7bdb [validation disabled]
  382. [Header checksum status: Unverified]
  383. Source: 172.31.0.1
  384. Destination: 8.8.4.4
  385. [Source GeoIP: Unknown]
  386. [Destination GeoIP: United States, AS15169 Google Inc., 37.750999, -97.821999]
  387. User Datagram Protocol, Src Port: 54238, Dst Port: 53
  388. Source Port: 54238
  389. Destination Port: 53
  390. Length: 40
  391. Checksum: 0xf247 [unverified]
  392. [Checksum Status: Unverified]
  393. [Stream index: 17]
  394. Domain Name System (query)
  395. Transaction ID: 0xf26e
  396. Flags: 0x0100 Standard query
  397. Questions: 1
  398. Answer RRs: 0
  399. Authority RRs: 0
  400. Additional RRs: 0
  401. Queries
  402. www.google.com: type A, class IN
  403. Name: www.google.com
  404. [Name Length: 14]
  405. [Label Count: 3]
  406. Type: A (Host Address) (1)
  407. Class: IN (0x0001)
  408. Frame 434: 170 bytes on wire (1360 bits), 170 bytes captured (1360 bits)
  409. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  410. Internet Protocol Version 4, Src: 8.8.4.4, Dst: 10.0.0.2
  411. 0100 .... = Version: 4
  412. .... 0101 = Header Length: 20 bytes (5)
  413. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  414. Total Length: 156
  415. Identification: 0xbe91 (48785)
  416. Flags: 0x00
  417. Fragment offset: 0
  418. Time to live: 52
  419. Protocol: UDP (17)
  420. Header checksum: 0xb1b2 [validation disabled]
  421. [Header checksum status: Unverified]
  422. Source: 8.8.4.4
  423. Destination: 10.0.0.2
  424. [Source GeoIP: United States, AS15169 Google Inc., 37.750999, -97.821999]
  425. [Destination GeoIP: Unknown]
  426. User Datagram Protocol, Src Port: 53, Dst Port: 54238
  427. Source Port: 53
  428. Destination Port: 54238
  429. Length: 136
  430. Checksum: 0xe5e8 [unverified]
  431. [Checksum Status: Unverified]
  432. [Stream index: 18]
  433. Domain Name System (response)
  434. [Request In: 433]
  435. [Time: 0.002003000 seconds]
  436. Transaction ID: 0xf26e
  437. Flags: 0x8180 Standard query response, No error
  438. Questions: 1
  439. Answer RRs: 6
  440. Authority RRs: 0
  441. Additional RRs: 0
  442. Queries
  443. www.google.com: type A, class IN
  444. Name: www.google.com
  445. [Name Length: 14]
  446. [Label Count: 3]
  447. Type: A (Host Address) (1)
  448. Class: IN (0x0001)
  449. Answers
  450. www.google.com: type A, class IN, addr 74.125.124.105
  451. Name: www.google.com
  452. Type: A (Host Address) (1)
  453. Class: IN (0x0001)
  454. Time to live: 138
  455. Data length: 4
  456. Address: 74.125.124.105
  457. www.google.com: type A, class IN, addr 74.125.124.99
  458. Name: www.google.com
  459. Type: A (Host Address) (1)
  460. Class: IN (0x0001)
  461. Time to live: 138
  462. Data length: 4
  463. Address: 74.125.124.99
  464. www.google.com: type A, class IN, addr 74.125.124.103
  465. Name: www.google.com
  466. Type: A (Host Address) (1)
  467. Class: IN (0x0001)
  468. Time to live: 138
  469. Data length: 4
  470. Address: 74.125.124.103
  471. www.google.com: type A, class IN, addr 74.125.124.104
  472. Name: www.google.com
  473. Type: A (Host Address) (1)
  474. Class: IN (0x0001)
  475. Time to live: 138
  476. Data length: 4
  477. Address: 74.125.124.104
  478. www.google.com: type A, class IN, addr 74.125.124.106
  479. Name: www.google.com
  480. Type: A (Host Address) (1)
  481. Class: IN (0x0001)
  482. Time to live: 138
  483. Data length: 4
  484. Address: 74.125.124.106
  485. www.google.com: type A, class IN, addr 74.125.124.147
  486. Name: www.google.com
  487. Type: A (Host Address) (1)
  488. Class: IN (0x0001)
  489. Time to live: 138
  490. Data length: 4
  491. Address: 74.125.124.147
  492.  
  493. Frame 452: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
  494. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  495. Internet Protocol Version 4, Src: 172.31.0.1, Dst: 74.125.124.105
  496. 0100 .... = Version: 4
  497. .... 0101 = Header Length: 20 bytes (5)
  498. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  499. Total Length: 60
  500. Identification: 0x2f34 (12084)
  501. Flags: 0x02 (Don't Fragment)
  502. Fragment offset: 0
  503. Time to live: 64
  504. Protocol: TCP (6)
  505. Header checksum: 0x9881 [validation disabled]
  506. [Header checksum status: Unverified]
  507. Source: 172.31.0.1
  508. Destination: 74.125.124.105
  509. [Source GeoIP: Unknown]
  510. [Destination GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  511. Transmission Control Protocol, Src Port: 39190, Dst Port: 443, Seq: 0, Len: 0
  512. Source Port: 39190
  513. Destination Port: 443
  514. [Stream index: 23]
  515. [TCP Segment Len: 0]
  516. Sequence number: 0 (relative sequence number)
  517. Acknowledgment number: 0
  518. Header Length: 40 bytes
  519. Flags: 0x002 (SYN)
  520. 000. .... .... = Reserved: Not set
  521. ...0 .... .... = Nonce: Not set
  522. .... 0... .... = Congestion Window Reduced (CWR): Not set
  523. .... .0.. .... = ECN-Echo: Not set
  524. .... ..0. .... = Urgent: Not set
  525. .... ...0 .... = Acknowledgment: Not set
  526. .... .... 0... = Push: Not set
  527. .... .... .0.. = Reset: Not set
  528. .... .... ..1. = Syn: Set
  529. [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443]
  530. [Connection establish request (SYN): server port 443]
  531. [Severity level: Chat]
  532. [Group: Sequence]
  533. .... .... ...0 = Fin: Not set
  534. [TCP Flags: ··········S·]
  535. Window size value: 29200
  536. [Calculated window size: 29200]
  537. Checksum: 0xc539 [unverified]
  538. [Checksum Status: Unverified]
  539. Urgent pointer: 0
  540. Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
  541. Maximum segment size: 1460 bytes
  542. TCP SACK Permitted Option: True
  543. Timestamps: TSval 82386, TSecr 0
  544. No-Operation (NOP)
  545. Type: 1
  546. 0... .... = Copy on fragmentation: No
  547. .00. .... = Class: Control (0)
  548. ...0 0001 = Number: No-Operation (NOP) (1)
  549. Window scale: 7 (multiply by 128)
  550.  
  551. Frame 453: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
  552. Ethernet II, Src: 42:01:0a:00:00:02 (42:01:0a:00:00:02), Dst: 42:01:0a:00:00:01 (42:01:0a:00:00:01)
  553. Internet Protocol Version 4, Src: 10.0.0.2, Dst: 74.125.124.105
  554. 0100 .... = Version: 4
  555. .... 0101 = Header Length: 20 bytes (5)
  556. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  557. Total Length: 60
  558. Identification: 0x2f34 (12084)
  559. Flags: 0x02 (Don't Fragment)
  560. Fragment offset: 0
  561. Time to live: 63
  562. Protocol: TCP (6)
  563. Header checksum: 0x3ba0 [validation disabled]
  564. [Header checksum status: Unverified]
  565. Source: 10.0.0.2
  566. Destination: 74.125.124.105
  567. [Source GeoIP: Unknown]
  568. [Destination GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  569. Transmission Control Protocol, Src Port: 39190, Dst Port: 443, Seq: 0, Len: 0
  570. Source Port: 39190
  571. Destination Port: 443
  572. [Stream index: 24]
  573. [TCP Segment Len: 0]
  574. Sequence number: 0 (relative sequence number)
  575. Acknowledgment number: 0
  576. Header Length: 40 bytes
  577. Flags: 0x002 (SYN)
  578. 000. .... .... = Reserved: Not set
  579. ...0 .... .... = Nonce: Not set
  580. .... 0... .... = Congestion Window Reduced (CWR): Not set
  581. .... .0.. .... = ECN-Echo: Not set
  582. .... ..0. .... = Urgent: Not set
  583. .... ...0 .... = Acknowledgment: Not set
  584. .... .... 0... = Push: Not set
  585. .... .... .0.. = Reset: Not set
  586. .... .... ..1. = Syn: Set
  587. [Expert Info (Chat/Sequence): Connection establish request (SYN): server port 443]
  588. [Connection establish request (SYN): server port 443]
  589. [Severity level: Chat]
  590. [Group: Sequence]
  591. .... .... ...0 = Fin: Not set
  592. [TCP Flags: ··········S·]
  593. Window size value: 29200
  594. [Calculated window size: 29200]
  595. Checksum: 0x67bc [unverified]
  596. [Checksum Status: Unverified]
  597. Urgent pointer: 0
  598. Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
  599. Maximum segment size: 1360 bytes
  600. TCP SACK Permitted Option: True
  601. Timestamps: TSval 82386, TSecr 0
  602. No-Operation (NOP)
  603. Type: 1
  604. 0... .... = Copy on fragmentation: No
  605. .00. .... = Class: Control (0)
  606. ...0 0001 = Number: No-Operation (NOP) (1)
  607. Window scale: 7 (multiply by 128)
  608.  
  609. Frame 454: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
  610. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  611. Internet Protocol Version 4, Src: 74.125.124.105, Dst: 10.0.0.2
  612. 0100 .... = Version: 4
  613. .... 0101 = Header Length: 20 bytes (5)
  614. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  615. Total Length: 60
  616. Identification: 0x0000 (0)
  617. Flags: 0x02 (Don't Fragment)
  618. Fragment offset: 0
  619. Time to live: 64
  620. Protocol: TCP (6)
  621. Header checksum: 0x69d4 [validation disabled]
  622. [Header checksum status: Unverified]
  623. Source: 74.125.124.105
  624. Destination: 10.0.0.2
  625. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  626. [Destination GeoIP: Unknown]
  627. Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 0, Ack: 1, Len: 0
  628. Source Port: 443
  629. Destination Port: 39190
  630. [Stream index: 24]
  631. [TCP Segment Len: 0]
  632. Sequence number: 0 (relative sequence number)
  633. Acknowledgment number: 1 (relative ack number)
  634. Header Length: 40 bytes
  635. Flags: 0x012 (SYN, ACK)
  636. 000. .... .... = Reserved: Not set
  637. ...0 .... .... = Nonce: Not set
  638. .... 0... .... = Congestion Window Reduced (CWR): Not set
  639. .... .0.. .... = ECN-Echo: Not set
  640. .... ..0. .... = Urgent: Not set
  641. .... ...1 .... = Acknowledgment: Set
  642. .... .... 0... = Push: Not set
  643. .... .... .0.. = Reset: Not set
  644. .... .... ..1. = Syn: Set
  645. [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port 443]
  646. [Connection establish acknowledge (SYN+ACK): server port 443]
  647. [Severity level: Chat]
  648. [Group: Sequence]
  649. .... .... ...0 = Fin: Not set
  650. [TCP Flags: ·······A··S·]
  651. Window size value: 28160
  652. [Calculated window size: 28160]
  653. Checksum: 0xa802 [unverified]
  654. [Checksum Status: Unverified]
  655. Urgent pointer: 0
  656. Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
  657. Maximum segment size: 1420 bytes
  658. TCP SACK Permitted Option: True
  659. Timestamps: TSval 791361978, TSecr 82386
  660. No-Operation (NOP)
  661. Type: 1
  662. 0... .... = Copy on fragmentation: No
  663. .00. .... = Class: Control (0)
  664. ...0 0001 = Number: No-Operation (NOP) (1)
  665. Window scale: 8 (multiply by 256)
  666. [SEQ/ACK analysis]
  667. [This is an ACK to the segment in frame: 453]
  668. [The RTT to ACK the segment was: 0.000854000 seconds]
  669. [iRTT: 0.000009000 seconds]
  670.  
  671. Frame 466: 261 bytes on wire (2088 bits), 261 bytes captured (2088 bits)
  672. Ethernet II, Src: 42:01:0a:00:00:02 (42:01:0a:00:00:02), Dst: 42:01:0a:00:00:01 (42:01:0a:00:00:01)
  673. Internet Protocol Version 4, Src: 10.0.0.2, Dst: 74.125.124.105
  674. 0100 .... = Version: 4
  675. .... 0101 = Header Length: 20 bytes (5)
  676. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  677. Total Length: 247
  678. Identification: 0x2f37 (12087)
  679. Flags: 0x02 (Don't Fragment)
  680. Fragment offset: 0
  681. Time to live: 63
  682. Protocol: TCP (6)
  683. Header checksum: 0x3ae2 [validation disabled]
  684. [Header checksum status: Unverified]
  685. Source: 10.0.0.2
  686. Destination: 74.125.124.105
  687. [Source GeoIP: Unknown]
  688. [Destination GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  689. Transmission Control Protocol, Src Port: 39190, Dst Port: 443, Seq: 1, Ack: 1, Len: 195
  690. Source Port: 39190
  691. Destination Port: 443
  692. [Stream index: 24]
  693. [TCP Segment Len: 195]
  694. Sequence number: 1 (relative sequence number)
  695. [Next sequence number: 196 (relative sequence number)]
  696. Acknowledgment number: 1 (relative ack number)
  697. Header Length: 32 bytes
  698. Flags: 0x018 (PSH, ACK)
  699. 000. .... .... = Reserved: Not set
  700. ...0 .... .... = Nonce: Not set
  701. .... 0... .... = Congestion Window Reduced (CWR): Not set
  702. .... .0.. .... = ECN-Echo: Not set
  703. .... ..0. .... = Urgent: Not set
  704. .... ...1 .... = Acknowledgment: Set
  705. .... .... 1... = Push: Set
  706. .... .... .0.. = Reset: Not set
  707. .... .... ..0. = Syn: Not set
  708. .... .... ...0 = Fin: Not set
  709. [TCP Flags: ·······AP···]
  710. Window size value: 229
  711. [Calculated window size: 29312]
  712. [Window size scaling factor: 128]
  713. Checksum: 0x134d [unverified]
  714. [Checksum Status: Unverified]
  715. Urgent pointer: 0
  716. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  717. No-Operation (NOP)
  718. Type: 1
  719. 0... .... = Copy on fragmentation: No
  720. .00. .... = Class: Control (0)
  721. ...0 0001 = Number: No-Operation (NOP) (1)
  722. No-Operation (NOP)
  723. Type: 1
  724. 0... .... = Copy on fragmentation: No
  725. .00. .... = Class: Control (0)
  726. ...0 0001 = Number: No-Operation (NOP) (1)
  727. Timestamps: TSval 82726, TSecr 791361978
  728. [SEQ/ACK analysis]
  729. [iRTT: 0.000009000 seconds]
  730. [Bytes in flight: 196]
  731. [Bytes sent since last PSH flag: 195]
  732. Secure Sockets Layer
  733. TLSv1.2 Record Layer: Handshake Protocol: Client Hello
  734. Content Type: Handshake (22)
  735. Version: TLS 1.0 (0x0301)
  736. Length: 190
  737. Handshake Protocol: Client Hello
  738.  
  739. Frame 471: 1414 bytes on wire (11312 bits), 1414 bytes captured (11312 bits)
  740. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  741. Internet Protocol Version 4, Src: 74.125.124.105, Dst: 10.0.0.2
  742. 0100 .... = Version: 4
  743. .... 0101 = Header Length: 20 bytes (5)
  744. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  745. Total Length: 1400
  746. Identification: 0x0000 (0)
  747. Flags: 0x02 (Don't Fragment)
  748. Fragment offset: 0
  749. Time to live: 64
  750. Protocol: TCP (6)
  751. Header checksum: 0x6498 [validation disabled]
  752. [Header checksum status: Unverified]
  753. Source: 74.125.124.105
  754. Destination: 10.0.0.2
  755. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  756. [Destination GeoIP: Unknown]
  757. Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 1, Ack: 196, Len: 1348
  758. Source Port: 443
  759. Destination Port: 39190
  760. [Stream index: 24]
  761. [TCP Segment Len: 1348]
  762. Sequence number: 1 (relative sequence number)
  763. [Next sequence number: 1349 (relative sequence number)]
  764. Acknowledgment number: 196 (relative ack number)
  765. Header Length: 32 bytes
  766. Flags: 0x010 (ACK)
  767. 000. .... .... = Reserved: Not set
  768. ...0 .... .... = Nonce: Not set
  769. .... 0... .... = Congestion Window Reduced (CWR): Not set
  770. .... .0.. .... = ECN-Echo: Not set
  771. .... ..0. .... = Urgent: Not set
  772. .... ...1 .... = Acknowledgment: Set
  773. .... .... 0... = Push: Not set
  774. .... .... .0.. = Reset: Not set
  775. .... .... ..0. = Syn: Not set
  776. .... .... ...0 = Fin: Not set
  777. [TCP Flags: ·······A····]
  778. Window size value: 115
  779. [Calculated window size: 29440]
  780. [Window size scaling factor: 256]
  781. Checksum: 0xf736 [unverified]
  782. [Checksum Status: Unverified]
  783. Urgent pointer: 0
  784. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  785. No-Operation (NOP)
  786. Type: 1
  787. 0... .... = Copy on fragmentation: No
  788. .00. .... = Class: Control (0)
  789. ...0 0001 = Number: No-Operation (NOP) (1)
  790. No-Operation (NOP)
  791. Type: 1
  792. 0... .... = Copy on fragmentation: No
  793. .00. .... = Class: Control (0)
  794. ...0 0001 = Number: No-Operation (NOP) (1)
  795. Timestamps: TSval 791362643, TSecr 82726
  796. [SEQ/ACK analysis]
  797. [iRTT: 0.000009000 seconds]
  798. [Bytes in flight: 1349]
  799. [Bytes sent since last PSH flag: 1348]
  800. TCP segment data (1271 bytes)
  801. Secure Sockets Layer
  802. TLSv1.2 Record Layer: Handshake Protocol: Server Hello
  803. Content Type: Handshake (22)
  804. Version: TLS 1.2 (0x0303)
  805. Length: 72
  806. Handshake Protocol: Server Hello
  807.  
  808. Frame 472: 590 bytes on wire (4720 bits), 590 bytes captured (4720 bits)
  809. Ethernet II, Src: 42:01:0a:00:00:02 (42:01:0a:00:00:02), Dst: 42:01:0a:00:00:01 (42:01:0a:00:00:01)
  810. Internet Protocol Version 4, Src: 10.0.0.2, Dst: 74.125.124.105
  811. 0100 .... = Version: 4
  812. .... 0101 = Header Length: 20 bytes (5)
  813. Differentiated Services Field: 0xc0 (DSCP: CS6, ECN: Not-ECT)
  814. Total Length: 576
  815. Identification: 0xc2f5 (49909)
  816. Flags: 0x00
  817. Fragment offset: 0
  818. Time to live: 64
  819. Protocol: ICMP (1)
  820. Header checksum: 0xe41f [validation disabled]
  821. [Header checksum status: Unverified]
  822. Source: 10.0.0.2
  823. Destination: 74.125.124.105
  824. [Source GeoIP: Unknown]
  825. [Destination GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  826. Internet Control Message Protocol
  827. Type: 3 (Destination unreachable)
  828. Code: 4 (Fragmentation needed)
  829. Checksum: 0x66da [correct]
  830. [Checksum Status: Good]
  831. Unused: 0000
  832. MTU of next hop: 1390
  833. Internet Protocol Version 4, Src: 74.125.124.105, Dst: 10.0.0.2
  834. 0100 .... = Version: 4
  835. .... 0101 = Header Length: 20 bytes (5)
  836. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  837. Total Length: 1400
  838. Identification: 0x0000 (0)
  839. Flags: 0x02 (Don't Fragment)
  840. Fragment offset: 0
  841. Time to live: 63
  842. Protocol: TCP (6)
  843. Header checksum: 0x6598 [validation disabled]
  844. [Header checksum status: Unverified]
  845. Source: 74.125.124.105
  846. Destination: 10.0.0.2
  847. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  848. [Destination GeoIP: Unknown]
  849. Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 889595281, Ack: 1378119594
  850. Source Port: 443
  851. Destination Port: 39190
  852. Sequence number: 889595281
  853. [Stream index: 24]
  854. Sequence number: 889595281 (relative sequence number)
  855. Acknowledgment number: 1378119594 (relative ack number)
  856. Header Length: 32 bytes
  857. Flags: 0x010 (ACK)
  858. 000. .... .... = Reserved: Not set
  859. ...0 .... .... = Nonce: Not set
  860. .... 0... .... = Congestion Window Reduced (CWR): Not set
  861. .... .0.. .... = ECN-Echo: Not set
  862. .... ..0. .... = Urgent: Not set
  863. .... ...1 .... = Acknowledgment: Set
  864. .... .... 0... = Push: Not set
  865. .... .... .0.. = Reset: Not set
  866. .... .... ..0. = Syn: Not set
  867. .... .... ...0 = Fin: Not set
  868. [TCP Flags: ·······A····]
  869. Window size value: 115
  870. [Calculated window size: 115]
  871. [Window size scaling factor: 256]
  872. Checksum: 0xf736 [unverified]
  873. [Checksum Status: Unverified]
  874. Urgent pointer: 0
  875. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  876. No-Operation (NOP)
  877. Type: 1
  878. 0... .... = Copy on fragmentation: No
  879. .00. .... = Class: Control (0)
  880. ...0 0001 = Number: No-Operation (NOP) (1)
  881. No-Operation (NOP)
  882. Type: 1
  883. 0... .... = Copy on fragmentation: No
  884. .00. .... = Class: Control (0)
  885. ...0 0001 = Number: No-Operation (NOP) (1)
  886. Timestamps: TSval 791362643, TSecr 82726
  887. Secure Sockets Layer
  888. TLSv1.2 Record Layer: Handshake Protocol: Server Hello
  889. Content Type: Handshake (22)
  890. Version: TLS 1.2 (0x0303)
  891. Length: 72
  892. Handshake Protocol: Server Hello
  893.  
  894. Frame 473: 1033 bytes on wire (8264 bits), 1033 bytes captured (8264 bits)
  895. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  896. Internet Protocol Version 4, Src: 74.125.124.105, Dst: 10.0.0.2
  897. 0100 .... = Version: 4
  898. .... 0101 = Header Length: 20 bytes (5)
  899. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  900. Total Length: 1019
  901. Identification: 0x0000 (0)
  902. Flags: 0x02 (Don't Fragment)
  903. Fragment offset: 0
  904. Time to live: 64
  905. Protocol: TCP (6)
  906. Header checksum: 0x6615 [validation disabled]
  907. [Header checksum status: Unverified]
  908. Source: 74.125.124.105
  909. Destination: 10.0.0.2
  910. [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
  911. [Destination GeoIP: Unknown]
  912. Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 1349, Ack: 196, Len: 967
  913. Source Port: 443
  914. Destination Port: 39190
  915. [Stream index: 24]
  916. [TCP Segment Len: 967]
  917. Sequence number: 1349 (relative sequence number)
  918. [Next sequence number: 2316 (relative sequence number)]
  919. Acknowledgment number: 196 (relative ack number)
  920. Header Length: 32 bytes
  921. Flags: 0x018 (PSH, ACK)
  922. 000. .... .... = Reserved: Not set
  923. ...0 .... .... = Nonce: Not set
  924. .... 0... .... = Congestion Window Reduced (CWR): Not set
  925. .... .0.. .... = ECN-Echo: Not set
  926. .... ..0. .... = Urgent: Not set
  927. .... ...1 .... = Acknowledgment: Set
  928. .... .... 1... = Push: Set
  929. .... .... .0.. = Reset: Not set
  930. .... .... ..0. = Syn: Not set
  931. .... .... ...0 = Fin: Not set
  932. [TCP Flags: ·······AP···]
  933. Window size value: 115
  934. [Calculated window size: 29440]
  935. [Window size scaling factor: 256]
  936. Checksum: 0x19b1 [unverified]
  937. [Checksum Status: Unverified]
  938. Urgent pointer: 0
  939. Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
  940. No-Operation (NOP)
  941. Type: 1
  942. 0... .... = Copy on fragmentation: No
  943. .00. .... = Class: Control (0)
  944. ...0 0001 = Number: No-Operation (NOP) (1)
  945. No-Operation (NOP)
  946. Type: 1
  947. 0... .... = Copy on fragmentation: No
  948. .00. .... = Class: Control (0)
  949. ...0 0001 = Number: No-Operation (NOP) (1)
  950. Timestamps: TSval 791362665, TSecr 82726
  951. [SEQ/ACK analysis]
  952. [iRTT: 0.000009000 seconds]
  953. [Bytes in flight: 2316]
  954. [Bytes sent since last PSH flag: 2315]
  955. TCP segment data (967 bytes)
  956. Secure Sockets Layer
  957. TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange
  958. Content Type: Handshake (22)
  959. Version: TLS 1.2 (0x0303)
  960. Length: 115
  961. Handshake Protocol: Server Key Exchange
  962. TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done
  963. Content Type: Handshake (22)
  964. Version: TLS 1.2 (0x0303)
  965. Length: 4
  966. Handshake Protocol: Server Hello Done
  967.  
  968. Frame 534: 124 bytes on wire (992 bits), 124 bytes captured (992 bits)
  969. Ethernet II, Src: 42:01:0a:00:00:01 (42:01:0a:00:00:01), Dst: 42:01:0a:00:00:02 (42:01:0a:00:00:02)
  970. Internet Protocol Version 4, Src: 8.8.4.4, Dst: 10.0.0.2
  971. 0100 .... = Version: 4
  972. .... 0101 = Header Length: 20 bytes (5)
  973. Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
  974. Total Length: 110
  975. Identification: 0xa54b (42315)
  976. Flags: 0x00
  977. Fragment offset: 0
  978. Time to live: 51
  979. Protocol: UDP (17)
  980. Header checksum: 0xcc26 [validation disabled]
  981. [Header checksum status: Unverified]
  982. Source: 8.8.4.4
  983. Destination: 10.0.0.2
  984. [Source GeoIP: United States, AS15169 Google Inc., 37.750999, -97.821999]
  985. [Destination GeoIP: Unknown]
  986. User Datagram Protocol, Src Port: 53, Dst Port: 44864
  987. Source Port: 53
  988. Destination Port: 44864
  989. Length: 90
  990. Checksum: 0xb773 [unverified]
  991. [Checksum Status: Unverified]
  992. [Stream index: 26]
  993. Domain Name System (response)
  994. [Request In: 533]
  995. [Time: 0.003377000 seconds]
  996. Transaction ID: 0xf690
  997. Flags: 0x8180 Standard query response, No error
  998. Questions: 1
  999. Answer RRs: 2
  1000. Authority RRs: 0
  1001. Additional RRs: 0
  1002. Queries
  1003. apis.google.com: type AAAA, class IN
  1004. Name: apis.google.com
  1005. [Name Length: 15]
  1006. [Label Count: 3]
  1007. Type: AAAA (IPv6 Address) (28)
  1008. Class: IN (0x0001)
  1009. Answers
  1010. apis.google.com: type CNAME, class IN, cname plus.l.google.com
  1011. Name: apis.google.com
  1012. Type: CNAME (Canonical NAME for an alias) (5)
  1013. Class: IN (0x0001)
  1014. Time to live: 21599
  1015. Data length: 9
  1016. CNAME: plus.l.google.com
  1017. plus.l.google.com: type AAAA, class IN, addr 2607:f8b0:4001:c12::8a
  1018. Name: plus.l.google.com
  1019. Type: AAAA (IPv6 Address) (28)
  1020. Class: IN (0x0001)
  1021. Time to live: 299
  1022. Data length: 16
  1023. AAAA Address: 2607:f8b0:4001:c12::8a
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!