diff --git a/MainController.py b/MainController.py index 215f59a..768da89 100644 --- a/MainController.py +++ b/MainController.py @@ -4,6 +4,7 @@ from MainView import MainView from models.NetworkingScanner import NetworkScanner from models.Sniffer import packet_callback, sniff from models.MusicPlayer import MusicPlayerModel +from models.GamblingGameModel import GamblingGameModel import tkinter as tk import time import datetime @@ -17,6 +18,9 @@ class MainController: self.connect_events() self.start_system_updates() self.music_model = MusicPlayerModel() + self.game_model = GamblingGameModel() + self.roulette_running = False + self.roulette_thread = None def connect_events(self): """Conecta los eventos de la vista con las funciones del controlador.""" @@ -29,6 +33,10 @@ class MainController: self.view.button_stop_music.config(command=self.stop_song) self.view.button_refresh_music.config(command=self.refresh_songs) + """Conecta los eventos de la vista con las funciones del controlador.""" + self.view.button_start_roulette.config(command=self.start_roulette) + self.view.button_stop_roulette.config(command=self.stop_roulette) + def start_sniffer_thread(self): """Inicia el sniffer en un hilo separado.""" @@ -173,3 +181,73 @@ class MainController: self.load_songs() print(self.message) + + def start_roulette(self): + """Inicia el giro de la ruleta en un hilo.""" + if self.roulette_running: + return + + try: + bet = int(self.view.bet_entry.get()) + chosen_number = int(self.view.number_entry.get()) + except ValueError: + self.view.result_label.config(text="Por favor, ingresa valores numéricos válidos.", foreground="red") + return + + if bet <= 0 or chosen_number < 1 or chosen_number > 10: + self.view.result_label.config( + text="La apuesta debe ser mayor a 0 y elige un número entre 1 y 10.", foreground="red" + ) + return + + if bet > self.game_model.get_balance(): + self.view.result_label.config(text="No tienes suficiente saldo para esta apuesta.", foreground="red") + return + + self.game_model.set_bet(bet) + self.game_model.set_chosen_number(chosen_number) + self.roulette_running = True + self.view.button_start_roulette.config(state="disabled") + self.view.button_stop_roulette.config(state="normal") + + # Inicia el hilo de la ruleta + self.roulette_thread = threading.Thread(target=self.spin_roulette) + self.roulette_thread.start() + + def spin_roulette(self): + """Simula el giro continuo de la ruleta.""" + while self.roulette_running: + self.game_model.spin_roulette() + roulette_number = self.game_model.get_roulette_number() + self.view.roulette_label.config(text=f"Ruleta: {roulette_number}") + time.sleep(0.1) + + def stop_roulette(self): + """Detiene la ruleta y evalúa el resultado.""" + if not self.roulette_running: + return + + self.roulette_running = False + self.view.button_start_roulette.config(state="normal") + self.view.button_stop_roulette.config(state="disabled") + + # Evaluar el resultado del juego + won, amount = self.game_model.evaluate_result() + if won: + self.view.result_label.config( + text=f"¡Ganaste! Número: {self.game_model.get_roulette_number()}. Ganaste $ {amount}.", foreground="green" + ) + else: + self.view.result_label.config( + text=f"Perdiste. Número: {self.game_model.get_roulette_number()}. Perdiste $ {amount}.", foreground="red" + ) + + # Actualizar saldo en la vista + self.view.balance_label.config(text=f"Saldo: ${self.game_model.get_balance()}") + + # Verificar saldo + if self.game_model.get_balance() <= 0: + self.view.result_label.config( + text="¡Te quedaste sin saldo! Gracias por jugar.", foreground="red" + ) + self.view.button_start_roulette.config(state="disabled") \ No newline at end of file diff --git a/MainView.py b/MainView.py index 8b146b8..7e2c15f 100644 --- a/MainView.py +++ b/MainView.py @@ -59,12 +59,16 @@ class MainView: self.notebook.add(tab3, text="Sniffer") self.create_sniffer_ui(tab3) - # Solapas 4-5: Vacías - for i in range(4, 6): - tab = ttk.Frame(self.notebook) - self.notebook.add(tab, text=f"Solapa {i}") - label = ttk.Label(tab, text=f"Contenido de la Solapa {i}") - label.pack(pady=10) + # Solapa 4: Juego de Azar + tab4 = ttk.Frame(self.notebook) + self.notebook.add(tab4, text="Juego de Azar") + self.create_gambling_game_ui(tab4) + + # Solapa 5 vacía + tab5 = ttk.Frame(self.notebook) + self.notebook.add(tab5, text="Solapa 5") + label = ttk.Label(tab5, text="Contenido de la Solapa 5") + label.pack(pady=10) def create_tracker_ui(self, tab): """Crea la interfaz de usuario para el rastreador de IP en la solapa 1.""" @@ -150,4 +154,38 @@ class MainView: self.music_listbox.delete(0, tk.END) if songs: for song in songs: - self.music_listbox.insert(tk.END, song) \ No newline at end of file + self.music_listbox.insert(tk.END, song) + + def create_gambling_game_ui(self, tab): + """Crea la interfaz de usuario para el juego de azar en la Solapa 4.""" + label = ttk.Label(tab, text="Juego de Azar - Ruleta", font=("Arial", 16)) + label.pack(pady=10) + + # Saldo actual + self.balance_label = ttk.Label(tab, text="Saldo: $100", font=("Arial", 12)) + self.balance_label.pack(pady=5) + + # Entrada para la apuesta + ttk.Label(tab, text="Apuesta ($):").pack(pady=5) + self.bet_entry = ttk.Entry(tab, width=20) + self.bet_entry.pack(pady=5) + + # Entrada para el número + ttk.Label(tab, text="Elige un número (1-10):").pack(pady=5) + self.number_entry = ttk.Entry(tab, width=20) + self.number_entry.pack(pady=5) + + # Botones + self.button_start_roulette = ttk.Button(tab, text="Iniciar Ruleta") + self.button_start_roulette.pack(pady=10) + + self.button_stop_roulette = ttk.Button(tab, text="Detener Ruleta", state="disabled") + self.button_stop_roulette.pack(pady=5) + + # Resultado del juego + self.roulette_label = ttk.Label(tab, text="Ruleta: ---", font=("Arial", 14), foreground="red") + self.roulette_label.pack(pady=10) + + self.result_label = ttk.Label(tab, text="", font=("Arial", 12), foreground="blue") + self.result_label.pack(pady=10) + diff --git a/__pycache__/MainController.cpython-313.pyc b/__pycache__/MainController.cpython-313.pyc index 1e0f00f..9287fb3 100644 Binary files a/__pycache__/MainController.cpython-313.pyc and b/__pycache__/MainController.cpython-313.pyc differ diff --git a/__pycache__/MainView.cpython-313.pyc b/__pycache__/MainView.cpython-313.pyc index 96fdb35..2aaea59 100644 Binary files a/__pycache__/MainView.cpython-313.pyc and b/__pycache__/MainView.cpython-313.pyc differ diff --git a/models/GamblingGameModel.py b/models/GamblingGameModel.py new file mode 100644 index 0000000..395c857 --- /dev/null +++ b/models/GamblingGameModel.py @@ -0,0 +1,40 @@ +import random + + +class GamblingGameModel: + def __init__(self): + """Inicializa el modelo con un saldo inicial.""" + self.balance = 100 + self.bet = 0 + self.chosen_number = 0 + self.roulette_number = None + + def set_bet(self, bet): + """Establece la apuesta.""" + self.bet = bet + + def set_chosen_number(self, number): + """Establece el número elegido.""" + self.chosen_number = number + + def spin_roulette(self): + """Genera un número aleatorio para la ruleta.""" + self.roulette_number = random.randint(1, 10) + + def evaluate_result(self): + """Evalúa si el jugador gana o pierde.""" + if self.chosen_number == self.roulette_number: + winnings = self.bet * 2 + self.balance += winnings + return True, winnings + else: + self.balance -= self.bet + return False, self.bet + + def get_balance(self): + """Retorna el saldo actual.""" + return self.balance + + def get_roulette_number(self): + """Retorna el número actual de la ruleta.""" + return self.roulette_number diff --git a/models/__pycache__/GamblingGameModel.cpython-313.pyc b/models/__pycache__/GamblingGameModel.cpython-313.pyc new file mode 100644 index 0000000..ab30132 Binary files /dev/null and b/models/__pycache__/GamblingGameModel.cpython-313.pyc differ diff --git a/packet_log.txt b/packet_log.txt index df3f0f8..7d74b86 100644 --- a/packet_log.txt +++ b/packet_log.txt @@ -22581,3 +22581,19627 @@ options = [] +2024-12-14 20:34:56.452493 - Ether / IP / TCP 192.168.1.11:42733 > 151.101.135.42:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 18202 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 151.101.135.42 + \options \ +###[ TCP ]### + sport = 42733 + dport = https + seq = 2796051337 + ack = 1613279978 + dataofs = 5 + reserved = 0 + flags = A + window = 507 + chksum = 0xe05e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:34:56.470253 - Ether / IP / TCP 151.101.135.42:https > 192.168.1.11:42733 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 22165 + flags = DF + frag = 0 + ttl = 55 + proto = tcp + chksum = 0xcec + src = 151.101.135.42 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42733 + seq = 1613279978 + ack = 2796051338 + dataofs = 8 + reserved = 0 + flags = A + window = 306 + chksum = 0xd5f4 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (2796051337, 2796051338))] + + +2024-12-14 20:34:56.498713 - Ether / IP / UDP / mDNS Qry b'_233637DE._sub._googlecast._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 86:1e:7e:31:2b:c4 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 89 + id = 52922 + flags = DF + frag = 0 + ttl = 255 + proto = udp + chksum = 0xa06 + src = 192.168.1.47 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 69 + chksum = 0x3293 +###[ DNS ]### + id = 6 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 2 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'_233637DE._sub._googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:34:58.137226 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 84 + id = 43050 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe4e + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639149 + ack = 4062860535 + dataofs = 5 + reserved = 0 + flags = PA + window = 9 + chksum = 0xb7b0 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00'n\xd7)\xe5\xf4\x05(\xee\xf4\xd2\xd2-\x9cH3Hg:\x00)\x98\x04\xfdh_Y\x04$/\xa7v\xed\xed\xa7\xd1\xd6#\xfa\x16" + + +2024-12-14 20:34:58.148264 - Ether / IP / TCP 192.168.1.11:42259 > 188.114.96.5:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 49546 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 188.114.96.5 + \options \ +###[ TCP ]### + sport = 42259 + dport = https + seq = 4062860535 + ack = 2693639193 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xde68 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x1e\xc8|^ \xa0qs\x84{EQ\xfe\x82U\xd2\xb9\xb5z\xa1\xd2\x9c\xa0dl%&\x15\xe2\xc1\xbf' + + +2024-12-14 20:34:58.150744 - Ether / IP / TCP 192.168.1.11:42259 > 188.114.96.5:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 49547 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 188.114.96.5 + \options \ +###[ TCP ]### + sport = 42259 + dport = https + seq = 4062860570 + ack = 2693639193 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xde68 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x1e-\xf9ZN\x88 \xcca\x89\xad\x1e\x89E\xc1c\xff\x01\xb9\x12\x90]Il\x8a4[\x06_#P' + + +2024-12-14 20:34:58.175100 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 43051 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe79 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639193 + ack = 4062860570 + dataofs = 5 + reserved = 0 + flags = A + window = 9 + chksum = 0x96e5 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\xf2\xffM\xf3' + + +2024-12-14 20:34:58.177529 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 43052 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe78 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639193 + ack = 4062860605 + dataofs = 5 + reserved = 0 + flags = A + window = 9 + chksum = 0x96c2 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\xa7YK\t' + + +2024-12-14 20:34:58.928822 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 108 + id = 26759 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1c7 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995229985 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0xb1ea + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00?\xf8tQ2\xd1\x17f\x86\x99Ov\xbdU\xber\xe3`\x12~\xa9\xd3\x807=\xed\x0f\x1d\xd1\xc1\xc2\x86\xce\x03\x1by\x86\x02\x15\xe2\x81K\x12C\x1dJ\xd3\x03^Y2d >\x1a\xb9\xe8\xe7\x06\xa5OYNp' + + +2024-12-14 20:34:58.932866 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 99 + id = 26760 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1cf + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995230053 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0xa150 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x006D\xf0SjP\x0f\x1d\xf8\xaa\xa2$\xa2\x88\x97\xd7k\xd4\xd4\x91\xd7YZ\x9a\xc6\xb0\x1c\xbbD\x8c\x99;\xdc`\xe9Yu\xef\x99+\xb9\xbdZ\xf5\xc4\xf8\x1d\xe4\xf4\x94\x01\xe8\xdc\x97|' + + +2024-12-14 20:34:59.019913 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37100 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995230112 + dataofs = 5 + reserved = 0 + flags = A + window = 511 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:34:59.022196 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 81 + id = 26761 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1e0 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995230112 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0xaea1 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00$|r\xddb\x8c\xfc7\x1a\x9c6\xbdF\xc8\xdc\xe53\xbb"h-\x1c65\x7fqm\xe0\x01\xee\x06h\xb2\xad\x0f\xd4\xda' + + +2024-12-14 20:34:59.023750 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37101 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995230153 + dataofs = 5 + reserved = 0 + flags = A + window = 511 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:01.424738 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 941 + id = 26762 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xee83 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995230153 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0xb72a + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x03\x80\xed\x91\x1f\xa9D\xbb\x7f1\x8a0\xa0"\xc0s0\xf8\xce+\xc7\x911\xa1\xd9\x97\xea\xa9=\xc3\x98\xe0\x06\'l\x8b\xf8\x0e\xc2\x1b\xd0\xbf<\x1f\x10\x8d|\xb7\x19\xba\xa9\xa6Ah\xe3\xd2\x9e\xf0\x9f2Hioj\x9czy\x8fF\xa4\xc9M\x05\'\\DV\xac\x91E\x84r\xf5\xc0\x8c\xc4]\x1e4C_\x85\xb4\xf6\x1b\xe6}\xfe\xe9\xbc\xe4\x11q\xd4e\xb6*`h\xe7\xe4(VjN\x84\x9e\xb7V \x97L\x03\x83\xf4\xff\\\xb3\x1c\x14\xa4\t$\xdb|\xb0\x04\xa6\x8f\x9d\x02\x8b\x13c\xc25\xb6e\x9e\xca:\x00m%\xaf-]A\xa9\xdd\xa8\xf7\xf6\xb6\xe8,`\xe63\xf45\xdc\xf6R\xb0\xa9\x9c!\xd6!#\x19\x80y\x03F\x04\x81\xa3\xd2Hs^\x8c\x03\x9e\xa1:A\x07\xe0w\x0fw\xb4\xecR\xd2\xc4`so\xf5T+p\x04\x0f,\x1a\x13\xdd\xc5\x1eb\x9e\x1c^~0\xe9\xf7\xb7\x1aU|\x08\x16\xb1\x15NL\x8d9Ivo\xf4a\xb8Hk\xeb\x90\xae\xff\xcae\t\x8b}\xee\x0b\x1b\xf5\x0b\xd36\xfc\x80\xf29@\xb2\xee\x02\xf1\x1cw\xad)\x0b\x97\xdc\xf3o\xb3\xaa\xd7\x8a\xa6\xd40\x1ed\xa1d\xd4\xeb)x8]4tn\xfc\x96\xfb\xdf\x847f-\x91\x81W\x05\xf7\xe1\xdf\xd6X]\x9ce\xa6\\\xff_\x1b\x9a\xbd\xea%d<\xb8\x1e\xc0\x03\x80\x91\xa0yS\xbfWx\x86\x1f\x81\xf63\xac\x19^\xf1\xa6\x1az\xcd\x88\xe7\xa6C\t\xad\xc0\xa1\xca|\xeempL\xd4\xccr\x8c#U>\xcf\x97\xbf\xdaj\\\x185_\xbdF\x89t8o~Y\x84\xd6\x9eF\xc5*GH%C7R\xacq\xb1\n\x8e\x02_\xcc\xa9\xa37\xd1\x8b\x1499\xa6\xa6=\x08!\xc7j+[[Q9@\xf1\xd7\xaa\x9b_/\x90{\x1e\xadg\xf1\x18^\xa3lyO)\x1d\xd1RS+\xa1\x0f\x07\xe6\xed\xc9\xc1\xc0d\xfe\xbf\x94\x18B\x1avIv\xca\x93Ok\xa4\x0b\xed`\x19$\xea\x1b"?\x9a%Q\x9c\x90\xe1Ru\xd4\xfew\xd3C\xa9=\xc9\x01\x16\xbb\xe9bN\xf4v\x1bB\xa2\x13HQv\x01\x02s\xa3\x15bB\x8f>\x8c%\x97\n)$\xbc\x07&KeE\xfb\x04+\xd0zT\x18\xd7\x8c\xd7\xb3\x1f\xb0e\xdb\x13\xa6mJ\x08:VN{]\x97#\x14\x16j\xf0Z]\xcd\xd2\x95"(\xe0%:\xd8\xde*\xba\r\xf4\xeb\x9b\x0b\xf4\xbdA\x00j\'\xd5\x95O\x97O\x11\xf6cs\xe3\xdaJ\x1fP\x8d\x04Q\xc1HE\xa1\x01\xcd"\xc4\x96PY\xb1`\xb0\xd2\xd1\xff\xf6\x0c\xe7_\x06\xa1\x83\x9a\x081z\xca\x9c\\\xe3\x836\xa3\xf8\\\xc0\xfc\xe3\x82/\x9d\xd5\xe1rh\xd1\x10\xe7\xcbIw\xbe\xf0i=$\x82\xce\xae\x1e\xe8\xcf\xf9\xb1\xa6\xef\xbf\xbf\xc0\xbd\xc1\xc2 \xff\xc0\x87\xc5\r\x86\x01\xb6\xcc\xd6\xdc\xc7\xb0W&\xad\xc7\x1dR\xdb\xd9\xacj\xfd&.\xc3O\'\xb7\xda\x1a]\x8b\xe0&:\x7f\xaez\x0e{> \xadV\xa6(5\xea\x1aF\x88\xf4\x9f\xdbt\xe7\x0f\x85\xaf.\x15\x0c\xce[\xac\xfaCq5YH\xbd\xccR\xe0\xdc\xda\xb6#\x086J\xac\xbeCN\xc3\xd5\x19\x9d\xe4\xc0\xd3B\xd9\xe6\xd7\x88\xab\xec\x07\x05\xac\x19Tex:t\xc8z\x11\xc2\x01' + + +2024-12-14 20:35:01.611792 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37102 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995231054 + dataofs = 5 + reserved = 0 + flags = A + window = 514 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:03.775055 - Ether / 192.168.1.1 > 224.0.0.1 2 / Raw / Padding +###[ Ethernet ]### + dst = 01:00:5e:00:00:01 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 6 + tos = 0x80 + len = 32 + id = 0 + flags = DF + frag = 0 + ttl = 1 + proto = 2 + chksum = 0x42ad + src = 192.168.1.1 + dst = 224.0.0.1 + \options \ + |###[ IP Option Router Alert ]### + | copy_flag = 1 + | optclass = control + | option = router_alert + | length = 4 + | alert = router_shall_examine_packet +###[ Raw ]### + load = b'\x11d\xee\x9b\x00\x00\x00\x00' +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:03.921634 - Ether / 192.168.1.11 > 224.0.0.251 2 / Raw +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 6 + tos = 0x0 + len = 32 + id = 41287 + flags = + frag = 0 + ttl = 1 + proto = 2 + chksum = 0x0 + src = 192.168.1.11 + dst = 224.0.0.251 + \options \ + |###[ IP Option Router Alert ]### + | copy_flag = 1 + | optclass = control + | option = router_alert + | length = 4 + | alert = router_shall_examine_packet +###[ Raw ]### + load = b'\x16\x00\t\x04\xe0\x00\x00\xfb' + + +2024-12-14 20:35:05.547177 - Ether / IP / UDP / mDNS Qry b'_spotify-connect._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 73 + id = 41288 + flags = + frag = 0 + ttl = 255 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 53 + chksum = 0xbc4 +###[ DNS ]### + id = 0 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'_spotify-connect._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.265622 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34184 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58348 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 60017 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.268283 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34185 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58349 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 60018 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.270425 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34186 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58348 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 60019 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.271999 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34187 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58349 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 60020 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.273862 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34188 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58348 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 60021 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.276847 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58348 + len = 76 + chksum = 0x67a7 +###[ DNS ]### + id = 60017 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:06.279148 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58349 + len = 89 + chksum = 0xfa1e +###[ DNS ]### + id = 60018 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:06.281417 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58348 + len = 90 + chksum = 0x6044 +###[ DNS ]### + id = 60019 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:06.283508 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58348 + len = 81 + chksum = 0x1b97 +###[ DNS ]### + id = 60021 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:06.285431 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58349 + len = 51 + chksum = 0xae4e +###[ DNS ]### + id = 60020 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.294141 - Ether / 192.168.1.62 > 239.255.255.250 2 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 6 + tos = 0xc0 + len = 32 + id = 0 + flags = DF + frag = 0 + ttl = 1 + proto = 2 + chksum = 0x3237 + src = 192.168.1.62 + dst = 239.255.255.250 + \options \ + |###[ IP Option Router Alert ]### + | copy_flag = 1 + | optclass = control + | option = router_alert + | length = 4 + | alert = router_shall_examine_packet +###[ Raw ]### + load = b'\x16\x00\xfa\x04\xef\xff\xff\xfa' + + +2024-12-14 20:35:06.307304 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34189 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58350 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 60022 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:06.310229 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58350 + len = 81 + chksum = 0x357e +###[ DNS ]### + id = 60022 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:06.337452 - Ether / IP / TCP 192.168.1.11:42720 > 35.186.224.24:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 35859 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ TCP ]### + sport = 42720 + dport = https + seq = 516658157 + ack = 1765306794 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0xc5a1 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:06.350797 - Ether / IP / TCP 35.186.224.24:https > 192.168.1.11:42720 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 6672 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0x652e + src = 35.186.224.24 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42720 + seq = 1765306794 + ack = 516658158 + dataofs = 8 + reserved = 0 + flags = A + window = 1046 + chksum = 0x1477 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (516658157, 516658158))] + + +2024-12-14 20:35:06.816937 - Ether / IP / TCP 192.168.1.11:40768 > 104.199.65.9:4070 PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x98 + len = 51 + id = 2864 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 104.199.65.9 + \options \ +###[ TCP ]### + sport = 40768 + dport = 4070 + seq = 998644514 + ack = 3458563027 + dataofs = 5 + reserved = 0 + flags = PA + window = 513 + chksum = 0xd241 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\xa6CWb\xc1er\xd1\x98UV' + + +2024-12-14 20:35:06.854191 - Ether / IP / TCP 104.199.65.9:4070 > 192.168.1.11:40768 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 51 + id = 15137 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0x9e20 + src = 104.199.65.9 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 4070 + dport = 40768 + seq = 3458563027 + ack = 998644525 + dataofs = 5 + reserved = 0 + flags = PA + window = 6 + chksum = 0x1fe0 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\xfd\xd1<\xbfm\xc5#\xe7oF\x99' + + +2024-12-14 20:35:06.909382 - Ether / IP / TCP 192.168.1.11:40768 > 104.199.65.9:4070 A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x98 + len = 40 + id = 2865 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 104.199.65.9 + \options \ +###[ TCP ]### + sport = 40768 + dport = 4070 + seq = 998644525 + ack = 3458563038 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0xf272 + urgptr = 0 + options = [] + + +2024-12-14 20:35:07.062651 - Ether / IP / TCP 192.168.1.11:41595 > 35.186.224.41:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 83 + id = 8639 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 41595 + dport = https + seq = 3242435546 + ack = 2961047309 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xc5dc + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00&\xa2\xdd\x8c\xb7Z\xeb\x97\xfd\xa7\x94\x8e\xb5\xf1\x91\xca$\xa7\xeb\xd7\x96\x08M!|\x9d\xb2D4\xab\x9cXO \xc6\xf6+yT' + + +2024-12-14 20:35:07.080841 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:41595 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 54077 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xabfb + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 41595 + seq = 2961047309 + ack = 3242435589 + dataofs = 5 + reserved = 0 + flags = A + window = 1036 + chksum = 0x2d26 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\xc9\x12\x19\xf4\x00\x00' + + +2024-12-14 20:35:07.101480 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:41595 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 80 + id = 54078 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xabd2 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 41595 + seq = 2961047309 + ack = 3242435589 + dataofs = 5 + reserved = 0 + flags = PA + window = 1036 + chksum = 0xc07f + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00#\x99e^\xa6\xa0\xb0g*Nb\xbb\x94\rm\x89o#\xd51\xc6[\xef\x0c\xe0\xb8\xd1:\xcfc\xb1\x82\xe7\xb6\xcf\x83' + + +2024-12-14 20:35:07.155195 - Ether / IP / TCP 192.168.1.11:41595 > 35.186.224.41:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 8640 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 41595 + dport = https + seq = 3242435589 + ack = 2961047349 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0xc5b1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:07.309233 - Ether / IP / UDP / mDNS Qry b'_adb._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 2c:93:fb:9c:dc:c0 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 216 + id = 42232 + flags = DF + frag = 0 + ttl = 255 + proto = udp + chksum = 0x335d + src = 192.168.1.27 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 196 + chksum = 0x4862 +###[ DNS ]### + id = 0 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 4 + ancount = 2 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'_adb._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_spotify-connect._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_amzn-wplay._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_dosvc._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'_dosvc._tcp.local.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 4500 + | rdlen = None + | rdata = b'KevinOlarte._dosvc._tcp.local.' + |###[ DNS Resource Record ]### + | rrname = b'_amzn-wplay._tcp.local.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 3599 + | rdlen = None + | rdata = b'amzn.dmgr:77A58D33A6B0B8794D57457DEBC2CE4D:LqxtozVpbE:963520._amzn-wplay._tcp.local.' + \ns \ + \ar \ + + +2024-12-14 20:35:07.311704 - Ether / IP / UDP / mDNS Ans b'KevinOlarte._dosvc._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 467 + id = 41289 + flags = + frag = 0 + ttl = 1 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 447 + chksum = 0x764b +###[ DNS ]### + id = 0 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 0 + ancount = 1 + nscount = 0 + arcount = 4 + \qd \ + \an \ + |###[ DNS Resource Record ]### + | rrname = b'_dosvc._tcp.local.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 4500 + | rdlen = None + | rdata = b'KevinOlarte._dosvc._tcp.local.' + \ns \ + \ar \ + |###[ DNS SRV Resource Record ]### + | rrname = b'KevinOlarte._dosvc._tcp.local.' + | type = SRV + | cacheflush= 0 + | rclass = IN + | ttl = 120 + | rdlen = None + | priority = 0 + | weight = 0 + | port = 7680 + | target = b'KevinOlarte.local.' + |###[ DNS Resource Record ]### + | rrname = b'KevinOlarte._dosvc._tcp.local.' + | type = TXT + | cacheflush= 0 + | rclass = IN + | ttl = 4500 + | rdlen = None + | rdata = [b'P=65280', b'SH00=BY0IkhqixvwPdwUC', b'SH01=IY1Az2JlW4gNUFfP', b'SH02=QxgYBZvgGvJpvx+l', b'SH03=U/nE/sNFwdOWjUpT', b'SH04=WfRgRM7MmfcBgXS/', b'SH05=fRahcZmnWAMmCnGG', b'SH06=jlhdKrHZsU9GUe9A', b'SH07=nL0DpLuiZxeevzrQ', b'SH08=wztLJ2cZiu42pp/7', b'SH09=6ck1lzbylEaU9x5e'] + |###[ DNS Resource Record ]### + | rrname = b'KevinOlarte.local.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 60 + | rdlen = None + | rdata = 192.168.1.11 + |###[ DNS Resource Record ]### + | rrname = b'KevinOlarte.local.' + | type = AAAA + | cacheflush= 0 + | rclass = IN + | ttl = 60 + | rdlen = None + | rdata = fe80::2466:ce0f:a572:3c19 + + +2024-12-14 20:35:07.465674 - Ether / IP / UDP / mDNS Ans 192.168.1.62 +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 350 + id = 19922 + flags = DF + frag = 0 + ttl = 1 + proto = udp + chksum = 0x87db + src = 192.168.1.62 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 330 + chksum = 0x1b34 +###[ DNS ]### + id = 0 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 0 + ancount = 3 + nscount = 0 + arcount = 0 + \qd \ + \an \ + |###[ DNS Resource Record ]### + | rrname = b'192-168-1-62.local.' + | type = A + | cacheflush= 1 + | rclass = IN + | ttl = 3599 + | rdlen = None + | rdata = 192.168.1.62 + |###[ DNS SRV Resource Record ]### + | rrname = b'amzn.dmgr:77A58D33A6B0B8794D57457DEBC2CE4D:LqxtozVpbE:963520._amzn-wplay._tcp.local.' + | type = SRV + | cacheflush= 1 + | rclass = IN + | ttl = 3599 + | rdlen = None + | priority = 0 + | weight = 0 + | port = 42246 + | target = b'192-168-1-62.local.' + |###[ DNS Resource Record ]### + | rrname = b'amzn.dmgr:77A58D33A6B0B8794D57457DEBC2CE4D:LqxtozVpbE:963520._amzn-wplay._tcp.local.' + | type = TXT + | cacheflush= 1 + | rclass = IN + | ttl = 3599 + | rdlen = None + | rdata = [b'a=0', b'c=36:af:b3:ac:fc:17', b'ad=A31DTMEEVDDOIV', b'pv=1', b'f=0', b'mv=2', b'dpv=1', b'n=FireTVStick de fabiola', b'at=TyK0zfSnV9zr', b's=0', b't=2', b'u=77A58D33A6B0B8794D57457DEBC2CE4D', b'v=2', b'sp=35592', b'tr=tcp'] + \ns \ + \ar \ + + +2024-12-14 20:35:08.226179 - Ether / IP / UDP 192.168.1.11:49670 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 01:00:5e:7f:ff:fa + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 153 + id = 61192 + flags = + frag = 0 + ttl = 255 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 49670 + dport = ssdp + len = 133 + chksum = 0x563a +###[ Raw ]### + load = b'M-SEARCH * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nMAN: "ssdp:discover"\r\nMX: 1\r\nST: urn:dial-multiscreen-org:service:dial:1\r\n\r\n' + + +2024-12-14 20:35:08.231694 - Ether / IP / UDP 192.168.1.62:ssdp > 192.168.1.11:49670 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 365 + id = 34338 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0x2fc4 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = ssdp + dport = 49670 + len = 345 + chksum = 0xf2a2 +###[ Raw ]### + load = b'HTTP/1.1 200 OK\r\nLOCATION: http://192.168.1.62:60000/dd.xml\r\nCACHE-CONTROL: max-age=1800\r\nEXT:\r\nBOOTID.UPNP.ORG: 1\r\nSERVER: Linux/2.6 UPnP/1.1 quick_ssdp/1.1\r\nST: urn:dial-multiscreen-org:service:dial:1\r\nUSN: uuid:01e9554e-4aef-36f8-a143-fc0328f08d08::urn:dial-multiscreen-org:service:dial:1\r\nWAKEUP: MAC=34:af:b3:ac:fc:17;Timeout=20\r\n\r\n' + + +2024-12-14 20:35:08.233721 - Ether / IP / TCP 192.168.1.11:42765 > 192.168.1.62:60000 S +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 61803 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42765 + dport = 60000 + seq = 887331385 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 64240 + chksum = 0x83c0 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:35:08.236955 - Ether / IP / TCP 192.168.1.62:60000 > 192.168.1.11:42765 SA +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xb72a + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 60000 + dport = 42765 + seq = 2274683729 + ack = 887331386 + dataofs = 8 + reserved = 0 + flags = SA + window = 65535 + chksum = 0x17f6 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('NOP', None), ('SAckOK', b''), ('NOP', None), ('WScale', 6)] + + +2024-12-14 20:35:08.238775 - Ether / IP / TCP 192.168.1.11:42765 > 192.168.1.62:60000 A +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 61804 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42765 + dport = 60000 + seq = 887331386 + ack = 2274683730 + dataofs = 5 + reserved = 0 + flags = A + window = 513 + chksum = 0x83b4 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.240647 - Ether / IP / TCP 192.168.1.11:42765 > 192.168.1.62:60000 PA / Raw +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 210 + id = 61805 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42765 + dport = 60000 + seq = 887331386 + ack = 2274683730 + dataofs = 5 + reserved = 0 + flags = PA + window = 513 + chksum = 0x845e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'GET /dd.xml HTTP/1.1\r\nUser-Agent: Spotify/125200442 Win32_x86_64/0 (PC laptop)\r\nHost: 192.168.1.62:60000\r\nKeep-Alive: 0\r\nAccept-Encoding: gzip\r\nConnection: keep-alive\r\n\r\n' + + +2024-12-14 20:35:08.242192 - Ether / IP / TCP 192.168.1.62:60000 > 192.168.1.11:42765 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 4829 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xa459 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 60000 + dport = 42765 + seq = 2274683730 + ack = 887331556 + dataofs = 5 + reserved = 0 + flags = A + window = 1369 + chksum = 0x52c4 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.243571 - Ether / IP / TCP 192.168.1.62:60000 > 192.168.1.11:42765 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 132 + id = 4830 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xa3fc + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 60000 + dport = 42765 + seq = 2274683730 + ack = 887331556 + dataofs = 5 + reserved = 0 + flags = PA + window = 1369 + chksum = 0x6562 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'HTTP/1.1 200 OK\r\nContent-Type: text/xml\r\nApplication-URL: http://192.168.1.62:8009/apps/\r\n\r\n' + + +2024-12-14 20:35:08.283545 - Ether / IP / TCP 192.168.1.11:42765 > 192.168.1.62:60000 A +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 61806 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42765 + dport = 60000 + seq = 887331556 + ack = 2274683822 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x83b4 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.306971 - Ether / IP / TCP 192.168.1.62:60000 > 192.168.1.11:42765 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 475 + id = 4831 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xa2a4 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 60000 + dport = 42765 + seq = 2274683822 + ack = 887331556 + dataofs = 5 + reserved = 0 + flags = PA + window = 1369 + chksum = 0xc7ab + urgptr = 0 + options = [] +###[ Raw ]### + load = b' 1 0 urn:schemas-upnp-org:device:tvdevice:1 FireTVStick de fabiola Amazon AFTSS uuid:01e9554e-4aef-36f8-a143-fc0328f08d08 ' + + +2024-12-14 20:35:08.314989 - Ether / IP / TCP 192.168.1.62:60000 > 192.168.1.11:42765 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 11108 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0x8bd2 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 60000 + dport = 42765 + seq = 2274684258 + ack = 887331557 + dataofs = 5 + reserved = 0 + flags = A + window = 1369 + chksum = 0x50b3 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.516093 - Ether / IP / TCP 192.168.1.11:42766 > 192.168.1.62:8009 S +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 61809 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42766 + dport = 8009 + seq = 7898511 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 64240 + chksum = 0x83c0 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:35:08.525039 - Ether / IP / TCP 192.168.1.62:8009 > 192.168.1.11:42766 SA +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xb72a + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 8009 + dport = 42766 + seq = 1206795741 + ack = 7898512 + dataofs = 8 + reserved = 0 + flags = SA + window = 42340 + chksum = 0x73d8 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('NOP', None), ('SAckOK', b''), ('NOP', None), ('WScale', 6)] + + +2024-12-14 20:35:08.527394 - Ether / IP / TCP 192.168.1.11:42766 > 192.168.1.62:8009 A +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 61810 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42766 + dport = 8009 + seq = 7898512 + ack = 1206795742 + dataofs = 5 + reserved = 0 + flags = A + window = 513 + chksum = 0x83b4 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.529188 - Ether / IP / TCP 192.168.1.11:42766 > 192.168.1.62:8009 PA / Raw +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 232 + id = 61811 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42766 + dport = 8009 + seq = 7898512 + ack = 1206795742 + dataofs = 5 + reserved = 0 + flags = PA + window = 513 + chksum = 0x8474 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'GET /apps/com.spotify.Spotify.TVv2 HTTP/1.1\r\nUser-Agent: Spotify/125200442 Win32_x86_64/0 (PC laptop)\r\nHost: 192.168.1.62:8009\r\nKeep-Alive: 0\r\nAccept-Encoding: gzip\r\nConnection: keep-alive\r\n\r\n' + + +2024-12-14 20:35:08.530530 - Ether / IP / TCP 192.168.1.62:8009 > 192.168.1.11:42766 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 50290 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xf2c3 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 8009 + dport = 42766 + seq = 1206795742 + ack = 7898704 + dataofs = 5 + reserved = 0 + flags = A + window = 679 + chksum = 0x56a7 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.675405 - Ether / IP / TCP 192.168.1.62:8009 > 192.168.1.11:42766 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 131 + id = 50291 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xf267 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 8009 + dport = 42766 + seq = 1206795742 + ack = 7898704 + dataofs = 5 + reserved = 0 + flags = PA + window = 679 + chksum = 0x3103 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'HTTP/1.1 404 Not Found\r\nContent-Type: text/plain\r\nContent-Length: 30\r\nConnection: close\r\n\r\n' + + +2024-12-14 20:35:08.678349 - Ether / IP / TCP 192.168.1.62:8009 > 192.168.1.11:42766 FPA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 50292 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0xf2a3 + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 8009 + dport = 42766 + seq = 1206795833 + ack = 7898704 + dataofs = 5 + reserved = 0 + flags = FPA + window = 679 + chksum = 0xbdf3 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'Error 404: Not Found\nNot Found' + + +2024-12-14 20:35:08.680128 - Ether / IP / TCP 192.168.1.11:42766 > 192.168.1.62:8009 A +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 61812 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42766 + dport = 8009 + seq = 7898704 + ack = 1206795864 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x83b4 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.681852 - Ether / IP / TCP 192.168.1.11:42766 > 192.168.1.62:8009 FA +###[ Ethernet ]### + dst = 34:af:b3:ac:fc:17 + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 61813 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.62 + \options \ +###[ TCP ]### + sport = 42766 + dport = 8009 + seq = 7898704 + ack = 1206795864 + dataofs = 5 + reserved = 0 + flags = FA + window = 512 + chksum = 0x83b4 + urgptr = 0 + options = [] + + +2024-12-14 20:35:08.683332 - Ether / IP / TCP 192.168.1.62:8009 > 192.168.1.11:42766 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 34:af:b3:ac:fc:17 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 11129 + flags = DF + frag = 0 + ttl = 64 + proto = tcp + chksum = 0x8bbd + src = 192.168.1.62 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 8009 + dport = 42766 + seq = 1206795864 + ack = 7898705 + dataofs = 5 + reserved = 0 + flags = A + window = 679 + chksum = 0x562c + urgptr = 0 + options = [] + + +2024-12-14 20:35:10.340486 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34190 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58714 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 9998 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.343121 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34191 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58715 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 9999 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.345900 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34192 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58714 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 10000 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.348974 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34193 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58715 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 10001 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.351580 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34194 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58714 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 10002 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.354572 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58714 + len = 76 + chksum = 0x299d +###[ DNS ]### + id = 9998 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:10.361117 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58715 + len = 89 + chksum = 0xbc14 +###[ DNS ]### + id = 9999 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:10.364887 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58714 + len = 90 + chksum = 0x223a +###[ DNS ]### + id = 10000 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:10.371784 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58714 + len = 81 + chksum = 0xdd8c +###[ DNS ]### + id = 10002 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:10.374217 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58715 + len = 51 + chksum = 0x7044 +###[ DNS ]### + id = 10001 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.381789 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34195 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58716 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 10003 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:10.384705 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58716 + len = 81 + chksum = 0xf773 +###[ DNS ]### + id = 10003 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:11.198254 - Ether / IP / TCP 192.168.1.11:42690 > 142.250.201.78:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 22706 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912712043 + ack = 2800351769 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0x1a18 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:11.221671 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 32052 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac93 + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912712044 + dataofs = 8 + reserved = 0 + flags = A + window = 999 + chksum = 0xcae0 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (912712043, 912712044))] + + +2024-12-14 20:35:11.915016 - Ether / 192.168.1.11 > 224.0.0.252 2 / Raw +###[ Ethernet ]### + dst = 01:00:5e:00:00:fc + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 6 + tos = 0x0 + len = 32 + id = 30465 + flags = + frag = 0 + ttl = 1 + proto = 2 + chksum = 0x0 + src = 192.168.1.11 + dst = 224.0.0.252 + \options \ + |###[ IP Option Router Alert ]### + | copy_flag = 1 + | optclass = control + | option = router_alert + | length = 4 + | alert = router_shall_examine_packet +###[ Raw ]### + load = b'\x16\x00\t\x03\xe0\x00\x00\xfc' + + +2024-12-14 20:35:12.508730 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34196 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58978 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 45064 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:12.511291 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34197 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58979 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45065 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:12.512854 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34198 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58978 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45066 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:12.514313 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34199 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58979 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 45067 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:12.515809 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58978 + len = 76 + chksum = 0x9f9a +###[ DNS ]### + id = 45064 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:12.517374 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58979 + len = 89 + chksum = 0x3212 +###[ DNS ]### + id = 45065 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:12.519580 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58979 + len = 81 + chksum = 0x538a +###[ DNS ]### + id = 45067 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:12.527633 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58978 + len = 51 + chksum = 0xe643 +###[ DNS ]### + id = 45066 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:12.549185 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34200 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 58980 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45068 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:12.553158 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 58980 + len = 81 + chksum = 0x6d72 +###[ DNS ]### + id = 45068 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:13.075465 - Ether / IP / UDP 192.168.1.11:57621 > 192.168.1.255:57621 / Raw +###[ Ethernet ]### + dst = ff:ff:ff:ff:ff:ff + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 49060 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.255 + \options \ +###[ UDP ]### + sport = 57621 + dport = 57621 + len = 52 + chksum = 0x9f +###[ Raw ]### + load = b'SpotUdp0\x977M\xb3\xe9=C\xf2\x00\x01\x00\x04H\x95\xc2\x03\xb3}cPK\xb7\xed\x7fT~\x1d\x0f\xd7\x01\x15-#vA\xf6' + + +2024-12-14 20:35:14.064119 - Ether / IP / TCP 192.168.1.11:40790 > 35.186.224.41:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 83 + id = 8641 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 40790 + dport = https + seq = 3089482615 + ack = 915357599 + dataofs = 5 + reserved = 0 + flags = PA + window = 510 + chksum = 0xc5dc + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00&\xabh\xb4\x80\x8b\xb8L\xc0\x18\x12\xc6\xe8$1\xc8\x8fb\x00\x87\xc1BIwx\xf3\\I\x8a\xf5\xf3\x89\xbd\xa9U\xd8F.\t' + + +2024-12-14 20:35:14.086834 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:40790 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 15310 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0x426b + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 40790 + seq = 915357599 + ack = 3089482658 + dataofs = 5 + reserved = 0 + flags = A + window = 1043 + chksum = 0x5322 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'=\xc3X\xc1\x00\x00' + + +2024-12-14 20:35:14.102389 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:40790 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 80 + id = 15311 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0x4242 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 40790 + seq = 915357599 + ack = 3089482658 + dataofs = 5 + reserved = 0 + flags = PA + window = 1043 + chksum = 0x965b + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00#\x03\xa9\x9eR\x1f\xae[\x81V:\x8cZ5\xc1Y\xe3\xe7\x9fQ\x1a\xaa\x9b\xa7\x97\x06\x06\xe1\x96\x11\xc2NPW}\xda' + + +2024-12-14 20:35:14.156541 - Ether / IP / TCP 192.168.1.11:40790 > 35.186.224.41:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 8642 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 40790 + dport = https + seq = 3089482658 + ack = 915357639 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0xc5b1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:14.926438 - Ether / IP / UDP / mDNS Qry b'_233637DE._sub._googlecast._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 6c:f7:84:e4:d7:de + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 89 + id = 57037 + flags = DF + frag = 0 + ttl = 255 + proto = udp + chksum = 0xfa05 + src = 192.168.1.28 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 69 + chksum = 0x32a8 +###[ DNS ]### + id = 4 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 2 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'_233637DE._sub._googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.887965 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34201 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 59238 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 56796 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.889945 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34202 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 59239 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 56797 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.892610 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34203 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 59238 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 56798 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.894678 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34204 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 59239 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 56799 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.896140 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34205 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 59238 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 56800 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.897707 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 59238 + len = 76 + chksum = 0x70c2 +###[ DNS ]### + id = 56796 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:15.899479 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 59239 + len = 89 + chksum = 0x33a +###[ DNS ]### + id = 56797 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:15.902525 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 59238 + len = 90 + chksum = 0x695f +###[ DNS ]### + id = 56798 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:15.906490 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 59238 + len = 81 + chksum = 0x24b2 +###[ DNS ]### + id = 56800 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:15.908658 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 59239 + len = 51 + chksum = 0xb769 +###[ DNS ]### + id = 56799 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.924906 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34206 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 59240 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 56801 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:15.927849 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 59240 + len = 81 + chksum = 0x3e99 +###[ DNS ]### + id = 56801 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:16.569629 - Ether / IP / UDP / mDNS Qry b'_233637DE._sub._googlecast._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 86:1e:7e:31:2b:c4 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 89 + id = 54492 + flags = DF + frag = 0 + ttl = 255 + proto = udp + chksum = 0x3e4 + src = 192.168.1.47 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 69 + chksum = 0x3292 +###[ DNS ]### + id = 7 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 2 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'_233637DE._sub._googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:19.237679 - Ether / IP / TCP 192.168.1.11:42699 > 52.168.117.171:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 51199 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 52.168.117.171 + \options \ +###[ TCP ]### + sport = 42699 + dport = https + seq = 3947335681 + ack = 3150555719 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x6c22 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:19.356077 - Ether / IP / TCP 52.168.117.171:https > 192.168.1.11:42699 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 9543 + flags = DF + frag = 0 + ttl = 108 + proto = tcp + chksum = 0x7d76 + src = 52.168.117.171 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42699 + seq = 3150555719 + ack = 3947335682 + dataofs = 8 + reserved = 0 + flags = A + window = 16385 + chksum = 0x4d3f + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (3947335681, 3947335682))] + + +2024-12-14 20:35:20.419605 - Ether / IP / UDP / DNS Qry b'safebrowsing.googleapis.com.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 73 + id = 34207 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 64667 + dport = domain + len = 53 + chksum = 0x83a3 +###[ DNS ]### + id = 12833 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'safebrowsing.googleapis.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:20.436966 - Ether / IP / UDP / DNS Ans 216.58.213.74 +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 89 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb737 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 64667 + len = 69 + chksum = 0xb39c +###[ DNS ]### + id = 12833 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'safebrowsing.googleapis.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'safebrowsing.googleapis.com.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 111 + | rdlen = None + | rdata = 216.58.213.74 + \ns \ + \ar \ + + +2024-12-14 20:35:20.440184 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 5258 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 1258 + chksum = 0x7434 +###[ Raw ]### + load = b'\xc4\x00\x00\x00\x01\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00@F\x00J\xa2\xc3Pq\x08\x02\xdd\x02\x12\xf5\x94EF\x02A\x01\x0b\xff[M\xa5\xcbVV\xfd\x96\x14\x9dl\xac\xb4Dgs\xaf\xe3\xd2\xed\xd5\xef\xcaJ\xef#\xb3,\x8b&\x9a\x84\x13\xd6\xf3k\x1c%.&&\xd0y\x1a\x00\x1c\x92L\x1f\xf7D\x89=.\x8f\xdc\x94H\x00\x90\xb2,\x04\xd3o\xe5r\x8e\xc3^\xef\xd22k\xbc\xe85\xda\x94H\xf7\x9d\x12\xe5\x8d\t>e>"\xd2;=\xbd\xd5\xa4\x1b\x1d\xa9\x81\xfd\x82\x18\xdfIx,{\xc9\xeb\xdd\x19#E\xcbG\x04\xca\xe1v\x97\xb49\xb8 \xe8\xa3\xfa\xfb\xaf\x8c\x1a\xe9\xc0\xd6\xe2G\x1d\xe3\x0eq\x0e\xff,t)\xeb|\x06\xe4\x9c[\xc8\x10\xf0m\xab\x95\t\x03\x11\x14\x1b\x0cf\x87\r;\xfdi\r\xb1*KC\xab\x0f\xec\xc6\xde\xf5\x83%\xfb\x8b\xd4\xa2\xba\xa2\x03G\x840r\xa2\x1b\xc5m\xcf\xc7\nR\xb6\xdd.\xc3\xd4W\x13\xf6Hi\xaa\xa1;\xcc\xa7q\xd0"\x90\xcb\xd1-=\x8fP\xebCf\xcc\xecgfVq\x06\xfaM\xc1\x9aw\xb7#\xfe\xd6\x1a$\xd6v\x17\xa7\x18\xa3\x16}\xd8\xa6a\xd02\xf1\xce\xc5\\\xd1Z\xf0\x0e\x97Y\x0f6\x8c\x84\x1a\xcd\x89\xac.!\xaf&\xaa\x89\xa1*\xc5\xc3\x13\xb1H\xa4\xa0e\x92\xcd\xc7%KXv\xdc@%\x9e\xe4\x8e\xbe\x0bj\xcdU<\xc1\xa2\x04:C\xabz\xbb\xb2S\x0b\x89\x7fA\xcbo\xa0&k\xb2\xf9g\xf3\xea\x84\xe7\xb80\x04\xb4\xd3\xf3H\xaf\x14i\xfe\n{4\xeb\xfe\xadr\xb6\xa9\xabW\xd0z\x88\xb3\xb8\xe8\xa8[}\x8f\x94a\xed\xc9\xbc\xbd[\x87\x89\xd4\xd3\xae$\x00\x8dre\xdc\x9eW\xc6kx\x1d{\x8d)b\xe3\xcb\xec\xee\x18\x1a\x8c\x84\x0c\x0f\xc5\x03c+\xc2\xbc\xbePY]\x8eg\xd0\xf1\x8f\xc9\x7f)i\x18\xb6w\xaeBq\x13\x91s\x12h\xd7\r[\xee\xfe\x85\xcf~\x8d\x92z!\x04inIb\x82v3\x07\xa4\xa6\xca H\x8d\x19\x88c/\x03\xedM\x9d\x9cqk\x98\xac\x84oSU\xc2\xacq\x90\x87\x97*\xa5y\xe5\xc6\xad\x06\xe9\x17\xaeI\xf1\xfa>T\xf0\x02\xe6y{G@\xa5l\xa6x&H\xba\r\xacd\x03\x19Z\x917\xaf\x06\xf6\xc2\x99\x97\xc9\x16F\x93\x0b\xd3r\xaa\xdb\xbat\xbbRHV\xc0N\x92c\x03\xbb9\xf5\xb4\xb2oh\xa2\xeb\xb7E\x16w\x91\x9d\x8a<\xb0Kb\x95\x84\t3\x03\xa1\x04\xe6\xd7A\xb5M\xfa\xed\x06\xbcn40\xfd\xaeC\xc0\x1a\xbb\xdb\xc0\xd6\xf1\xd3%\x0c{B\xe2\xebx\x02W\x02\x81g\xa1\xab\x1c5 \x99\x0c\x8a\x83\xb1q\x03,d\xf2\xe56\xaa\xd9 \xbf\xdbi\x1a\x1c\x8e\xef\x94\x92\x08|\xc80C$=\xaeo\xc3\xd2\xb9\x82\xe6\xbf\xccLj\xc0\x16=\xe4n\\\xd7\t+n\xc5\xa2\x85\xa3\x91\xf6(\x96\x04\x00\xc4\xa4u\xfb\xab\x04\x96\x92\x94\xe55\x05\xf3\xa6\xab\x18G\xfb\x1c%\xb2\x05\xc5\xc7"\x9cO\xa09kQ\x1e8\xdftok:\x99\x15\xa0[j6\x9an\xb6\xf8O\xfd\xa1H{\x83aPC\xb8\x9e1\xe3\x168\x81\x9e\xab_?Q\xbf\xe3\x8a\xcd\r\x97\xa9\xc4\xdbE\x1e\xc5~\xeeQ\x02w\x0e\xd7G\x91\xf0\x8el{\xbfM\xb1\x9dr\xee\x8b\xb7{\xd8 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 5259 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 1258 + chksum = 0x7434 +###[ Raw ]### + load = b'\xc7\x00\x00\x00\x01\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00@F\x00J\xa2\xc3Pq\x08\x02\xdd\x02\x12\xf5\x94EF\x02A\x01\x0b\xff[M\xa5\xcbVV\xfd\x96\x14\x9dl\xac\xb4Dgs\xaf\xe3\xd2\xed\xd5\xef\xcaJ\xef#\xb3,\x8b&\x9a\x84\x13\xd6\xf3k\x1c%.&&\xd0y\x1a\x00\x1c\x92L\x1f\xf7D\x89>\xf9\xd0\x80_\x9dx\t\xf1\\\xae\xc4g\xd2\xae\x97")\n\\\x9bj\x87tSq\xb2L\xe8wI\x13N\x8e\xffyU\x0bRm\xc9\xf6\x96\x91\x85FV\x9c\xb4\xaba\xe6h\xb8R\xd8\xcbT\xb8L\xa3\x17T\xff0m\x8e+\x91t\x9cO\xd7i\x02\x02X\x1d\x1d\xb0H\xd4\xc6<\xd9\x8dL\\|\x9b\xe4\x8ec\xa9\x13I\x94z\x9b\xe8+\xfaWc\x86\xaa\x9fY\x07dt\xf7o\x08\xa8E\xca\xc5\xb9g\xd7m\xc6I\xaa\xe8\x9d\x14\xda(\xaf\xa9\x9a\x11\xd6\x91\x0eB\xf6?v\xd8\xab\x95@\xcbJ\xe1\x84e\xe81\x17^\xaej\xe4\x9b0\xaa\x92\x9f`\x84P\xec\x08\x86/\xe5,\xda\t\xceR\xc4\xb9WJ\xf9\xa0`b\xa8\xd2\xed\xda\x8f\xa1\xea\x98\xad\x95p\xd2\xd6,\xbb\x0c\xa2\xf5\xa2B\xc8\xa6\xd9\x8b\xfdP\xf0\xca\x08\x95\xc3\xde\xaa\x1e7\xac\xca\xed_\x10\xe5\x9d\xe4\xd0\x84.hu\\\x94d#\xddj\xd3,-\xff\xde6\xd6\x9e\x13\xbd\x1a8\xa1\x18~\x067K\x9e\xf4\x8d/\x7ft\xd1\x7f\x11a6\xbf\xd0\xf7\xd6\xbb\x16|y\xa3\xd2)uh\x16\xba\xb64\x05$\xa4\xfc\nM,,\xd8\x14/\xcc\xf1Z\x05\xa0\xd7\x192\xd94\xa76\xac\x17\xb8\x9c;cn\x9e\xc4\x9dz~\xaa\xd1\x97\xb9\x0b\xca/%\xd0\xd9Q\xea4\xf8\x8b\x95\x10\x0e\xd6\xdd(zA\x06\x11\x0e3\xc7\xb5fl\xeeS\xb6\x16T\xc4\xa1Z\xaa\xa7P\xc5[\r\xc7{ 7\x02D=\xe0]}\xc5\x9b\xde\x93|\x18i(\xd3\xf6\xa9\xf9\x04n\xec\xbaB34\xf5{\x98\x9af\xc0\xab\x83\x93\x19\xf5\xc93\x8d\x02\xce\xb9;\x13g\x930\xcb\x9d\xf0`5\xe6N\x81\xfe\xb7\xb2L\x99\t\x1d=\rM\xbfC5j\x04\xc5\xec\xb5\xa4\xdb\x16\xe2/N\xd8\xa3\x98\x18\xd3\x16\xa4\xad\x98\xad\xc3a\x1c\xaeJ\x80Z\x9b\xd0\xd8i{\xdf\xb7D\xdd5]aW4\xdd\xe1k\xdb*\xd3\xb4-\xf0y\xc9\x95\x8a\x7fa\xcf3\xfc\x08\x11`\xfd\xbf\x89\xb3b\xf7\xd8\xf0\xc9E\x80\xb2\x1d\xe8\xb8O \x1c\x18\xcc\xed\x8b@u\xf3\x05\xd7\xf4\x00\x15jD\xd2qS\xde\xcb}6\xd3\xae\xd3\xf2\xf0\xb7\xdf\xd1\xefk\x8d\xed\xcd\xe6\xda\xd6\x95\xe01\xb9\xd5\x91\x88\x8du~\x05\x7f\xaa6\xe3\xa9\x19\x80\x88e\x0e\x91u\xa7\'\xf7z\r+\xd0\x8bjW\xae\xd7\x1fhN\x0b-\xe2\xd4\'\xb8\xa1\x9c\x06\x1b\xe9sr\xd4+\x7fh\x1cO\xef\xf8\xfc{\xad0\xc20*\x17\x0bl\x03\x11\x89?\xd7\x82\xff\xe2\x81t\xf9\xf9\xb9j\xddF\xf0\xdb\xc2Z\xb6\xf2\xc5\xdf\x8b%6\xbbU}\xd8v\x8d\x00\x1e`.;\x8f\xdb\x01;\xa1\xb6\xa9\x18\xc4\xe5v\xe4\xa9\x8d\'\xaa\xb1\x01\x95\xa6-\xb0\x16\xf4\xaf\xfe@\xe1\x1b]\xa6\x97\r"\x14\x96\xbf\x84\x01*u9\x03\xb1\xe9\x8d\x19\xc1\xc9\x81\xdb\xf6y\x85H\xad>\x98p^\xfb\xef\xfc\xc4\x03\x06d\xbe[\xbd\xdd\xbb\xa0d\x9b\xa3\x021\x1b\xbe\x86\x08\xe4\xd8,\x84\xbb$\xc8\x97\xfaE\xf2\x18\x04);\xd8\xabm\xdb\xf7\xbcZ\x08\x17yL\xf4\x8c\x95#\x1an\x8e\xf7\x1cz\xb0)\xf4\x15\xb4\xa6W\xaf\xf8\xb3\t\x893KW\x13M\x87b\xc3\xee\xaa\xeb\xa8\xdd\xa3\x87\xfb\xcbVj\xad\'\xaa\xe3,K\x82j\x16ms\xa5w.J\xdf\xd98uO\xd1\x95\xa0Z\xe3zU\xc3I\x198i\x01\xc9\xfd\xc8=\xc8\xc7V\x0b\x1e{\xd5\xe6\xe6N\xc0[\xc3\x86\xaf\x8d\x11I\xc7\x96\x97!\x95sq\x9f\x96\x1d4\xf3Em\xcc\xc6\xf0N\xe8\xde\xef+vm%\x0b\xde\xc3\x85{\x131<\xc0\x1b\x9d\x0fC3L\x91\r\x14:\xa6\x9cK\x7f\\W\xc2\xc1\x9d\xed\x009\xdb\x16`' + + +2024-12-14 20:35:20.612899 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 5260 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 89 + chksum = 0x6fa3 +###[ Raw ]### + load = b'\xd4\x00\x00\x00\x01\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00@@\xdb\xcb\xbf\xd6\xeb\x16\xe2!\x16g\x9d\xa5\x13\x82G\x14~\xe7\x8a\xefL\xad\x9c\xd7=xAs\x1a>\x86\xe7\x8c\x8c\xf1\xc7=b\x95\x90\x82p\x86&\xc6\xde\xdd\xcaP\x93\xa2\xf9\xb2\xb3+u\xee\xd7\xb2!\xd2\x17C\x1e' + + +2024-12-14 20:35:20.636823 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 943 + id = 5261 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 923 + chksum = 0x72e5 +###[ Raw ]### + load = b'\xd1\x00\x00\x00\x01\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00C\x82\x9d\x06\x82\rV\x99\xe8\xc1\xdcF\x1c(\x96|\xbe\x1a\xcb\xc5\xf2\xc2P\xe0\x8cv\x01\xfdm\xe0\xc4\xc5\x91\x0f\nW\x17[\xe5,q\xe8\x90\x9db\x1f\xbb\x94~ A73\x0fBz\xbe\xffs\xe4\x0e\x89\xd3\xc119\x06\xa0C\xdb\x01\x84\x94\x9b\x1a\xdf\x1a\xce1\xaa\xd3\x17\x17\x90MUj\xf7,>"\x7f\x1d\xba1k\x89\x06x\xb0kY\x15\xdb\x8e\xfe\xa9\xd4\x1cm\xffk\x90\xb5\xfd\x98\x91\xec"bb\x12t\'\xccn:\x1b~\xfbN,4\xba~E\xbe%F\x8ei)\x98\x1a\xdb\xb8qY0\x1a\xdd\x14\xf4A\xbb\x8c[rLZ>\xf1\x1a\x80u\x02\xe7\xcf\xefh\x99\xce\xd2\xddi\xcd6_\xc1\x07O\x07ML\xb5\xe6K0\\\xe9S<\xce\x0bdL\xc6\x12\x13\x83"Ip\xb0\xe9\xfd\xa3\x9f\xf3\xd4\x11\xc7M\xf0\xc3*<\x92\x99\xa1\xc0\x18\x82\xffL\x8a6\xb5\xa9\x0b\xea1\xbc\xba\xbeK\x15z\xbeoL\x88\x0c\x15\x9e_\xed\x06e\x1b-]\xd7\xdf\x87/\x1c9\xba\xd6\x95\xe8p\x8ap\xffk\x8f\x0b\x1c\x08u.\x8b\x8b\xd8(\x14\xbb\xc0\xac\x83\x0fn\xa6\xc5 \x85\x87x&\xdc\x13\xd5aD\xde%\xe7\xae\xdf\xddJ7\xe6\x12\x8e\x85\xb3b[\xd2Z\xbf\xb3I\xc1\xe2\x1d\xc2\xc6\xb3\xfa\xfe\x01\x85\x98]\xc8\xea\xb3\xe7\xc06\xe3\xa8\x802\xf9C\x9eI\xb9N\xef!\x9d\xd7^\xc3\x14LVo\xfe\xd0\x9a.|^\x00aY/\x01\x91S+)\xa2&hu\x14v\x96\xb7aK\xf9\xb1\x87\x9b\x15{\xb39Ae\xe1\xbfu\x8b>\xcbj\x15]\xe6P\x9a\x1b\xf4X\x8f\x12f\xfe\xe1\xf6(S4\xf0{0\x8fFD\xef}\x8f\x94\xb27"y\xfd\xb1\x9d87\x00@Ug\t\xcc\x1f=E\x05#\'\xa4sE8\xc5M\xad\xcc\xca\x07\xf1\x9b\xa0t\xc1\xd0\xb8f\x04\xf0\xa0DV\xc6\x1a;\xab\x0c\x14\x91PVo\xc1Eaf\'\x9d\xf4\x191\x14\xc0\xdeB\x9d\xa9\x14~~m\xe8\x10\x0eF\x0b\x9a/\x13;\xb3\x9b\x00\xa3ow\xb4%M\xc2"\x12bH\x9eNelH\x11\\\x83C\x93\xaf\x8e\x1cS\xf2g\x95\xd9\xfb}\xb9\ns_\xb0\xcdI\xad\x1f\x1dRB\xa7]\x10\x01G\xeb\x99\xb9dK4<\xf4\x92\t\xda\x8f$\xcc\xd3\x83\x95\x8e\x14=Bk\x07\tQ\xca\xa1k\xa1\xef\x04!\xcb\x9d\x1b\xcdU\x97\xf2\xb5y\xab\xbe\x90\xbb\xe5\xab\xba[\x02&\xa8\xe1\xa27;\xd9\x9e|L?RyF\xc8\x847\x1c\xa1,\xff\xef\xd0\x8d(\xd0}\xd7\xbf\xd3\xa9\xb8\x19\xb0@@\x9b9u\xcd\xf4\x10\xb88,\xbf\xdc\r\x92\xfcC\n\xefq\x17\xe1Y\x84\xe5\x14\xfb\xc8d\xff\xd7\x96\xd8\x8f\x97\x90\x10\xedE\xa1\xb4J\xeb\xd5\xc4\xc6a\xa8,\x81\x8e\xf7\x95\x86.\x9ci\xbb\x94x\xa7\x14\x88\x13Y\xc5\x8d\xf9$\xc0\x11\x1b\xbfRf\xfc\n\x9f\xf0\xef\xd0(\xab\xac=|\xc6hc\xb2\xea.\x06\xe6' + + +2024-12-14 20:35:20.700137 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 68 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd470 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 48 + chksum = 0xa929 +###[ Raw ]### + load = b'\xce\x00\x00\x00\x01\x00\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00@\x16LGV\x04\xc3XN\xea\x00\xf6\xa7n2\xc3\x10\xbc\xfc7)\xc2\xd2\xf3' + + +2024-12-14 20:35:20.707944 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xcfb6 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 1258 + chksum = 0x3811 +###[ Raw ]### + load = b'\xc8\x00\x00\x00\x01\x00\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00D\xd0O\xce\xe3C\xb80\x1b\xa7\x13\x16\xb2y\x7fH[\x93#\xf5\x1c\'BNS)w\x8a\xf6#\x11\x8a\x89n\xb8\xf3\x8f\x92\x07\x17W\x91\x87\xfbl\xd4\xc20\xb1\x08\xcbn&\x8b\xdaR{E/.z\x87M\x04\xf0\xd1d\xde|\x0b\xb8\xcbXh6\xd7\x97\x80\x8b\xcd\x82q!v\xc4\xb7E7\xe1)\x97h\x81\x0f\xd3B4\x02\x87\xea\x13\x8f\x06%2\x16I\x86\xd8\x1a&\x13U\x9d\xc3\xd6RD/\x13\x1d\x1a\xa1\x02\x89\xecD\r\x08W\x9cpk\xb7\xb4\xed\x1bw\xdb\x8d_\x1c\xa2>6E\xc1\x80\xc2U2\x81\xa8O0\xa59\xfb"\xb9\x9cq\xa4\xeb\xc8i\xf6\xe2\xf8\x8b\x0c\x7f\xda\xff\x11\xb8c\x89\xc8\xcat\xb5\x80"\xefte\x85z\xe3\xfc\xe2\x1d\\\x0f\xd7\xf1\xe1\'\x89\xf6;_\x05\x08\xf6\xa4\x99T\x1a\xcdG\xe7\x15\xa6 ~HV~\x04\xb5ss\xc4\x9b\xc5oaC\x93\x94$\x86\xcf\x05!"g+1\xba\xed\xd99\xf3C\xaa\xb9\xf6\xed\x12\xf4\xce$)\xf5\xfcm\x94\xaefK\xb1\x1f;\x9c\xfd` \xf8\x07\xc0\xfbF\xfa\xec\xd0\xbf\xa9\xee\xcb\x08\xa8{\x07\xc2\xecD:\xd2\x15l@\x90\x7f\xf7\xca\xa0_\x809\xa7\x86{\x95C\x16Ya\xe7Y\x99"2\xa51\xea\xd1\r\x1c\x00\x17m\xec\xae\xac\xa88M\xac\xe6\xe6\xbf\xcfsj\x9dDP\xef\x01 \x18.\xc9\xa7>\x16%\xc5.x\x0b\xe3+\x8e\xbca\xbc+\x9c\x90H4\xdbB\xfb\xea\xee\x8bZ\xd6;,Hy\xfc\x06\x88o\xde\xf8wp\xd0\x1bLG\xbac\xc7n\x1e\xb7%B\x11\xe9*\x90\xab2\xd2\x95\x908I\xc6\x82)1\x0f\x83M\xbc\xcdP\x8e\x89\xd8\xa5\xe8\x83\xbf\x9a\\\xc9\xaa\x9c\x87\x91\xd8\x1c:\x18\xe0\xc0\x1b\x05"\xa7A\xa9\x13\xf4\xdb\x03H\xdbnN\xd6swQ\x8f\xaf\x05\xc2_?y\xe81\xd4D\xec7\xac>\xd9~\xe9|m\'6*\x0bi\xa5\xc4\xae[\xb0K\x8d::\x03\x87\x04\xe4\x14v\x00\x1c\x8fe\x878:\x00G\xad\x9b\xd4V\x1f\xfd\xbc4\x06{\xed< \xc6d\xbf\x02\x8d\xed\x0f\x8d\x98\xd9\x8b\x86\x10VdofbZ>\xcet\x87\x04b\x05!\xca< \x02\xc3\xae\xe1\x0b\xcf\x0f\xeeR\x1aW\x8d\xf0e\xe4E\x0e0O\xe7\x91\x80{(It\xa9\xd2\xdb1\xa9\xc6\x9e\xf8\x94)\x96\x93Ff\xfb\xa6\xfd_-\xf6J\xfe\x81\xb4G\xf5\xcb\xe5\x1ei\x93\x82\xca\xf37-\x82\x93\xd9\xc8\xcbu\x0b\x10\x1f}\x00\xe4h\xe1U\x02\xa9\x8a\xdd\xc4\xa7\x04v\xdf[\x9f\xf9\xc6)W\xe3\rF\xc4q`\xda\xe0&\x85\xc8r@h\xd6G\x1e\xa1\x0e\xc1\x13\xb0\x1d\x98\xad\x0e,\xce\xd4\xda\xa4\xa6@|\x8b\x9dr\x92\xe4\x03\xf6_r<\x9f[\xf08K<7\xcc\x95\xe4\x1b\xae\xb4`\x16\xba\xa40\xb6|\xa1&s\x0c\xf7\xc0"\xb9\xea\xeb\x16\xbd\nC\xde\xfa$\x06\x82\x02m\x02\xcaen\xd3\xa0$\xd5\xe7)\x11P\xf77r\xf6\xa7\xb7O\xb3\xb5\xe5\x99\x18Z\xe9V\xf0(\x04\xe6]0z\xf7\xb9\xd9\xdd\x05"\x88k\xb2sa\n\xd2E\xb6R[\\\x1b\xc7\xb9?\xcd"\x12\xe0\xe9\r\xbe\x92Q\xb5\x17V\x0c\xb9t\x14\xa0W\xea\xfd?\x028\\\xd1\x88\xc4\xe0\xbf\x9b\xe6\xf8\x1e\xf9\n\xc2\xd1\xf7<\xc2\xbf\x80\xd1\x8e\xe8\xf59\nYE\xdbjBmn}\xefrDmU\xd3\t\xe1[8\xd1\xfd\x10e\xf9\xae}\x8fg\x0e\xae\xdc/\x86\xca\xd4\xbb\xf0\xe4#q\xe3g\xd0\xe1O\xf55\xd5n\xac"\xf9i\xec!\xc0Xl`\x1e\x8f7\xac\x8e\xb5\xde\x80\xc0t\x83ETt\xbb\xe5<\xf1\xf4m\xa4\xc4\xa0\xe2z\xd2\x8f`4>\xe0T\xdeA\xf6\x166\xfa\x06\rA\xd9\x06\x0e\xa6+\x13\xe9w\xae\xb5M\x0f\x16\xf0\x0ew3\x0b}6\xf9\xad\xae,\xc4\xd4Q\xca\xee\x8e\xd2L\xc3\xdd\x9a\xe8\xa4\xf9\x84\xb6\xcf#\xe3)H\\]\xe9\xed\xe0\x9aWz6\x00\xb2"\xb4\x00\xf45\x99U\x8b6\xdc\x96\n\xe8\xd9h\xfce\xd8\xe5T/Z\x05\xa9^\xecW\xd3v\xe7q\xc8\x84\xfe\xc6\xe2R\x07kO\xfd\xe2\x85\x12\xb3eu\xc3\xb0\xc8\xfd\xd9\xc4\x9f9s\x01^\xf1\xfcm\xa9fL\x7f\xa8\xadd\x90\xdbw\x1f\xfa\xda\x19\xc0\xc2\x0f\xd7\x07f\xe1\xce\xe5\x93?\x02g%g\x90\xb1L\x8a\x15\n\x8c\xab,I|m\x85#P&\xf0\xfe\t\x9d\x82\xbe"\x98\xab-q.\x05O\xf6\xddc\x86\xd4\xb5\xe3=~\x0f\x1e,\xfeL\xee$\x04\xb4\xbc\xc0\xbc\xbf\xc8H\xcb\x19\xff\xcc\x1b\xcc\xdd\xe9\x0eB[\x94\xf9y\xa1]\x8f\x15\xe8\x937e\xa1\xf8D\x8f\xb9\x05!\xd3\xd5N2\\\xc7\x87\xbbl@d8\x9c\x1d0G#\x03\xee\xd1\xb5SM\xc4\xfco\x08\x8f\xceZ\xd7v+' + + +2024-12-14 20:35:20.754669 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xcfb6 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 1258 + chksum = 0x6a87 +###[ Raw ]### + load = b'\xc1\x00\x00\x00\x01\x00\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00D\xd0\\\xbci\x1e\x94\xd2\xfe\x1b\x84\x05\xc5r\xe0\xa1D\x9a;\x97G\xd4P\xa1\xf9FG@\xf0\x98\xc0\x97\x07\xb8\xfb\xa4\xb7\xac\x8e\x85\xcf\x05j\x19\x1cGh\xd2\x11\x99\xa2\xf7\n#\xd9lK)\xec7\x85\x94\x1f\x7f\xd0\xa3\x18\xc1\xfb\xf8\x04\x93\x9b\xd6\x158\x8a;\x1e\xb5\xc4\\\xc9`\x13D\xe8R\xd68\xba\x9a\x84\xe3\x80\x98lQ\x19\x05s\xb0\xe9\xc6\n\xf3gYl%\xb0\xb5\x95\xe6\x8fr@ |\x8dh\x0e\xbaf\xd7\xa0_WlL~;ED\x962\xd7\x04|\'\xb60\xfa\xaf\x03\x13\xb9Qha\x95\x88F]4\x161\x82\x8bU\xc1\x0e\x8d\xc9\xba6\xa5\xb4\r\x1f\xd7\x9eacb\x87\xbc\x1f\x8f\xb6\xab\xc3\x9dp\x81Y7G\xeaN\x98,\x9cy\x15\xf7\x8e\x010\x92k\xab1\xf5\x11;\xe9\xf0\xaa\xc9\xa5\xfa\xddbA+M\x94\xc7V_\xf7\xf5\x8f\xda4\xbdF\xa7>\x94Xfr\x0eh"L\xbb\xb2N\x90\xa0\xfd\xf0P\\\xcb2\xba{\x1f\xc4\xf7Z\xba\x91pQ\xf5\xac\x88\xef0_`\x9a\x0b\xa7\x8a\xca\xa5v/y\x1d-\x00\x9d\x84\xe6B\xa5Vn\xf6\xaa\xea\t5\x1a\xfdD\x982C\x80h\xd1\x82\x8f\xa7\xe9\x01(F\x90\xfe\xe1\x91\x8b!\xbfH\x8d&Y\xcb\xfe\xb5>^fM\x1a\xf0q\x97\x98EV\xe6\xda\xd0\xd9`\t\xd6N\x9b\n\x8a\xb61\xbe5\xb2\xec\xac\x04D\xfe\x15\xdb>\xfcq-\xc2\xd7\'\xe2G\x80)\xe2\x00\xbeOO\x0f\\V\x8a\x80\x1b\xba(\x0bm\xeay/\xbf\x98\xa1E\xc2\x0c\xc2\x909\x99\xe7\xf3x\xb4\xa5\x8c\xb0o\\l\x8e"gq\xa8\xa4\x11\xa0\x15\x04\xe0.V\xc2Ka\x1cY\xdc(\xc2\xac\x812Y\xa7\xa6\xb3H\xc8)\x1f\xf2\x86\xb3\x048\xd3\x80\xe9q1\x8d\xf37c\xff 2Y\xffn\\KW\x9fe\'\xe9`\xabvW\xe9Y\x04i\x91\xeay-\x01%\xe9\xd1F\x1d\xd0\x94\xbe{A\x89\xcfD|\x9d\xd6\xeb"^P\xf3\x19\xca1\r\xb5i\xe9\xa4\x86\xdc\xaf\x1c\xe4Jmd\xeeX\xa4a\x92\xd80\xe5\xe2\x14O\x97v\xd4I\xf0\x91K\x92\xfbB\x04\xea\xcf\xc5\x95\x89\xf0\x83\x8a\x89\x15\x16>|\xee\xd1\xbe\x01\xfe\xef6\x101\x8a6q\xc6\xaauc\xd8\xec\x1dt\xd9\xaeHG2\x9e\n\xe8\x9aB\xff\x98\xe2\xdd\xf0\xb9on\xae\xcej\x94\xb7\x90Gx\x0e\xc7\x7f\xf3\x8c\x1e\xa8\x1c\x1bs\xf1\x9a\x92_\x18\'\xcd[\xdd\x82\xb6\xe4\x97_\x85\xae x>\x95MJ3\x10\t\\\x17cj\xfcy*\xb4\xa2\x05?z\x86ysb~\x8e\nG\xdfh\x15\x9cK\x1dk\xfeW\xcc\x8b3d\xcb:\xf8\x86\x9fA\x15\xd9`B\x1c\x8a\x1d*\x9c\xb0"L_\'#1\xcf\x8a\x928\x18d0\xfcS\xe4\':\xb9T\xcd\x17\xa4\'\x80\x1d\x9b\xb5[Mn@+\xa4\xce\xb0\xd7\xdc\x83epi\x06\xcc\xc7\x19\xee]\xa0\xc0\xf8+W7\x98W1\xcd%=\x9c\xff\x9cZ\x9e\xcb\xde\x05>\xfe5\xa4\xfb.\xafV7\xb4M#\xd8\x18\x10\xe2\xa9\xe3\x18\x83\x93}|\x92\x08v\x1aS\x1e\xe1\xd6h\xe5zI!\xe9:\x94\xe9\xc8\xb5\xf9\x93D3\xd2\xd0\xd9\xfd\x05`\xa9Q\x1d\x0e\xb2\xe8\xbf\xe4\xee\x8cp\x89\x14X\t\x19\xb6\x10\xe6\xe4\x8d\xd2\xb1:I`\xd6E*?\x0b\xba\xae\xcb\x9d\\\x13\x1a\xa0\xac\xfc^\xa6\xed\xbaw\x93r\xec\x931\xc1p\xd1?\xbab\t\r\xb9$~I\xa0r\xe5y=\x15D\xb6yk\xc2\x1d\xfa\xfd\xd1\xd9\xc8\xb9\x8a\xc6\n\xf0\xfd \xf6)\xf2\x1b{N$+\x86\x92\x96.I\x0e\x9c\x88\xffZ\x95\xaf\xbdU\x91\xbb\x18\xc8\xf9\x17\xfd.\x89\x96\xa3\xa7\x18\xf6\x8a\xf5\x18\xdc\xe4\xef\x92\xb9\x99\x9d\xfd\xd1\xaa\xc7\x85\x141\x88Mr\x97\xac\x100<+\xe9\xce\x8e!\x01u\xdc\xfc\xab\x81\xd7SD1\x9e\xaa\xe8[%\xff+O\x1b\xc5/;k8\xd4y\xc4\xcf\x0c? \x0fQ\xef\xe7r\xb37\xad\x17\x80<\xbbo}\xcdv\xb1K\xff-\x96\xda\xce\xa1\xd7n\x19\x82z\x90{b\xb5a\x16\xf6|+\xf8\xfa\xdd\xfeq2\xa8*\x98dD\xd7\xcc\xecI\x84\tl\n\x8b\x9dt\x01s\x85\xff\xc2\xa1\xc0\xa8\x0e\x86\x90\xc2d\x1b\x14h\xe9\x0b\x96\xd0;`\t\x08\xcd/\x91l\x9b\xd6\xd5\xd9\xadv\x91\xed\x07\xeb=6D\xb2\x8e\xe2\xc1\x0c\x82\xc6\xd4\x1bv~\xfa\xd95\xdf\x08\x06\xae\xb7\xf8\x02\xb6\x90\x02\xca\xf4\x1d[\xc6Z6\xf4\xf6*2\xb7\x8b\xe5\xcb\xa8\x19|\x02e&>\x80L\xa6\x06\xa9\x12\xbda\'\nY\x9a\x97hzH\xd4\xebv\xc6w\x82E0F\x1e\x89~\x8a\xaa\xfe\x81' + + +2024-12-14 20:35:20.807443 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 334 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd366 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 314 + chksum = 0x53f0 +###[ Raw ]### + load = b'\xea\x00\x00\x00\x01\x00\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9@\xdd \x9cMQ\x80X\xe9DZ\x94\xd4\xc6\xd5\x16yO\xb5\x90C\xe1\xc5\xac\xe9\xed\x88\x1d\x11\x91\x00F\x80 \xcb\x89\x8e \x8d6\xa6:\x19\xd6\x99\x03\x103fn\\\x10\xbc\xd6\xda\xec\x16\xb9\xfe)\xf3\xc4\x0c\xd2\xb4\xb2/\x14\xc3p\x8c\x1c_\xb6\x0f\xc1?\xd3XGC\xa1\xfb\xad\x9e\xcf 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 972 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd0e8 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 952 + chksum = 0xceec +###[ Raw ]### + load = b'K\x96\xad\x10\x98\xf4}{*\x03\x91\xbb\xb9Z\xcbu\x1ak\xef\xc8\x8f.\x89\x93\xbf\xcdZ\xad\x92\xddv,\xba\x1b\xcf\xa0\xc5\x14J\xc9ZI\xe7\xd59\x07Z\xf3\xca\xde\xef\xc8\x12\x17\xd3\xcc\xc1vs\x0cfL\xb9\x87\xe5f\xd7\xfb\xc5\xd6\xec8\xca\xd9\xfaI\xf1.\xa4v\x97R\x9a\xd9\x9d\x8c\xb2\xeb\xfe\x18\x84\xf8\xc2/\xd3j\x08\xc9\x96l\xf2f\x91\xfek,\xc8\xc7\xb7\x1aN\x94O\xe2\xc7\xf1\x8f\xa7h\xf7\xf9\x93Kz\'8\x18_-\\\xcf\x0c\xeb3\xb8\xeb!]u\xe2\xb7\xd5\'\r\xcew~\rU(\xd2\x15t\xf0/\x83CR#\x81\xac?A|\xad\x08\xa7\x1e\xc1\xf1\x03\x9c\x0e\xcb\x87\xbdds\xf4\xb35BN\xf7\xa7\x82\x00\xa0\\\ru\xbf\x7f{\x193h\xec<\x88\xaf=\x97\x81\xc86?v\x1e\x02\xfd\xa2"\xca\xc6V\xc53\x9c\xddKW\x95$\xe3-Au\x86A\xc7R\xa1\x0b\\+&\x8d\xf5\xf7s\x7f[\xf8\xf9\xb7\x02l\x91M\x8b\x04\x94sq\x87\xf5\xdfy\xbbJ\x8dywS\x19\xf0\x8ag\x14g\x95)\x1c.\x84\x96\x05\x8e\xe23\xcee\xe20\xbc\xbc\x8e\xc8EY\xca\x9f\xb8\xae\x98\x99\x0c\x94c\n\x7f\x94\x0e\xe7@\xe20\xc7\t\x02Hi|mM\x82\nJ\x81\xc7.W\xfc2\xb5\x99\xcb\xf3(\xef\x03\xde\xa4.j!\xe4{po\xf6\x87D\x06\xd6\x9b\xe7\xef\x91by\xf8E\n\'\x9fh,\xd0\x96\x87\xfdY\xe77__,\xb4\x15\x88\xc0\xd3\xf2Nu\xf8\xb0\xce\x0be\xc3\xf1\x99U_\x8f\x7f\xd9TJ|f&gA\xb3K\xe7t\xe2\xefi#:\\\x91EV&\xf7\xbeTY~\xb5J\x9e\x9b\xec\xc7\xf9\xb4\xbciwm\xef\xb9\x03\xfb\x1a\x8cs\xff\x82\x07\x0f\xcb\xd6\x1e)[\xa5\xb5Dd-\xd5,\x8d&V\xcb[2\xaf\xb5m\xb7\x18\xff\x8a\xda\xab|)cB5\x9c\x96\xfa\xd0(\x80\x98\xc2\x05[Bt\xac\xfb\xd4\xbb\xde\x17\x16r\xab#\xe2a\x00#\xf8\x11\xadV\xc9\xed\xc3\xe0\xd3#\xeda\x1e\xd9$\xc1\xa6\xdfH_\x902\x19\xba\xbd\xc1\xc7\x92\x03\r\x0e\xacKm\xa0L\x1e\x1e\x88K\xac\xea\x84\xc9\x001\x02\xf34\x9a\x1c\xd7\xed\x83m\x1b\xeb\xf1\xe9\xd4\x1e/\x1c\x9c\xaa;\xca\xc6D{%n\xab\xa5K\xbd\x14\xd9V\xe3\x13\xcafk\xe9\x92\x8a\xbe}\nb\xd6\xdf\xed*f\x19b\xc5\xf4\x89T=\x89TF+w\xaf\xd7\xf3\x82\xe4\x9e9\xda\xa5 h\xea`\xbb\xc1V\x90q\x90U\xe7\x03\xef\x14\xca(C\x1d\x08\x0f\x0f\xe2\xc0p\x00@\xc6\x88\xd3\xd4\x0b\xf1\x01\x84ti5\xd0.(\x8b\xde\xa4\x9c\x95\xfc!\x8e\xa9K\xd4@>k\xa6\x98uj\xd2\x14\x9cw"\\\x8f\xf3\x89\xd9\x15\x87\xbe:\x0b\x86\xad\xe7\x94\xc7d\xdb!|\xca\x01\x88b\xe1\xdb!M\xf1\xebb\x8f\'\xe9\x892F\xc1\x04\xe0\xc3H\x0f\xe3\xd0q\xcdQ\xa4\xc6$3\x8e\x1a\xa3\xeb#r\x87\x0f9\xc8\xc8`:\xfb\xfd\xc7\x94\x82q]\x008j\xc5\x1e\xc3\x83w{\x04&\x0fk\xefU\x1f\xa6(\x9a\x8dc\xd4F\xa8\xf8\xb4\xd5\xbc\xbb\xba\xd6\xf9\xc1\xbf\xa9\xc1\x8e\xb8\xf7\xc5\xe2[\x1b\xf4\x94\x1c\xb9)\x05\xadh8BF\x86\xb0\xa9\x81g\x96M\xe1\x8a\xe6pK;\xe2\x81\xb7"\x02-{\x12m\xe7\x8f\x8f\xf5\x83\xe3\x1a\x0614\xf9\x1cY\xec\x9a\xf0\x07\xa4\x05\xd8\xbe\xb5\xfb\x80j\xfd\x0ec\x82\x0f*\x87\xcd\xfe5\xfac\x93\x92A`u0\x94\xe2c\xba\xc1L\xe8\xf2\x8d\x9df\xd4\xf25~\xe6y\xc73:a5\xa4\x8e\x19\xc5\xda\xfe\xba2\xe6K\x891\xf7\xac\xb0B\xa1\xea#\xbf=x\x90\xbc\x7f\x82\xde\x0b\'\x95\x9b\x8df%\xca\xcd\xa1\xd6\x17v\xfd}\xa6\xb4\xa7\xe3\x96j\x8fB\xd6\xe0H\x8b' + + +2024-12-14 20:35:20.894859 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd469 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 55 + chksum = 0x5f27 +###[ Raw ]### + load = b'Y\x06\xacv/V\xe3Q\xf4\xc1\x00,\xe8\xab\x80Y\x9d"\x86{\x05\xc5-\xc1&\xd4\xcaERy\xcb\x12\xf5\xd2\xee\xa0\xc6K9\x1f\x9casc\xd4\xf3\xb1' + + +2024-12-14 20:35:20.920082 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd480 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 32 + chksum = 0x7da5 +###[ Raw ]### + load = b']\xd4Q\x8a\xb8\xb1kP:\xc5\xce<\xcf~\x14\xf0\x86\xf1#\xaa\xaeq\x1dL' + + +2024-12-14 20:35:20.939690 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1274 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xcfba + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 1254 + chksum = 0x67f3 +###[ Raw ]### + load = b'G9$\xca\x1e\xf1\xc3NR\xb8\xd1\x80\xac\x05@\x18@\x13\x01\xcd\x99\xf1\xc8F\xc4\xaf\x95\xaa\xf6\x96\xc7\x9b\x06=/\xcf\x03\x97\x92\x9aD\x02)iw\x99YEa\x81\ncp\x1fy;\xec\xbc$\xb5Z?\xb8C\x1av n\xf4\xc3\x10\x11e\x9b\xab*\xf1\xd8D~\x06\xb4RN\xf6\x9a\xbf\x1c\x08\x04D8}\x0f3 \xb30\x10\xae\xbfl>H\x85Fu;\xd0<\xf1E\xe1H\xd5\xf7\x1c\xec\xd1\xcd\x0e<\x02\x1b\x91\x8af\x03\x9f\xc5\xfa\x7f\x82\xed\x1f\xbfY\xd3\xde1\x18\xe2\xb2\xf6R\x06c\xab\xd1\xb6\xc9\xff\x08\xe5tl\xa6\xd7\x9a\xb1g\xe5\xba\x86\xe1,\xef\x93\xcb\x98\xad\x18\xd2)\x8aA<\xad\xe0\n\xaf7\x8f\x9cL\xcc7*\x87\x9c!+I\x13Qs\xc8~\x80\x880\xc5=\xb6\xefU.\x86\xb2\xbf9\x03\x07Oj\x9c\xd74\x90\xbc\xfd\xd6\xc7!\xe1\x9eP7\x98\x14\xae}\x82\x96EoG\x11\xa9p9\xc9\xb5\x19$\x7f\x0b/\xa9\xbf\xad\x96\x80\xb7\xb6\xfc$\xc2\x18o\xe1s\x11Y2\x97e\xbe\x95\xdd\xafM;\'=\xe4u\xf4\x10\xf9\xd9\xa6\x81\xa0W\xe3V\x93\x8f8\x82\xc1}\xe0A\n\xd8\xaat\xd1\xecC\xa7\x96`\xf4r{\xc1\xd3\xe9$\xea\xe8\xd9\x0bI\xab\xd5\xdf\xb0\x02\x7f!\xfc8\\\xe1\x8f\x022\x9d\xc2M\xae\x14s\xaaY\xa6<\'\xba\xf5}{\xa3\x90\xd1\xa7"\x81\xb8\x8b\xacQ\xeb&\xca:\x1e^\xceW\x84$wflm\x14\xd6:\x93\x1e\x84g\xb3\xc5\xa6\xba\x7f\xa8D\xe0a\xef\xbf\xd7\xe4\xb2\xfb\xe1\x8e\x14\x94\x11VJ\x0b\xa8\xe1$e\xc3\x15\xe2\xd8iL<\x1eN\xcf;\x1e\x9e~O\xab\x0f\xef\xd2DC8rO\xe4\xf9=\xd4\xeb\xceRja\x8c\xcf\x04\xd6;\xc5}\xab\xfd\x98ny\xc1\xd1K#w<]\xc21\xa1^x\xb0J\xbe\x98fm\xc4\x13b\xfc\x9f\x82&\x1b\xfe\xe26\xf4\xdb\xe1;f\xaa[1\xf7R\xf7\x04\xc2\xc0\x1e\\\x17\xe15\xd9\x97\xe7\xc1=\xd3\x8d\xdd\xec\xf9\xe1\xe5?\xf0U\xc8\x16{\x89!\x84\x98\x92d\xed\x07\xa5T\xc2\xfa\xd5\x83A7*H\xe6\xb55.\xd2\xfd\x11\n\xc2\xfaA\x12R\xcdY)\x84\xd0a\xbf\x9e}\r]\xe5\xb9\xaa\x8f\x8bZ\x02(*7N\xe30\x0e\xe7\xcf\x97H\xe0\xbb0B\xca\xeb\xb4P\x15 \xc3\x9d\xaf0\x8f\xa9\x9b\xf8\x06\x15\xf4JZ\xb3&e\xe0@\t"\xdb\x99\xff\x80\xea:I\xf5eF\xf9Ka*a\xd4\x19E1\x19\xb6\xbbT{*\xe9\xdd\x84\r\xdd"\x8e\xe4\xe7\x12R\xe8\x97\xe1c\xa6\x0c\xdc\t\x8az>\x9d\x18\xaa\n\xb6]\xe2s\xc48\xe3\xaa\xe1\xf8L4\xb2\x18\xe1\xbd\x89^\x91\xd9*\x89\x11G\xe5\xcfN\xb5\xd1\xc3\xdft\x1ccco3\x89\xe5sy9\xd4n\x80\x0b\x8f\x13L^\xcd\x909&\x0f\xcb\xa3T\xa6\xc5\xe3\xd9\x10\xdd\'\xee\xf4M\xa9^8<\xbdc\x1fU\xa0\xa5#S&d\xde6\xb6/\xa59\xad<\x023>\xcc,Ne\x14\x87\x15I\x01\x17\xb0C\x19[_d\x0e`\x0f;\xfb\x8a\xd0i\xf0\x1df\xb3\xad\x7f\xb6T\xc9U|\xa2\xe9\xda\xeb\x1f\xb4B|\x87\x8e@\xdbW\xe6\x1aJ\xb6 }\xb7\x19m\xe0\xc9\x0f\xec\xc4\t\xf4\xf1\xd0\x07\xa6\xe1\x1b\xd7+\x9e\xb0\xd2!1\xbcgQ:\x00(\xd8\xa6\xba\x02\xa8\xfb\x83\xa0\xb7\x97\xb2\xd4\x9a\x14B\x83|r[C\xde\x82&\xcd\xfa\x1c\'\xa9{\xd6SwU\xbf\xcai\x1a8\x88I<\xb4Ll\x16\x90L+a\x98\x12\x0c\xbb_h\x9d\xe3\xc0\xf1Eg\xe7z;\xd0\xb0\xf2-\xf3,\x93O\r\xe5\xe1\x8f_:\xb6\xeeo\xdb\xa3&\xc8\r\x06\xc1\x81\xd6\x97\xccO[J\xba\xc4m\xd7\x07\xf5\xe3\x86\r\xf9H\xfd\x87\xa0\xe2hD\xf4\xee\xa6\xced\xaa\xd0\r?+\xef\x9b\xc2!\xe0r}\xf0\xca\\h1\xad\x83\xbd\xcc\xa0\x84IP\xber\xc5\xab\xcd\xac\xbb\x1d\x1f\xe5R\x01\x13\xb8d\x17h\x90\xb9\x1b\x17^\xcb\xc8\x11\xc7\xe6\x0b\xe3\xd3a`\xcc\xf0m(/\x82\xc8\x81?' + + +2024-12-14 20:35:21.022683 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 106 + id = 5262 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 86 + chksum = 0x6fa0 +###[ Raw ]### + load = b'\xe9\x00\x00\x00\x01\x08\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x00@=\x1bi"B\xce\xb8x\xd9\x0f\xcc\xdemM\x80\xcfe\xee\xbc)D\x9b\xa5s\xf7\x01A\x0c\xd6\xb6Y\x16\x05\x8e\xc3\x06|\x97t\x0f\xfe\xe1\x0cf\xe4\xe0\x11\xca\xc0sE\xfbY\xe4N\xe6\xbe{;\xa29D' + + +2024-12-14 20:35:21.050805 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 59 + id = 5263 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 39 + chksum = 0x6f71 +###[ Raw ]### + load = b'F\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x04a4\xc8\xc2\xe1\xe8=\xf1 ZoeKhh\xbf\xdc\xf4\xda\x82U' + + +2024-12-14 20:35:21.071662 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 63 + id = 5264 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 43 + chksum = 0x6f75 +###[ Raw ]### + load = b'P\xfa\xbe\xc6\x1c\x11\xd6<\xa9\xef\xc1\xe5U\r\xd0\x04\xf3\xfc-\xa4\x90\xc5\xb4\xb7\xd5\x02\x0fm\xb5\xd0\xb8\x8bC\xb0\xe0' + + +2024-12-14 20:35:21.089879 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xcfb6 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 1258 + chksum = 0x685a +###[ Raw ]### + load = b'O\xd6\x1d\x94\x02\xcby\xbcD\xe7o/\xef\xd2\n\xb6YOvn"\xbc\xdb\x845\xa0\x1e \xbf\xbb\xfc\xbc)^\xc9\x82\x14A\xb8C\x14\xf7Z\xd5\xbb\xf7\x8e3W\xd7.\xdb\x08n\xb5)\xaaJ\xebP\xbfc\x98\xb5}~\x86a"\xeew\x11Q\xd2i9\x9b^\xba\xd0:\xd1\x84;\xd2\x02\xdfq\x01\xfb\xf8r6\xa1\t\xc9\xe5\x8f\x0f\xd1\x92\xe1t\x14!\xf0q\xc4e\xdd?;u9\xe6\xb6tVN\xc5\xa9\xc7\x08\xecf\xb7\x87\xb3\xf6|`\'g\xe9\x04\xf3\xe9\xe8r\x9f\x93H\xcal\xe4\xd0\xfc\x88\xfb\xde\xd4\x83\x97m\xd8,RU\x8c\xe3I\xb5\xb4\x148j\xd4u.\xc2\x15\xb4\xce\xed\xbd vV\xcdrA\xf1d\xd0\xa8\xc1\xd3\x8c\xf82\xf5\xd1\x8eb\xea\x1b\xf2\x11A\x7f\xcf\x05-\x12Z\xb4\xf4\x96f\x19\xaca\xbb\xedi\xd4\xd3\xea\x1f\xab\xfen\x150\x1ak\xf9\xa2c=\xa4\xd9\x7f2]\n\x1e\xc1.{T\xa8\x89Y%\x1b\xbc\x01\xeb%E\xcc\xb9u\x16\x01Or#\xde\x8bK\x8b\xb0|\xb7\x9c\x82\xc6Y\xc3\x9f@I\xde\xc5\xdb\xcf\xfal\xe7{\xfdW\x11\x03\xf9QU\xd4p\x1d;\xf2ld\xc6\xbaK\xf3\x1f{\xbc\xcf]\x08\x12S\xc4ey\x100\xedI;Z\xed\xa4\x8a\xbaN\x0b\x08&/ANN\xb0\xc5\xcby\x97\x0f\x93\xb3\x1f\x9b?>\xe6\xe7\x0b\xfd\x17\xfc\x17No\x87(\xf7\\W\x92\xecz{\xe6\xf7O\xe3\xd3\xd2\x17f\xd2{J\xc6\x99:z\x01\t8}@d\xdf#E\x82:\xa8-\xad\xcc\x80J\xe6\x99\xf1k2\xab\x8e\x9b\xb6<4&\x12\xae\xc2\xe5\x84\x92\x10\xc5\x9e\xb0er:E-O\x0b\xd3[\x17\xfb\xb9x\xe5\x0f8_:\xf9\xa4\xcb\xe9\x1e\xf4{%\xbd\x15"2\xc8\x97\x9c\x13J\xc2\x8c"i\xc5M6\x1a\x95\x86+\x95H*\xc6\xaeO\xear\xa5\x95\x02\x8f\xe15\x83\xa2\xe5\x8c\xc4\xce\x1a\xae\x8d\xf1Y\x15:\x8f\xd8\x13\x13\x98\xd5)S8\xc0]\x96\xac\xd9\x02\x15\x9c\x9e\xf4$8\x02\xb2F\x14\xdd\xfb\xfaZ\xc9^\xbf\xfe^\x8a\xd1:\xc45\xa4\x84\xc8\x00u\xff\x8c\tS\x90\xf9\x1ba_\xc7G\xda\xdeO\x17\xce\xd9\xd8\xdc\x86\xb4\xbc\r\xb1T\xc5\x15L\x81h;\xcd&m&\x11\xa9\x07\xd3y\xe7\x12\xb4\xe0\xe5\xe2\x91\xfe*b\xd5\x91B\xf4}\xa6\xa9\xaeB\x19<\xc4\xed\x08\xb5\x07y\x08\xd8\x02v\x03\x8c\xb7\x05.\xbd\x10\xff\xc4\x81\xceH\x9f\xcd\x1e\x99\x80\xb6\xda\n\xb3\xb0\xbb\xaeG\xb7\xac\xc5\x9f\t\xd3\xea\x97\xdb\x1c\x1c\xef,K-\x07\x8fr\x8a\xb6\xa2{\xd7\x1a\xd4\xfeg\x1e\xa3\x10\xbf\x05\x9e\xa8\x04\xb9\r\x03\xd4{\xf1\xfek\xec;\r\x17\xc1\xba\xe1C\xe4_\x07D:\x85]\xa4\x03\x15\xec\x88\x08si\xe2=k\xe8\xfb\xdc\x10\x12j\xcc\x93L+\x89\x19\xf8\x8e\xc9-\xc8}\xa8O\xc6:Fg)\xe8\xf6?\xfe\xf4\xeb*j\xfc\x7f\x95\xa1\xff4\x98\x99\xa9\xef\x1c\xa4$M\xb6k\xf4\xad3\x0c\x8a\xa1\xc4\x80g#\xc9\xa8\xe7sj\xeb\x94\x9e?\x19ua\x88\x9a\x8b\xaf\x1b_\x14\xf5\xfa^\x94:@\xc2\x1b1:\x8d\xe3Q\x08\x03X?>-\xfd\xab\xd0$\xb8\xf4 \x0f\t;\x15{C\xcah\x13|(e\x85\x1c\x89\x88\xf9y\x82F\xf5\xe7\xfbf\x95\xed\xdaj\xb7\xe1\x95\xfa\x91\xad\xc9\xec#0@T\xf6$\t\x86\x87\xd7n\xc6\xfc`b\x16\x17\x91\xef\x9e\xad\xed\xbe_\x7f_\xed\n\x0e\x8cq\x1d\xae\xe4\xe5\xcf\x83\xdc\xf7\\,B\xc8\xbd\xed\x05l\xe6\x98\xc0\x92\x81}\xa0\x90d~\xdb\x93\x0b#\xec-W\xb7\xab[\xcb{2\x8b\xde\xbc\xa7L\xe6m\xeb\x9b\x8b\\-)3?\xd3\xb8\xd2\xba\xa0\xf6vCEk)\xad\xb4*rXU\xce\xa7\xa5\xbaU=\xe8\xfd\x95\xc1\xa4\xe5\xe5\x83\xf9#\xec\xe5\x89\xcfiPpk=\x9b\n<-9\xd8D\x94 \x85FJ^\xb6\xfa\xc4]\x807.\xa7\xd1\x1f\x9d\x04\xd7&X\xe6\xc6\xdczo\xfb\xbb\xca\x91\x99\xe4\xa5\xb4p\xed\xc0\xc7\x9de3\xe6\x1d\xfe\x897c!N\x9c\x1f\x02%\xe1\xff\x1e\xea\x1e\xa3\xe2\xb4\x8dX\x8b\\\x98?%r\xaf\xbb\\\x06\x91\x9f\xee\xb6\xc8\xa5\xa80:\x02\xda\xeb\x97\xad\xfc^\xb4\xdf\x9f$E\xea\xd6d\xef\x0e~[\xd3\xcf\xc6\xa3\xe4(\xcc\xceK\x92\x89\x80\xfa\xb9\'r\x1c\x1d\xeb|\x10\xf5[\x14eG\xac\xc1\xd9_%\xab\xc5\x0c\x98\x96\xc4v{\xd8\xe5@\xfd\xfce\xe0\xb0\x83\x93\xbcX\xcf\x02\x88\xa7\xd6\xdc\xa0%\xdb$5a\x80\x83\x80\xbd\x86q\xb6>\xe8\xc9\xc2\xc3\xea\xfa\xa6ap>\xde\xb0\x8ek\xc61e\xdc\x0eK\xa1\xea\x84\xd2\xdc\xb8\xd7\xbc\xc7\x85\xfd\x1em\xc7\x17\xb9\x00%\xda\x0f\x15\xd9\xad\x1a\x1f\xe8\xb7\x96B\xf3O\x04\x00\x01\x07B\xd2\xe5A\xa3o\xb7sN\xe1[\x1b\x80~\x90\x8e)\xd1\xa8e\xffs\x05\xb8\x1b\xb0\x02V\xc8I\xff/=\xdf\xde' + + +2024-12-14 20:35:21.164502 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 270 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd3a6 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 250 + chksum = 0xdb13 +###[ Raw ]### + load = b'P`\xb0\x93\xd2\xed\x8aFZ\x8e\x879\x1d\xe6\xb8\x05\xf1J@\x11\xeb]\x11\xf7\xf7lo\x02\xddP\xb3\xb4\x90\x83F!!\x994\xe1\x11\xacT_\xbdj\x8d\x84\xd06S\x81\xb9<\xc7\x98\x93\xd7\xb5\xa7\x1ck\xa3on\xbf\xb3Y;\xe5\xca\xfc\xa6\xfe\x02L\x9by\xa5\xf8\xb4\xd1_\xf1\xec#\x11\xbc/\xe54\xb5\x17whMC\xd4\xbfC\x97f\xda\n}VS\xda\xca\xda\xca\x0f\r\xe6\x14\xbb*<\x01\xcd\x8a\xd2\xbd"\x9d ;\x9b\xf8\xb0\xb3\x83q\xff7\x01t\xddR\xc0(\x1a\xc7\xc1\x80\xbbB\x1b\xca3\xefN\xad\x7f\x85\xbe\x8eJ8H}\xea{\xd4A\xefO\xccF\x12\xb2\x80\xfb\xfe\x97i|\xbe\n\xa9M,\xd3\xb4\x1c\\ \xbd}\xa6\xc8\x80"\xb0_\xad\xb3\xb2\xc1\xd1\xbb\x9f\xbda\xc2\x963\x94\x15\xf6\xc1\x8d\xe1k\xee\xfeL\x11\xb5X>c\x86Y\x9b7\xc8\x8f\x11\xdb\n}B4\xfd\xa1\x80\xb1N\xac\x90\xfa' + + +2024-12-14 20:35:21.177578 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 59 + id = 5265 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 39 + chksum = 0x6f71 +###[ Raw ]### + load = b'@\xfa\xbe\xc6\x1c\x11\xd6<\xa9^\xa5.\xe7f\xdc\xc7\xb7\xed07\x03d\xc6v<\x07\xb7\x1eju\xce' + + +2024-12-14 20:35:21.185625 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 148 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd420 + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 128 + chksum = 0xef81 +###[ Raw ]### + load = b']\xc8\xd1\x0f\x04<\x82Ifu\xf4\xc6\x02\x05\xe5\xd0\xf9\x1a\xc3\xf5\xfaK-yvJq\x1b3\x9f\xadZ;c\x96\xd9nx\x17`\xc5\xdb\xd6H\xba\x11\xb5\x04\xf2vq4\xfd\xaen\x8b4*\x1c\x82\xf8\xcf\xb1\xd7\xdc\x01s\x8b\xc2\x9ej\xd7y\xd1\xf7\xe6\x11>\xd8\xd6\xe1\xd9\x80\xfa\xd5@\xd2\xeb\x91\x96\xd4\x92\x8a\xfeVe]\xea\x14\xc1\xc6`\xc3\x03\x8a"$\x80\xd2\xce\x06\xdc\xfe8\xa8\xca\x84\x84\x15\x1a' + + +2024-12-14 20:35:21.188879 - Ether / IP / UDP 216.58.213.74:https > 192.168.1.11:55785 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 53 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0xd47f + src = 216.58.213.74 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 55785 + len = 33 + chksum = 0xb658 +###[ Raw ]### + load = b'[\xe7\xdd?\x9c\xb4\x9d\x9cb\xf5\xa4\xc6w\xfa\xa1\xb7\xa7\xbb1\xc4\xd9\xb8&V\x90' + + +2024-12-14 20:35:21.191560 - Ether / IP / UDP 192.168.1.11:55785 > 216.58.213.74:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 60 + id = 5266 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 216.58.213.74 + \options \ +###[ UDP ]### + sport = 55785 + dport = https + len = 40 + chksum = 0x6f72 +###[ Raw ]### + load = b'C\xfa\xbe\xc6\x1c\x11\xd6<\xa9\x0c\xdf\xef(o\xc1u\xe0\xd4\x9e\xef\xd1C\xe0W\xf5\x08=P;D\xc6g' + + +2024-12-14 20:35:21.194906 - Ether / IP / TCP 192.168.1.11:40788 > 35.186.224.41:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 68 + id = 8643 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 40788 + dport = https + seq = 948637544 + ack = 1994427668 + dataofs = 5 + reserved = 0 + flags = PA + window = 512 + chksum = 0xc5cd + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x17c\x018)\x1aG\x0c\x08n?\xea\x0c\xf7jj\x94\xe8\x88\xc6\xa7\x8e?K' + + +2024-12-14 20:35:21.196944 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:40788 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 49790 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xbcba + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 40788 + seq = 1994427668 + ack = 948637572 + dataofs = 5 + reserved = 0 + flags = A + window = 1051 + chksum = 0xf90e + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:23.164253 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 417 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc5a8 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 397 + chksum = 0xc02c +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: upnp:rootdevice\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::upnp:rootdevice\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.167244 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 489 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc560 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 469 + chksum = 0x502d +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.168966 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x83e4 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.170471 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 485 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc564 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 465 + chksum = 0x7632 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.171947 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8392 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.173238 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 465 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc578 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 445 + chksum = 0x8a6f +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:device:WANDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.175309 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8394 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.176761 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 497 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc558 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 477 + chksum = 0x3a9 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.178156 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 479 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc56a + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 459 + chksum = 0x81a1 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANIPConnection:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:service:WANIPConnection:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.198208 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34208 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 55786 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 41437 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.201526 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34209 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 55787 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 41438 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.203288 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34210 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 55786 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 41439 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.207620 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34211 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 55787 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 41440 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.209208 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34212 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 55786 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 41441 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.211541 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 55786 + len = 76 + chksum = 0xba3d +###[ DNS ]### + id = 41437 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:23.213124 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 55787 + len = 89 + chksum = 0x4cb5 +###[ DNS ]### + id = 41438 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:23.214941 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 55786 + len = 90 + chksum = 0xb2da +###[ DNS ]### + id = 41439 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:23.218427 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 55786 + len = 81 + chksum = 0x6e2d +###[ DNS ]### + id = 41441 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:23.219842 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 55787 + len = 51 + chksum = 0xe5 +###[ DNS ]### + id = 41440 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.241158 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34213 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 55788 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 41442 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:23.244047 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 55788 + len = 81 + chksum = 0x8814 +###[ DNS ]### + id = 41442 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:23.420360 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 479 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc56a + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 459 + chksum = 0x81a1 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANIPConnection:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:service:WANIPConnection:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.422104 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 497 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc558 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 477 + chksum = 0x3a9 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.423601 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8394 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.425281 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 465 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc578 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 445 + chksum = 0x8a6f +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:device:WANDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.426649 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8392 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.428176 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 485 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc564 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 465 + chksum = 0x7632 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.429509 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x83e4 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.430742 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 489 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc560 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 469 + chksum = 0x502d +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:23.432111 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 417 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc5a8 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 397 + chksum = 0xc02c +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: upnp:rootdevice\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::upnp:rootdevice\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:24.193633 - Ether / IP / TCP 192.168.1.11:41802 > 172.64.155.209:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 48035 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 172.64.155.209 + \options \ +###[ TCP ]### + sport = 41802 + dport = https + seq = 437917378 + ack = 116824022 + dataofs = 5 + reserved = 0 + flags = A + window = 511 + chksum = 0x9e1 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:24.212142 - Ether / IP / TCP 172.64.155.209:https > 192.168.1.11:41802 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 28155 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xcd03 + src = 172.64.155.209 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 41802 + seq = 116824022 + ack = 437917379 + dataofs = 8 + reserved = 0 + flags = A + window = 162 + chksum = 0x98ed + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (437917378, 437917379))] + + +2024-12-14 20:35:25.549488 - Ether / IP / UDP 192.168.1.28:40175 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = 6c:f7:84:e4:d7:de + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 153 + id = 33478 + flags = DF + frag = 0 + ttl = 1 + proto = udp + chksum = 0x44cf + src = 192.168.1.28 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 40175 + dport = ssdp + len = 133 + chksum = 0x7b40 +###[ Raw ]### + load = b'M-SEARCH * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nMAN: "ssdp:discover"\r\nMX: 1\r\nST: urn:dial-multiscreen-org:service:dial:1\r\n\r\n' + + +2024-12-14 20:35:26.184234 - Ether / IP / TCP 192.168.1.11:42631 > 35.186.224.26:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 5434 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ TCP ]### + sport = 42631 + dport = https + seq = 20160527 + ack = 44088017 + dataofs = 5 + reserved = 0 + flags = A + window = 510 + chksum = 0xc5a3 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:26.197638 - Ether / IP / TCP 35.186.224.26:https > 192.168.1.11:42631 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 54938 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xa8a1 + src = 35.186.224.26 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42631 + seq = 44088017 + ack = 20160528 + dataofs = 8 + reserved = 0 + flags = A + window = 1022 + chksum = 0x66b9 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (20160527, 20160528))] + + +2024-12-14 20:35:26.252166 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34214 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56046 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 1014 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:26.253990 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34215 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56047 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 1015 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:26.255413 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34216 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56046 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 1016 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:26.256783 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34217 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56047 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 1017 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:26.259146 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56046 + len = 76 + chksum = 0x5721 +###[ DNS ]### + id = 1014 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:26.261140 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56047 + len = 89 + chksum = 0xe998 +###[ DNS ]### + id = 1015 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:26.262764 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56047 + len = 81 + chksum = 0xb11 +###[ DNS ]### + id = 1017 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:26.272133 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56046 + len = 51 + chksum = 0x9dca +###[ DNS ]### + id = 1016 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:26.294633 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34218 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56048 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 1018 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:26.297943 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56048 + len = 81 + chksum = 0x24f9 +###[ DNS ]### + id = 1018 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:28.070531 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 84 + id = 43053 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe4b + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639193 + ack = 4062860605 + dataofs = 5 + reserved = 0 + flags = PA + window = 9 + chksum = 0x68b1 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00'U\xe8\xc2\x14p\xb7fPy\t/\x1e\xbf\x9a\xbf^\xa4'\xe6 \xffx2 \x92/_\x86\xd5\x0c\xbaM)u\xb9H\x90\x16\x14" + + +2024-12-14 20:35:28.080118 - Ether / IP / TCP 192.168.1.11:42259 > 188.114.96.5:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 49548 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 188.114.96.5 + \options \ +###[ TCP ]### + sport = 42259 + dport = https + seq = 4062860605 + ack = 2693639237 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xde68 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x1e\xee\xe0\xd0\xe4\xdb-\xfd)=Q\xd7\xa2\t\xe3\xb5!\xddn\x87Mo\x966U\xd7*R\xec\x14\xb6' + + +2024-12-14 20:35:28.082470 - Ether / IP / TCP 192.168.1.11:42259 > 188.114.96.5:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 49549 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 188.114.96.5 + \options \ +###[ TCP ]### + sport = 42259 + dport = https + seq = 4062860640 + ack = 2693639237 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xde68 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x1e\xd5m\tefS\x85\xcbU\xf5\x12\xca;\x8c\x01\xf9\x16\xd7\xc9#\xdfDN=\xd8\x15W\x9c\xa5\xa3' + + +2024-12-14 20:35:28.097574 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 43054 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe76 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639237 + ack = 4062860640 + dataofs = 5 + reserved = 0 + flags = A + window = 9 + chksum = 0x9673 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\xf0\xb4\xe1r' + + +2024-12-14 20:35:28.099788 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 43055 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe75 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639237 + ack = 4062860675 + dataofs = 5 + reserved = 0 + flags = A + window = 9 + chksum = 0x9650 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\xe6B\xdc\xe6' + + +2024-12-14 20:35:28.221124 - Ether / IP / TCP 192.168.1.11:42760 > 20.50.88.242:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 701 + id = 28822 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 20.50.88.242 + \options \ +###[ TCP ]### + sport = 42760 + dport = https + seq = 2716058156 + ack = 996188136 + dataofs = 5 + reserved = 0 + flags = PA + window = 515 + chksum = 0x3187 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x02\x90\xe3\x1bE\xda\x03G\xd8\xce)\xb1\xbd\x92?py\x13lp\x11E\xe7\xa4\xf9\xe4\xcbt\xfb\xf3-\xce\xa0\xc5\xf9T{M\xee\xc1\xdaOf\xccb\xc3\x05A\x03\xe7$\x8f\x06\x87\xf7$\xca\xbb7\r\xfd\x88)t\xbc\xa6\'\xe1<\xe1\xabD\xa9\xa81~\xe6\xa3\xd6\xb1\xf4\xe8\x97@F-q\xfb\xd7+,\x9f^\xc0\x89y\x8a\xc58\xb6\xaa\xe6Q\n\xce\x0c\xaf\x12\x12\'\xaerj6G\xb7\xcaE\xe8It M\x8c\xa2o\xad\xc1\xaa\xc7\x80\x9b\x1fyK\x88)`\x8b\x9e*R\xb9\x8a\xef\xfcR\x16\x9d>\xd2\x19\xbf\xdfgF\xc38\x97c\x01\xb0\x94\x96\xcf\xa9\xf9/\xaf\x10\x06q\xb3\xb2\x9d\xb4W\xe9\x96C.\xb4\x97^5\x9f\x0cq\xa2SJ\xc1#\xeb.\x07u\xa7P\xb6H\x9fo{.\x0f32\xc9\xfa%\xa0\xb1\xd9\x85\xa2|\x06k~u\xe2\xdb\xff\x9f\xedU\x9b\x13*\x19\xd1#\xd2\x8c\x02\x05iC/\xa3\xbe5\xaa\xb8\xbd\xcdv\x01\x93\xa3\x18\x81\xd4\xfe\t\x05\x8c\x943\x81\xdb\xa8;\x145\xa4\xae _O\xf0\xa5\xdc\x94\x83\xa5\xfaU\x11\xc4\xa0UY\x18L*uv\x9b9SX\x87\xea\xe4\xccU\x80\xa4\xa1\xdd\xdd\xcc\xdb\xe3\x01\xda\xf4X\xe0~\xc5O\x9e\xce*\x82\x18k#\x83/\x9c\xd3\x8a\xf5\xd7\xa9b\\t\t\xfc\xade\xdf@\x1b&\xecV\x06\x0bu\xc6\x1b\xe0\x0b<\x05J\x93\t7\x98,\xe8\x8c6aB\x1e~\x01p\x9e9\xa8\x8a\x9dly\xe9\x86\x8b\xce!\xc9k\xfe\x0f\n\'\xf2\xe9\xcf\xcd\xf5`a\xc4N^68@\x91\xb8i\xc4\x10\xea\xed\x92n\xc9\x03/X\xb3\xfb\xcb\xc6\xfcT}\x83\xcb \x9a\x99\xd9\x1c\xc9\xbc\xa0<\xb7X\xf9\x0b\xfc\xe2\xe5\xd0\xf9\x8e\x17N\x0f\x03"j%w\x07\xd1\xe4:.n\x04#/\xe5#1\xf4b\xb3\xb7c\xeb}\xce\x83\x91\r8\xf2\r\xfaQ\xe8\x15;Q\xa0\xa1CF\xceY\x89\x85\xdc\xd8\x99B\x82\x02\xedC\x9225\x16`\x0e\xc6\x1c\x8e\x9a*\xa4X\xeeoj7\x16\xfc\xb9\xf8?tL$\x9a`\x99V\x92\xb6\xbf\xac\xaa9\xf3\x01"\x9at\xa0\x94\x1c\xc5\xcc\x8f_\xfb\x11\x0f\xe0\n\xc28\x8axO\xc4\x91\x820bX\x8f\xb2xL\xad\x95[\x88 192.168.1.11:42760 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 42876 + flags = DF + frag = 0 + ttl = 106 + proto = tcp + chksum = 0x3a7c + src = 20.50.88.242 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42760 + seq = 996188136 + ack = 2716058817 + dataofs = 5 + reserved = 0 + flags = A + window = 16382 + chksum = 0x564d + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:28.340693 - Ether / IP / TCP 20.50.88.242:https > 192.168.1.11:42760 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 370 + id = 42877 + flags = DF + frag = 0 + ttl = 106 + proto = tcp + chksum = 0x3931 + src = 20.50.88.242 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42760 + seq = 996188136 + ack = 2716058817 + dataofs = 5 + reserved = 0 + flags = PA + window = 16382 + chksum = 0x4f28 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x01E7\x93\xac\xcc\xb2=\xb5G\x96\xa8\x0f\xe8\xd9AdJ.:\x83U\xe1-\xbbR\xab[\xdc\x9a`\xd9\x1a\x81+\xe3*\xad\x84e\x91z1\xfav\x9b\xe7\xa6\xb5\xb1\x82\xdb\xe0T\xb9\xfd\xc6m\x19\t\x16\xe1\x04\xbd4\x17N\x88\xf4|\xda\xeb^\x13\x84f\x0f8\xfd\x1c\xf4\x82\xce\xe8\x9b\xe6p\xc5m]\x9bY\x93\x15\x9bs\x9a?\x82\x84\x92\xf8\x11@\xde\xff\x03\xd4\xea\xff\xb0\xfbM}\r\x81\xa3\x93GC\xcf\xecU\x1f-o\xa1h<\xee\xab\xb5AL,\x86\xccBtg\xc1\xfb\x87\x86\r\xc9\xda\xbe\x98\xa1,j\xca\x16\x93$\'\x90\x86\x10\x96c\xb7\xe7\xcc;\x83iwoQu\x87\xc3\x8c\xd6\xe3\xff28uUI\x08\x1a\x196]\x05\xf1\xe8\x9f\x9c\xdf\xc7\x92sc\xd2\xe0n8\xe5\x9f\x18\xe2\x1b\xa5#\xc4\x93\xee\xb5\x03\x9d\x81\x8e\xd3\xb3 \xc6\xd3\xd1"-\xa6zt\xa6]\xe1\x0e\x01\xd8\r\xde(\rE\x83\x94/6WI\xcd\xca\xf1\xc7\xae\xa1\xbc\xae\x118\xd9\xd7\xfb\xf8M\xa1\xdb@\x96.\x8aA^Ay#\x11\xf7g]\x15wz\x95\x03\xa7\x14\xda\x1f\x07l\xf1\\\x18\xdf\xe9bL\xc0\xd5\xe3OEo\xe2\xa9F\xd2Q\xa3\xbd.\xa5\xc7\x1a^\x9b\xd4\xce&T\x17@+\'\xde*56zX ' + + +2024-12-14 20:35:28.364154 - Ether / IP / TCP 20.50.88.242:https > 192.168.1.11:42760 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 67 + id = 42878 + flags = DF + frag = 0 + ttl = 106 + proto = tcp + chksum = 0x3a5f + src = 20.50.88.242 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42760 + seq = 996188466 + ack = 2716058817 + dataofs = 5 + reserved = 0 + flags = PA + window = 16382 + chksum = 0xee5c + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x16*M\xb9\xb9m\xc2\r#x\x14;!m\x8a\x0c\x10\x06&\xd5\xfa\x18Y' + + +2024-12-14 20:35:28.367261 - Ether / IP / TCP 192.168.1.11:42760 > 20.50.88.242:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28823 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 20.50.88.242 + \options \ +###[ TCP ]### + sport = 42760 + dport = https + seq = 2716058817 + ack = 996188493 + dataofs = 5 + reserved = 0 + flags = A + window = 514 + chksum = 0x2ef2 + urgptr = 0 + options = [] + + +2024-12-14 20:35:29.569843 - Ether / IP / TCP 192.168.1.11:41801 > 104.18.32.47:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 6512 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 104.18.32.47 + \options \ +###[ TCP ]### + sport = 41801 + dport = https + seq = 3989790058 + ack = 3388882222 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x4a10 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:29.586445 - Ether / IP / TCP 104.18.32.47:https > 192.168.1.11:41801 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 21935 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xa520 + src = 104.18.32.47 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 41801 + seq = 3388882222 + ack = 3989790059 + dataofs = 8 + reserved = 0 + flags = A + window = 156 + chksum = 0xa14a + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (3989790058, 3989790059))] + + +2024-12-14 20:35:29.588999 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 216 + id = 26763 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf157 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231054 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x4ebf + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\xab\x83\xe3\x9de!\x82\xfc\xdcs\xb2jm\xdf\x91\xc47\xf8\x1d\x1e\x0e\xa9\xddO\xcc\x1c\x08IDwW\xf3+$\xe6\x8f\x16\xb3\x0b\xfd)\x04\xe8\x8cj\x19c\xd0\x83\xba\x02-\x13mi\xc4{\xc5\x13\xdb\x9b\x1ay\x0b\xc1\x14\xba\xd6\xaeq}z\xf4`\xe8\xae\x8f\xf2\xe1\xa0<\xb9\xf5a\xd4\xfe\x8c\xf0Q\xb8\xf1\x86\r\xe4\xff\xcf\x96Q\xa37\x1a\x8d5\xf7AE\x19\x80\xba\xad\xb0Ha\x01\xbb\x89m#\x9ft\xd0H\xa5w\xa02\x80\n\xd9\x81[k\xad\x0e\x0fA\x0f\xe3\xf0\xec>\xfa\xc8A\xa1\x1d\xef\xeb\x02\xb0#L\xeaa\x9bx\xeaVh\x97\x1a\xf3\xfdSi\x04W `\x0b\xf4\x1f' + + +2024-12-14 20:35:29.601041 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 81 + id = 26764 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1dd + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231230 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x9647 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00$\x85F\xc4\xaa\xf7\xf2\x87\xbe\x8c,:\xcc\x93\xf21\x8c4Z\xf8f@\x005\xaf^i>\xaa\x1fE\x10\xef\xbd$=\xaf' + + +2024-12-14 20:35:29.603512 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37103 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995231271 + dataofs = 5 + reserved = 0 + flags = A + window = 513 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:29.605690 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 81 + id = 26765 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1dc + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231271 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x5b81 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00$\xdd\x8c\xfe\x0c\t\x99[li6\x04\x8f\xf6\xf4\x0b\x1d\xfc"\xb7\xd0l\x9f/\x7f\x0e\'\xf7I\x003\xd4Yt\x1b\x0f?' + + +2024-12-14 20:35:29.646036 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37104 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995231312 + dataofs = 5 + reserved = 0 + flags = A + window = 513 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:30.466569 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 139 + id = 26766 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1a1 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231312 + ack = 212489189 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x9511 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00^\xb2\x9c\x0eV?rn\xd1\n\r\x0ea\xf8dk~\xb8m9\xf4/\x9cS\xce\xe6\xc5\ntVGc\x80\xb7\x90k\xa9\x0c\xed\x9cG\xee\xf18\xfd\xef\x89\xb3\xf8\\\x97)\xab\x82\xc1|T\\\xa9\xf3\x8a\x81X\xc8\xddh\x99\x0f)\x98\x16JC\x88\xf5i\x93$5\xf6\xe3r*2\x80"\xda\x9cN\xfd\xb8b\x02{&' + + +2024-12-14 20:35:30.507067 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37105 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995231411 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:30.653913 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34219 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56306 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 45275 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.655688 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34220 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56307 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45276 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.657967 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34221 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56306 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45277 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.660238 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34222 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56307 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45278 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.662018 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34223 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56306 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 45279 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.664182 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56306 + len = 76 + chksum = 0xa937 +###[ DNS ]### + id = 45275 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:30.666366 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56307 + len = 89 + chksum = 0x3baf +###[ DNS ]### + id = 45276 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:30.668820 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56306 + len = 90 + chksum = 0xa1d4 +###[ DNS ]### + id = 45277 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:30.670849 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56306 + len = 81 + chksum = 0x5d27 +###[ DNS ]### + id = 45279 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:30.678664 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56307 + len = 51 + chksum = 0xefde +###[ DNS ]### + id = 45278 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.701581 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34224 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 56308 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 45280 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:30.704535 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 56308 + len = 81 + chksum = 0x770e +###[ DNS ]### + id = 45280 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:31.590259 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 94 + id = 37106 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489189 + ack = 995231411 + dataofs = 5 + reserved = 0 + flags = PA + window = 512 + chksum = 0xea8d + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x001a#/\xc2\xa6\xbe\xc9k\xd5\x1a\x89\x01\xc0\xc0b\xba|\xd2\x91\xd1\xf0{\xa0\x8c\x81\xde26dQs7\xf3\x99\x89\xcf\x83\xc5\xba\xfbW\x86S)\x9d\x8b\xe5Y\x0e' + + +2024-12-14 20:35:31.603082 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 26767 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf203 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231411 + ack = 212489243 + dataofs = 5 + reserved = 0 + flags = A + window = 8 + chksum = 0x7a51 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x90\x90\xab\xf4' + + +2024-12-14 20:35:31.694117 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 80 + id = 26768 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1da + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231411 + ack = 212489243 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0xb3e1 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00#\x16\xe1\x12\xb3\xa7D\xe28h\x8eB\xdbd\xca]\xfa\xd8g\x95)\x18\x05\xe45\xb5D|\\"\xbc3\xf0\xe6.C' + + +2024-12-14 20:35:31.746383 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37107 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489243 + ack = 995231451 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:33.574494 - Ether / IP / TCP 192.168.1.11:42764 > 172.217.17.4:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 2091 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 172.217.17.4 + \options \ +###[ TCP ]### + sport = 42764 + dport = https + seq = 640425001 + ack = 4143681656 + dataofs = 5 + reserved = 0 + flags = A + window = 508 + chksum = 0x7fac + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:33.613749 - Ether / IP / TCP 172.217.17.4:https > 192.168.1.11:42764 R / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 0 + flags = DF + frag = 0 + ttl = 119 + proto = tcp + chksum = 0x843f + src = 172.217.17.4 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42764 + seq = 4143681656 + ack = 0 + dataofs = 5 + reserved = 0 + flags = R + window = 0 + chksum = 0x14 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:35.832586 - Ether / IP / TCP 192.168.1.11:42750 > 148.251.1.246:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 19700 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 148.251.1.246 + \options \ +###[ TCP ]### + sport = 42750 + dport = https + seq = 497605335 + ack = 3189985791 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x58c0 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:35.878965 - Ether / IP / TCP 148.251.1.246:https > 192.168.1.11:42750 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 25491 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0x888c + src = 148.251.1.246 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42750 + seq = 3189985791 + ack = 497605336 + dataofs = 8 + reserved = 0 + flags = A + window = 501 + chksum = 0x7cc5 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (497605335, 497605336))] + + +2024-12-14 20:35:36.003297 - Ether / IP / TCP 192.168.1.11:42729 > 142.250.184.14:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 33706 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.184.14 + \options \ +###[ TCP ]### + sport = 42729 + dport = https + seq = 3790787412 + ack = 2391708146 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x8d8 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:36.020522 - Ether / IP / TCP 142.250.184.14:https > 192.168.1.11:42729 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 11440 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xf58 + src = 142.250.184.14 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42729 + seq = 2391708146 + ack = 3790787413 + dataofs = 8 + reserved = 0 + flags = A + window = 1042 + chksum = 0x83f0 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (3790787412, 3790787413))] + + +2024-12-14 20:35:36.074568 - Ether / IP / UDP / DNS Qry b'spclient.wg.spotify.com.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 69 + id = 34225 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 50392 + dport = domain + len = 49 + chksum = 0x839f +###[ DNS ]### + id = 48800 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'spclient.wg.spotify.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:36.076624 - Ether / IP / UDP / DNS Qry b'spclient.wg.spotify.com.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 69 + id = 34226 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 51731 + dport = domain + len = 49 + chksum = 0x839f +###[ DNS ]### + id = 3631 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'spclient.wg.spotify.com.' + | qtype = HTTPS + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:36.102619 - Ether / IP / UDP / DNS Ans b'edge-web.dual-gslb.spotify.com.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 192 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb6d0 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 51731 + len = 172 + chksum = 0xcba6 +###[ DNS ]### + id = 3631 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 1 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'spclient.wg.spotify.com.' + | qtype = HTTPS + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'spclient.wg.spotify.com.' + | type = CNAME + | cacheflush= 0 + | rclass = IN + | ttl = 167 + | rdlen = None + | rdata = b'edge-web.dual-gslb.spotify.com.' + \ns \ + |###[ DNS SOA Resource Record ]### + | rrname = b'dual-gslb.spotify.com.' + | type = SOA + | rclass = IN + | ttl = 100 + | rdlen = None + | mname = b'ns-cloud-d1.googledomains.com.' + | rname = b'cloud-dns-hostmaster.google.com.' + | serial = 1 + | refresh = 21600 + | retry = 3600 + | expire = 259200 + | minimum = 300 + \ar \ + + +2024-12-14 20:35:36.105253 - Ether / IP / UDP / DNS Ans b'edge-web.dual-gslb.spotify.com.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 118 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb71a + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 50392 + len = 98 + chksum = 0x561e +###[ DNS ]### + id = 48800 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 2 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'spclient.wg.spotify.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'spclient.wg.spotify.com.' + | type = CNAME + | cacheflush= 0 + | rclass = IN + | ttl = 88 + | rdlen = None + | rdata = b'edge-web.dual-gslb.spotify.com.' + |###[ DNS Resource Record ]### + | rrname = b'edge-web.dual-gslb.spotify.com.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 115 + | rdlen = None + | rdata = 35.186.224.24 + \ns \ + \ar \ + + +2024-12-14 20:35:36.107096 - Ether / IP / UDP 192.168.1.11:52702 > 35.186.224.24:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 35860 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ UDP ]### + sport = 52702 + dport = https + len = 1258 + chksum = 0xca81 +###[ Raw ]### + load = b'\xce\x00\x00\x00\x01\x08\xf7\ri\xbf\xab\xe9\xb0\xd9\x00@F\x00\xb4*\xcf\xdcie\xdc\xe6E\xd4\x1c\x93\xda.\x06oK\xff\xc5\x1dC\xd1g\xa4\xe8\r\xe3/\xa4\xfc\xcb\x0eC\x1d\xe9\xe4\xde,\x9f\x1e\xc8"\xaa\xbc\xc6\x12~\xa74\xc3\x11\x90JB&m\xd7t\x0c\t\xd2\n0\x9e]vG\xeb\x8cD\x89"\xd7\xfa\xb8\x89fx\xbe\xf1\xa1\x91i\xbeg\x91\x83\x15\x8d\x14\xe0\x91\x01o\xf4\x1a\x8b\x10\xa5\x8e2\xcb\xe8\x82\x86\xfc=\xdc\xd2 jWm\xdb\xdc\\,p\x92\x15\xa1\rbK"\xf1A\xcf/b\xa0\x08CR\xb3\x9d&\xea1\x96\xb0B\x00\xee8\xc7\xe9dl\x0f\x96u\xd9\xad\x16\x1f\xce\x9a\x90{_\xfe\xbe\x11\xc6`\xa3Yj\x1e\xe3iX\x00u`\xca\xd92 \xf5~\xee\xaa\x1e}n\xbb\xeb\x86\x8eHs$\x87\x9c\x1a\'\xd8 \xfa~\xad9\x10\xcd\x99\x89\xfd\xb0Z\xdc<\x82\x1d\x8cW\x0e7:\xe0u\xe9\xab\xc6\xdf7\x8cam\xe7\xbf\x88}\xdc\x15\xca_\'4^\x0f\xa1p\xe7\x17+\xd0M@\xee2\xfa\xbdj\xe2n\xef\x10\x14\xf5[\x11\xff\x06\t\xc8\xa3\x18V\xfd\x04\xc0O\xb9\x1e\xf8\x8c,\x01\xc1\xe0&\x06\'\xc7\xce;\xeeI\xcfm,\x11\x0c\x8e\x14/0\xab}\xa5]\xfeZ\xed\xca\xad\xcc\x836d$K5=\x06\xb2\x1d\x8f\xe2\xc1\x97.\x10\xdexP}H\x02\x8c\xca\r]\xbf\xba\xf3<\x89\xeb\x08\rU\xaf[\xc5\x1b\xff\xaf}<2\xd1\xf6.L\xc9Ispm\xc8\xa4\x82DU\xe3Pu\x19\xa2\xb12S\xbd\x1dw\xff[\x80@\x1d\xc5\xf6\xaa\x87\x9d\xf7%\xd5\xa5\xd7\x9d\x00\xb1\r\x06\xe7\x19\xb5\xc9\x8d\r\x17\xfe\xbf\xdd\xad]\x8e\xc6\xa8N\x87\xd3\x11<\xf0\x7fW\x88\x881/\xb5\xd9\xad\x1f\xd2\xefAd\xbe+\xab\xc4\xa3\xc8D\x03\xb3^+\xbb\xe1\xd2\x9dq\x12\x02\xedw1$Z\xe2\\\x01\xf0\xb7J\xe7\x10{\xb0\xc4\xab\x08T\xf8Y\x92\xb2N\x10s\tR5_\xb3\xa1n\xde<\xb95\xb7\xf1Z\x16t\x8c\xdf\x16~\xd0\xa0?\xae\xe8\xb4\x9d\x02119\xdaz\x1f\xb8\x8f\x96\xefk)dn\x90\x8dvvk\xb2\x08z#\x05\xb5\xb5\x98\x01\xd3r7[\x16r\xa1\xd1\x886"\xdc0\x04F\x81\x9d.\xdf\x0b\xfe\xe0x!_\rizf\x1a<$\xc9\xa3\xed\xa4\x16\x85\xbc\xe0\xe5\x07\x15\xaa" g|i\xdf\xd6\xa6cf Bfg\xb0m\x87\x89\x96\xa6\x82\x80fg<7\xa8\xa0I\xc1\xc3\xa7\x1do\xdf\xa9\xf0\x96v\xc2\xce9\xfa\xa3\xda7\x1f\xc7]\xf9\x88x?\xfa\x98\x0c\x84\x8e\xb8\x8a\xbeg\xc7\x07L\x13\x88\xb0\xb4K\x82\xb5\x96\x81\xc1\x8a<}\x9f\x82\xa8\x0e>\x8e;\x8emO\xae\xff\x16fW\xef\xd7\x04\xcaR\xf1\xdb\xf1\xd6Zd\x80\xfc\x0f\x9b\xfcUk\x0b\xc2\xf2/L{\xfbK\xdf\xb6\xb93Q\x9e\xe6\x00.S\xf1,\x9a1\xf5R7\x04d\xf8\x10\x11\xeb\xc1\xce\x17\x91e#\xc5]\xac\x90\xa1\xf7M\x08\x99!,;\xb2*\x89K\xa2\x0b\xe6_\xd6Cm\'\t\xdb\xb5\n~o\xb3%.BG\xd8`\x03-R\x0e=\xbc\x13\x84\x9b\xc3\x9c\xc9!?\xe8\x01\xcaMU5X [z\xa1.\xd4\\\x88\xf95@8$\x0e\xa9\x99\x10-\x89\xaax\xed\xce\xc8\xaf<\x1f\x86\xb4\xbf\x9f\x1b s,3\xb6\xa9"UO\x15\t\xb0\xb2\x81`\xa2x\xb9P\x1cT\xb0\x07\xbd\xbb\xe1\xb1\xf9\n\xba\xf9\xd0R\x17ui\xfe\x9a\xe2\x10\xc7O\xe1!p\xf0\xb2P\xb5\x97\x1ej\x08p\xaev\xbf\xe9\xfe_pI\x98\xccAS\x87dZ\xb4\xd5\x84]\xc5[\x9fA9\xed&\xbf\x94DA\xcf\xf4\xe6\x10g\xf2I?t\xe3\r\xfb\xb3\xdf*i\x84\xe8/\x8c\xb9\x94;7\\:\x0e\xbe\xf6\x1dXM\r\xbd\x8f6\xebX\x0e\xd3\x97\xe1\x85\x89\xcdH|\x9b\xb5\xbcc\'\xca[_\xe3\xf5\x1d\xe3\xd1\x8b\x12\xca\xef\'@\xf0\x81\n\x07\x8c\xe2\x99\xee}8\xec\x9c\xd5N\xf4B?\x8fT\x00\x1f\x9aDe)@a\xed&\xb4M\xdd\x92\x92_N\xbb\xfev\xf5\xe4&v\x07\xc4\x9aco\xb6\x10R\xbc\n\x98\xa9\xda`\x12 \xa6\xe5\xf1\xd1\xfc\xacq\xef\xf4a\xa1\xf7\xb3\xfd\x81\xc1\xc3\xc11\x86\x9a+w\xdc\x95\x94(0\xe1\xb3\xfb\x8b@\n\x1d\xf3w\xd39\x05\x89\xf5\xd3Z\x81ws\x0fM\xc6\x8e\xd2\xdc5(\xd0~Ko\x84r\t\x8b\xc2\xa4h\x11\xcd)\xe0\x0f\xcc]\x9d\x87\xf1\x1c}\xfa\x8f\xe2\xf3\x8b%\'\xfe\x8axc\xafN\x14\x87^\xfcX\x8ci\xe7\xac\xda\xa4\x0e\xd9}&\x08\x0e\xcdI<+\xd4\xbc\xf1\xeeO\xf0ZAc\xaf\x06\x8c\xfc\xbaHz\xf4\tT\x1c\xa27\xf3\x8e\x95\xc5\x1b\x0c#\x87\xf0k\xddh\n\xf6\xf7\xd5\xb8*\xa8\xe6\x8eA\r\t\xcb\x19' + + +2024-12-14 20:35:36.141480 - Ether / IP / UDP 192.168.1.11:52702 > 35.186.224.24:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 35861 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ UDP ]### + sport = 52702 + dport = https + len = 1258 + chksum = 0xca81 +###[ Raw ]### + load = b'\xc1\x00\x00\x00\x01\x08\xf7\ri\xbf\xab\xe9\xb0\xd9\x00@F\x00\xb4*\xcf\xdcie\xdc\xe6E\xd4\x1c\x93\xda.\x06oK\xff\xc5\x1dC\xd1g\xa4\xe8\r\xe3/\xa4\xfc\xcb\x0eC\x1d\xe9\xe4\xde,\x9f\x1e\xc8"\xaa\xbc\xc6\x12~\xa74\xc3\x11\x90JB&m\xd7t\x0c\t\xd2\n0\x9e]vG\xeb\x8cD\x89\x83/fc\xb0\xdac\x81\t\xf3\xe9\x04w\x05-m\xb4.\x96\x04\xb1L\x94o\xc6\xe11\xe0\x8d\xa4u\xac4=\x1e\xbct\xe6\xc1"\xf2\x96\x83e\xa2\x15D\xa3R\xc2\x96\x18~`\xd8\x8b\x87g\xd6qEYl\xd3NjB\xb3,h\xa8\xe8\n)\xd6/W\x14]\xf3\x88-B\xc2\x92\xd6\x8a\x82C\x91ph`\xe5O\xf65\xf9\xea\xabM\x10\xd9dGl\xb5\xfc\xdb\x15z<\xf9\xbb\xac\x0b\\\x97\xae\xfecu\xd4\x93-\x1bj\xcaTY\xa9_\x98\x1e\x0e\xad\xa4\xe2\x9e\xb3\xbc\xf7J\\\xfa\xdb\xaa\x82%\x1d\xf9uW9Yp(7a]0!\x1a:\x8b\xe7\xdf\x0b\x92\xe4\x8cf\x8e\xcb\xc3\x87\xe89A\xd4\xf9\x9da\xcf\x9f\x91\x8e\xc4\x80\xd7W\xe5|\xa4RJ\x90\xa1Y\x07\x0f4\x90I\xc2\xe64\r\\P\x08\xc2qYb\t\x15\xe0v\xa9\xef\xe7\xcc2\x13\x93\x813;\xff\x16\xac\'$\xf5\r\xcbv\xe0\xb2k\x1dp5b\x12*\x1eC\xdci\x7fv#/\xbd\xa7\xce\xf3m}\xcb_^\xfcT\r\xd0J\xc9\xd3\x95Bp\xda\xee\xe6\xd9\x08\x7fE\xeey!\xc8\xa8\x00\x83\xf6~|\xe2a{\x08X\x8e|}\xedb\x00([\xf0\xb6\xb8\x1f\xca\x9c\x87\xe5j\xab\xd1\x19\x82\xb6\xda\x1a\xe0."]\xb8\xb5W\xb0\x7fX=\xcd\xa9vv\x98/\xc1\x87\x1e\xaa\xecy\xfe\x0e\xf7\x95w]4\x89P`2\xd7V\xcc\xc1`\x91\xa0M\xc5f\xad\xdf\xf2\xeb\x8d\xea\xc2\xbap\x90\xa7\x85t\x07\xacK\xb7\xaa\x89\xc6\xfd\x04\x87&\xbc\x9f\xacU<0\xb2\xc1\xb6BA\xab\xa6?\xa1Al&\x8f\xeb\xcd2~p\xe6d\xc6\xa2v9w\x08\xe0\x83\x11\xceV\xecch\xb7pG\x8f\xe9%\xae\xb4c9\xcb\x81\xe6\x89\\j\xb31>\x9994\xce\x98\xfeO\x9b\xc4Kl\xf6+\xfbM6\x0b\xd0\xcc\x91x\xa0\x91A\xaf\xfc\xc2\x96bA9\xa8\xd0\x94m&N\xee\xf5\xdbP\xe4h\x1c\xc2\xde\xed\xf40P)\x1f\xd3\x07\xea\x8d\xf7\xf7,\xa7\xed\xca\xcd\xd2c\x8bS\xae1K\x81\xb5_=\xc3\x96\xd3\xa3\\\n\x8c\xf8_\x92\xb1\x82m\x9b\x90\xef\xbf\xe7ZL\xa0\xb4\xf9\x8c\x8f\xb7\x021\x0b2\xb3b-\xe99\xc2/p\x87\x03\x1b`_\x17\xa34\x8b\xe1\xb1\xae\x1f\xac\xe4s\x0bLAs\x03\xac0\x96\xeb\xf1\x01\xb5\x03\x8ag\xc9\x14\xe9\x07\xa8>^\xd3F\x06G\xd7)\x93\x8e\xe7$\x8c0\xc4\xab\xe8\xe0\x95e\x1e\x1b\xe4\x85j\xb6\\M^\x0c!\xaf\xeeEg\xe6\xd5\x860\x91\x83\x02\x83\xb5<%S\xab\xf3\xebN9\xfe\x85\xd89\xeb\xa7,\xc1=\x1cj\x14}\xee\xe7\xf8\x90\x97J\xed\xe4./\x19V\x02\x8d{\xa7<\xc5\x93\xca\x9bz\xd5\xf6W\x83w\x88\x1at\x02\xe3\x08\x96<\xd4\xf8\x14\x9d\x04\x8d~\xa6\x85\xbf\xf3\x1e"\x99\xc6Q\x9d\xf8,\xf8@\xd6\x96\xc0\x07\xe3S\xc7(*%\xea;W\x83\x83\xa3\xf7\xdc\xa9\xb9\xb3\x80\xe8\xcb\xbdUB\x99tV\x0e\x7f1z\xea\xcb\xbf\x16F\x9dub\x97\r\x93\xab\xadK^\xf0\x055b\xedY\xcd\'\x8b\x08\x19\xfb\xdb\x15!\xc1K\xc8O#S\x07\xf8\xa7\x7fS;\x943\xd3\xf2|\x02\xabo\x88\xc9\xaf\xb2\x10!\x06\xdcO8\\\xc3\xb1\x1fQq\x15j/\xa1\xb4k\x95\x96\xdd\xad\xe4\xc0\x0e\xde8\x91\xc8\xf4\xa6\x84\xad\xc1\xe4\xd59\x03\x99\xf3\x8c\xb8\xcc\x19F1\xad\xa8\xf1z\xe6\xf5\x92\x12 \xe5\xbe\x11^hu_\xc0\xc6\xe0(!h\xfb@\xe4U\x84\x86\xa1c\xe1\x80D?PT\xc8P\x110\xd2}\xf7\x8bk8X\xadE^-5@\xde\xa9\xfc\xbe\x01u\xc8\xe2\xf0\xde\xab\x97\xc2\x9d\xa4\xe2\xdad]\x17U@,\xce\x03\xb3\x9b\xa3\x14=\r\xa6#\x0b<\xef\xc57*\xa1eF=\xedf&\x89\xb8Ub\x94\xc9\xde\xabF\x0f\xcfi\xd1\x9c\xe0%q\x887\xebz=\x08\xc0w\x0e\x02\x82F\x15\xf1h\xe3\x93\xb9Pc D\x07\x99t6\x84k%?\xd8M\x15\xe0n@\x14\x1ap\x87q8\'g5\x9b[\x9d\x08#m\xd9V^4\xc0\x15\xac\\\xfd\xfao\x9c\xb7b<\x9d\x07\xafle\xa1*\xbe\x06\xba\xcc:Y\x8f\xb4\xa0#\xfd\x1f\xb3\xd0\x18\xec)S\xd9v\xcc\xd6\xc8\xd8\x7f\x8af\xa9$/V\x1dY\xd3\xd6n\xc3\xc7Z\xb5\x12BP4NvQ\x8a\xf8`+\xaf\xcc464\xfa\xaeukvq\x02\x9e\xb6Z\xaf\xdf-C!\xf6x\xc2\xad\xd4Z\xf2\x84\x95\xfb!\xd5u\x0b\xf5\xf3\x04\xc6\xae\x02\xb1,Eu\x8c\xa8\xaeb\x0e\xbc\x81_\xda\x98\x062t\xbaI\xaf\xd0\xc8L\xe4Ih\xd0\x02\x1a\x9b\x1d' + + +2024-12-14 20:35:36.212579 - Ether / IP / TCP 192.168.1.11:42720 > 35.186.224.24:https FA +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 35862 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ TCP ]### + sport = 42720 + dport = https + seq = 516658158 + ack = 1765306794 + dataofs = 5 + reserved = 0 + flags = FA + window = 509 + chksum = 0xc5a0 + urgptr = 0 + options = [] + + +2024-12-14 20:35:36.243933 - Ether / IP / TCP 192.168.1.11:42767 > 35.186.224.24:https S +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 35863 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ TCP ]### + sport = 42767 + dport = https + seq = 2178914231 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 64240 + chksum = 0xc5ac + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:35:36.267374 - Ether / IP / UDP 35.186.224.24:https > 192.168.1.11:52702 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 68 + id = 0 + flags = DF + frag = 0 + ttl = 56 + proto = udp + chksum = 0x7d23 + src = 35.186.224.24 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 52702 + len = 48 + chksum = 0x7649 +###[ Raw ]### + load = b'\xcb\x00\x00\x00\x01\x00\x08\xf7\ri\xbf\xab\xe9\xb0\xd9\x00@\x16"\xa2[B\x14(\x11U\x8b\xb2\x12\xc1\x18\xbd\xa6\xdd\x1cJP\xc0\xe0\xd5' + + +2024-12-14 20:35:36.281931 - Ether / IP / UDP 35.186.224.24:https > 192.168.1.11:52702 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 0 + flags = DF + frag = 0 + ttl = 56 + proto = udp + chksum = 0x7869 + src = 35.186.224.24 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 52702 + len = 1258 + chksum = 0xbe07 +###[ Raw ]### + load = b'\xc2\x00\x00\x00\x01\x00\x08\xf7\ri\xbf\xab\xe9\xb0\xd9\x00D\xd0r\xc5\xbc3\xf8\xfa\xa3\xa8\x99\x1e\xea\xa9\xaa\x80\xa4\x1c\xa7]-\xb8;w0/\x08U\x8e\xfdB\x9a\xb6\x98L\xd4\x17\xcf?\x18\x1d)\x89\x8f\x05T%J\x1dd\x1cLL\x04\x93\x0b\x8cG\xdbW\xd7p\xf5\x8c\x828t\x1fT\xc36\x10\xfe\xe8UQqsl\xe6\xe4\x98I,\xbbg\xf5\xee\x1dlFZ\xae\xbc\x84B\x1dT\x1a\x84\xfd\xb7H\x91>X\xd8\x99X6\xed,\xe1\x8f\xdbId\xea\x95z\xa5\xf4,\x06\xb3\xe2?8_\xdf\x10\xc04\xa8\xd9\xb6\x88i\xf3\xe5\xfe\x80\x99(\x01\xa6\x19\x7f\xc8n\xcc\x1a\x90\xe3Z~\x9e\xd8o\x84\xcbg\xe0,\xdc8\x96c\xc7b\x8a]\x81\x92\x92sr\xf90\xd7\xb6\xe5<\xfc\xac\xf0\xb1\xec?\xe0\xb9\xb4\xf6\x8f-\x9c8s\xe1h\xa5\xa5\xde\xafW\x827nI\xbf\xff{\xcb\xf7(\xd2q\xfb\x0e\n\xf3b\xca\xd7\x19c\xc63\xab\x9ax\n\x81$\x967\x9d\x92\x9f_\xf5\xae\x89\x9au\xa7\x9ds\xd5m\xfd\xba\x84\x12e\xc5P\x8a"\xfc\x0c\xfc\x9a\x9d\xd3\xd5\xca\xb9\xac\xac\xf9b\x05R\xba\xf4\x94e\xc7\xb4\xfd\xb3%7\xae\xbbe\xb0\xfa\xa5\x13\x1b\x1d\x87\xb5g\x10\\]\'\xb5\x81*\x97\xec\tt|Yg\xe4p\xeaO?\xae\xc6(\x14K\xb3\xa3f\xa2E\xc7\xd9L7\'\x1c\x1f\xef!_;\xa5\x84\xcd\xb5\xbd\x9a\xc3.^\x1c\x14T\x81;,:N\x9eU\xd8u\xabw\x15c\xb3\xafZ\x81\xc9\xa1\x8c\x89*\x06\x1c\xd4\xac=\xd0\x97\x84\xaa\x99\xb4A{\t\xe5P\x89+\xcf\x98"Ow\x9f\'ApNy\x05\xd9\xbb\xcdHV\xba/bO\xf7\xe0\xd4\xaf\x11\xa7y\x9e\xd7{\xca<\xaa\x1d\xafd\x04i\x15&zV\x8b\x94\x06\x99h/\xe9f\x8c\rf\xbaR\xc7\x8d\xc4\'o\x83\x8a\xe2>\xf3/\x850R\x03\xd4\xcc\xc0\x9aH\x84\xa3"7l\xb1GN\x1e\x93\\\xfe\x8a\xcf\xac\xf8f,\x9a;\xf3\xf1}.V\x9eL\xe6>\xa7\\\xdf\xc4\xc8\x0e\x8a\xb3\x0f\x155\xec\xd9.T\xadG\xa8g\xff\xca\xfd\xe7ZA\x9b\\\xc8Q;8\x9aK\xb7\x91\xa9\x88\x90ciHPm\xdd@\xff\xc7\x80z\x92\xee\xda\xaf\x84\x01\x1c\xf9R\x8dHG\xb1\\\xda\xf4\xd9=#F\xc2\x861v%\x88\xdc\xd7\xff\x13\x18\x90#\xac\x01\xe4\xf0\xb7T\x8b\x88\x8e\x93Ta)\xf2\xc9\x99\xcd\xca\x9f\x04\x92\xd2%q\xbf\xe0B\x87\x1f\x98\xe0\xec\x8e\xcdU\xd0iS\xcd\xf0\x07\xab\xad\xbb\xd6\xe3;\xc6\xfep!j\xbd\x10n\x98+\xab\xec*\xa9\xee\x93k\xb7\xa4\xbb\xba\x13\x04\xf7ge?|O7N\xd9\x88\xda\xb5I\x81\xf4Z\x87\xb9\xb3\x12\x94%y\x9c\x89\xfa7\x05\xb1\xc1\x9a\x8dh|\xef\xf9a\xd4k\x13)\xc2\x88\xe0\x11\xef\xd8r\xc6\xff\xc5\xc1:\xcb\xab\xd3\xfa\x83G\xb6GfF(g\xdeo\xe2\x822\x14\x0cp\xb8\xcaC\xb6\x8fQr\xdb\xd4\x04}\x06\x9e\xd0\xc5J\xd2>.\xac^\x9b\xce\xfaB\x96`\x1cj5\'p\x03\x01J\xdf\xb6M\x84\xf8\xcf!\x8b\xa4\x116^\xd2\xf3\xbc\xd2\x9d\x98\xad\x10e\xd2lO\x1e\x1eGP\x0c=\xb8Q\xef\x1f\xd3\x03\xd7\x07\x16\x7f\xf2\x95*\xb8\rib\xc4\xfa\t\x05\xdc\xc3\xa28\x19V\x1cDf\x08w\x158W\xf4\x84\xdfw\xe5\xed\xfa9S\xc6\xca\x1d\nUqj\xd4\x1a\x83~\xc7\x0chDkxT\x0b\x87\xbe\xe7\x00rL\xd0\x83\xa1\xbd\xa7L\x18\x08\xcc\x7f\xf5,\x8cj\x12\x9c\xe4\xfe$\x0b\x13\xd1h\xfeT\xddD6Y\xe6Z\x82\x14\x0f\xc8\x82p\x1fNcb\x02b\x8d#\xb1\xdc<\xbc\xdb\xc1\xeb5\xd0;\'\xbf\xc7J\xa5\xbc\x13q2\xea\xa8\xec\x17f1W\x80\x840Y\xf1\xd8\xf9\t\xa6\xe0\xa3\x8b^\xfd\x8a [jc\x1ax\xcd\xf6\xb4 \xdeV\x0fN\x14Db\x822t\x8aB\x1a\xbds}r-_\xa80\xf3\xa0\xb0\xb0\x83\xe6w\xa8\xd9\x9e\x1c\xa4\x00\xc0\x8e\xaaq\x0bH\xc3\xec\'\x83\xe8;\xec%\xc4w->c\x83\xa9\x96\x8a\x06\xb4\xae\x9f\x16\xda\xdf\x99o\n\xff\x0e,X\xc6\x1eP\x1b+5y\xd2\xad\xed8\x0f\xac\xd1\xaaU\x05S\xa4\r\xb4\x8b\xa2\xb8\x08v\xb2\x95\xe0Xz\xabj\x0eh\xc3\x1f!#?";%[\x08\xbe\xdd\x18\xfes\xb96(\x8a\xba\x8dq\xcf\xccm\x9e\x9ei\xc4\x9d\x8e\xfcg\xe4\xcaFf\xcb`4@\xcb\xf6\xb5f\xae\x02\x7f\xfe\xc9\x10.\xf6\xdf\xa7\xee\xbb\x9b\x1a\x83\x88\xf1.\x99s\x99\x10\x87T\xfe"l\xbdG\x1d^\x8a\xcd(3\xe0"\xdf\xd8\x1f\xb87\xfa\xc9h\xa8\xb3\xbaV\xber\xe8\ng\x926w\xf2\xec\xdf\xca\xebx\xa2\x94\x92rb\xf6\x9a\r\x82m/T\xb5\xad\xf0\xe1/l\xde\xd0\xd7]\xd0\xf0\xc3d4\xbd\xc0\xd7\xac\xd1\xf0\x96~\x99\x00\xc2\xe3\xeb\xd3\xaa\xb9n\x83ZoE\xc6\xe6\x0b\x91z\x80\x9ag!4\xaak\xe3\xcdCR\xbd\xb3\x0cWn9\x91B' + + +2024-12-14 20:35:36.349105 - Ether / IP / TCP 35.186.224.24:https > 192.168.1.11:42720 FA / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 6673 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0x6539 + src = 35.186.224.24 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42720 + seq = 1765306794 + ack = 516658159 + dataofs = 5 + reserved = 0 + flags = FA + window = 1046 + chksum = 0xaffe + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:36.362022 - Ether / IP / TCP 35.186.224.24:https > 192.168.1.11:42767 SA +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 118 + proto = tcp + chksum = 0x3f3e + src = 35.186.224.24 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42767 + seq = 3054360900 + ack = 2178914232 + dataofs = 8 + reserved = 0 + flags = SA + window = 65535 + chksum = 0x57f5 + urgptr = 0 + options = [('MSS', 1412), ('NOP', None), ('NOP', None), ('SAckOK', b''), ('NOP', None), ('WScale', 8)] + + +2024-12-14 20:35:36.384048 - Ether / IP / TCP 192.168.1.11:42720 > 35.186.224.24:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 35864 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ TCP ]### + sport = 42720 + dport = https + seq = 516658159 + ack = 1765306795 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0xc5a0 + urgptr = 0 + options = [] + + +2024-12-14 20:35:36.401820 - Ether / IP / TCP 192.168.1.11:42767 > 35.186.224.24:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 35865 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ TCP ]### + sport = 42767 + dport = https + seq = 2178914232 + ack = 3054360901 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0xc5a0 + urgptr = 0 + options = [] + + +2024-12-14 20:35:36.403665 - Ether / IP / TCP 192.168.1.11:42767 > 35.186.224.24:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1452 + id = 35866 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.24 + \options \ +###[ TCP ]### + sport = 42767 + dport = https + seq = 2178914232 + ack = 3054360901 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0xcb24 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x16\x03\x01\x084\x01\x00\x080\x03\x03\xc1\x9f\r\x18\xfc `)\xea\x83\xdd\x8d\x8f\xb73\x82\x1b\x82\xc5\x91\x85Y+ aI\xfbJ=\xee]\xcb X\xe3DI\xc2\x00\x80u\x8c\x9a\x0c\x1a\xa0\xf4\xfe\r\xf8io\x9f\xf5\xad\xc4\xe5\xb3\xc4\xf9b\xd65\xa1!\x00 \xba\xba\x13\x01\x13\x02\x13\x03\xc0+\xc0/\xc0,\xc00\xcc\xa9\xcc\xa8\xc0\x13\xc0\x14\x00\x9c\x00\x9d\x00/\x005\x01\x00\x07\xc7ZZ\x00\x00\x00\x0b\x00\x02\x01\x00\x00\x17\x00\x00\x00-\x00\x02\x01\x01\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x1a\x00\x00\x17spclient.wg.spotify.com\xfe\r\x01\x1a\x00\x00\x01\x00\x01\x17\x00 \xf4[\xf6\xe6\xd8\x91KF\xb3rY\xc7\'b\xd5E\xebt&\xeas\x8d\xe7S\xf2wLy\xfd\x10\xd39\x00\xf0\x80w\xcc\xcc]R\x92\xcb\xd2j\xe7\xe6\xe9\xff\xeafw\xd8\xe84\xef\xdeg\xfd\x05;\x05\x9a\x98\xa9\xebf\xb7bg(R\xd8N\x8b\x96Q\x11+\x04\x0f\xc6\xff\x80\x98\x88P\xfdb\xb4\x87\x97\x18DH\x8c\xc5\x82G\x17\xb2\xfd\x943.\x1f\x80\xa03\xb7~\x94\xddy\xa4\x18\x82h\x05\xc2\xb7\x8dSX\x9d\xd0\xcc1\xcd\x1f\xf6\x0c\xaa\x11\xae\x7f"\xf8$)\x06el\xa3\xf2<)\x95zd\x97]4\xa9s\x81h\x0b4G\xad\xd3\xda\x96\xdd1\xa4\xf5\na\xad-V\xc6\xc2\xca+\x99\xf8\x0b\xc8\xed\xbe6\xe9\xbb-1\x92\x8d\x12 \x83\xd60\xc3\xe8~\xcf\xdc\xa8\x98\x10\x06\xd43$r\x85\xd76\xe9N\xd7x\x85\xe8\xfe\xa7\xdb\xb4\xccdJ\x1e\xf3\x13-\xf9\xbeb\xa4n\x9b7=k\xa5w\x8a\x08-\tzr\x14*\x84\xee)\x00\x1b\x00\x03\x02\x00\x02\x003\x04\xef\x04\xed\xba\xba\x00\x01\x00c\x99\x04\xc0t`\xee\xb4xL\xfe\xf0m\xffP\x00\r\x1dbAV\x00P\xe1\x94\xd7a\x8e\xdf\x85\xcd\xefkC\xb8z\xe3\x18=\x8c,/\xb6KQo\xf0\x83\x1c\x90\xc5\x9fx>d[\x84\xb0z\x07\x8a\x17$\x0b#\xc9\xdaz;\x86\xa2\x7fl\xbb(\x0c\xe3!\xc7\xfcDx\x890\x00P\x84\x06\xb9\xc2\xe8)<=\xf8&l\x91.\xe8\xc4u\x054<\x19\xfb\x90e\x87\xb2\x87QE\x84$\x98\xd0\xe7h\x8d\xe0\xc7\xf9\tv\xf7\'\x9a"h\xb1P\x8c\x8d\x89+\xcap\x81!oU#X\x81!\x18\xf3\xb4Wt\x1c\xf9\xc9\xb4$\xa4\x84\xea\x05\'\xd8\x92\x17\xec\x96b\xdb\xf2\xb6/\xe7\x07\xe6l~{\xcc\x7f\\R)Kw\x11G\xc7R\xf2\xf7\xc4m\xe7Pl\x93\xc3\xe3\xa7\x02\xc7:e\xda\xbb\x11\xa8\x96\x163\x8b}\xf7X\x91\xae\xb3\x1fcV\xbe\xd4+w\x9c&\xa3\xee\xf5L\xac`A42\xbc\xa2ZR\xa43\x11f\xa5~^\x08pw\xf3\xa1\xeew\xb6\xc2\xd5\xdb\xa8\xba\\\xce\x13\x80\x9e\x89\xd0\x98\xe0\x8cR\x14\x0c\x05H\x98\x82nPkN\x1al&\\v\xd6\x9a\xb9j\xd6\'\xe4\xb1M\x8c\xe1\xac\x98,\x92\xf4\x08\x9e\xd2\xe2-\x127\x03\x1a\xe6\x13Q\xa2\x06\x9e\x8b^b`9\x95\x04\x0f\xb6\xf0\x97\x9c\xf8@\x8c\x1c%Y|\x00\xb7s})\xe6\x1e\xeb\x11\xbbDw\x80g\x198\x9c,9\x0eh\xc1>Y\x93R\xfa\xc7\x99\n-\xb4\xa5\x80nX\x03_$,\xf8\xab\'\x91[\xbfOC;\x86\x05\xa0\x12#\x92\x9bSb\xa6\xb2\x83\xe2\x082)\xbbT\x8d\xf0T)C\x1c\xfd\xb1\x13\x8b\x006@\xcb\x98\x80\xa3\x94\r\xca\xab\x10\xc8\xc6p\x88h\xefr\x13\xaf\xb5b\x01\x80z1\x89d\xb5\xac~#r\t\xcd3\x13\xe4u\x9c\x91\x8a<\xa4Y+kVm\xad\xd8\x189\x16\xc7\xa6\xe1\x81\x1b\xac\xb8\xb9\xc8|\x9b\x94\xceHg\xab\xcf\xc1\xa8\xe9\xfa\x88\xabP1d\xacz\xb6D#\x12R|\x03\xfa\xc3\xd3\xd3}\x0e\x88\x05u\xeag\xe1\xb0;p\x03;"\x9c-\xe9\xb2^z\x10\x03\xe4\xc3$&\x18v\xda\x95K\x9d\x80\xc1(gg[\x11\x04\xb6bG\xb1\xa1Ldv\xa9\x8c\xb1\x87\x92\x05\x86\xc5P\x0f\x8d\x95\xb6&\xf3tX\xa1VS\xf9\x8d\xb6\x9bh\x83\x1a,\xb7\xf5\'S\x06\xb9f\xe5\xb4L#<\xa9\xf3\x90\xa7\xd2\t`iiG\x89\x9b\xb8\xdc~?\x99\xba3s"\xe1W\x92\xfc5\x9a,!\xb7%Q\x06\x08\xf6\xa6\xcb\n\xc9\xd5\xd8\xc4) \n\xda\xe5\xb1\xc0U\xb8\xddF}\x10\x1a\x1fUG^2B\x16m\x89k+k\x07Z\x9c\xa0\xea\x84\xb4\x06\xe8)\xdc\xe5\x04\xa4sY\xd5\xc8\xbdb\x0b\xb5\xb7\xe9|\\\x84@\x1a\x98\x13\x87\xf6P\xf2S:\xb6\x1c\x82\xfe+~\xcc\x1bd-GBA4\x89\xcf\x10q\xac\x0cZt\xc7eIcd\'\x8b\xc2p\x9b \x98X\xca,\xd3fL\x81\xbf\xc7*\x89\x93f\xb0++\x18\x93\xccb\x07\xe7\x17\xac\x02\xccj\xf7i\rZ\x02a\xd0O=\x05\x19\\\x19\xa3i\x84\x8aj\x87Ov\xa6\xbc\x1d4\\\xbc7\x19\x93w~\x1f\xe7\t\xd9\x1c\xc8KfO\xdc\xd1\x86G\xf5Ij{{e\x93\xb6\x95\x07\r\xb2 Mow\xc0\xceG^\x922"\xa9\xa3P\x9f)g\x17\xf6wY\x1c!\xc8@\xa0\xd1\x02\xa4W1\xba3#\xad' + + +2024-12-14 20:35:36.562735 - Ether / IP / TCP 192.168.1.11:42730 > 142.250.184.14:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 33707 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.184.14 + \options \ +###[ TCP ]### + sport = 42730 + dport = https + seq = 1636439969 + ack = 1816494065 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x8d8 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:36.601199 - Ether / IP / TCP 142.250.184.14:https > 192.168.1.11:42730 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 58134 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0x58f1 + src = 142.250.184.14 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42730 + seq = 1816494065 + ack = 1636439970 + dataofs = 8 + reserved = 0 + flags = A + window = 1030 + chksum = 0x6c9a + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (1636439969, 1636439970))] + + +2024-12-14 20:35:37.192757 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34227 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52703 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 39044 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.201009 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34228 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52704 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 39045 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.203229 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34229 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52703 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 39046 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.204607 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34230 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52704 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 39047 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.206311 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34231 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52703 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 39048 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.208468 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52703 + len = 76 + chksum = 0xcfa1 +###[ DNS ]### + id = 39044 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:37.210181 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52704 + len = 89 + chksum = 0x6219 +###[ DNS ]### + id = 39045 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:37.212312 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52703 + len = 90 + chksum = 0xc83e +###[ DNS ]### + id = 39046 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:37.214013 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52703 + len = 81 + chksum = 0x8391 +###[ DNS ]### + id = 39048 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:37.218226 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52704 + len = 51 + chksum = 0x1649 +###[ DNS ]### + id = 39047 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.240118 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34232 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52705 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 39049 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:37.244614 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52705 + len = 81 + chksum = 0x9d78 +###[ DNS ]### + id = 39049 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:38.072224 - Ether / IP / TCP 192.168.1.11:41595 > 35.186.224.41:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 83 + id = 8644 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 41595 + dport = https + seq = 3242435589 + ack = 2961047349 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xc5dc + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00&P\xaf}SA\xd2\xb0u\xd9\xba\xa8\xb3\xf8\xb3\x0e\xb0\x16\x98\x88=Cgq\xc0Y\x00\xf4\x16\xf3*\x1f\x96,\\\x8d\xcc\x96\xdb' + + +2024-12-14 20:35:38.096976 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:41595 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 54079 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xabf9 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 41595 + seq = 2961047349 + ack = 3242435632 + dataofs = 5 + reserved = 0 + flags = A + window = 1036 + chksum = 0x2cd3 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'm\x9eI\xc9\x00\x00' + + +2024-12-14 20:35:38.116016 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:41595 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 80 + id = 54080 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xabd0 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 41595 + seq = 2961047349 + ack = 3242435632 + dataofs = 5 + reserved = 0 + flags = PA + window = 1036 + chksum = 0x5ea6 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00#\xac\xfe\x1e\xb9\xdd\x00\xcb\xbd\xe3\x1e\x19Q\xfe\x15\x9en{d"\x1d\xb1\xdf9\xb2\x8a\x87\xae\x9aa\xe4\x88\xc1\xc3I|' + + +2024-12-14 20:35:38.162413 - Ether / IP / TCP 192.168.1.11:41595 > 35.186.224.41:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 8645 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 41595 + dport = https + seq = 3242435632 + ack = 2961047389 + dataofs = 5 + reserved = 0 + flags = A + window = 508 + chksum = 0xc5b1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:39.816212 - Ether / IP / UDP / DNS Qry b'ipwho.is.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 54 + id = 34233 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 64667 + dport = domain + len = 34 + chksum = 0x8390 +###[ DNS ]### + id = 61640 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'ipwho.is.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:39.834084 - Ether / IP / UDP / DNS Ans 195.201.57.90 +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb74a + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 64667 + len = 50 + chksum = 0xfbe2 +###[ DNS ]### + id = 61640 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'ipwho.is.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'ipwho.is.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 60 + | rdlen = None + | rdata = 195.201.57.90 + \ns \ + \ar \ + + +2024-12-14 20:35:39.846296 - Ether / IP / TCP 192.168.1.11:42768 > 195.201.57.90:http S +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 57668 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 195.201.57.90 + \options \ +###[ TCP ]### + sport = 42768 + dport = http + seq = 1867829416 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 64240 + chksum = 0xbefd + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:35:39.880841 - Ether / IP / TCP 195.201.57.90:http > 192.168.1.11:42768 SA +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0x85ed + src = 195.201.57.90 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = http + dport = 42768 + seq = 3819389530 + ack = 1867829417 + dataofs = 8 + reserved = 0 + flags = SA + window = 29200 + chksum = 0x30b7 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('NOP', None), ('SAckOK', b''), ('NOP', None), ('WScale', 9)] + + +2024-12-14 20:35:39.883466 - Ether / IP / TCP 192.168.1.11:42768 > 195.201.57.90:http A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 57669 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 195.201.57.90 + \options \ +###[ TCP ]### + sport = 42768 + dport = http + seq = 1867829417 + ack = 3819389531 + dataofs = 5 + reserved = 0 + flags = A + window = 513 + chksum = 0xbef1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:39.885561 - Ether / IP / TCP 192.168.1.11:42768 > 195.201.57.90:http PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 191 + id = 57670 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 195.201.57.90 + \options \ +###[ TCP ]### + sport = 42768 + dport = http + seq = 1867829417 + ack = 3819389531 + dataofs = 5 + reserved = 0 + flags = PA + window = 513 + chksum = 0xbf88 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'GET /192.168.1.62 HTTP/1.1\r\nHost: ipwho.is\r\nUser-Agent: python-requests/2.32.3\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nConnection: keep-alive\r\n\r\n' + + +2024-12-14 20:35:39.928427 - Ether / IP / TCP 195.201.57.90:http > 192.168.1.11:42768 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 12494 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0x552b + src = 195.201.57.90 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = http + dport = 42768 + seq = 3819389531 + ack = 1867829568 + dataofs = 5 + reserved = 0 + flags = A + window = 60 + chksum = 0xe2c8 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:39.932825 - Ether / IP / TCP 195.201.57.90:http > 192.168.1.11:42768 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 343 + id = 12495 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0x53fb + src = 195.201.57.90 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = http + dport = 42768 + seq = 3819389531 + ack = 1867829568 + dataofs = 5 + reserved = 0 + flags = PA + window = 60 + chksum = 0x5edb + urgptr = 0 + options = [] +###[ Raw ]### + load = b'HTTP/1.1 200 OK\r\nDate: Sat, 14 Dec 2024 19:35:40 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: ipwhois\r\nAccess-Control-Allow-Headers: *\r\nX-Robots-Tag: noindex\r\n\r\n40\r\n{"ip":"192.168.1.62","success":false,"message":"Reserved range"}\r\n0\r\n\r\n' + + +2024-12-14 20:35:39.938108 - Ether / IP / TCP 192.168.1.11:42768 > 195.201.57.90:http FA +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 57671 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 195.201.57.90 + \options \ +###[ TCP ]### + sport = 42768 + dport = http + seq = 1867829568 + ack = 3819389834 + dataofs = 5 + reserved = 0 + flags = FA + window = 512 + chksum = 0xbef1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:39.975841 - Ether / IP / TCP 195.201.57.90:http > 192.168.1.11:42768 FA / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 12496 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0x5529 + src = 195.201.57.90 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = http + dport = 42768 + seq = 3819389834 + ack = 1867829569 + dataofs = 5 + reserved = 0 + flags = FA + window = 60 + chksum = 0xe197 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:39.978318 - Ether / IP / TCP 192.168.1.11:42768 > 195.201.57.90:http A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 57672 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 195.201.57.90 + \options \ +###[ TCP ]### + sport = 42768 + dport = http + seq = 1867829569 + ack = 3819389835 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0xbef1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:40.312394 - Ether / IP / TCP 192.168.1.11:37662 > 74.125.133.188:5228 A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 38637 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 74.125.133.188 + \options \ +###[ TCP ]### + sport = 37662 + dport = 5228 + seq = 938547589 + ack = 2945028699 + dataofs = 5 + reserved = 0 + flags = A + window = 508 + chksum = 0x9208 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:40.351175 - Ether / IP / TCP 74.125.133.188:5228 > 192.168.1.11:37662 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 58348 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xcdea + src = 74.125.133.188 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = 5228 + dport = 37662 + seq = 2945028699 + ack = 938547590 + dataofs = 8 + reserved = 0 + flags = A + window = 1046 + chksum = 0x5e6 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (938547589, 938547590))] + + +2024-12-14 20:35:40.895628 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34234 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52963 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 59939 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.898002 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34235 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52964 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 59940 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.900439 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34236 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52963 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 59941 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.901900 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34237 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52964 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 59942 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.903251 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34238 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52963 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 59943 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.905652 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52963 + len = 76 + chksum = 0x7cfe +###[ DNS ]### + id = 59939 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:40.907507 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52964 + len = 89 + chksum = 0xf76 +###[ DNS ]### + id = 59940 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:40.909631 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52963 + len = 90 + chksum = 0x759b +###[ DNS ]### + id = 59941 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:40.911163 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52963 + len = 81 + chksum = 0x30ee +###[ DNS ]### + id = 59943 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:40.913750 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52964 + len = 51 + chksum = 0xc3a5 +###[ DNS ]### + id = 59942 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.935494 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34239 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 52965 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 59944 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:40.940138 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 52965 + len = 81 + chksum = 0x4ad5 +###[ DNS ]### + id = 59944 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:41.476730 - Ether / IP / TCP 192.168.1.11:42733 > 151.101.135.42:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 41 + id = 18203 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 151.101.135.42 + \options \ +###[ TCP ]### + sport = 42733 + dport = https + seq = 2796051337 + ack = 1613279978 + dataofs = 5 + reserved = 0 + flags = A + window = 507 + chksum = 0xe05e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x00' + + +2024-12-14 20:35:41.493372 - Ether / IP / TCP 151.101.135.42:https > 192.168.1.11:42733 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 22166 + flags = DF + frag = 0 + ttl = 55 + proto = tcp + chksum = 0xceb + src = 151.101.135.42 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42733 + seq = 1613279978 + ack = 2796051338 + dataofs = 8 + reserved = 0 + flags = A + window = 306 + chksum = 0xd5f4 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (2796051337, 2796051338))] + + +2024-12-14 20:35:43.083296 - Ether / IP / UDP 192.168.1.11:57621 > 192.168.1.255:57621 / Raw +###[ Ethernet ]### + dst = ff:ff:ff:ff:ff:ff + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 49061 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.255 + \options \ +###[ UDP ]### + sport = 57621 + dport = 57621 + len = 52 + chksum = 0x9f +###[ Raw ]### + load = b'SpotUdp0\x977M\xb3\xe9=C\xf2\x00\x01\x00\x04H\x95\xc2\x03\xb3}cPK\xb7\xed\x7fT~\x1d\x0f\xd7\x01\x15-#vA\xf6' + + +2024-12-14 20:35:45.062723 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 280 + id = 26769 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf111 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231451 + ack = 212489243 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x35fb + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00\xeb\x8a\x930\xcc/\x99\x86\x00W\xe7Y\xf8\x86\xb0\x7f\r\xfb\xd7\xf6\xe6h7\x1d\xe4\x87\xa2\x19\xe6\x90s\x05\xf6\x9fT{G\x8e\x0e\x1c\xd8\x8f\xd8\xa5\x04\x9arR\xfdzh)\xc1\xb9nu{i\xdd\xc5;(F\xb8|\xb7H\xa08\x12d\xaey\xef|\xa1\xc6 \x076\r\xb5w\xac\xc1'\xed\xa8wI\t`\xb7H\xf5\xcf]0n\xb1\x9bQiE\xcf6\xe4\x13\xc1\x8f\xd9\xfedM\x96.\xcaT\xa9B\xc9\xc8\xa0u\xb0\xb1\xedEKJk\xee\x1eC9\x8b\x00\x0b\x0cSb\x1dSY\xdbR\xa4\x8b\xa6I\x83[\xee\x94V\xdfq\x84.\xdaD\x1f\xc3e<{\xcc\x16\xf5\xe5\x80\xc1E1 \xba\x03e\xf3\x1e\x0e`\xf5c\\q\xa6\x02\x01\x80!+h^\x1a&|\xd5\x88\xf97d\xfb\xd1\x12\x9d\x0cy\xf8\xd3\x963\xe1{\xb6`\x94\x9b?~\xf8\x06\xd6X\x930\x86\x19\xe4\xf2\x8f\xa8r\xf1g\xe6" + + +2024-12-14 20:35:45.087565 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 81 + id = 26770 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1d7 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231691 + ack = 212489243 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x3ca4 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00$\xd4v}\x89\xfa ]\xff\x07\t\x06\xed\x95\x1b\x19\xdc9\x12\xa2\x8a\x897\x0b\xda\\\x949\xdd\x11\xe2d\xb0\x13\xb3h\x8a' + + +2024-12-14 20:35:45.094637 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37108 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489243 + ack = 995231732 + dataofs = 5 + reserved = 0 + flags = A + window = 511 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:45.103892 - Ether / IP / TCP 192.168.1.11:40790 > 35.186.224.41:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 83 + id = 8646 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 40790 + dport = https + seq = 3089482658 + ack = 915357639 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xc5dc + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00&\xc4\xc8\x11zA,\xa4b\x05\xd3\xa0|\x11\x8c\xa9\xa6\x08\x8c\xd2\xfa2\xc2ML\xbe\xe3\xd9\xd4\xb0\xab\xcd\x8d\xfc\x14\x1eU\x92<' + + +2024-12-14 20:35:45.119852 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 81 + id = 26771 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf1d6 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231732 + ack = 212489243 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0x3e28 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00$\xc7\x19\xd2=\xde]\x97v\x1b\xcd\xfc{\xd0\x99\xe6xP\xeb\xa2s}\xe5q\xd1\xe0j\xa2\xba:\x808\xf7H\x90\xb31' + + +2024-12-14 20:35:45.121875 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:40790 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 15312 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0x4269 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 40790 + seq = 915357639 + ack = 3089482701 + dataofs = 5 + reserved = 0 + flags = A + window = 1043 + chksum = 0x52cf + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x0b\x1a\x97\n\x00\x00' + + +2024-12-14 20:35:45.123889 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:40790 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 80 + id = 15313 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0x4240 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 40790 + seq = 915357639 + ack = 3089482701 + dataofs = 5 + reserved = 0 + flags = PA + window = 1043 + chksum = 0x406 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00#\xaf\x9eW\x96\xf1\xf2v\xf2\xba\xfa%f\x06\x15\xad\x15\x90\xf4\xc6\xfe\x91x\x91\xf5'\xbeD|\xc4\xc6r]h\xab\x0b" + + +2024-12-14 20:35:45.125441 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37109 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489243 + ack = 995231773 + dataofs = 5 + reserved = 0 + flags = A + window = 511 + chksum = 0xea57 + urgptr = 0 + options = [] + + +2024-12-14 20:35:45.165069 - Ether / IP / TCP 192.168.1.11:40790 > 35.186.224.41:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 8647 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 40790 + dport = https + seq = 3089482701 + ack = 915357679 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0xc5b1 + urgptr = 0 + options = [] + + +2024-12-14 20:35:47.546371 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34240 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53276 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 19031 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.548587 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34241 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53277 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 19032 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.550535 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34242 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53276 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 19033 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.551970 - Ether / IP / UDP / DNS Qry b'47.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34243 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53277 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 19034 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'47.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.553739 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34244 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53276 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 19035 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.555666 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34245 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53277 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 19036 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.557717 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53276 + len = 76 + chksum = 0x1b92 +###[ DNS ]### + id = 19031 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:47.559452 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53277 + len = 89 + chksum = 0xae09 +###[ DNS ]### + id = 19032 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:47.561400 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53276 + len = 90 + chksum = 0x142f +###[ DNS ]### + id = 19033 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:47.563096 - Ether / IP / UDP / DNS Ans b'S22-Ultra-de-Adrian.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53277 + len = 89 + chksum = 0xd15e +###[ DNS ]### + id = 19034 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'47.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'47.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'S22-Ultra-de-Adrian.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:47.564739 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53277 + len = 81 + chksum = 0xcf7f +###[ DNS ]### + id = 19036 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:47.567253 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53276 + len = 51 + chksum = 0x6239 +###[ DNS ]### + id = 19035 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.588247 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34246 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53278 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 19037 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:47.591754 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53278 + len = 81 + chksum = 0xe967 +###[ DNS ]### + id = 19037 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:50.811561 - Ether / IP / TCP 192.168.1.11:40788 > 35.186.224.41:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 68 + id = 8648 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.41 + \options \ +###[ TCP ]### + sport = 40788 + dport = https + seq = 948637572 + ack = 1994427668 + dataofs = 5 + reserved = 0 + flags = PA + window = 512 + chksum = 0xc5cd + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x17\xc3\xe9\xcd\xc7\xb9vdU\xc9\xf5\x16e\xd45\xfc\xf1\x10\xde\xc5XF<\xb3' + + +2024-12-14 20:35:50.831474 - Ether / IP / TCP 35.186.224.41:https > 192.168.1.11:40788 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 49791 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xbcb9 + src = 35.186.224.41 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 40788 + seq = 1994427668 + ack = 948637600 + dataofs = 5 + reserved = 0 + flags = A + window = 1051 + chksum = 0xf8f2 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:50.883536 - Ether / IP / TCP 142.250.184.14:https > 192.168.1.11:42729 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 113 + id = 11441 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xf1a + src = 142.250.184.14 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42729 + seq = 2391708146 + ack = 3790787413 + dataofs = 5 + reserved = 0 + flags = PA + window = 1042 + chksum = 0x7d5f + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00DqP\xbf\x867\xf1o\xf8\xed\xb5\x83r\x85\xb2\x08\xe0\xfa\x89\xc7\xa1\x97\xc2B\x13\xa15\xear\xba\x14\xe36M\xed\x97\x7f\xdc\x88\xcb%J\xedQ*\xa1\x97%\x9c\xa0\x94\xb1\x9c\x84\xe4\xa8&\xa0\xc8sj\x14\xcd\x8bFN`\xd4\x8c' + + +2024-12-14 20:35:50.885909 - Ether / IP / TCP 192.168.1.11:42729 > 142.250.184.14:https FA +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 33708 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.184.14 + \options \ +###[ TCP ]### + sport = 42729 + dport = https + seq = 3790787413 + ack = 2391708219 + dataofs = 5 + reserved = 0 + flags = FA + window = 512 + chksum = 0x8d7 + urgptr = 0 + options = [] + + +2024-12-14 20:35:50.905583 - Ether / IP / TCP 142.250.184.14:https > 192.168.1.11:42729 FA / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 11442 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0xf62 + src = 142.250.184.14 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42729 + seq = 2391708219 + ack = 3790787414 + dataofs = 5 + reserved = 0 + flags = FA + window = 1042 + chksum = 0x244d + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:50.908546 - Ether / IP / TCP 192.168.1.11:42729 > 142.250.184.14:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 33709 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.184.14 + \options \ +###[ TCP ]### + sport = 42729 + dport = https + seq = 3790787414 + ack = 2391708220 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x8d7 + urgptr = 0 + options = [] + + +2024-12-14 20:35:51.330562 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34247 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53536 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 53179 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.332467 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34248 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53537 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 53180 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.333944 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34249 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53536 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 53181 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.335439 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34250 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53537 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 53182 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.337224 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34251 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53536 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 53183 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.339301 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53536 + len = 76 + chksum = 0x9529 +###[ DNS ]### + id = 53179 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:51.341296 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53537 + len = 89 + chksum = 0x27a1 +###[ DNS ]### + id = 53180 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:51.343236 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53536 + len = 90 + chksum = 0x8dc6 +###[ DNS ]### + id = 53181 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:51.344772 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53536 + len = 81 + chksum = 0x4919 +###[ DNS ]### + id = 53183 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:51.348556 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53537 + len = 51 + chksum = 0xdbd0 +###[ DNS ]### + id = 53182 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.371750 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34252 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53538 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 53184 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:51.375466 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53538 + len = 81 + chksum = 0x6300 +###[ DNS ]### + id = 53184 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:51.442243 - Ether / IP / TCP 142.250.184.14:https > 192.168.1.11:42730 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 113 + id = 58135 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0x58b3 + src = 142.250.184.14 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42730 + seq = 1816494065 + ack = 1636439970 + dataofs = 5 + reserved = 0 + flags = PA + window = 1030 + chksum = 0xf074 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00DU\xaf\x9dv\xf3A\tZ\x93\x18\x1b\xb0\x0f\xe0m\x84\xa4{\xfdj\x8f'\xe3p\xbd\xa5\x08\x89u\xd5T\xdce8\x01\x03q\xf2/U\x91U\xa9P\xe7$\x18\x8f\x88h\x18\xb8n\x7f\xc2\\\xdcv\x17\xe3\xe9\xac\xf6w\xa3\xc2\xf2\xdb" + + +2024-12-14 20:35:51.444442 - Ether / IP / TCP 192.168.1.11:42730 > 142.250.184.14:https FA +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 33710 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.184.14 + \options \ +###[ TCP ]### + sport = 42730 + dport = https + seq = 1636439970 + ack = 1816494138 + dataofs = 5 + reserved = 0 + flags = FA + window = 512 + chksum = 0x8d7 + urgptr = 0 + options = [] + + +2024-12-14 20:35:51.460246 - Ether / IP / TCP 142.250.184.14:https > 192.168.1.11:42730 FA / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 58136 + flags = + frag = 0 + ttl = 118 + proto = tcp + chksum = 0x58fb + src = 142.250.184.14 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42730 + seq = 1816494138 + ack = 1636439971 + dataofs = 5 + reserved = 0 + flags = FA + window = 1030 + chksum = 0x94be + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x00\x00\x00\x00' + + +2024-12-14 20:35:51.461916 - Ether / IP / TCP 192.168.1.11:42730 > 142.250.184.14:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 33711 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.184.14 + \options \ +###[ TCP ]### + sport = 42730 + dport = https + seq = 1636439971 + ack = 1816494139 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x8d7 + urgptr = 0 + options = [] + + +2024-12-14 20:35:53.192316 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 417 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc5a8 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 397 + chksum = 0xc02c +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: upnp:rootdevice\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::upnp:rootdevice\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.194937 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 489 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc560 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 469 + chksum = 0x502d +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.196496 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x83e4 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.198195 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 485 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc564 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 465 + chksum = 0x7632 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.199696 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8392 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.201029 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 465 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc578 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 445 + chksum = 0x8a6f +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:device:WANDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.203482 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8394 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.204986 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 497 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc558 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 477 + chksum = 0x3a9 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.207612 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 479 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc56a + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 459 + chksum = 0x81a1 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANIPConnection:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:service:WANIPConnection:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.473478 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 479 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc56a + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 459 + chksum = 0x81a1 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANIPConnection:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:service:WANIPConnection:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.475493 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 497 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc558 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 477 + chksum = 0x3a9 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.477797 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8394 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.480672 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 465 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc578 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 445 + chksum = 0x8a6f +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842ba::urn:schemas-upnp-org:device:WANDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.482649 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x8392 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.484608 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 485 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc564 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 465 + chksum = 0x7632 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842bb::urn:schemas-upnp-org:device:WANConnectionDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.486489 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 426 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc59f + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 406 + chksum = 0x83e4 +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.488245 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 489 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc560 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 469 + chksum = 0x502d +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::urn:schemas-upnp-org:device:InternetGatewayDevice:2\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.489993 - Ether / IP / UDP 192.168.1.1:60364 > 239.255.255.250:ssdp / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 417 + id = 0 + flags = DF + frag = 0 + ttl = 2 + proto = udp + chksum = 0xc5a8 + src = 192.168.1.1 + dst = 239.255.255.250 + \options \ +###[ UDP ]### + sport = 60364 + dport = ssdp + len = 397 + chksum = 0xc02c +###[ Raw ]### + load = b'NOTIFY * HTTP/1.1\r\nHOST: 239.255.255.250:1900\r\nCACHE-CONTROL: max-age=1800\r\nLOCATION: http://192.168.1.1:64920/d15f795f/rootDesc.xml\r\nSERVER: Linux/3.4.11 UPnP/1.0 MiniUPnPd/1.9\r\nNT: upnp:rootdevice\r\nUSN: uuid:d15f795f-9d12-458e-874b-cb38ba3842b9::upnp:rootdevice\r\nNTS: ssdp:alive\r\nOPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01\r\n01-NLS: 1\r\nBOOTID.UPNP.ORG: 1\r\nCONFIGID.UPNP.ORG: 1337\r\n\r\n' + + +2024-12-14 20:35:53.883534 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34253 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53796 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 43406 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.885687 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34254 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53797 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 43407 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.887914 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34255 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53796 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 43408 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.889685 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34256 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53797 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 43409 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.891075 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34257 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53796 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 43410 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.915214 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53796 + len = 76 + chksum = 0xba52 +###[ DNS ]### + id = 43406 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:53.917332 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53797 + len = 89 + chksum = 0x4cca +###[ DNS ]### + id = 43407 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:53.919918 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53796 + len = 90 + chksum = 0xb2ef +###[ DNS ]### + id = 43408 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:53.921880 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53796 + len = 81 + chksum = 0x6e42 +###[ DNS ]### + id = 43410 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:53.924301 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53797 + len = 51 + chksum = 0xfa +###[ DNS ]### + id = 43409 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.938612 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34258 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 53798 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 43411 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:53.941821 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 53798 + len = 81 + chksum = 0x8829 +###[ DNS ]### + id = 43411 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:54.939890 - Ether / IP / UDP / mDNS Qry b'_233637DE._sub._googlecast._tcp.local.' +###[ Ethernet ]### + dst = 01:00:5e:00:00:fb + src = 6c:f7:84:e4:d7:de + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 89 + id = 65519 + flags = DF + frag = 0 + ttl = 255 + proto = udp + chksum = 0xd8e3 + src = 192.168.1.28 + dst = 224.0.0.251 + \options \ +###[ UDP ]### + sport = 5353 + dport = 5353 + len = 69 + chksum = 0x32a6 +###[ DNS ]### + id = 6 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 0 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 2 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'_233637DE._sub._googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + |###[ DNS Question Record ]### + | qname = b'_googlecast._tcp.local.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:56.103861 - Ether / IP / UDP / DNS Qry b'gew1-spclient.spotify.com.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34259 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 64667 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 21332 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'gew1-spclient.spotify.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:56.107739 - Ether / IP / UDP / DNS Ans b'edge-web-gew1.dual-gslb.spotify.com.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 136 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb708 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 64667 + len = 116 + chksum = 0x86ba +###[ DNS ]### + id = 21332 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 2 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'gew1-spclient.spotify.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'gew1-spclient.spotify.com.' + | type = CNAME + | cacheflush= 0 + | rclass = IN + | ttl = 139 + | rdlen = None + | rdata = b'edge-web-gew1.dual-gslb.spotify.com.' + |###[ DNS Resource Record ]### + | rrname = b'edge-web-gew1.dual-gslb.spotify.com.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 7 + | rdlen = None + | rdata = 35.186.224.26 + \ns \ + \ar \ + + +2024-12-14 20:35:56.110724 - Ether / IP / UDP 192.168.1.11:53339 > 35.186.224.26:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 5435 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ UDP ]### + sport = 53339 + dport = https + len = 1258 + chksum = 0xca83 +###[ Raw ]### + load = b'\xc4\x00\x00\x00\x01\x08\xc2\xc0\x97\x0f\xf5\xc4?@\x00@F\x00\xe2=[4\x96\'\x15z\x1blM8H\xd5\xa0\xa9a\x8d|\xa5\xc9\xe5[QK\x82i\xfc\x96\x02"\xea\xbb\xd7\xda\xd7\xbb\xe3\x01\xdc\xeeC\x83\xc9\xb0N\x87\x85&a\x07\x1dL\xb9\x17\x90\xda\xcbfh\x8e\xd5)\xb0\xc65\xd1\xcf*D\x89\xbb\x86\x94G\xee\x90\\:\xd4d\x18\x98\xdf\xefH\xc7\x85N~\xff;\xb4 \xf2\x04N\xddM\xe1\x0b1`Q&\xab\x00O-u\xaa\xe5\x1d\xf0-i\xbc\xc2\x97\x9e\xd7"\xba\x7f\xf7\xf2\xd2\xf9\xfc\x8b\xea\xd5\x949\xc6\x84&\x18\x18\x07\xb7\xad\x98\xafr&\xcd\xe2\xc2U#a\x00\xfac\xfd\xba\xe0\x14\xce\xcc?u\x1f\xbf\x99\x9a\xf9\xf8\xe9\xa0%\xe5\xa6\xbb$\xfbs\xd5\xa7\x8d\xeb\r\xdc\xf1\xba.\x9fvi\x04 #\xb1\xb6*\x1b\xf0)6q\x87#\x10\xb1\x82B\xed^3\xebF\x9e\xe8Q\xa8R{(\x01t3\xd1H\x86\x8a\xb8\x89S=\xd9R\xf5!\xe6\xbf\xbc\xa4e[\x96~`\x03t\x9e\x9f\xf5\x0b{\xd4\xf9\xe1\x1c;\xee\x8d\xa5B\xea\x12u\\}\xe4\\7D*%j/\x97\x86\xa4ff\x97\x1f\x9b\x0eE\xd0\xb3\xa0\xb8H\xbb\xd2%\xd5\'`\xd5\xb1"g\x7f\x1a?\x08\x12\x16`\xe6\x04\x9ffz\xa2(@xD95\xae\x18\xb0)\xf3\x1b\xfdw\xd8\xab\x90\xd9\xd6\xe2"\xae\x8d\x98\xc4h\xc1\x9b\xadc\x8c\xceUzY\xbcSV\x86\xce\x84\x8b\x87c\x80\xd6:\xcc\xee\xd7 d\xce\xac\xb4g\x80\xcd\x11\xbf\x0e\xc0[\xfcJ;\xf3\x8a\xc0\xc5\xa8\xff\xfcW\xc1\x1c\xc0\xbe\xc4GG\xd7\xf6\x84el\xc2J\\\x16\xcb9\xf5H*\x00le#\xe5\x02\xde\xd1\xadG\x06\x03\xe1\xe8D\x0eN\xd8\x84\x81L\x11?\x84?\x84\xe7\xe6R?\x83\xd2i,\xa6y\xfc\xb22\x8f\xda\xca\xaa\x0b\xac.\x8eV\x89/\xdd\x04\'\xc9\x0ffx\xc6\xf2c\xcem\x9dIgi\xf45\x1e\x92\xf1\xc1\x07\xab\x18\x89\xef\x81\xe1\xc1L\xa1\x0e[\xe3jb\xd5a]\x8b\x80\xc9\xbe\xebT]<\xd5\x80b\xa6c\x1a7\x0e\xaf\xdcS\xe7!\xe9\x94cP\x14\xcf\x00\xbf\xaa\xe2R\x19\xbd\xd0\x8d\xf8.\xb7C\xd4=&8\xc3A\xef\x05\x83lv].\xa1\xfd\x19\xa7\xf9\xfb\x8a\xb4\xc8_\xc5\x85a\xd2xvd\x1cP\x951iD\xdd\xb8#\t\x9f\xccm\'\x9c\x1d\r\x00\xb0\x89hF\xb5\x85\xbf\x94\xb4^\x8ds}\x16\xa8g\xa9\x97\xf6\xf8\xf0\xc7\xc5\x92do\xcbe~\x83\'\x05\xb7\x88\xa8\xef(\xd7\x05\x07>\x8f\x99j,\xe7\xca\'\xee\xd24\xc4\xdck\xc9k\xa9i\xdd\x9ar\xa74\xffh$w\x0cN\xc6S\x88\xa9\xa2\x08\xab8\x99k\x91\x11\xc3\xc7\xb5\x13R\x8d\xb7\x89YI\x83\xfbR\xdb\x89\xa8m`*]\x14\x1b\xcbP<\x16\xda9\xa0\xd9\x13\x90\x85\xf8\xcc)\x1a\xc94f\x98\xca\x18\xb0\xa1\xaa\xe6k\x8a\xc8\x13\xaa\x9e\x85\x15\xf4\x01\x00\xb0\x063\x87\xce\xfcj\x98\x01\x1df\xb0\xd3\x14\x06\xfe9\xde@\xf6qLi\xafQ\xa7\xf4#U\xac\x08\x92\xb0\x94\x19\xfb\xef\xf5<\x80\xcc\xd1b6@\x80\x8e\x91\xdf}\x99\x91|{\xd4\x8a\xfd3\xb7\\q\xa0\x80\x17N\xe3o\xa8\x93\xe0:\x1c2T\x056\xa6rT\xafJ\xe9\x89\x1dH\x02#\xe1\x1a]\xe8LSX\xcbz\x15\n\xdd\xfa\xda\x96\xe4\x17FG?\x02\xaaE\xca1\xc9ZR\x9dg\xe7\xa4n\xe3V\x96\xa1\x85\xaa\xfe\xcb\x8d(I\x9b\xa0\xd1p\x8e\x94R\xa1\xe0\x8bFn)\x97u\x96\x14\x93\\xB\x80c\xd3\xdeu!\n\xd62\xf3\x8f}\x009\xfc\xff\x1a\xc4\x9d)\xc4s\xa1\xef-\x9e\xe0\xe7`N\xe9\xb6\xa4\x12\x98\x8d\x97\xc4\x9bGt\xd0Mp\x88\xb9\xbc0I\xb2\xa9\xcdv\xba\xeabT\xe7\xdc\x13\x89\xdb\xbe\x96\x08~\x0c\x93>&"\xbao\xd7c\x13\xfd\xd5q\x1czK\x8f?\xad\xac~z\x83j6\xd6\x93\x81\x85\xe1\x11\x94 \xa6\xdb\x9fmP\xaf\x9e\xee' + + +2024-12-14 20:35:56.236109 - Ether / IP / UDP 192.168.1.11:53339 > 35.186.224.26:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 5436 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ UDP ]### + sport = 53339 + dport = https + len = 1258 + chksum = 0xca83 +###[ Raw ]### + load = b'\xcc\x00\x00\x00\x01\x08\xc2\xc0\x97\x0f\xf5\xc4?@\x00@F\x00\xe2=[4\x96\'\x15z\x1blM8H\xd5\xa0\xa9a\x8d|\xa5\xc9\xe5[QK\x82i\xfc\x96\x02"\xea\xbb\xd7\xda\xd7\xbb\xe3\x01\xdc\xeeC\x83\xc9\xb0N\x87\x85&a\x07\x1dL\xb9\x17\x90\xda\xcbfh\x8e\xd5)\xb0\xc65\xd1\xcf*D\x89\xf7\xd74E\xac\xa5\x92:\xe7\'\xb2\xae,{\xd6\x9ei\x17\xf5bG\x0fR\xd1E\xe7Fr\x8bA\x88[\xa6q\x0f\xc6\x01\xbc\xd2E\xb5j5\x9d\xf9]=\xad\xe4\xcd$\x16\xfe)<\xaeB)F\x84oM\xd95>\xbe\x83\x8bQx\x87e\xfb\xd4L7\xed]\xd0\xf4\xcc\xe9L\x1fL[P \xbf\x82\xa0.\xb9\xc1Q\xdc\xff\x89\xf0$8\x90;\'\x80\x8dk\xd9\xca\x8eX\x00\xc2\xf8\xe4W\x91\xbc\xc7\xa9\xb7\xceG\xa4:\xdeV\xf7\x94\xf0\xd5\xe5I\xf02\xea\\\x12{\x00 \xc9\xbfCZA\xeehB\xf4Hf\nh*s3\xc0\x81;NG\xa71\xa0x|g6\xa3\xe96\xdb\xdc\x06\xb4\xb6\xe1\xe2Qk4t\x17\xd6s\x01]w\xcbM\xeb\xf9\x03\x99>\xb0\xbd\xba}Y\xa9\xc5\xff\xda\xb1p\xb8\x97\xaf\x89y\xcb\xdd\x8c\x9f\x15^\xa4h\xd5\xd6\xbb\x9eLR\xba\x96\x1d5T\xefi7\xe2uHBc\x7f\x07[P\x0f\x87\xef\x0cR \xc7\x01\x83\xa8xB&QP\xdb\xc0\xc6\x97ES\xa6?\x96\xaf\xcb6\xf5luP\xc1\x1d\x10\xb23\xd9\xbf.\xa8\xdc\x8d\xae\xf5l\xa6\xa2^ \xe9\xa5\xcb\x15\x84\xad\xf2\xe6\xd1\xa5\xe8\'\xb8ar\x80\x0b\x10u\x8b\xfe\xdc\x95\xe4_\x1b\xa1\xea\xa3\xd2\x03\xe5&\xe1\xd5\xcb\xbc$\xc4\x1f\xca\xcfR\x0e\x89&\xa4\xa13\xfah\x1e\xf9\xb6\x05\x1a\x84\x13\xd1\x11\x91+\xc4\x1a5\r\x17\xb4\x99;\xd2\xe9\x93"~w\xbbQ\x83YI\xdd\xc3\xec\x1f\xe2l\xfc1a\x1e\xb5\xbfR\xdcFP\xb5wb\xba\xcc\xde\xf4\xb0\xce\x90G\xf9\x84.\xb35\xf2\x0e\xc0\x16\x1c\x94\x80\xfc\xc8\x85d\x07\x98h\xbe@\x80Zo\x86\xb3tc\xbfP\x8c\xd3$g\xf0\x1e\x84\x94\xd3\t\x94\x0f\xa5\xeb*\x1cR\xd2\xb7\xbb|\xd4m\xdf\x99L\x81\xcc{\xcc\x03\xe4]\x0bjc3\xd4\xc30;\x04\xae\x03\xc2\xe2J\x81\x19\xd5\x9f\x04\x00:L{\x94U\xd5\xa2\xc8\xd8\xff\x14\xecqJ\xc0\xa0R\x06\xf9\xe8\x87\xcaw\xe6\xf0v\xb5,\x08 \x14\xcf0)\x83~2\x99\xba\x86\x83X\xd0\xd2\x99\xcf\xdd\xe0\x9a\xb6\xf8\xe0p\x9d[Y\xfcF\xf3\xad\xcb\xd1\xca\x188\xf4ZM\xe0\x9b-\xb2\x93f\x89`\x184\xf7\xb2X\x94\x10\xe0\xa8~\x93Ge\x0e\xb4\xb6\x9c\x9as\xf99\r\xe6\x97\xe6\xa8\x08\nl\xbfl,V\xe2\xa9D\xc00K7\xa6\x1d\x81%\\5\xe3t\xe2\xdcn\x00\x93\xb9\xa6\x97H&2\n\x94c\xf7Qs\x04\x07\x02\xa6\x15\x1f\x8d\x11 \xcb\\\xf9"*\xd1\xc0j\xf20\x95\x90\xc9p)\xc6\x1b\xdb|\xe4\xec?YX\xea]\xa7N\x9f\r6\x9d.\x04\x90\xf7\xa934\x93\x95e\xdf"\x86\x91\xf5\x02i\xd9\x15r\xadT\xe3\xbd\xb9\x07\x9c\xce\x87WR\n\\\xb8[\x94,\xf90\xf1\xe1\xd4\xc3^\xaa\xeb\xee\xeb\x0bXZ\xc9\xb9\x15\xbe\xff\x16\x0f\xe6\xe9 \x81\xcd\xad+\x95S\x04v`\xad\xf1\xc2\x8e\x80\xca\xf5\xe9\xee\xc1\x8f0\xaf/)f\xfe\xa4\xac\x8e)\x99\tH\x07\xb6\xb0%@1i-\x8d\x04~z\xf8\x1a\xd9\x04\x1c\x02)\x05\xaa\xe2~mm.\x0c^H\xb3\x9dY\xe1\x96u\xe1Q\xbb\x05\xe1\x03H\x89\x07K\x1fkv\xe9l\xb6\xfe\xffH\xd4\xa2\x85\x86\x03\x9fHG\xe2\xef\x7f\xde\x95L$\xc6\xf76\xb9\x98\xab\xedV.\x1c\xe5\x8dP\x9a\x91\xa0T\xe7\xb1k\x8f\x14\xcd\x00\xb0\xdb\xbb\xefZ\x15W\x9d\xde3\xb1V \x03\x94\xdb\xae\xdd\xd0\x84\xa6\x13\xed\xd1Hw-\xca\x91\xe0\xfe\x1b\xb8\x8d\xc21\x12ZX=L!\xdb\x86\xdf\xaa\xde\xcf\xae\xea@,!3\x0b\xec\xa2*\xf5^\x14\xb1\x90\xf2Q\xdd"\xc0\xa3\x02KF\xbc\xdf\xa6\x86\x02\xbaN\xeb\x99\xf0K@\x80\xb7\xc8\xfcF\xc3\x8b\xf2V!g\xc2n\x1f\xc4\x9e\x1d\xa8\x91|\xc2E\xcb\xf6\xa4U\x8e\x9c\n\xf7Cy\xda\x0b^\xd6\xc1\xbcV\xcc\x9c(\x06\\=\xb8\xc6p\xc2t_ .j\x0b!W\x04\xa0\xfd\xf6{\xf8\xcc\xbcw\x8c\x98\xbd\xdc"[\xb7\xc9\xc1(\xf6\x15\x14\x95\xb98\xf5\xe7\\\xd3\xa9\x0f\xf1\x07bbX\x93\xb5\xa8\xdd\xb9\x81\x9frlZ&\xbb\xd5\x88\xeb\xea(\xe1\x1c4' + + +2024-12-14 20:35:56.292856 - Ether / IP / UDP 35.186.224.26:https > 192.168.1.11:53339 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 68 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0x7e21 + src = 35.186.224.26 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 53339 + len = 48 + chksum = 0xd678 +###[ Raw ]### + load = b'\xc7\x00\x00\x00\x01\x00\x08\xe2\xc0\x97\x0f\xf5\xc4?@\x00@\x16\xce-\x16\x83\xa3\xc9\x1e45\xf4?[\x9e\x9dmnKL\xce\xf3if' + + +2024-12-14 20:35:56.310565 - Ether / IP / UDP 35.186.224.26:https > 192.168.1.11:53339 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0x7967 + src = 35.186.224.26 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 53339 + len = 1258 + chksum = 0x8f2e +###[ Raw ]### + load = b'\xc9\x00\x00\x00\x01\x00\x08\xe2\xc0\x97\x0f\xf5\xc4?@\x00D\xd0\x98$\xcc_\x980\xa0\xa6T\x93Aw\xbd\xd1\xbc\xccy>&\x173\x19\n.\xecp\xd6\xf5\xe5\xdc\\g\xf2\xe5[\xd4\x18\xdc\x92J\x103A\x08\xc3\x14\xa6\xc2\xb1+\xa9\xd4P\x85\xf0,\xaf\x16~\xcf\xec\xa3+\x9eHc\n9\t\xfd1^{\x13d7\x18\x948^3\xd4\xffs\xf4\xfe:\x9a\x8f\xcd`u|\x10\xc1\xc0\xc4\xe5Y\xe2\xc7\xd6K\xda\xdf\xd96\xe4\xc0IR\xc6\'\xf4?\xa15J\x84\xa8\x9d\x13\xe9-\xab\xd4\xaa\xf1\x97\xa7\xad.\x81\x03\xcfo\xfa\xccPo\xd3\x9f\x8d\x87K=\xd4o\xa67\xcfBv\xe0LM\x95\x8b8\x95\x08\x07\xd9\xeb\x8f\xdb\xfd\xd6\x9e\xee\x12\xd2\x86\x81j\xa0\x06\x9c\xf6\xef\xd8\x91\x9e\xaf\x8fwS\x16\xfc\xe4\x140?\x0f*|\xe4\x12\x90@\xcf\xc4AT\xb6A\xb1\xbaM\xb7\x82\x1e\xc7@\xb19\x1c\x08\xfa\x9e\xb7il\x0c\x84\xc6\x06#\x85\xdbO\xf4\x8f:\xae\xf7\'V,\x86d\x9ck\xebnNF\x90\x07\xc0\xe0\x0b\x99\x02\x8d\xee\xb6~-\xeb8\xf2.\xaeZ2\xacP\x1f\xd3\x8eLjx/\x86\x83s\xe3\xa9|\xc9\xb6\x8a\xc3\xa4\x9e\xc1Ts\xc0\x10\xad\x12\x03Z\x1d\x81\x07LM\xa6\x947/5<^\xe7\x8e\xd6\r\xd2:\xf2\x01y\xd1\xc6QQ\xcce2\x00W\x1d\xff\xa4\xd2\x87\x9a\x91\xca\x82\x9b\x9a\xe2\xea$\xa7\xa2)\x94\xce@\xbb\x99f\xbc\x034\xce\x12\xf0\xcfvx\xae\xeaEl\xcbVC\xd13\xca\x1fNs\xc4\x16\t\x98\xfdw\x16\x9f5\xd0\xbe\xac\xc6\xce&N\xef\xd9\x08N\x01\xaa\xb9\xe5i\xbb\xcc\x01B\x16h\x82P\xf9j\xb5\xdb\x0f\x10\xd4\\\x0e\x98\xf6@\xd1)\xa1\x9f\xbdJ\xd07\xe3\x9c\x1f\xafs\xeb\xdd\xfc\x12J\x938\xea\xde\x84\xbe}^\x07n\xeeM\x7fi<|%\xe7\xfaZX\xd5[\xed\xb5&\x89@\xd8\xed\xe2o_g\xf8\x13\x86+\xdb\xbf\xc4\xdb:\xf1{\xfc\x04\x1b\x14\x1bb\xcd\x91\x9dn\xfe\x15\x15-\x07e\xc3\xda]\x89c~$\xc9\xaf\xcdi\xa0\xa5\x89S\x1e0\xc5\xa5,\xe2\xd8\xb5)\x83\xa9\xb0\x83"\xc4\xf4\x03\xe3\t|\x0f\xb2\xadb\xc4\xa3tF\x15\xe8\xdb\xe39l\xf5\x7f\x15\x8c\xab\xfa\x86\x0b\xf3f?\xb0\xb5+\xe9\n\x8a\xfd\x8e\xe0Dg+\x8a\\\x1b+LOApK\x17\xb9\x01\xaa\\A\xea\t0\x82?\xef\xd5!\x8c/\xc9v\x13\x10xp\xa80r\x03\x1c\xc7\xe3\xa1\x1bn\xb6<\xb5&2X\x16U\x99\xc9\x7f\xce\xddt\x02\xbdw\xc1\xdb\xa1\xcc\xc2`\xe6\xe3\\\xd0\x06\xac\x10v\x19\x8e\x12\xe4\xfc,\xad\xffa;\x97\xfb\x8bL5\xc0\xd8\x03[\xc9\xae}k\x9b\xb1lo\x91\x08\x8e;b\xb0\xfa\xfa\xe7Q \x13^\x93P\xed~\x8bD\xda,\x90\xb9_A\xb2I\xa67Aq\x1e\xc5\x86\x8e%i3\xcc\xdca;\xc4\x84\xe3\xb6\xa5N\xb8\xb4%U\xfc\x13?X/\xdc\xad\xdb\xf4,\x7f@\xaf\xf73M\xff\x17\xa0\x04\x9f#@\xdeS\xbbc\xaa\x07\xb8\xbb\xb3=\xa9\x1a\xef\xc4\xd1w\xe4\x88x#\x12S\x1ao\xea\x97\x12\x11\xc1\xa5\xa0\xdb\xea\x1eI\xce\x11E$\x83\x13\x85\xc5;_\x06\x7f\xeeI1\xf2\xae\x86\xb3\x16,\xeaD\x13:\x8d\t\xff\xa7\xdd\xe4\x88%\x11x\xfa\x96\xe2\xf7\xa2\xcd\x83\'\xea\x88\x9dl\x9ae\xacC\xacx\xfd\xfc\x98\xc0\x8d\x9abH\x18tnU\xc6\x03\xca\xb9\xa4i\xff\xf7\x82\x81\xcdp\xe2\xe9s\x8eE\xdc?\xd9%\xf3\xd67/}\xeb\x14\xc2\x87\xda\x0c\x1d\xd2\xf9s\x979\x9dl\xc0\x1f\xd0\xbb\x9d7\r\xe6\xae\xf4\x80\xb0R\x17\xf6\xc2bc\xb2\xde%\xcf\xe4X\\\xf2\xb8\xdf{V\xf8BbR\xa4\xc1\xf9|\xfa\xe1m\xaf\x05\xf2y\xce\\l)/\x9dha\x9d\x93\xe4\x07\xa4\xca\x98\xb2I\xb2\xca\x05[\xc1\xc9\x8c+\x8dP\rb\xdd|[!\x9c\x16M\xb1\\)\x93U\xc5\xfc\xb4\xa4\xc4C#{\x88\xd7\x11\xf6t\xdfd\x8a}\x0b\x87\rg\xe9\x1b\xfb\xb2\x84\xc5\xaa\x9cz,\xc9\xe7\xfa\xfa4\x7f\xb0\xed\xa0\xf7\xd4]\xaeE\x93\xf1X\xa9\xb6\xc6p\xad\x9dO\xbe\x1f\x1e_\x80\xe4\xfc\xc7\x071\n)v\xc5u\xf6\x9dDb\xb4\x88\xb8\x8e\x97u\x9baj\xd1i\xd1&\x88\x19\xe1G\xc9\xa7m\x9ax\x91\xdd\x14\x0b\x02\xac\xa1n\'\xec\xe5@$\x94\x92S/\xe7Vt\xf6\xef\xe2\xf9\xeb~\xce\x1e\x9c\x7f\x13\xe1?\xd0\xb2\xda\x04\xef\x9b\x97,\x14\x1e\xb6\xfc\x07%\x8a1\x9a\xacr<\xc1\x98\xa4T\tky\xaf \xb7I=~E\x16E\xba\xd3\xa7\xaf\xd0\xf6\xdd\x0ed\xdd\xfa\xfcQ\xa6\x92\xddn%\xd8p\x18\xf0\xed\x7f\x00\xc7\x90\xf3O\xa6\xe1\xb2jS\x80\xa1IF\x0e\x0eo\xca}\xc8\x08\xb4 \x12\x88l\x06\xad\xa0\xa2kw\x1f!\xe6\xe98\xc0\xf8WC;\xbc7h\x07\xab\xa2\xb7\x00\x11\xafe3\xca\x9e\x98W\x13>\xbeY\x1d`=\xb6i\x1e\xb9\xf4\x96= \xa7\x82%' + + +2024-12-14 20:35:56.395627 - Ether / IP / UDP 35.186.224.26:https > 192.168.1.11:53339 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1278 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0x7967 + src = 35.186.224.26 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 53339 + len = 1258 + chksum = 0x1233 +###[ Raw ]### + load = b'\xc4\x00\x00\x00\x01\x00\x08\xe2\xc0\x97\x0f\xf5\xc4?@\x00C\x9f\x83\xe6\x03\xee\x96\xbd,,\x90\xa2\x0b@\x9f\x152\xfa\xd02Z\xedC\x99\xc6\x94\xba\xa6\x94\xb6at\xcd\xb1F\x9c\xeeGL\n\x96\xc3\xd1>\xaf\xb6\x82z\x15\xd9\xbbi\xc3*\xbfi\xb1\xce-\xaeo\x0c\xef;\xc8k\xa3\x83\x96\x85S%dv\xf5\xacq\xc9\xf2\xdb\xa3\x85\xf3\xfe\x89\xb0R\xb7\xdd\xbf4\x7fs>&C\xbf\x8a!H}\x85\x17\xd0\xcf\xf3\x14\xc9j\x0bY\x96\xec\x16\'\x96;\x97\xfb\xde\x97\xff\xc9\xc2\xf5\x17\xe6\xd41\xf9\xd7\xee\x97!\xce\xa7Hh\xa6\xd8\xb0\xfa+\x98\x92\xc6\x06\xe5\x1c\'\xe9\x12\x92J\xf5f\x8bov\xc4\xde\x93\x91T\x87\x15\x93\xb6\x12\xe5I\xa4I\xdc\x0b\xda\x9b\x08\n\xb5\x84&_\xbafo\x1a\x93\xa3]P\x8d0\xd07\xf06\x8a\x078\xd8\x022\xfd)\xdd\x8dC\xd4\x8a*;\x0b\x12i\xd48\x05\nE\xcb\xe1|vB\xb0\x9b\xfd\xff\t\xdbX\xa9=\xe8\x8e@YO\x8cC>\xc6\xb8\x93\xb9)\xe5to\xce1\'+\x80\x80M\xb4&\xad\xc8\xbd\x1f\x0f\xc9\xe1\x14\xeaKa\xb7[\x80\xda5\x83\x12\x86\x9d\xc6\x18\xe8\x92\xf0\xe0`\xa9*\xde\xfc\xf9\x7fF/\x9eL\x96\xca\xcd\xb7\xf0\xa7T9kT2\x1d\xee\xba\xea\x9aO\xe7\x1d\xaa\x1a\xb1{\x1a\xbd\x03\xbb\x15\x95\xed\x14W\xb6\xfe\xcfX\x89%\x9e/\x08\x9c\x04x\xf6\xee\xbc\xb3a\x82\xa7f\xae\\\xa0\x15\x18\xd3\xdc\x97\x13\xd8X6\x83\xfb\xdaFzK\x1d\xd5\xcaHsI0\xbb\xc9\xd2\xf1*\x98\xec93T\xbfqJ\t\x19\x8a\xc7\xb0\xb4\xfe\tj\xe3L\xf8\x98\x03\x98\x82\x16\x8c\x9f\xf7^\xe3\x10\xfcS\xeb\x1a\x0c\x0f68\xc3+W\x95\xab\xef=k\xc7\x04\x99\x80\x17\xfa\xe1\xc6\x11\xaf\xc0\x05\xcbI?6m\xa8\x8eU{X\x06\xaa~ \xae\xb8G\x1e\xcbh\x8f1\xe1I\x8b\xc6\x98*\x94r\x90>V\x19\xac\xa4\xb009E2\'\xdeO\x1b\x9fzf\x08\x16&\x83L\x84e\xac\x92Gk\'\x9c~\xab\x1e\xd6\x0b\x0c\xf6\x1b\\@\xb85\xcbWWl\xe8\xd3\x05-\x83#[\x01K\xef\x1f]x\x1cP\x8d\xce\x8eU\xf5\x84\xeb]\xd1$\xbe\xd7\x1cAK\x8e\xfc\xc0l\x95=\xe9\xd0\td\xc3\x82\xc4\xd4\xfd\xd5\x05VB\x82L#/[Kb\xaf\x19\xd5~\xb6\xd4%\x86M\xf0\x9a\x91\xff\x0e\xd8l\n\n$\xea\xd8\xad\x03\xe0\x844\xc9\x82\x92\x13\xbc\xcb\xd6\xe4\'\xc2\xe1\x18t\xcbe\xa21\x89z\x14\x88y\xa3:\x10\x95\x95\x86,\xbc-\xd4Jz\xe3\x93\x0c\\\xd82\x16\xa2{h>\xb9\x9em\x91\xd6\xb9\x0b\xb9\x19[\xc7\x98`\x92\xf2\x90xq\xb6\xc1\xefekcK\x820\x94\xa4\xc1\xa1I.\xeed\x91\xd5\x85D-\x04\xa5\xc5\x96\x96\x9dir\x88\xb1\xb9\x8e\x82b\\\x1c\t!\'`\xf1\xb7\x10\x1f\xacM\x0c\xe4)\xaf\xf1`{\x82/\x8b \xb7\xe7\xbd[\xd2\x93\x9e`\xb5Gw\xe6\x1aY\xd9X@\x16\xcb\xeey\x18\xdf\x06\xe8\xb9\xa4\x9d\xd2\xad\xb2[\xd6g\x8a\xb1\xc8\x0c>\x13x\x02\x05c\xdc\xdf\xbfZR\x1d\xb5\x02\x0em\xae$\x82~\r\xe0\xe3\xf0FK\x8e[\xfe.\xde:\x01\x9c2\xdeWs~\xf9\xcd\xb4\xc4\xae\x87\x1c\xc92\x16\xa4[\xd6D\x0c\xd4\xd4\xc7o\xb9\\\xcfl\xe2\x05G\x89\xba\xf3\xd0\xdb;\xdem\x14`\xafU0\xee\xa4mX\xb1\xbal\xed\x13\xfe\x11r\xb7\xbc 35.186.224.26:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 194 + id = 5437 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ UDP ]### + sport = 53339 + dport = https + len = 174 + chksum = 0xc647 +###[ Raw ]### + load = b'\xef\x00\x00\x00\x01\x08\xe2\xc0\x97\x0f\xf5\xc4?@\x00@Gl\x9f\xf6\x81\xb5\n@\xcf\x83ln\xca$\xad=\xc7\xf2\xab\xa5Fy*.A\xec/"#b{D\x19]\xbf(\n\xc8\xd8A\x8a\x94j\xbb\xdce\xa1\x10^Z\x1d\xae\xfa!V7;\x133\x027\xbf\xbeiY7\xcfQ\xc9\xc2\xc5\xfaH\xe2\xc0\x97\x0f\xf5\xc4?@\x9bz\xfa[\xcd\xaa\x98W\xd4\xf52\x84\xd7D9qd\xa5\xce\xc1\xe6{\x1f"\x82\xfbM"\x12b\xcf\x8a6\xcf\xeaV\x85I\tZ>\xdb{\x00\xfeZ\xbb^\xaa\xe1d\xd0@wk\x7f\x9bc\xa0\x93Y\xfa\x8aU\x82E\xde\xaf\x89' + + +2024-12-14 20:35:56.480792 - Ether / IP / TCP 192.168.1.11:42769 > 35.186.224.26:https S +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 5438 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ TCP ]### + sport = 42769 + dport = https + seq = 4043067409 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 64240 + chksum = 0xc5ae + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:35:56.496523 - Ether / IP / UDP 192.168.1.11:53339 > 35.186.224.26:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1274 + id = 5439 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ UDP ]### + sport = 53339 + dport = https + len = 1254 + chksum = 0xca7f +###[ Raw ]### + load = b'E\xe2\xc0\x97\x0f\xf5\xc4?@\xd1\x01C<$v\x90\xf7>y\r\xc8\x1a\x82\xd0\x9d^\xa5\x94\x01\x19qz\xa3\xdb\xa9\x85\xb4\xb6\x9c\xa2\xf3\xd3\x98\x87!=Y\x13\xc2\x0b\xb0n\xfa\xb7+tCk\xc2\xeeF\xe8\xe3\xa7\x8c\xbaoq\x97s\x94w9\xd4\x06k\x0b\n6\x82\x1d$%\xe2\xa6\xfd\x1f\xbaGg\x04$\xc5f\x08\xff\xc7\x1c\xdc\\\xf1\xa4.u\xf5OS\x1a\xb2\xea\xd5H\xaa^\xecn\\\x12\xf6\xd6N2\xab\xa9~\xc4.b\xcb\n]i#\xff\xa2\xadt\xf2SY\xc8E\x1aj\xf5\xd2\x19HF\x16DgU\x8c\xcd\x95\xb6w\xdd\x80\xd8)\x0e\xe1\xa8\xbb\xd6\xd5/6[\xdc\xef\x1e{\xd3T\xe9/\xcf\xb3\xa9$\xab&!@\xef\xd0\x88\x82v(\xc9\xcf~\xa4\x83\x8b\xb6p\'\x93T\xc5pVp\xe9\xb1\x86\xee\xfa\xaf\xe2\xa4E \x9b\x91\xb84<\x92\xb8F\xd0+w\x97\xfcB\x04S\x0bF5x\xcd\x11\xfb\xa8>\xf2WL\x07f\xc2q\xf3\xba\x8f\xb0\x91\x0f\x9a\xdb\x15\xcd\xcdhd\x08u\x84\xe4\x89<\x1f\x863\xb7\x19V\xfd\xa5\xd2\xad.*\xa3|\x9di\x16\xe5L\xff\xe30\xdfU\xb9?l\x14\xf5\n<.\xc27\x81\x81\xd2\x0f\x0f\xad\xcc\xd8\x1c\xe6\xa2\x82\xbdi\x8a`\xee\xa2p.Nc\x05H{\xb9\x1c\xc5\xfc\xb8\xd8\x13\xe8M\x8e:*\xe1\x1b\xc2\xcdc\xda\x102f\xfc[\x8a\xaf\xf0X"\xe3\x0e\x7f\x7f,\x02\x02N\n\xba\xc5\xe7l\x12Ch\x1c\xd7\x91\xb0\xdf2\xa2E\xe8\xb0\xf1qr\x06\xf0\xf3\x08\xcd\x05\xe7v\xd8j\x19&\x80\xcd\xb1\x85\x82\xbf\xae\xe9\xc0\x11\xf9\x0c\xba\xbd\x7f\xe7T\x9fd\x83.\xf3\xcd\xcb\xacIUE\x93mI\t\xc0X\xae\x03\xfc\x97\x10\xf7:\xf8q\xde\xc0\xd2\xb6\xb0}2\x1e\xfc\xfb\t\xd2\xdb\xe9\xe7\xc5\x81\xc5L\x80\x17\xf8G^\xf6\xf0F\xf7\xecD8\xcc\xc0\x18,&Y\x8fg\xe4\x8a\xd5\xb8\xc9&\xcbe\xe9t\x85\xf1\xa7C\xaf\xe3\x96e\x85N\xf6~\x1d%\x06,{t2"\rB\xea,\xb2\x9f\xd9\xd3\xfd\x12\x13\xd7l\xd8,\xf0X\x01\x8b\xf1\xd0vz\xef\x92\xd7$\r\xf2\xb3=\x9b\xe9\xa1\x08\xfal\x95v\xa9\xd9\x0fX\xc4\xf4W\xdb\x16\xf33\xa3n\xf2\x89PBS\xa3\xf9\xa1\x89N\x08\xfeiT\xb4\x0e*\xd4ro\x01\xcf\x13ctT(\x98\xe8\xa8v\xf7\xb62\x1f\x1b\xb7\xba\xe7\x98\x7f\xd75\x07@\x85\xa5\xbc\x10\xdc\x84/\xfbZ\x16\xb7\xb0\xb7\xf2?`\xb5\xbb\x08\x1d\x1fG\xd4\xb9\xb8\xcb\x88\xc34KZ_\xd8\xa8\x9c\x0eI\x01{g\x1a>Q\x9e\\\xa3\xb8V\xc0\xd3\tW\x12c\r\x13\x1e\x16xi\xa4\n\x05\xbf|\x81?\xb8\xc6\x9f0\xb3q\xf2\xe3\x1c\x0f \xd4\xa4WZ|F\xd5\xd4\xf4\x06D\xd4\xcd!`\xc2\r\xe89k>\x85\xbb_\x93{9\x8d\xbf\xcf*\xbf `\xff\x15"J\x92\x1a\x85\xe1T\x17\xefw\x07AF\xc0\xb96\x1e\x0c\x8bW\xe6L^\xa4\x82\xb12?\xe9 t\xf1\xf5\xc1\xd4\xf3\x96z\xff\xc2\x8a%\xdd\xc1~\xccc3Y\xab\xfa\xf4\xbb\x17\x81;`n\xcd\xe1pQ\xab\xa7\xf6:hna\x96\x16\x9f\xf3jk\x08\x8b6\x00\xad\xc7\x95\x82\xc3\xda\xd4]^\x9e\x8e\xf1o#W"\x032\x16J\xe6\xecU\x0f>\xab\xc3T\x90(\x9b3L\x160LRtY\x97\x98)\x1e\x85\xc1\xf4\xcc(\xaa\xca\x173A\xad\x9fA\x93{D\x87o\xf9\x9e\xea\xba\xa7\xa2\xa3\x8e\x93\xf3|\xbc\xd4q\\\xc8R_\xad\xef\xcd\xf1\x88#\x05\xf6P\x7f\xe5%\xbc\x11{\xd9\x99\xd7\xa3A\x9e\x9dp\xa9\xb9\xd1\x9eo\n\xd6w\x88`\x03\x95\xbf\x1e\xb2\xdb\xc5\xa3\xb4\xaa\xd0\xbb,\xc2\xe5\xac\xcd\xb2}\x93\xf9\x02\x87\xaf\\\xd4#p\xec\xeb\xbb\xaf\xc93\xca/\xc74\xf6\xd4\xb7\xab\xf3\x14\x9c\x8b\x19\xab\xeb\xd9\x9dL\xd6\xadiz\x90\xc8\xb6\xd5?hP`N[\xf2\x93\xe3m\xa7f}\x83S\x0e\xd7\xc4\xff,6\x06\xeeN`Bq\x1e\xda\x814 \x9ek\xfa{\x17 u\x00\xd7e\x1aLJ)\xd0\xfe\'\xf1\x02\xa6\xbc\xdcE]d\x89%\xb4\xc7!\x7f\xae\xaf9\xb0*\x9e\xc3dp~C:\x12\x05\n`\xda\xe2a\x0em\x03\xe5\x8dSd\x1ck\x13\xa6\xff\xda\xfdBI\x17\xab\x98\xb9\x0f]\xbay\xc7Z>\xf6\x17O\x9b,\xbe\xf5\xdd\xa5\x1a\xcfe1\xa6&8`l&\x0e\xa2\xad\x9f\xa6\xdaw\xb5\x9b\x04V^?\x17\xb5I\x12qP\x96I\x1fj\xd6\xdat\xa7\xee5\xc9\xcf\x85\xfe\xca)\xd2"\x1b\x1dQ\x9fl\x01\x89\x04d\xf4\xd38\xc0t\x83u\x15\x07\xf7\x01\xae\x00\xba\xf1?h\x93\xfc\x9by\xb0\xdb4\x9f+P\xa1\x89\xc0MdA\x83\x96PL)\\+\xc3.\x1bz\x82.Y\x15\xc8\xfe/_\x16\xc7\xd7k\xdf\x94:c$?\xb6\xcbP3A\xff\x8c\x16M5dz\xefsBl\x0b\x0cO\xb8\xa6\xfa\x18\xfd\x9dU|:~\x1c\xe5\xd3\xc1\xf8\xa5T)\xf6\x80' + + +2024-12-14 20:35:56.556666 - Ether / IP / UDP 192.168.1.11:53339 > 35.186.224.26:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 893 + id = 5440 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ UDP ]### + sport = 53339 + dport = https + len = 873 + chksum = 0xc902 +###[ Raw ]### + load = b'L\xe2\xc0\x97\x0f\xf5\xc4?@\x0f\xe5\x02JYu\x8e!\xd0\xd5~\x9a\x05\xb6f\xe8*\x82\x87\xf74\xf7\x82\xba\x1b\xc4d\xf3\x90R&\x901\xa7z\xf6K\x08\xf56\x94\xfb\xde)8\xe8\xc1\xa5\x05\xa0\xa2:V\xe2\x9b\xfd6h\x8fO&^X\xaf\x97xH\x91\xe7\x97\x87\x02\xc3\xc3\xb8\x1f\xe9\xeabB\xc8\xad\x96\xf3~\xe1\x10\xc2\x81sG\x1c\xef\xe5\xd6\xce\xac\r\x85\xa2C\xcb\xd3bP\xcb\xee\xfdT?r\xb3\x05\xe2\xb9;IW?\x07\xdf{6!e{\xd46\x1eG\xc0\xa4\x9b-?\xd4\x0ej\xe5\xed\x84\xf2\x7f\xb7\x04cC\xab\x92S{\xf1\xabY\xb5\xa7\xff\x06\xffm\x90\xc4\x8d\xcep:\x15^\x04\x8e\x06jl\x1a\xc4uBv\xf1\x94\x18g\xda\x80TUD\xe0\xa2\x81\x08\x0f7\xb0\xacL\x95\xdd\xc7\xd5j\x10\x97e\xf17\xb28\x06\xc0\xe0\xc0\x1d\xe7\x1c\x9b!O"\xdb\xdf\xa3\x8cy&\xe8}cpy\xd5\xa4\x13.\x88\xba\xc0\xc3\xae\xfa\x15\xf5J_Q\xcd\x1eKhs\x11\xd1\xba<\xac\xb4u\xeb\x0e4a3\xa1\xb5X/*c\x9ev\x94\x80QG\xc6\xf5\xea\x1d\xc8;\xbb\xd6\xa338\x1cJ\x18\x01\xc5\x10\x97j\xf7MY\x18AJ\xda>\xa0p\xa0(O\xfcD\x11w/\xa1\x14+v\xe0\x8fa\xf3\xd0g\x1e\xff\xfe(V\xea\xa1n\xe57g`Db\xaf\x8d\xfc\x80\xdf\x0f\x05\xe5\xbc1\xf1\x1e\xc3\xa0\xcb\n\x97p\x85\xb0\xe6HZ(\r\xf9\xe3\x1a\x9c\xbe\xec@\xc8\x7fc\xee\xc9~\x0b5g\xd4b\xcbJv\xf1\xe1\x153\x1a9\x10\x9b\x14I\xdft[\xbd\x90\x82\xea\x9c\x96\xf5\xb4\x9f\x99\\\n6\x82Z\xaeK3\xc7\x85\xc0i3,u\xed\xc5WZ\x0b\x86\xd3R:\xc7b\xb2jw> \x8c\xed\x1a\x9e\x98\xf6x\xcc\xe2HV\x13\x99>\xf0\xa3\xa8\x14\xb6B\x99\xc2@\x7f\xf3\xc0\x947\xe7T\xe1I\x0e\x9e)\xbe\xca<\xc4f\x14\x979\xb4\xdf\xc6\xd4\x07#\t\xb01\xc3\x05O*\xd2\xc7X;i\x15w\xa3xm3\xe9l\x1b\xe5\x87\xcb&\xc8$`\xce7\xf7\x9b\xa6~\x95\xec\xfd\xf7\xf2\xffI\xb4\xafr5\xa6\xf7l\xc4\x95\x96\xbbFd?KBC\xc8\x072\xe2s\xea\xce\xe7\x0f%+\x1e<\xaa\x1e[\xf6\x99\xed7\xdc\xfc\xf5\xfe\xb0~\x98\xe3\x15\xbc\xa3\x07\x0bK[u%\x80#+LIy\x90C\x9b\xe0A\xcf>\xfd[\xcfS\xdek\xcfH\xd8g\xbf\xfe\xf8\x92\xcd<\x96\xba\xa8\xff9\xc1\x9f"\xee\xdf\xd7?B\x91\x8c/\x99\xa6o\xcc\x8e\xcc\x0c\xfa9\x0f\x7fr\x1a\x16\x92\x17\x9b\xce\xe6x[O\x96uq\xd4\x82\\\xf2\x8c\xa3\xe6\xbd\xc42\xf2\xe4\x8c\xc3\x8a\xde\xc8[\x14\xdb\xa4\x9a\x06\xaf\x83\x1f\x1a_-\x81g\x90\x19\x8cse\xcb4<\xdf\xb4\x9f\xd6\x1b8m\xd8\xe2\x8aZg\xc9C\x1d;\xa8\x95oAj9\x17\x05\xd8\xa8CA\x85\x8f\x1f\xe9{M\xd51\xc7=\xed\x0c\x9e\xc7x\x1a\x8fj\xb1\xd3\xb6\x10x\xe6\xcaD/@\x82Z(Tl\xac\xb4oF\x04\xe6\x1a\x91t\x9c\x98\xa6\x14\xb6\xc2\xb63d\x8e\x90\xb67GH9\xbe]\xb1\xd5a\xce@\xf5.\xa1AO\x89&\xc5\x91HZo\xeb\xfa\xf9:\xa91\x0b\xce<\x87\xdf\x87kz*\xf0\xcc\xaf\xb4\xcb\xc9\x87\xa0\xdd\x98\xd0l9#\x1c\x04\xfb\x10\x0c8Tb\xd2^\x08\xd9B\x9f\x95\x8d\x08\n\xadS\x17T\xe7\x08\xd5b\xc9\x95\x93\x7f\xd9\x81\xe0\x07' + + +2024-12-14 20:35:56.615379 - Ether / IP / UDP 192.168.1.11:53339 > 35.186.224.26:https / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1267 + id = 5441 + flags = DF + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 35.186.224.26 + \options \ +###[ UDP ]### + sport = 53339 + dport = https + len = 1247 + chksum = 0xca78 +###[ Raw ]### + load = b'B\xe2\xc0\x97\x0f\xf5\xc4?@\xa4\xafFy\x01)\x99b\xf4\xca\x95\xb2\xf0\x1d\x03\xa9\xf1\x11]\xb4G\x14\xe0p\xb4$\x08D\x92\xb7]r\xf6\xf9\x1eF\xca!\x16\xa2\x8d\n\xe2\x08\x8b3)DoF5\tf\xe0\x04i\xb5\x8f\xc7\xc5\x00w\x06\n\xcb\x07[\xb9\x7f\xec\xbb\xc4\xec\xca\xd8\x1d\xfc\xe9e\x9arC\x19+\x93\xfc\x05\xc1\x05\x1b\xdf\xae\xcbK\x90\x91\xae\xdaU\xc4\xbf\x07{\xe9\xfc\x81R\xe6T\'I\xa5\xe7\x00\xb0\xeeP\xfb\xe6\xdc\xe0\x12\x87\x80\xba_\x13\x02\x9cy-w\t\xc9\xdd@\x0e\xbe\x91\xefg\xcb\xa8f\x03?\x8b\xe6\xf6A\x99`"Y4\xcc\xde\x1eK\x92\x1dm4\xbe\xe5\xaf\x92\xf8\xaeg{\x89X\xbeV\xc5o\x93)\xa3t\xfb\x18\x96\xf1U?\x83\x04\x14/\xb0\xee\xa3\t\x1d\x90\x0e~\xfdK\x9f\x02N~\xb7\r\x1b\x81\x82\'\xd3R\xb0e\xbcD\xa8n!\xd4\x12\xa9\xb4\xbf\xc3\xe6\xdb\xc6\x05\\\xeav\xd4\xe9uI2\xfe0\xf7\xa4\xff\xda\x83\xa5\xf8og\x90\x07\xed\xbd\x8c\xd7x\x1d\x1ef\xe1P8\xf5&\x15\x8f[&\xd3s\x83\xc8>\xec\x92\xf9\x9e\xed\xcdd\'k+\x85\xeb\x8a7\x9b\x94A\xe7\x06\x9f\xb0\xf1|CF\x84\xc5\xc1Y&\xf0&g\x9a\xad\xfd\x9c"\xc9\xe2T\x88\xad\xff\\\xd1\x90\t\xec\xb9A\xe0\xc6\xce\x9f\xb2\xd4\xcd\x8cK#\x86\xabRLk\xa8y\xa4&\xde\x04\xcc\x15\xb8U^\xd3\xe9qo\xc6s\x0e\xd3\xb4\x93\xba\xdd\xa1\x1a.\x83\xe2\xdd\xed{\xcb\xdf\x01Sc\xba\xc8C&p\xb1\xf9\x1b\x9a\xaf\xf6\x01\xd6\x12]\x139\xecHe;\xe2\x9b\x18vG\xcc\xe7\x8e_\xf5Ew\x91vb\x12\x16\x88\xa70l\x83\x14\x9d\x06\x83\x02\x07O\xd8@\xad\xf1\xfbR\xfd\x01\xcc&C\xd2\x99\x99\xbc\xed\x9d<\xef\xf4\xb6B\x92\x9e9' + + +2024-12-14 20:35:56.670594 - Ether / IP / UDP 35.186.224.26:https > 192.168.1.11:53339 / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 612 + id = 0 + flags = DF + frag = 0 + ttl = 55 + proto = udp + chksum = 0x7c01 + src = 35.186.224.26 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = https + dport = 53339 + len = 592 + chksum = 0xc32a +###[ Raw ]### + load = b'X\x18\xcdf}\xae#\xbb\x8a&\xc2\x84\x9c\xf3\xef\xee\xec\x14R\xe9\x19\x0b\xacx#\xc0\x90\x88\xf2\xac\x88I\xe1\x8a\n!\xdc\x17/\x8c\xcda\xc2l\xe3\xa3\xf0o\xb1\x8fA\xdb5\xcew\x83g\x11e\xbe\x973\x94\x8f\xec=\xb1\xc9\xe2}t\xf5x\xc3\xb9\xbd\t\xda>\xbf\xb6\x03\x08\x82\xae\xba\xd7\xce\xa2Ys\xc5\xdc\xe4\x1aT\xa8\xb1O\xcf\x88\x85.\xfd\x17\x9f\xb0\xfb\xb9\x8b\xf4)\xf11A\xc3\xf1\x86TmhR\\H\x05\xaf\xf66\x04!3\xe46mV\xa5\xa8\x01\xb4\x82\x14\xf0\xc4_\x02\xc3\xf6o2 \xffoI\x9f`\xda\x16@\xe4\xa4\x90\x03\xd3\xaca\x12X\x19\xe0\xf8\xad\x85a\x02J\xea\xb4C\xfa/\xbc\xc9\x89\x95\xfb\x80\xe5\xe0\xf9\xbd\x9b0\xfb\x8d\xec\x0c\xef\x91m\xa8\x0e:\xadg\x82S\xb8R\xbd\xec\xb0\xd2\xff\xf9\xeasLyi\\\xb6k\x9cu\x81\x91S\x85\x14\xcf\xb4\x18"\xee\x07\xb8\xff\x1e\xae\xcf\x8a\xc4\xcf\xc7\xf7\x7fh\xf3`\xf8\xfb\xa8b\xcb\xab\x99i\x82\xaf=\xe9\xad\x03\x10Jy\x10t1\xa8\xbc\xf3\xd65!\x8a&\x9d\xc3~\xed\xed\x15nn\x10n\x1c\xda\x9c*M\x1d\xa7?\x06Yf\x84GGPA\xab\x94!\xd7\x84YqZ|\xbe\xe4\xe1\xa4\xf5\xf9gU\x03\xb1Z\xc2\xed8\xda\xa1&@yB\xdd\x9d\x8fi\xd8WM\xde\xef\x7f,_\x9f\x95\x11!\xd7Y\xb2\xc5\xf3\xea\xe3\x1eh\xe4\xfa\xa5;U\xe46;\xd9\x92\x9c\xd41\x83)_c\xb84\x89uV\x8b\x9e\xc2\xf7\xcd\xa0\xc9\xa2\xa9p\x89\n\x7f\xf9+\x07+`\xc6\xd0\xb6\x95\xe2\xd7LM\x17\x08\xd6\xe0Iz\xb8\xd9\x03Y\xaa\xa09\x05 P\xe3\xa3\xca' + + +2024-12-14 20:35:57.477724 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34261 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 60937 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 9188 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.494228 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34262 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 60938 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 9189 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.505682 - Ether / IP / UDP / DNS Qry b'47.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34263 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 60937 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 9190 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'47.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.509617 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34264 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 60938 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 9191 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.511882 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34265 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 60937 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 9192 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.513884 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 60937 + len = 76 + chksum = 0x2418 +###[ DNS ]### + id = 9188 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:57.516451 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 60938 + len = 89 + chksum = 0xb68f +###[ DNS ]### + id = 9189 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:57.518660 - Ether / IP / UDP / DNS Ans b'S22-Ultra-de-Adrian.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 60937 + len = 89 + chksum = 0xd9e6 +###[ DNS ]### + id = 9190 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'47.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'47.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'S22-Ultra-de-Adrian.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:57.520618 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 60937 + len = 81 + chksum = 0xd807 +###[ DNS ]### + id = 9192 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:57.522348 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 60938 + len = 51 + chksum = 0x6abf +###[ DNS ]### + id = 9191 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.524135 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34266 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 60939 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 9193 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:57.526567 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 60939 + len = 81 + chksum = 0xf1ee +###[ DNS ]### + id = 9193 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:58.071015 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 84 + id = 43056 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe48 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639237 + ack = 4062860675 + dataofs = 5 + reserved = 0 + flags = PA + window = 9 + chksum = 0x56c7 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00'yW\x02?\xdc\xfb\xe4\xd6\xfb\x9bA\xf7\x98\x90\xe8\x1e(u\xb7\x98\x1b\xbc'*\x9e\x12\xc8:\x8b\x81\xb3\x1a\xc5\xd9=\xb5\xf7\xe4\x93" + + +2024-12-14 20:35:58.076674 - Ether / IP / TCP 192.168.1.11:42259 > 188.114.96.5:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 49550 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 188.114.96.5 + \options \ +###[ TCP ]### + sport = 42259 + dport = https + seq = 4062860675 + ack = 2693639281 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xde68 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x00\x1e\x0bb\x96\x8b'\xba\xae\xff\xdf;\x87\x0c\x1e\x16\xf8$d\xe1\xe1o=\xe7c\xba*\xf3\xd9\x0e\xa2F" + + +2024-12-14 20:35:58.080892 - Ether / IP / TCP 192.168.1.11:42259 > 188.114.96.5:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 49551 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 188.114.96.5 + \options \ +###[ TCP ]### + sport = 42259 + dport = https + seq = 4062860710 + ack = 2693639281 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0xde68 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x1e\xefa\xd0,\xfe\xc6|\xb0\xa9\xa9\xb7_\xef\xcb\tb^\xb4\xee\x13\xc4\xc2\xf4\xecQ\x8b4\x05\xce\xa6' + + +2024-12-14 20:35:58.095921 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 43057 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe73 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639281 + ack = 4062860710 + dataofs = 5 + reserved = 0 + flags = A + window = 9 + chksum = 0x9601 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x1b\x1d(E' + + +2024-12-14 20:35:58.098812 - Ether / IP / TCP 188.114.96.5:https > 192.168.1.11:42259 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 43058 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xbe72 + src = 188.114.96.5 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42259 + seq = 2693639281 + ack = 4062860745 + dataofs = 5 + reserved = 0 + flags = A + window = 9 + chksum = 0x95de + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x00\x00\x80\xfd\xe3T' + + +2024-12-14 20:35:59.119707 - Ether / IP / TCP 192.168.1.11:42690 > 142.250.201.78:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1452 + id = 22708 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912712044 + ack = 2800351769 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0x1f9b + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\t\xbcf\xc9g\'\xbf\x9fT\xad\xe9!z\xedC\x01\x1f\xf2\x05\x95\x8d1\xe2\x15hwr\x05\x12{@\x8d\xe4M,M\xc9\xd9&M\xc16\xe5a\x1f\x0c\xdey\xc1\xc2M\xe2Wg\x11$\xebCX\'\xc2\xb5\x05\xc9\xdbtk$t!\x1d\xdb+.6m\x10\x06>\x8c\xacw\xb4\xbd\xe35\xd4Hp|k\xa6\xd0\xba\x9dv\xa0=a0i\x89\xdd\xa1\x0e\xa8\xa3\xe8\x1fX`G\x8e/9\xfb#3Vm8\xda\x02)\x01\xe3V\x8f\t\x0f\xa6i\xf0ZZs?\xf1\x15,\xaa\xe9\'\xcf\xd5@\xea\xd944\xf5@6*$\xa7\xe6\xael\x18w\x9d\xa0\xb7\x1c1\xd4\x1a#\t\xe4\x9e\x1c\xe1\xb2y\xbd\xc7\xd0\xa2\xcbP\xa2;\x13O\xb9\x97uv5\xd9F\xc4\x0c\xd5\xc3\xce\x9ap\x1a.g\xdb\x92\xbe\x89\xd18\x13\xdb\x12\x80\rx\x973W\x05\x95\x84_\x93o\xea\xe3\t\x08\x8d\xcc\xd2\xf3\x9f\xbd\xd0OWG%\xfec\xe7\xc1\x07:\xba.\xd8l\x9d~\x14\x80\xa3\x05\xb6\xc2W\x8f@\xf8\xb8\x03\x91FW0\xeb\x0c\x88\xd5t\xe3\x9d^ ;\x17\xcb,{\xdbE\xbd\xaf\x0f\x01\x00A\xd2\x13\x0f\xd4cw(\xb9\xc68\xfa\x86\x8a1\xd3\x18T\x8dC\x01\xca\xb8\xc4r\xcbk\xea3\x04!\xd2`\x8d^\xbf\x0e\xc6\xe3O/:F/A&\xcc\xed!\x82@S\'>G3\x199\xfb"\xe2\xa0D\x83=\xe1\xf6$&\xd4E\x85fx2\x04\xe8\xef\xabR\x00\xdeSF\x08R\xc9p2\x9b\x85w\x07\xd5\xc3\xc0\x1f\x83\xce\xb4\x9a\x02\x1a\xa2\xe0\xcdM\x01\xb4\x87\xd2\x8aZ\xf3\xcc\xaf\xcf\x0e\x0b\xcd\x01\x03\xcf\xd5\xdc\xfb\x911\xe7\xeb\'\x9c\xfa\xb7l\xe5X\x91\xbc&8\xd9\xbcu\xc0z)7\xff\xee\x8d\xcc\xba_\xbb\xcf\xabkH\x10\x11W\xc4\xd5\xf6Yr\x98c\x88R\xccI|\xb77q\xa2\x10~\x13\x96ED\x13\x07\xf0\xf9\xee,\x84\xbc\\\xb9\x00`K\x9f\xafB\x82\x12\xd1C\xab\xe4\xa7\xfe\x99|\xd4\x13\xc0\x0c2\x83\x17\xfd\x81\x1d\xfb\x88\xf1\xb52\x8a\x88\xd1\xde}\x0fOG\xb1\x10\x05\x8bQ\x03\x9eO\xd3Wc\xfa\xcbd\x06w\xa9v\t\x00\xd1w\x11\xfdXw\x0b\x9c\xa0\xe4\x17\x1b\x88J\x8c\xe6\xe3\xacR/\xd8e\xdc5\xfd\xf9\x99\xea\xa1K,\x1b2\n\xaa6K\xe5\x1dR\x11]\xac\xb0\xa7\xf4\xe0\x13/\xb7\x0b\xbb\xd3\xea3f/B<\x8d\xe1\x05ri<\xd3\x83\xe7\x8a\xe9\xcd0\x8f8\x82kX\x08\xd5Kr\xcd&\xd2\x1f\xcdPM\xfd#\xf8\xd6\x9f\xfcF\xb9#I\x11D\xf1\xee\xcb\x88\xed\x9c\xe4\x86\xf3\x05\xff\x1d\xc2d|5$\x11\xfb\xeb\xeaiFs\x0b\x93\xf9\xef\xf6\xbe\xa7\x11|5\xbd\x91\xc0\xf2\xc9\x8ef\xba\x86\xfeF\xd5D<\x10\xd5{\xbd\xd4\xfe\xa1\x12M~|Q4\xec\xec\xdd\x1eMP\'\xcd\xfeK\x80\xd9\xec\xb7\xa0\xdbX\xcb\x15\xc3\xf2\x10s\x1d\xf3\x98\xda\x02\xbe\x83b\xddJ\x9f\xfb8y1\xab\x02\x90#\xee\xd2\x0c\x9du+9P&w\x9f\'\xa0\t\xb1\xf5\xe3\xd0K,\xca\x8a\x95=<\x0e\xc4\xd6t\xd6\x85\xed\xa1\x9f\xc7\xc2m\xaf\x07\xe9\xd8\xbcF\x19\x9f\x13\r\x89\xb0\xd2\xee\xdf\x84\xa2-\x1e\xdaH\xb6\x91yy\xc2\xbc# 0\xfdy\xd7\x7f\x8b\x0f\r\x9a\x08\xadU\x1b)\xc9T\x8bU\xf9\xff*\x8a\x1fS\x946\x11f;\xb9\xd1\xaa4V)\x8d\xc2\xe6]\xa8\xd1\xc9\xc2n\xe9\xd9\xa6\x9e\x95\xf1\x08*\xb8&\xc6\xd3G"*\xe0\x8d\x9b\xef{\x8e\xde}hJ\xbc\xb4m1\x98\x95s\r\xfb\xdcLNA\xbd\xec\xf7\x07\xa3\x0813\xa3M7\x04\xee\x7fZ\xf7\xc6\xff*\x80G\xfaP\xf9[\xf2z\x99\xa5\x1a\x80\\\xe5\x9a\x16\xc8\x0f\xe0\xf3/\x06\xb0\x1d\xff\xedj\x92\x0b!h}\x7fe\x8b\x88pL\xa1\x9e\xd7\xe8\x14\xd0\x1a\xd7*\xa9\xed\xdbTq\xb8\xc3\xc8\x1a\xce\xb4\xadqj?\xb62\xda\xba\xc9\x8f\xbd\xab\xfd\xef\xf2Fs\xe7\xa7\x98\x00n\xf4UX\xbc\xd6~}c\xd5>\x81\x83\x9b9\xca\x8e\xe9D\xa5~i\xe3?\xfb\xe9\xcbQ\x1c)\xbd\x98\xdej\xf2\xcdN\xa72\xdf92q\xe8\x173\xd0p\x08\xa6(\x0cQ\x9f\x1a\xef\x9b\x8ee\xec\x9f\xfb\x1d\xeb\x1f`\xf0T\x884Q\xa0\x08h\xe4bW\xe4_\t\x8e]\x8e2.\x7f\x1a"\xb0\xc9\xf6~\x88\t5&>\x1a\x92\x90\xf7\x03\x81\xe3\xe7\n\xec-\xf8\xb2\xaaFk|R\xc8\xeaJ\x85\xaa\x9a\x11e\xb2E\xb7\xa1\xe4\xa6\xb7\x13X<\xcf\xed\xadz\x88?\xb6\xac\x9a1\xf6\xbb\x1a\xd6-\x99b}b\xbc \x02\xc8\xbc\x1e\xac\xae\x17\xea\xd7_\xad\x08\xf7Hz[A&\xed\x18\xf4G\xd2D\x8690\xee\xc2\xbdN\xed7-\xb3`\xe5\xf6\x07w\x82\xca\x07\xef\x9c#\xc5\x89+<\t\x8c\xb4X8\x7f\xa2\x96,\xe5\x99^L\xa4*\x17\xbd\x94K\xceu%\xa1(\x9d\xfa\xb0\xe3\x93$\xfe\x85<\xcf\xf2\xe1\xf1`/l0E\xb8{w\x13\x8a\x96\xce\xd8Q\xbd\xad\xea\x1f\xb9\x17\x00\xef\xf5"\xeb\x10%\t\x8d\x8f\x84N`\x04w9\xea\xcf^\x91k\xfe\xb8,\xf0\x0c\xe9B\xae\xccy+\x18\xbb\xa5\xb7\xed\xb6\xef\xe5Y\xe6\x1cE\xc4\xb0f\x83\xfe\xdf\xdcmr\xe6\x1e\x1eu\xa5\xec\x8eJ\xf9\x15\x05x?ro\xf0a\x86\x88K\xb56V\xd20\xe7\x9d~\xcb\xd8,\xfe\x12\x10p\xe8Y,\xbe\x15\xf6\xc2\x8c\xbd\xbc~!\xb8\x1cA/]WU\x18X\xfd\xb2%\x0bp\xa1c\x87\r\xcc8\xf1S\xdcq\xd8\xb6\x9fv\xf8\xf1\x9dZ*\xf4\xf1\xbd\x9f\xb5C\x9a\xd6\x926\r\xf4\xe0\xd4\x86\x93\x07\xa8t 142.250.201.78:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1125 + id = 22709 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912713456 + ack = 2800351769 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0x1e54 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'8\xca\x0c\xaa\xda=Q\xda\xb7\xb5(?\xa20\xb3G\'c\xb7\xd8\x8e\x80s\xdes\xe2\x0b\x8e\x13\x9f\xc20\t\t\xb3\xbd\x89\x07\xda\x12\x13W\xee\x1a@?\x07\xec\x04\x1a\xa3\xa9\xd4Nm<\xba\xd1\xc9\xbc\x1f\x81\xf6\xe1\x1d{f\xc4\x9e\x10s\x85\xde\xd0\xce\x90\x99\x17\xfc\xc6\x82\xc0\x86\x01#\xf5NV\x97dH\xe3jW./\x96\x95\x07\xdeL\xf5\x0b\xf7+V`gSe\xc6L\xb9\xe1p_H\r8\n\xb2=\x01\x87U-\x94\xbdzD\xbd\xb2M\xa8\xeb\x82W\x1cz\xdf\x87<$\xcbX\xc6wm\x89\xc18\x1d\xed\xf9T\x8f\xdb\xe1\x90\x1b\x05\xb0,\x1a+\xcb\x08\x0eR\xcfhj)\x08\x85\xb3\x16\x12\x16c\x8d.\x12\x18\x01\xd4TI\x93\xd6\x04\xa5\xe8\x84V\xc3I($\x04\xa15\xbfM&\xa9/\'\x92\x9e\x10\xb4\x9d\xc4\x84\xec\xbe\x1a\xc2\x9a\x8a\x99\x18\x92\x8e\x19k\xa2\xdc\xdcDf\xce\xb1_xR\x81\xc1ecal{W\xd8\x05\xdbw6+\xcb\xfa\xacNe\xee\xd3\xb5@:\xfe\xdc\x8fN\xd9\xe8\xa2\xb7oo\x9b%\xb7Y\xe4\xae\xd1\x15\x9al\x9fo\xaa\xfeF\xa7\xfa\xd7\xcb\xd9\x06\x82\'Y}\xbd\x13m\x1aR\xe4xX\x18|\x15\xea\xb3\xaa\xf0(\x9d\x91\x1d\x99py,\xff\xaboB\xe1\xee\xfe<\xbe\xe2+%\x9f:\xa1\xabL\xa97c\x8f~\x82\xe2*\x8c\xa1\x05\xd3"a\xe1\xe8,<\x85\x14\xd8PR\xc9\xff%\xa1\xd7Y\xf1[Pq\x87\xe3\xab\xc4T\xac\x82\x0e\xb9h\xf9\xf4\x10/.*\xb6Dz\x0bhs\x9c\xc21l\xe5\'\xa5\xb1E\x85\x8aN&\xa2\xbdd+z(\n\xd0\xa1u&\xad\xb0\xed\xb7\x1b\xf72,BV\x1e\xc3\xd7e\tJ\xd6\xc1i\x00\xd9\x05Y\x11\xa2\xe9VQ\t\x07\xec\x00\x83\xef\rx\xf6b\x98\\j\xaf\xc1ER\xe3D\x96\x90\x96\xf8}\xc4\x13\xbc\xc1\xf6\xed\x88\xec\xe2=[\xdb\xd93b \xd1\x03\x0e\xb8\x8f\x90\x0f\xc3\xa2\xd2\x9d*\xa1\x03\xf2}\x0fD\xcb\xba-\xe3\xb0G\xff~G3\xd8\xdc\xcf\x8e\x1fjN\x85\xb1g\x95|@\xb5\x0c\x85\xb6n\xcb\x0c2\xed\xa3\x8a\xbb\x8cz\x7f">\xf0\xb4_\x7f\xcb\xd7\xad\x87\x9c\x96\xe7\x9biF\x88\xde(\xd1\xa2&\xd6\x05 &`\xe0z\x18\x02\xba\xeb\xe6t\x93\xe0\xfevX\xaf>\xcb\xdc\xa7\xd8(\xacg\xfc\xcd\x1c\xf1\x8b\xee\xbb?\x9fq\x02\xf6L\xb9\x0b\xe5m\xe1\x86WnS\xdf\x93F\xce\xff@\xd0\x87\x97\x98\xeb\xd7s\xf0\xe6\x85\x84{{\x8d\xb5\xf5v\xbb\x81\xb0\xe3\xf1\xfb\xb9O\xb2\xe9\xcf\xf6L\x83\xa4\x07\xf3\xe6cT\xee\x81\xf2\xbf=0\xec\xea\x9br\xd8\xde\xffQ\x06\xc6$\xbf\r\x8e[\x88LH#\x04\xc1!WQ\x89)7ySY\xc3\x03\x9b\xc4\xa5do\xef\x8b\xaa>\xc2xR4\xda\xa6t\x96\x97\x1c\xf2\xd0\x84\xb1\xe2\xfa\xef^h\xe6K]\x0b\x96\xc5\xa8\xc0\x81\xc9T<\xf6\xb76\x1e\xab\xcb\xbe\xe2\x0c\xb3\xa5\x8aS\x19}89\x0f\x0cBj\xcfn\xc7G|K\x8d\xeb\x0cx/a\xdd6\x19\xce\xb6\xbdB\xb3<\x99\x83\x9f\xdb+\xb4\x10Iv\xf2\xf3\xbc\x8a)N\x12^\n\x9b\xb12\x03\xfb\x0by,\xf9)Y\xe2\xd4\x8b\x93^\'\xd5A|S\x02\xc1\x83\x18P\x137\xbe{[\xdaS\xef\x8f\x12\x86\x85\xaa\xd8^\xd4F\xe6\xcel\x07?\xbaS\x9c\x1aX\xcc\xfa\xc4\x1d\nf\xec\x8b\x91\xd9Yt\x12R\x06\xef\xc1c\x92;aL\x13\xcf\xf0\x16\n\xed\xd9\xb0\xf4\xc9\xc2\xaa\xda\x14<\x93\n\x15\x8cDB\xf0\x18\x88\xe1\x11\xb7\x188#\xaf\x01\xc2\xa1d\x9bH\x9dK6\x7f(\xe3\x94\n\x00a:\xe5+\xf7\xf0\xdc.\x88\x84A\xb6\x8dv \xe1\xdb\xd7\xf6\xd8\xee\xe9Z\xfb\x8d\xea\xff\xff\xa3v.m9\xd1\xbc\x1c\x8c\x8b\xec\x1e\xc2\n\xdaJL\xaal!\x1ac\xd1\xa9\x00m\x81[\xc5\xef\xab\xef\\\xb6\xaaj2\n2\xbbTH$\x86\xe9\xaac\xbc\x1d\x0b\xbd\x89\xf1\x00`A_\xe9\xb1mK\xe3\x12\xe4v\x12\xed\xc9\xc7\x1c\x18 142.250.201.78:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 79 + id = 22710 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912714541 + ack = 2800351769 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0x1a3e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00"6\xcef%\x80\xde\x845\xfc[\x13~\xa4\xdc4q\xbf_\xe1!\x8a\x051L\xa3\xe1\x9d\x06\x7f\x94;\xbe\x02\xa6' + + +2024-12-14 20:35:59.271906 - Ether / IP / TCP 192.168.1.11:42690 > 142.250.201.78:https A / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1452 + id = 22711 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912714580 + ack = 2800351769 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0x1f9b + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x06\xd6K\xc8_\x047\xa2\xd4\x05Z\xd3=\xa4\xa3+\xef\xc1\xde\xdd\x1efr^X\xe5a\x91K\xcb\x96\xfa\xa3\xf8\x84\xe7He\xde\x94\x97\xe4\x83\t>\xe30F\xbe\x99\xa7\x81\x02\x13\xcet*\x11\x94}\xd2\x82\x97p\xd4\xb6\r\x08.\xe5\xbc\xbfh\xb0\x82\xb56\x8f\xa5\x02A\xa8xDq6!\x93\xff\x1d)\x8d\x8cig\x11\xb0\xbc!\x10_8\xddq\\\xd5=e\xdf,\xe90_U\xe4\xc0x\xa0+-0\x13\x8d\x1d\xb9\xe9\x0b||e\xea\x8dn\'\xf5\x1b\xc6\xb4P\x0c<\x0bz\xa9[\x8d\x8a\xc2HUF\x84\x8d1\xa7\xf5Y>\x96bj\xd5\x9d\x84GU\xf0\xd21\\r\x98\x9b\xe4\xb0NFu\x8f0\xbc\xc4U"\xe9N\xfc\xf3\xca\xbb+\xec\xcbE\xb1\xd0\xa2\xc7e\x80~\x9a\x89\x97\xceR\xb0WI\x0cF\xdb\xe0\xe2E\xb3\\\x02s\xf9\xb2\xc0gXq(\xed\xc8\xec\xf3Q\x14\xaa\xc0\x89\x1dg\x0bb\xee\x80y/g\xb9\xa3\x9c\x94\xf1\xea\xdf\x83\xe1_{\xaeP\x9aHjDb\xad\x86Z0\xbd\xdfz\xde\x17\xfe-\xe9\xa7\x8fw\xbb\xc4`\x11\xa8Q\xb5\x978\xa9:\xbd\r\xbd\xb9\xf6\xe7!\xe3\x8b&\xaa&\xb0%]\x95!/\xe7\xc0j\xb4\xa1\x17\n\x93\xed#f\xe3\xd2\xcbQL6(\x19\xb8\xfe)\x00\x12\x1fmz\xd3\xe0\xcb\xf1B\x88\x9a\xb1E\xee\xbb\xe9\x03:\xe7cC\x17\x8c\xb6\xc6\xc4\xa5\t\xdc\xbbL\x15\xdc1\xf8V\xa9\xe3\xfc\x86\x0bS\xbb+y\xa9\x9e\xab =\x9a\xb07\x85\xf8\xa5F\xfa$\x95\xd9\xe1\x91\x0cB\xac\xe5\x8f\xbe\x88]_x?\xb4\xc9\x13\xf2\x87\xd5\xfa.YyZ?l\x01\xd0\xca(\xc2\xa1\x11\xa9\x07\xd1G\x86\xe1\x88\xd8;\xdd\t\xceW\xd3\x9bB\xfct\x1e\xb5\xce-<\x82\xf6\xb3\xe7L\x13\x8f\x8cPj_#\xe9Cq\x04\xb8\xd5]2\xe9\x12Q\x1b\x18#/\\lQ/Z$"\x1f\xc7\xd7\xd5|v\xd7\x1f?\xc6\xcdt%*r!\xa1q\xe1\x19C\xaf\xac\x9b\x86)D\xc2\x89\x9b\xc0\xe1\xbd\xc5\xe0\xf0\xbc\xd2\xa3TF$\xd6\x18\x94y\x96q\xaa1+\x88\xe7;\xb6m\xfe`\x9e\x9d\xad\xff\xe2]\xd8\xfb\xe1%\x1d\xba\xe8\xfb\x7f\xba\x9e-\xe7\xb3m\xdc\x96\xc4\x1fB\xa4\x97\xf46\xe0\xa8,\xbe\\\r\xd6\x8c\x8c<\x8f\xe5v\xd2m\x90\x855]\x1f\x99\xcc\xb5^\xca\xaal\x9bM\x87G\x02\xe2\xcc9Ca\x94\x08&n\x9eI\xffm\xa5LbLx\x06\x97\x8b\x1f\x02Fx\x81S4.\xfb\xd5\x867#\xd7:\xfa\xbcFt}\xfcW\xa8fa\x1b\xf8o7\x13\xc1\xfc3\xf2\xebf\x13H\xc8\xab\x0e\xc5\x0c\xb1\xb3\x0b\x8b\xa3L\x82kQP8`b,\xf6;\xc4\xe6\xbc\x15cMs(\xcbD\xb3\x9a\xc1\x1c\xaade)\xd5\x18P}\xee\xd3\xda\xbc\xdb\xa84!3\r\xb4#\x82\x10\xae\xcfW\'3\xa9%\x1d\xb6_HV\xae\xac\x8b\xe1?\xf7\x10\xc8\x06\x13\xbd\xbam\x8f\x08UBK{\x87s9W\x88"\xbdPa\x85\x00\x01\xe2\xda\xce\xc7\xb0!\xf5\xd4\r\xb0\xca\xb1\xa0}27;\x17\x01\xe9\xa6\x86y8\x01\x01\xd7\xde\x92-\x10\x1fw\xf39a. \xe77!\xe4\x1e=\xc9g\x05\xf2\xfe\xbaK8R_\x9c\x96\xaby\x84\xcf\xb3\x11(N\x97\x981f\xc2\xc6\x05\xe7\xed\xfc5\xa9}e\xe7\x17\xf2i\xa74\x06eq\xa8\xafw\x97OK\xe4W\xd6\x06\xa6-w\x1b\xeb\xc3\xf4g\xf1\xd9-\xfbB\x07\x9e\xe9\x112\xdd{\x94\x1dO\x0fY\x95\x98\xd6x\xa4\xa3\xd3md\xd0\xdf\xbc<\xff\r\xb9G\xf0\x97\xad\xc7\x93#\x81\xe8p\xe1ad%\x0b\x7f\xb6\xc0[\x1d\xb24\xd9\x1d\x02\x92\xf3\x0f\x89\xc3{\x95\\,\xf0yPKP;\xfd\xe9?r)\x12\xe5\x02z\\\x1b\xbb7,{7\xb0\x8a\xd7\xe3\xfe\xe3o\xf8a\xb2l/\xc6\xeb\xdaq\xf6\xca\x90\x90P\xfb\xf6A\x82\xc80gBT}E\x9d\xb7=\xdd\xa1\xd0\xa5DN\x1a(\x08\x0fX\xbcH\xc7\xa9[\x1a\xcc\xbe\xd3 \x9fJ\xf8\xd7\xe2\'$8\x9b\x15\x1d\xdc\x8a\xaf\xfb\x0b\xb9~\xac@\x19f\x91\x1f\xffu\xa2\xcd\xb1\xc5\xaa\x8bHq\x0f\xbf`\xfc\x0e\xf2T\x15r\xb3\x8fo\xdb\x98\x8a\xc0V\xb5\x19=x\x03\x9e\x1b\xb5\x86f\xef|P\xc0\xab\xb27;;\x81\xf2\xba\xea\x90\x81hU\xb7x~\xb3S\xee\xa0\xe9C\xbb\xa1\x97\xdaq\xb3b\x13\'\xa2\x1e`\xc60#\xa1\x89\x13\xa2\x8d\xc3\x97\xb3\x91\x9a\xd2\x8e/aQ\xdb#GB\xd5\xd3\xe2Q\x9d=e\xec\xcc\x80\xb4\xd2\x13\x07\xfa\x840\xf6\x16\xba2\xe6\x9a\x89\xd6\x18(\x14\xd6\xb8v\xf9\x8f=O\xd9pHv[\xa88\xbb\x9a/\xb3\x08\xf1L\x81<@\xbedA\xd3^\xe8\x13#\xb7\x16*\xfa\xd2a]\x89\x1a$\x8f\xb81,\xcc\xb4wl\xc7Z\xado\\\xf3l\x93\xb4\xb3\xef\xd5b\xf7\x87\xfd\x0f88\xc2\xda\xb1\xc5\x85\x1b{;\xb3Lk\xf3\xb0\x1e\x80\x03\xe0$u\xed\xb1\x08*\xe75\xbcKA`\xbd4O\x98\xf0\xb8\x8fKZ\x872\xbf\x9c\x90\x8f\n\x01\xc9\xd2\xca\xc2\x90\xae&\xdf_A^\x96\xec\x885\xdf\x1f\r\x97:hK\x99\x8e\xa5\x9be\xae\xe0\xb0j\xb7\x88\x8e\x94\x86\x1b\x16<\x06^:(:8G\x97\x15<\xba;*B3\x94{\xad\xd47X\xebQ\x17f\n\xb8\xbc\xa6\xeaV 142.250.201.78:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 383 + id = 22712 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912715992 + ack = 2800351769 + dataofs = 5 + reserved = 0 + flags = PA + window = 509 + chksum = 0x1b6e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'P\xa5\xec\xaaV\xb2\x06.\xda@\xad\xd5\xcd\xb6<\x90\x86\xfe\x9b2\\\xdb|\x11\x19@d\xf1H<}\xd3\x1c\xf7v|\xba\xda\xcf\x80\xe0\xf5C6!J\xdc\xe9\xdf\xf1G\x16\x1e\x90\xcd\xd3|\xc3~\x87\xc7"3\x0b\xe5dO\xfd\x90\xab\xb0\x8c\x8a|\xdd\xf0\x02\x177\x04\x80\xd8yvk\xf9/\xad?\xff]\x97l\xf3~\xd6r\xc3\x81\x82&\xaf\xd9`\x9c\xe5\xf1T\xd5v\xa0\xa1\xbd\x81\x8e\xc8\xdf\xef9\'\xd16f\xb7\xea\t\xb1\xda\x11\xd3\xa6r\xa2\x8d\xa5P\xa2k\xbd\x85\xd3\xebR\x93\xe0\x8f<\xfc\x07\x044\xaaH\xbesBdR\x06\x1f|\xd0k\xf5\x1c+\x8b\x10\xf1H\xb2H\x03\xe1\xe5\x9aG\'!\xfa\xed,\x98\xa1{u\x17\xdc\xd5\x00\x03\x8e\x91\xe7\xe6\xbfW4j\x8e\xf7\x03\x9b_~\x83\xa1\xfe\\\xd2\xf9\x1c\x86\'\x9c\x8f\x01\xa1\x03\x80\xc8b\x15\xb4\xb6{-e\x80\x98\xda\xb3\x80\x05;\xad\x98\xdb\x80\xf0\xce3\xa6\xaer\xf8B\x80F[T\x91 \xc5\x1a\xaf\xcd~\xfb\xe3\xdb\xafH\xbc\xc7\xbff\xeb\xf5\x87S\xdahEw\xd6\x076\x840\xd4\xe0\xdd\xb7\xe6i\xef\xcf\x08\x15bD\x17\xcd\x92\x91\xfd9?Q\xa1\x84\x10^\xf2?;\x12\x8b\x93\xb8\x12C\xeb\x1cyLL\xfa\xf2-W1:d\xae*\xc0\xee\x12\xb2|\\u\x1a$>\xc5\xc2\xf3\xe7!\xa3' + + +2024-12-14 20:35:59.405687 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 32054 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac9d + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912713456 + dataofs = 5 + reserved = 0 + flags = A + window = 994 + chksum = 0x2b1e + urgptr = 0 + options = [] +###[ Padding ]### + load = b'\x8e\xe5\x80\xb3\x00\x00' + + +2024-12-14 20:35:59.460343 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 32055 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac9c + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912714541 + dataofs = 5 + reserved = 0 + flags = A + window = 990 + chksum = 0x26e5 + urgptr = 0 + options = [] +###[ Padding ]### + load = b')_\xc9\x91\x00\x00' + + +2024-12-14 20:35:59.505999 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 32056 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac9b + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912714580 + dataofs = 5 + reserved = 0 + flags = A + window = 990 + chksum = 0x26be + urgptr = 0 + options = [] +###[ Padding ]### + load = b'PK`\r\x00\x00' + + +2024-12-14 20:35:59.519277 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 32057 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac8e + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912714580 + dataofs = 8 + reserved = 0 + flags = A + window = 990 + chksum = 0xa0d1 + urgptr = 0 + options = [('NOP', None), ('NOP', None), ('SAck', (912715992, 912716335))] + + +2024-12-14 20:35:59.526018 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 32058 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac99 + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912716335 + dataofs = 5 + reserved = 0 + flags = A + window = 984 + chksum = 0x1fe9 + urgptr = 0 + options = [] +###[ Padding ]### + load = b')c\xd8:\x00\x00' + + +2024-12-14 20:35:59.527906 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 79 + id = 32059 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac71 + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351769 + ack = 912716335 + dataofs = 5 + reserved = 0 + flags = PA + window = 984 + chksum = 0xa540 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00"\x82\xf9\xc0+Rt\xdf\xc5\xe4\xf8\xf5\x10\xef\xe2S3O\xdbl\x15\x93_7\xbd\xf5\x8b\xbbZ\xfcA\xe7\xa6\xc7\xe1' + + +2024-12-14 20:35:59.534239 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 586 + id = 32060 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xaa75 + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800351808 + ack = 912716335 + dataofs = 5 + reserved = 0 + flags = PA + window = 984 + chksum = 0x77f0 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x02\x1d\x98\xea9\x1e$\x14\x98\xacI\xc2O\xc3\xb2u\xb5\xa6\x04bxU\xee\xf4\x1f\x88\x90\xa4B\x0b\x07\x00I\xcf\xef\x14\x04\xae\xb20yf\xc6\x9b\x1d\xa5\xa9qh-\xe3{\x85\n\xa2Y\x89Z\xdf\x98\x96\xef\xdf\t\x9e\xa6\x93\xbc\xfbH\x122\x16\x8c~]\xf6\xb1r:S\xb0\xc9\x04\xc3r\x0e\xa2\xe0MEB^zDKI?\xdb\xa54\x16\xaa\x8d!\xc7\x99\xcd\xdc\xa9\n\xde\xa5PzGLP\xdd\xf5\x1d\xfdJ\xad\xafe\xa5\xf1S\xc6+\xb1\xb2y\x83N\xbfs\x91\x84*5\x04\xa3\xbdL\x85\xe8\xa3\xd3^\x03F\xbb^\t\x84\xadK\xa0i\xdcmt\xe5\xc7&&\'[\x9f\xa6)v<\x13@\nw\xf6\x00A\xa1\xa2GO}fv\xb2}\xf6A\xe6\xafL@\xf9\n\xe4\x0b\x7fyd<\xcc\xd4\x8a\xe1]\xce\x94\xa7\xcby;n!i\x00\xd5G\xac5\x19\x14\x8a:H\xf0\xe4g\xdc|[\x81[p\xd0\xe2\xef\x08\xe3\xd6\xbe\xda\xdeV\xfe#\xf9tyM\x97<\xdf*\rl\x1f\x7f\x16\x0e\xb7\xc7\x9bCq\xfb\xae\xdb\xca\xadp\xc66\xdd~*\xc2\xf7w\xa1\xe0\xc6\xe8\xd9\xfc\x0b\x9ct\xf9\xf5\xec\xc9\xc5}\x93\x1e\xd8\xbfn\xda\xe5\x87N\xfa\xaf\x85\xa6~\x1c\xab\xa9\xa5\xa3\x85\x93\xff\xb7\xdf\xc1A#\xe7\xc7\xb6\xc9\xa1N\xfd8Ei4\xf4S\xc4\xd1\xa2\xc4)l\xa8$\xc8B\xba\x17\xac3\xeb\xd8\t?\x9a\xd0\xe4L\x06\x84g\xb4\xf2U\xa25\xf4\x92\x04\x86LNm\x032\xe0\xa9\xe9?\x9e\xc5\x8e#8"\x81\x00\x14F\'\x98\xe4Am\xa2\xf1\xebB\x92\xf5T\xe6\xadyZ\x06\x9e\x8cgS|\xf4\xc8pJ\xb2\xf6nhg-4\xe7N\xd6,\x8cN\x93\xfb\xcf:+=\x89*7\x87\xc2[\xfb\xad\x880\xddR\xee\t\xc9\x18\xcc\x89\x91D\x8b# Y)\x97<\xc1\xe9\xfb\xb7\x86\x1a2\x88\xbf3\xef\x1e\xb9\xa9\xd75\x1d\xf6\xed\xbd\x0e\xe2\xea\x15E%\xa1\xfa\xbb\x8d\xee\x86L\xfd\x8a\xd6\x1c\xd2\x0e\xf0\xcf\x0f\xd9}\xbc\x8e#\n\xa4L\x138\x03\x9d\xf4\x0c\x13\xd7\x91Z\xe0>a\x03\x15\x0c!*0\x95\x02\x8c-M\x19@\xd0\xd4\x8c\xf3' + + +2024-12-14 20:35:59.543302 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 744 + id = 32061 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xa9d6 + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800352354 + ack = 912716335 + dataofs = 5 + reserved = 0 + flags = PA + window = 984 + chksum = 0xa1a5 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x02\xbbS\x86\xc8D\x0b\xf8\xcd\xac:C\xdc\x9b\x8a6\x90a\xd2\xa5|\xcbhg\xd8\xe5\xd7\xd9\xb9n\xcd\x88,\x1aM9\x12\xb8\xfa\x8e%>\xa0t\x04\xf6\xd6\xd1\xb1\xae\xe3\xe5\xb7ih\x16\xa2\xe9\xcc\xaf\xa5\x0f8\xa0b\xf5\xb2e\rv\xb0,\xda8\x9c\x8e~\xa2\x10\xa1\xaa\x1f\xf0Y\x9c%\xebq\xeb\xd2\xdf\xeel*\xce\xa1\xb6\xe1\xea$?\xc4\x08zN\x00\xc1\t\xd7\t\x8b\x0c>l\xeeT\x03\xfb>?\xf5\xb3\xd5S\x1dyi\x1f\xe3\xa6(\xfa\xf8r\x9dz\xacKED\xd1\x1bF\xccw\xf2\x9d\x0f\xdf\x1bjn\x93\xf4V.z\xbe\xa4\xea\xfd$\xd2:"h2\xdd\x1b\x0f?\xde5c$\xf1\xc4\xf9p\x19\x90\x80\xe454\x8e\xf0I\xa9\x89UD-F\x84\x1c\xa7\xd3g2\x07W\xda\x99P\x832T\x08\xec\xe8L\x02\xa2k\xdf\x9c!\x8a\xfb8\x7f\x16\xd5c\x19\xfc\xb9\x8aSm\x8b5-=Jx\x1bZUf\x94C\x7f\xefa\x11\xc6l\xb9\x80\xafD>\xbf5.2\xc7\xb0\xac\x96~\xa1p\xa7S\xc0c9\xe2#nw\xd6EU\xa5\xf0\x14Jk\xa5q\xd7\x01\xd0E\xe8\xee\xebT\xf7\xb2\xc0.\x12\xef<-\xbcM*>\x83\x0e\xf5s\x10\xc5\xd9\xaa;V@\xa1 \xe2\xdcS\'A\xa0\xf2' + + +2024-12-14 20:35:59.578542 - Ether / IP / TCP 192.168.1.11:42690 > 142.250.201.78:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 22713 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912716335 + ack = 2800352354 + dataofs = 5 + reserved = 0 + flags = A + window = 512 + chksum = 0x1a17 + urgptr = 0 + options = [] + + +2024-12-14 20:35:59.612853 - Ether / IP / TCP 192.168.1.11:42690 > 142.250.201.78:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 75 + id = 22714 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912716335 + ack = 2800353058 + dataofs = 5 + reserved = 0 + flags = PA + window = 510 + chksum = 0x1a3a + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00\x1e[\x12\xd4(\xc4\xd6h\xd3\xc0.\xa51\xc0Z\xd1\xc6*1}J\xd25\xa1\x81\xbev\x0c{\xb1\x07' + + +2024-12-14 20:35:59.621470 - Ether / IP / TCP 192.168.1.11:42690 > 142.250.201.78:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 79 + id = 22715 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 142.250.201.78 + \options \ +###[ TCP ]### + sport = 42690 + dport = https + seq = 912716370 + ack = 2800353058 + dataofs = 5 + reserved = 0 + flags = PA + window = 510 + chksum = 0x1a3e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x00"\xe4=V\xed\xa8w.J\xab_41NF\xb7\x9dN\xedV\xf4\xefJ\xde\xff\x976\xf3\xc8\xdc\xe5\x9a\xb2n\xf6' + + +2024-12-14 20:35:59.638132 - Ether / IP / TCP 142.250.201.78:https > 192.168.1.11:42690 A / Padding +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 32062 + flags = + frag = 0 + ttl = 119 + proto = tcp + chksum = 0xac95 + src = 142.250.201.78 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42690 + seq = 2800353058 + ack = 912716409 + dataofs = 5 + reserved = 0 + flags = A + window = 984 + chksum = 0x1a96 + urgptr = 0 + options = [] +###[ Padding ]### + load = b'i\x97\xbc\x85\x00\x00' + + +2024-12-14 20:35:59.820297 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34267 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63629 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 25795 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:59.822139 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34268 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63630 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 25796 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:59.823927 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34269 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63629 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 25797 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:59.826197 - Ether / IP / UDP / DNS Qry b'101.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 72 + id = 34270 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63630 + dport = domain + len = 52 + chksum = 0x83a2 +###[ DNS ]### + id = 25798 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:59.835030 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63629 + len = 76 + chksum = 0xd8b4 +###[ DNS ]### + id = 25795 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:35:59.837055 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63630 + len = 89 + chksum = 0x6b2c +###[ DNS ]### + id = 25796 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:59.839082 - Ether / IP / UDP / DNS Ans b'Galaxy-A51.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63630 + len = 81 + chksum = 0x8ca4 +###[ DNS ]### + id = 25798 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'101.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'101.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Galaxy-A51.home.' + \ns \ + \ar \ + + +2024-12-14 20:35:59.849237 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63629 + len = 51 + chksum = 0x1f5e +###[ DNS ]### + id = 25797 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:59.871336 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34271 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63631 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 25799 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:35:59.877431 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63631 + len = 81 + chksum = 0xa68c +###[ DNS ]### + id = 25799 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:36:00.279301 - Ether / IP / UDP / DNS Qry b'assets.msn.com.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 60 + id = 34272 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 64667 + dport = domain + len = 40 + chksum = 0x8396 +###[ DNS ]### + id = 18300 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'assets.msn.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:00.301393 - Ether / IP / UDP / DNS Ans b'assets.msn.com.edgekey.net.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 278 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb67a + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 64667 + len = 258 + chksum = 0x249d +###[ DNS ]### + id = 18300 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 11 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'assets.msn.com.' + | qtype = A + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'assets.msn.com.' + | type = CNAME + | cacheflush= 0 + | rclass = IN + | ttl = 20714 + | rdlen = None + | rdata = b'assets.msn.com.edgekey.net.' + |###[ DNS Resource Record ]### + | rrname = b'assets.msn.com.edgekey.net.' + | type = CNAME + | cacheflush= 0 + | rclass = IN + | ttl = 215 + | rdlen = None + | rdata = b'e28578.d.akamaiedge.net.' + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.21 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.2 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.17 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.20 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.4 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.3 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.30 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.8 + |###[ DNS Resource Record ]### + | rrname = b'e28578.d.akamaiedge.net.' + | type = A + | cacheflush= 0 + | rclass = IN + | ttl = 9 + | rdlen = None + | rdata = 2.18.188.19 + \ns \ + \ar \ + + +2024-12-14 20:36:00.304939 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https S +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 28333 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308730996 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 65535 + chksum = 0x8001 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:36:00.312520 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https S +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 28332 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156341888 + ack = 0 + dataofs = 8 + reserved = 0 + flags = S + window = 65535 + chksum = 0x8001 + urgptr = 0 + options = [('MSS', 1460), ('NOP', None), ('WScale', 8), ('NOP', None), ('NOP', None), ('SAckOK', b'')] + + +2024-12-14 20:36:00.321533 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42770 SA +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xc7e9 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959589876 + ack = 3308730997 + dataofs = 8 + reserved = 0 + flags = SA + window = 64240 + chksum = 0xe4e0 + urgptr = 0 + options = [('MSS', 1384), ('NOP', None), ('NOP', None), ('SAckOK', b''), ('NOP', None), ('WScale', 7)] + + +2024-12-14 20:36:00.330622 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28334 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308730997 + ack = 959589877 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.335030 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 603 + id = 28335 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308730997 + ack = 959589877 + dataofs = 5 + reserved = 0 + flags = PA + window = 1024 + chksum = 0x8228 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x16\x03\x01\x02.\x01\x00\x02*\x03\x03<:\x93I{^"\x00N\xe72)\x15\xa4\x8fp\xdd\xe3%\x04\x83\xc2\x14\xb3;@j\x90\x13\xf6\xa9\x1e \xee\xae\xbcj\xc8\x82b\xc65\x83\xc9D"\xcfJ\x0e)\xbc"\x0b\xba\x01\xfd\xa9\xe9\xea\xc4\x99\xc9\xbb?y\x00(\x13\x02\x13\x01\xc0,\xc0+\xc00\xc0/\xc0$\xc0#\xc0(\xc0\'\xc0\n\xc0\t\xc0\x14\xc0\x13\x00\x9d\x00\x9c\x00=\x00<\x005\x00/\x01\x00\x01\xb9\x00\x00\x00\x13\x00\x11\x00\x00\x0eassets.msn.com\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00+\x00\x05\x04\x03\x04\x03\x03\x00\r\x00\x1a\x00\x18\x08\x04\x08\x05\x08\x06\x04\x01\x05\x01\x02\x01\x04\x03\x05\x03\x02\x03\x02\x02\x06\x01\x06\x03\x00#\x00\x00\x00\n\x00\x08\x00\x06\x00\x1d\x00\x17\x00\x18\x00\x0b\x00\x02\x01\x00\x003\x00&\x00$\x00\x1d\x00 \x04\xf6^\xcd\xe9\xe2?J\x17\xb3\xc0\x84\x8d\xc4\xfe\xe4\xe4\xc6\xe0\x8f\x13y-9\x8f\xd0\xd9}\xd3\xf1.\x03\x001\x00\x00\x00\x17\x00\x00\xff\x01\x00\x01\x00\x00-\x00\x02\x01\x01\x00)\x01\x1b\x00\xe6\x00\xe0\x00\x00o\xa20X\xa5\xbb6\xea$\r\x81\xa1\xadb\x89\xf6\xcf\x82\x87\xc5G#"\x97\x1d\x9a\xdf?^bv\xa5\xef\x00h\xcc\xd2Wp\xfe\xe9\xa1H\x15|\xdf\xcc\xb4)r:\xa8\x0e\xfc1\xe9\x9f\x95\xea\xee\xd2\x84\x8f\xee\x18d\xd0\xfd\x94WJ\x81\x06\x0e\xe4t\x0cL\xf7\x95j\xc2\x8e\xac]\xddW`\xa5\x91\xf8\x1f\x02\xea\x84b\xb2l\x97\xf9\xf3b\x0f\xf9\x83\xd4t\xb3\xff\xdaQT\x9b."s-\x8c\x83\xa9\xf0x\xce\x8dhA\xb8\xfamox\xed4N)\xc3\xe1M\x05\x1aC\x0f.\xfc5\x8e)\xb1\x15p\x92XO\xf7I\x8f\xc9\xb1\xd2<\xb3\xedZE\xdc\xae\x94[U\xadj%F\x14[Y\x99I-\xed\xd9\x07\xed\xdfhA\x0b\x1e\xd4\t\x97p\x88\x17\xbb\x85\xe3\x0c\x96.--\xec\xd1\xe6\x03\xe9\x1f\xdc\xbcm\xe31\x10\xaf\x14\x7f\x98\xf9g\x8a"\xb4\xff\x90\x93\x0010\x82E\x81\x14\xfd"Ir\xd2H\x87\xea\xafj\xaf\x8e\'`D\x1a\x8f\x905cz9\xf1n9\xbd;\xb1\xd8\xfa[z\x80\xffO\xbd\x89]\xb1N\x15\xf8\xf8-' + + +2024-12-14 20:36:00.360081 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42771 SA +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 52 + id = 0 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xc7e9 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767126959 + ack = 4156341889 + dataofs = 8 + reserved = 0 + flags = SA + window = 64240 + chksum = 0xeed5 + urgptr = 0 + options = [('MSS', 1384), ('NOP', None), ('NOP', None), ('SAckOK', b''), ('NOP', None), ('WScale', 7)] + + +2024-12-14 20:36:00.367628 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28336 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156341889 + ack = 2767126960 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.372212 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 316 + id = 28337 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156341889 + ack = 2767126960 + dataofs = 5 + reserved = 0 + flags = PA + window = 1024 + chksum = 0x8109 + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x16\x03\x01\x01\x0f\x01\x00\x01\x0b\x03\x03\x06hZ\xec\x17\xd7\x8eM\xa0\x98\xdb:\xf5^\x10A\xd8}q&\xae\r\x84\nu\xc8\x9c\xc5FO\x8f\x11 \xa7\x1fN\xd3\xb0\xf1\x03\x7fmn\x8c\xdb\x8dM\x1d8\xfdS\x06_!\x0f\xf8B\x1e\xedJ\xe5?\xaf\x9d\xe6\x00(\x13\x02\x13\x01\xc0,\xc0+\xc00\xc0/\xc0$\xc0#\xc0(\xc0'\xc0\n\xc0\t\xc0\x14\xc0\x13\x00\x9d\x00\x9c\x00=\x00<\x005\x00/\x01\x00\x00\x9a\x00\x00\x00\x13\x00\x11\x00\x00\x0eassets.msn.com\x00\x05\x00\x05\x01\x00\x00\x00\x00\x00+\x00\x05\x04\x03\x04\x03\x03\x00\r\x00\x1a\x00\x18\x08\x04\x08\x05\x08\x06\x04\x01\x05\x01\x02\x01\x04\x03\x05\x03\x02\x03\x02\x02\x06\x01\x06\x03\x00#\x00\x00\x00\n\x00\x08\x00\x06\x00\x1d\x00\x17\x00\x18\x00\x0b\x00\x02\x01\x00\x003\x00&\x00$\x00\x1d\x00 \xbc\x1d\xb7bd\xb2D\x0fW 192.168.1.11:42770 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 295 + id = 54866 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xf0a3 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959589877 + ack = 3308731560 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0xe9c6 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x16\x03\x03\x00\x80\x02\x00\x00|\x03\x03]\xfa\xfc\xad`\xaa\x80\x1d\x96\xf8B\xfb\xd8\x9b\x94e\xb7T\x15wT\xe6\xa5\xd2\x80/\xc5m\xdb\xafO\x08 \xee\xae\xbcj\xc8\x82b\xc65\x83\xc9D"\xcfJ\x0e)\xbc"\x0b\xba\x01\xfd\xa9\xe9\xea\xc4\x99\xc9\xbb?y\x13\x02\x00\x004\x00+\x00\x02\x03\x04\x003\x00$\x00\x1d\x00 \x85\xc7\x17\xb5|\xc0\x82np\xc5\xd9W[n\xb3\xf1\xde\xd3\r\xf7 \x04\xea.\x1a\xdc:\x0e,$9 \x00)\x00\x02\x00\x00\x14\x03\x03\x00\x01\x01\x17\x03\x03\x00%O\x8azvy%\x14e\x05\x99\xbc7Wq\xe5\xfb\xdb2?MA\xb5\x9b\x0c`\x08\x14]\xe5)7\x87\x84}^dI\x17\x03\x03\x00EF\xdd\x1ca\x01\xb4P9h@r\x0c\xc5_C\xee\x87\xcb\xe9\xb4\xb1\xa9\x90 \x11\xc5\xbc\xebc\xf7\xf7 \x87\x12\x01\x97\xab\xb3\xe0_\xfa\x01\xc4' + + +2024-12-14 20:36:00.415855 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28338 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308731560 + ack = 959590132 + dataofs = 5 + reserved = 0 + flags = A + window = 1023 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.433745 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 120 + id = 28339 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308731560 + ack = 959590132 + dataofs = 5 + reserved = 0 + flags = PA + window = 1023 + chksum = 0x8045 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x14\x03\x03\x00\x01\x01\x17\x03\x03\x00Ek+\x10O>\x8e\x0e|\xef\xc9\x9cp\xeek,\x80\xc3\xc1*z\xfc{\xecQ\xf3z\xb6\'\xaa\xba\xfeu\x9b\x9b-\x08\xd2Os\x9a\x83\x0f\xf8i\x87"t\x05\x00\xa9\xe8\x17\x07m\xf6\xc3\xc2\x12\xdfJ\x10[\xbc\xfbX\xf7\x8f\xde\xa0' + + +2024-12-14 20:36:00.447026 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 433 + id = 28340 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308731640 + ack = 959590132 + dataofs = 5 + reserved = 0 + flags = PA + window = 1023 + chksum = 0x817e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x01\x84@\xe1 \xe3I?\xfc\xd9\x01\x9c9\xc2\x90J\xc2-\r\xc7U+\x86\x9cN\xfc\xd8\xa9\n\xb8\xaf\x9dw\xee\x07\xb0"+\xd9\xd1\xfc\xdd\x0c1\xbe\xfd\x08\xa9\x84\xe96\xeb/\xa6\x04\xc9#l&\xce\x9cM\xbc\x0c \xd72\xc9\x08\xc3M+\xd43\xbfq\xb3\xc5\xda\xbd\xf0?2V\x96\xf4\xc8\xc6\x1c\x8b\xf3\x8a\x8b\xe0\x19\xc4\x8d\xb4\xfe\xc9\x11\xbf\x93\xcb\x94\'\xe4|w\x1a\x0b\xc4mT(\x0f\xd1x\x8e\xb8\xd5\xb9\xaeEL\r\n\x02\x11~\xf7<\x15\x98u\xcej3\xf7\xb1@\xdef\xf3\x1b\xe5\xe6_\xbc?\xaf[>c\xca\x12/\xc40\xb8\x96\x1dAi\x8d\xaf2\xf1\xa5Q\x9d\xda\xd5\x04\xe6\xce\xe81\xcbO\xce\x8a\xbf\x1c\xf6B\t\xe9\x10\x1c\x1fs\xd8\x7f\xbc`\xfci9\xae|l\xd1\xa5\x99\xb4z4;Y\xca\xff\xbe\xd2\xd9\x99\xe9\xdaAV)\xf3\x12M\xc2\xdaKB,bw\x01\xd9\x18\xf0W\x11\n:\xd1\xa0\xf5\xb9\xcf,\xf6\x12c\x90\xb9\xa0\xfbk\xf9\xb0*\xc4`\xb4\xec\xf9\xfcQ\xd8\x07h\xbbDs\x0c:n\x11\xee\x1c\xe98\xcc\x99%\xf6=\xd0\xf2\x1c\xdc\xee\xebG\xd0\xe8\x142\x1a\xfb\xa0\x87\x00M)\x9a\xde\x13\xec@<\x95\xdaY$rzM\xe6\x8d\x05\x1e\xf9\x0e/su<\x1d\x87\x0b\x8e\x13\xff\xaa\xcd\xcc\xac\xdc\xa5\xa7\x04\'THD\xe4I0\x85\x1d`R\xe6\xa2\x88\x91jyf\x0eK\xab#\x86\x96t\x88z=\x97u10\x12\xba\xd1\x80\xacd\xe5\xe1\x11\x05\xf9J9@f0l\xc3\xf0\xea\xe5' + + +2024-12-14 20:36:00.454530 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42771 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 2960 + id = 37712 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0x293d + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767126960 + ack = 4156342165 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0x0 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x16\x03\x03\x00z\x02\x00\x00v\x03\x03\xbf\xf1\xbfg\xc0\xb3\xad\xf3\xb2\x15Y\x9e\x8f\xd4H\xfb`\xaa_\x9b\xbb\x9c*\xe5\x92*\xc9\xdegK\xc2\xd1 \xa7\x1fN\xd3\xb0\xf1\x03\x7fmn\x8c\xdb\x8dM\x1d8\xfdS\x06_!\x0f\xf8B\x1e\xedJ\xe5?\xaf\x9d\xe6\x13\x02\x00\x00.\x00+\x00\x02\x03\x04\x003\x00$\x00\x1d\x00 \xbe\x9b\xaa\xc3\xe1\x0f\xed\xc7e\x96\x992p\xb5\x92\xf1/-\xf3\xba2\x05\x7f\xda6\x81\x97$\x8fJ\x8b=\x14\x03\x03\x00\x01\x01\x17\x03\x03\x00%\xf9j\xe0\x0e\x98J\xa5\x8f8[\x9b\x12Ib\x11\xbf\x9b\x83\xa5\x8e\x86L\x8d=\x93w\x98Wk\x01\x04Z\x81Vt\xe7\xe9\x17\x03\x03\r\xafo\xbc\xd5\x0c\xab\xff\x00\t\x1e\x95\x1d\xfd\xa5*B\xb5\xb8#+\x1e\x8dp\xa4\x98z\x7fi\xcc\xcd\xf6\x7f!\xae\x8bN\x96|\x96\x18\x1a19I\xc6\xedo\xa0\x1b#\xa5\xecL\x06\xac\xbe\xfa\x82\t\x80\xee\xcb_\xc4{^\x1f?\x8c1\xc7\x19(Pvm\xa8~\xb0u\xc4SV\xbb\x90\x04\xf5\xc5\r\xa8I\xb4\x1c\xc6}b\x8b\x96\x17\x11\x93\x01\x98\xce\x83\xa9\x00{\xcd\xc1\n\x19\xfe\x0f7+\xfc\x80\x1c\xe1\xec\xc8pv\x10\x9d\x1d\x13/o\xd8k\xa8\xdf\xeb\xba\xcce\xf5\xb3\xda,\x0f\x8e\x98h\xb2\xc7\x15\xa6\x85/`J\xd7\xcfz`\x19\xcfr\x99\x07Yj\xee\xa2\x14g\xbc\xeb\xb7Z\x92\xafpp\xfcnx\xdb\xdf\x12!\x08}p\x10\xeeZW\xb6B\xb4P\xc6QK\xf1\xbe\xdb<\xbc\x0cW\xe3\x98\x8b\x96\xd8\x112\xa2b\xad\xd6\xe2%k\xc3\xfaz\xdb\xb1\x10&\xcf\x98\xd6_\xe8\x1c\x86\xf3Z\x11\x9e\x96)\xd6e\xc7\x96\x02\x8a]_TJ\xf2\x95\xb2F\x86]\xdfu\xd3\xf4i\xb9\xfe\x04\x98\xad[e\x1d1\xec\x19\x05\xa8\xa86u\x99JcS\xbav2\x10\x05rMZ\x07\xe1\xfa\xd4zk\x83\x17\xd6W\xfb\xba\xa8M\t;\xe8\tf\xb5\xe7z\xb4\xe0x:\xc0\xcb\xb4>87\x92\x11\x1a\x97\x82f\x126I>q\xa4\xcb\nv\xad\xdb6RA\xd9\xfco\xcdWg@\x81\x82\x1c8E\xde\x0f\xeb\xd4\xaei\x15\xe8\xe7\xc4\xbbW\xd1\x0c^\xe6\xc8\xb9u\x96\xc2\xbe\xd3\xf3\xe4\xd2s\xa6\xf4*w\xdbpD\xfaIR\xbd\xd2\xbc\xb0\xd4l\xbaJ-\xfd\x93\x9fdC\xb9\xb7\xa9\x96\x8b\'Hsr\x85\xe9*\x87@6P\t\x88h\xea\x01\xc5\x82\xf9w\xf1\xb6\xf1\xe4\xafVv\x98\xe25\x9eN\xe2\xe2\xb3X\x99G\xb8\x0bI\x93\xaa\x1b\xae\\ A.\xf9\x16\x00\xeb\x19\xae8\xa5\x078\xde\x7f\xa4\xe3[\x07m\\\x91\xde]n\x1b\xe3\xea\xc1E\xf9\xde\xd5\x16)\x92Q\x8ft,Ew\'\x1eb\x94\xb7\xbe\xab\xf5\xeb%\x8c\x96\x85\x0b]\x1e/\x11\xd7M\xa3\xda\x9f\x94\xef\xb1\xd2\x91c\xa8\xc1anXf\xc6g\x1ejA.\xa3\xf4R\xc0\xd6\xcd\x94"\xecz^P\xae\xdc\xf3\x1e\x8d\xeb(=\x19N\xfdq\xa20\xe5\x98\x18MH\x1d\x17\xbb\xb9\xa2+\x1c\x89R\xca\x89\xee\xd9\xbd\xc9\x02\n\x94\x99\x9bB\xf3\xc6\x15_m,\x93o\xe1=\x9d\xbc\xb0\x1d>\xb5\xfa\xb4\xf7q\x14\x19\xab7\x9b\xc2*\xc6\xd7\x1e~\x8dO\x10D\x92\x85\x07\x19\x12\xd1\xb5\x9d.\xfdb\x07\xf0(\x03\xb6\xc4\x07,.\x890\xd1Y\x93Q$@\x15\xf8\xb0B-\x11\xab\x9c\xfd\xc0\xfaA\xedK\x15\xc5\xe2\xd2\xdb\xd9\x85 .\x80\xffS\x01\xa1ir\xb3QhD\t\x8a\x18>\xeaSQ\\9\xdb\xfd}<[\xe15\xe5\x83n\xde\x8b\xf8{\xccAN{j\xe0\xc7\x18\xb3\x02+\xa3A0f\xe3e\xce\xc7\xcd\x10V+\x8b\x92;\xd8 8\xab\xf4\xf7]\\\xba\x1b\xad\x92\x12-\x04+{\xa7\xb2H\x8eBt\xd3\x19\x17\x9a\xc6\xe3\x84s\x19\x92\xe01\x95\xc3\xf4\xbd\x99\xc4\xb6DK\xa3\x06i(K\x94\x12\xe8\x9a\xdb\x0e\x08\xc2\x82\xbd\x00)\xf7-4\x03\x80\x12\xdb0m\xcc\x8c(\x98\xafo\xfc\x1f\x0e\x1d\x85\x17h}\xaa\xff\xf7\x98/J\xaaR1V<\xe4b\xd2]\xaf6\xf6\xa6}\xa6\xb6~y~^\xbe5\xc2\xd7\xca\x1d\xd08D\x85"O\xfcM:-\x89\xe4\x9d%m\x9bVP\xd5Md\x02R\x1f\xaf\xd6N\x06l\xd7\x90\xdf\x81,\x02\xfaW\x96\x1e<\xf20~=vw\xeb\xc3\xdcj\x8c}\xef\x0e\xed\x84\xbe\xb1\xfcN\x9fvw\x13\x85\xb5\xda \x05\xf6\x08\x9f\x95\xa8\xb1#E\xbeJ\x97\xa4\xf3\xd52\x0f\xae{\xbd0 \xf9Q\xee\xbf\x8b\xeb\x1cqa~1\xa6|\x93\x0c/\x9d\xb7\x0b\xda@6\x1f\xbbyz\xbe\x1c\x00 ~\xd3\x1b\x1ds\xba\x06\x84Z\xc2\x84\xb3\x1dk}\xbd\xe1\xe3\xab\x7f\xbaZ&\xde\x1b\xc5Bl\xa7\xa6\xfe\xf6\x81\xae\xcb\xe7&\x96\x91\xeae\xa7\xa25SL\xc0Vc !hHPb\x96 UR\xff\xb6\x87\xf9V\xa6*\xdc\xe2\x98l]\xe3\xf7\xd8kB\x99v\xb2{7\x96D\x8b\x1e6\xa8\xf1r\x08=>7\xd6\xe2\xfc\xda\xfdu\xa4\x04\x89\x10\xa6\x89%\xbdlc\xf1\xe1Yr\x88\x02R\x11X\x1c\xb3+\xae$7\x0f\xe56\x18F\xe5\xa6.po:\xf0\x88\xcc\x11\xfc<\xae\x83\\>\\\xdd\xdc\x0b\x8a\xbaT\xc7\x98;\xde\xd1B;q\x11\xf5E\x928\xc0\x0cR\xce\x9e,\x90\x9dV\x0e\xdc#\x07m\x80\xa6+\xa7\xc4\xcc\xc5(\x83y\x9e\t\xf4\x13\xe7k\xc5\xa6\x8fr\xb7\x0b\xf2\x0e\xe7\xd3\xfd#R%\x8c\x83\xb3\xea\x90\x93V\x98\xbcVi\xba]\xd2_7gH\x14VO\x8d\x7f\x90g:\xcc\xf2\xb1\x15\xb5\x18\xc8\xc1\xeeS\x1dLf\xf8\xf4\xf2\xd8\xd9!\xb0\xe47l\x9c\x07\xf0\x1bK\xcc\x1d\x94\xd7\x81\xb3)\xd1x2\xe8v\xcb\xd6u\xf2\xde}u\xd1H\x86\xe8@#\xf4"\x90\x17\x85\xc7\x19\xbe\x0b\xea\xff4_\x95t3\xde\x1a\x10\xff\xa4\x16HE\xc3\xa6\x1d\xca\xa3x\xa4\xfc\xbb\x15\x08w\xb6\xd7M*\xba\xc6O`\xf9\xc8\xf7\x01.\xe2\xd7Eb\xa57I,\x9d\xd6\x1a\x92\x1a\xc5\xb4\x14YT\xe2\x85+6\x1a-7n|\xd7\x00\xcff\xe8\xcbu\x1ep@\xbc\xe7\x04\x13T\xdb\xff%&\xf9=c\xc9\x91\xfe\x81\xd8\x08\xfd\xfd2.x\t@\xae\x8e#\xc4\xff\'\xa9\xb8\xfa\xc4A\xf0\t\xa3x\x17\xf4,(M_\x9d\xab\x8b\xde\xb7\x8b\xe9\x91\xe8\x145~-\xf2\xb0o\x17\x84\xff\xc2\xf8\x08C\xffT\x03\x9c\xc1\xa9\xdb+\x80\xfb\xfc"\xfb|\xbb\x16\xa7\xb6\xea\x87\xb4\x05c\xa7\xd1\n\xaf\xbc\xff\xca\xdc\xbb\xd2\x94\x94@\xc8\xe8\xab\x94\x86\xe1^\xc9\xbb\x81\xe1g\xf9(E!b\x19\x89\xbe\xcb\x8e\xaf\xdd\xefD\xa3\xb0\xbd\xe4\xc3qCv\x7fb\x9cl\xde_\xac\xc1\xb9\xa6wY\r\x9b\xedr\x87Jnf\x8e]\x1aE#!P\xc2\n8\xd0x5\xa4\x05\xc7\x97\xe1\x9b\xf7\x1a\xd1C\xd34\xe6#e\x1e\xce\x00\xbbhN\xd7\x13\x93\x02\xf9Bxk\xf4\x98\xe2/W\x89\xb0\x15\x10ouo\xb9\x02\x14\xdd\xfe<\xffb\xdd\xfc\x7fKx\x02.\xef:\x92\t\x90\xb6ElQ\xd3\xce\xeb\xc7FZ?w\xeb-\x05\x8b\n\xde\xcf\x8c\x7f\xb6\xcb|\x1ai\x0eK~\xb8\xc8\x86\x1c\x8du\xe9\xa1\xeb\x1ft*X\x9d\xb8h\x95Y\xefO\xda\x9e\xba?\xa4\xec\xca#\x1f\xd0\xaf\xb44u\x8a|}E\x91L\x19t\'\n\x97a\xacoKY\xb6i\xbdY-S\xd0"\xac\xff\x1d\xce[\x9d\xb1Kw\xb0\x8a\xf2\x07\xd6O\x1c\x17\xb1\x92 L\x84\xe2\xacG\x9fN\xcb\x84\xad\xe1\x90\xa1\xf4\xc7\xf47\xa2\x14\x99s\x8c0o \xcb\xbd\xaf+\xeb\xa8C\x08gh\xf9\xca; \xd8\x8d\xc5\x03\x8c\x07\x8a\x84\xb0\xd1\xab\x181\x9f1G\x01\xcdV\x1e]\xb5V\x85V-\x1a\x86\xa0}\xa0z\x95~\xf8l\xb18\xc9\xbaW\x81&\xe4\x9b\xfb\x90\x18\x7f\x0c\x83\xfa"\xb3\xe07\xbck\xc65\x1a\xb8\xbd`:J#\xde\xddw\x97C.\xf0\xc3\x1a\xe30\xde\xf5k\x80/\xe60\xe3\x7f\xb3Uf\x18\x941\x0e\xd2\xbc\x81\xe9!g5\xeb\xa4\xc2\x96\xee\xd5\x93\x87\xb5\xfd\xacJ&n\x90\x0b\xa6\xde\xaf\xc8\x1d\xf8r\x0bZm\x1e\x0e\xc6\xbf%(\xc3\xe9\xf76\xf3\xa2v(\x14\xd5x\x91\xec\xe0?`\xb1M\x1e\n\xa9\xe8\xb5\xc2\xde\x84\x8a\x82\x83\xd6\x900\xb0\xde\xb8\x13bIV\x9bu\xce 192.168.1.11:42771 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 978 + id = 37714 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0x30f9 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767129880 + ack = 4156342165 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0x2aed + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\'\x99_\x84d\xc3|OcV\x98:m\x81\x8e\xb7Pb\xe7\x06\x17C\xee\n6me\xe0\x81a)\xdf^\xbdt\\E"\x1b\x03J@N\xd3\xdf\x1e`\xa1\xd0{q\x14^S\x00\xaf\xaa\xaf1n\x19\x074\x930\xb9\xba\xc5\x8e\x8fb\xf6\x00\x9fr\xe1[\xa2E\x1c\xaf\xbf\xd4\x85\xd0\xb0\xda\xdf\xe2r\x14\xea\xf0\x88)I\xdd\xc0\xc4zA2MQ{1\xed7\xa0}\xae\xf4\x1a\xa5\x0cE1\x1e\x1d}8Ry\xc3\xf3?\xf0\x0b\xfe\xfa\x0c\x08A.\xf5]\x89\xebmQ\x8c4fG\xcd\xd6H\xc5\xaaLov\x0f$\x16L\xb2i$\xde\x0b\x95\x08\x12\\\x03[\xde&\xf4"\ty\x92S\xd8\x03\xe2\x00#js\xdb\x11\x1a#_A\xbd\xbb\x15\x81\xc6\x07\xba\xb3\xade\xc8\x10\xa7\x9d\xcdD\xcaxc\x14h\x11"\xa0>\xc9\xff\xb6\x14c\x0e$\xf2NG\x1b\xc1\xf1\x91\xaft2\xe4\xac,\xdb\xf5j\xe1y\xb6\xb0\xd8\x9b\xa1\x14Y2\x8b\\6\xc5\xda\xd1\xee\xed\xeb\xd0D\xda\xe4\r\xc2u\xb0\x10HV\xa7\x83\xfd\x93\xceZ<^I\x81#`E\xab\x9d\x9d\x15\xaa\xecB\x19B\x1eo|\xf0\xd8\x81\xd9\x02"\x86\x9e\xdd7\x1b,\xc3\x14\xa4Wl|\xb4K\xd3ox\n>\xeb\x1a\xc5\x98\xec\xaf\x19L\x8e\xe9\xcc4\x97\x07\tE\xf6\xa1\x1c\xa1\xc6\xfb\x06$J\x00\x15\x08\x90k\x14\xbaN\x01\xa8\x8f\xe6\xdf|c\xb0Vy\x0e\x98\x01H"O\xff\x0c\xbc\xc0\xefh\xae4\xd6(\x13\xcb\xc4\x17s\xa5&{\xfe\xa3\xd8o\x8c8\xa6\x03\xb5\xda>\xd4\xae\xc7\xdd\xf9f\xd8D\xbc\xd8K\xe5\xeb\xd7\xedQ\x9c\xa3-g\x99[C\x14\xa4n\xe8\x1b\xd3\xf2\x0fG\xea\x8e\x8b(\xa8IMS\xf7\x0e VFcP(\x15Wt\n\x05Rl\xfe\x9b\xfd\x1cJ\xc3[\xee\xf9\x1f\xf9~4\xce`\x1f\x89>\x05-q-1\xc4\x15R\xe9?\xd0\x8c\x96,nW\t\x87K\xcey\x14\xa3\xb4y\xb5\xad\xa4\x06\x8d8\x13\x9e\x05\xa8.=_\xe4\x1e(\xf7\xb1\x07\xa0\x8f\x97\x9a6\x0b\xf7\xe7\xbf\xbf\xc2miV\xf6>\x02\xaf2kL"\xb1\xac\t\x94\xb3\x19\xe5\x80\xf2\x1c\xff\x03\xd4\xf6\xad4\xba{j\xa9\xbe\x7f\xd9\xcb2\xcd\xa4(i\xa9b\xec1\x87\x9fF\x9e\xc9\xd6\xb2\xa4\xf5\x85t\xb7\x98\x0cR\xdb\x91\xaf\xbf\r,J\xee\xdc\xed\xcd\xd0b\xeb\xee\xc8\xd0O\xd5\xa5\x0f\xd5\xe9Sq\xe6\x98\x8c\xd92\n\x9e\xee\x8e\xc6\x85\xd46(~MSk\xf8+\x12\xd5\x89J\xade\x96%\xc4\x8d\xcb\xdd\xb1\xd6\xfa\x1d\xc1\xe24\x02x\xd3~"\xd2\x84\xca\x1b\xde5\x927\x17G\x96k\x10G/7\x94\x8c\xba\x93\xa2nq\xf9\xc7\x8a\xdf:"\xda\xf8\xd7F~\xee\xc4\xe6\x8eh~3q\xfd\xc9M?,\x02\x9fi<\xcceF\\:\x99vQ\xac\xc5\xf6XKn\xa6\x924\x8fr5x!{\xa2/omq\xeb\x88\x0e\x9e\xcf\xa5\xdfZ{~fLtY>\x8f\x1f\x95M\x0cl\xcf\xfd\xc2p\x82\xed\xb8\x17\x03\x03\x00`X\x07?"\x916\x80\xd1w\x98x\xb1\xf1w\xe0\\\x06|t\xb4fr\x05\t\'\xb3)\xd5\xcbZ\x18\xc4\x8cB\x86\xcda\xb4\xd9\x8dr\xf1\x97\xff\x9d\xd0\xb4\x963/\nr\xa4D\xb5l,\xfcQ6\xdb_\xd1\x86-\xd5\x15\x0e\xbbv\x11\xb4\x11\x08\x96\xeeKJ\xb1?\xd9iT\xd1pN\xae\x170(\x0b\xa3\xce\xfaa\x10\x17\x03\x03\x00E\x8e\xae\xe7q\x1e\xc9c\xba\x8di=E\xffr\x95\x1c\xad\xbe\xca\x81\xd7\xd7\x04M\xf0\xbc\xaa\x8dC\t\x8e\x1d\xbd\xa1)\n\xb3\x1e\xd6\x08,B\x97\x13\x13\xeb1"\xd3\xfa\xb1\x15~\x88Cs1\x01\xd0\xe2\r\xf0\x92h\xf3\xdf\x95\xda\xc4' + + +2024-12-14 20:36:00.661468 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28341 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156342165 + ack = 2767129880 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.696240 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28342 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156342165 + ack = 2767130818 + dataofs = 5 + reserved = 0 + flags = A + window = 1020 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.721588 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 120 + id = 28343 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156342165 + ack = 2767130818 + dataofs = 5 + reserved = 0 + flags = PA + window = 1020 + chksum = 0x8045 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x14\x03\x03\x00\x01\x01\x17\x03\x03\x00E\r9(\tpMf\xda\xee\xb4hzc/\xbc\x9d\xf8\xf6\xec\x8c\x03\x91\x12\x01H\xbe\x9dS\xf1\x8b8\xa6\x93\x082\x00-\xdd5~B\xd25\x1e\xb4?\x9e\x89M)Z\xcb\xb2\xc5\x97$\x01\x19\xd0\xb4\xfdA\x8f\x1f\x7fl\x87iZ' + + +2024-12-14 20:36:00.731806 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 433 + id = 28344 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156342245 + ack = 2767130818 + dataofs = 5 + reserved = 0 + flags = PA + window = 1020 + chksum = 0x817e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x01\x84\x93d^\x9b[\xc1}wD[<\x120\x1e\x96\xa0@\xf9\xf5d\x10\xab\x86\xb5\x93\x0c0\x7f\x94.\xbau\xad\t\xf6\xfeH\x8bw8\xdc\x91\x87\xf2\xd1\xd1\xf3nD\x0c\x96_\xa1\xf2\xab\xe7o\x80\xf8\xa3\x8dV\xfb\x8c\xcd\x02\x8e\xce\xecQ\x15=\x82k\xa7n/\x11\xec\xcf\xe9\xe3\x971\xfd\r\xc7\x1eZ\xec\x89\xeev\xf7T\x9c\x82L\xae\xfb\xbeY,\xcf)U:\xb1\x11\x89"\x8d\x1e\x99\x9bR\x16\xc7\x96\x84\x8d\x9f\xec\xb4Y?\xf7\xb2\x97m\x90\x1b\xaa\xcd\xafV\xfb\xffH\xdd\r\xa6j\xff\xfbJ\x08c\xb9\x1c\xd6\x83\xfd\xf9\xdd\xb6\x97\x97\x02\xf6Vwl\xba\x84\xdbv\x1f{N\x96\x986\xfea\xf4I!\xe6\x8c$\xf86\x86\x17R\x90\xbb\x8f\xe0\x97\x1d\xf8\xe5\x9f\xffF\x84\xbe\x17\xd4v\xf5\xa5\x96fS\x10\xf9\xea\xdeQPOb5T\xc4\xd5\xea!\xcc\x0c\xc3\xefRz1\xb8\xdd\xe7cnq\x181\xff%\x8bN\x07\xcc\xb3\xfd\xa1\xfc\x8c7\\\x99\x07x*\xe4i\xa38r\x95\xab\x00\x8d\xfb\xac\xfe\x8df\xf0cx\x06P\xf8\xee\x05\xf3\x1a\xf7\xeeQ\xff\xdc\xeb=\xd1\xe3\xd1\xb0\x97\xa38\xf7\xaa_\xef;!9\xf7\x02\xd30\xf8\x8f\xa2\x10.w\xd8\'O\xe5\xa4&\xfc\x87\xe7\xec\xfe\xcfM\xe4\x16\xea\x0f\xd8&h\xa8\x82K\x8a\xb4bc\xbe\xd7\xb8\xd9xk\x82\xd1\xc6\x89\xff\xbd\x80\xa8\x0b\xa7\x13\x96B$\xc7\xdd\xa3 \xf6U\xc6\x1a\xb6\xfdq\x92JJ\x96\xdf+cS\xfd\xa0E\x0bk>\xdb*h8F\xc2\xc9\xe5' + + +2024-12-14 20:36:00.776186 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42770 A / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1500 + id = 54905 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xebc7 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959622314 + ack = 3308738714 + dataofs = 5 + reserved = 0 + flags = A + window = 501 + chksum = 0xabcb + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x07W?\x0b\xab\xad}7 .y[\xe2~\xb7\x17 \x88\xcci\xf2e\x1b\xdf\xa8LHt\xc6>\x11\x030\x02\x0c\x04\xa8\x04\x9f\xce\x1d\x89\xd9\xbd__=\\\xa8\xf3+\x8b\x15\xbf\x82.\xae\xd0\xaf\xdf\xde\'\xb1T \xa0\xc5\x85<\xde\xc1\xba.n\xff\x1b\x15\xfe\xc3\xc8TKy\x18\'&o\xfa\x1d\x8fY\x8c\x10\xf6,\xb5*\x957 \xb6\x16\xd2q;\x17\xaa\xcb\x88j\x1e\x05*Z\xbd\xb4\xb1\x938\xb6\xf5\x01\xab\xd8\x12<\xf0\xc30\x03\xd7\xcf\x06\x9b\xbc\xdf\xa5\x0c\xd2\xbd\x93\xb4r\xc1\x91t\xb6\xd9=9z\xebao\x90C\x15\x08\x19\xc3W\xdcIm\xd6j\xf0\x8d\xa1\x11\xad1Gf\xeb\xe3\xe6t\x91\xc8\x10\xc0\x8b\r\x8b8BI\xdb\x7f)\xd7\xe1^\xbb\xd0\xa6\t\x1f\xe6\xeb\x87h{\xde\xce\x1d\xb9\xa39Jt/01C\x0fA\xfdq\xd3\x9f\x17\x12$\xe8\xe6\x00\x83\x15Z9\xe5p4\x00G\xe9<-\xc5\n\xde9Z\xa8\x18\xe5\xa7\xf0\x9e\xf4\x9b\r\x8a\xa8Ff\x91\xf4\x1c\xf1\xe6\xaa\x1f\xb1\xcf\x1d&\xae\x1a{2\xf1\xa2\xcc\x1e\xff\xfa$U:^\xed\xfb\x04\xcd1\x02\x07^\x9c\x8e4\x85F\xe8&w$X\x88\x80O\x81:\xd2E\x9d\x9f+(\xab*\x9b\x80V\xf1!\xc0\xef\x93\x10\xe4^\xe0ub\xb0,\xf3\x84\x8b\xa2\xfa\r\x8e\xb4M\xda\xa2\xb1\x11\xda\xc8\x03\xf8\xa4.\x94@\xf6q\xd2\x15\x86\x86\x19\xf2\x13\xae\xe2/\xba\x90r\x85\x97\xa1\xa0\x99k\xdd\xf1\xe4\x9a\x19\xbd\x9d\x86\x0c\x7fu:\x86[\x8b7\xb9t\xabF\x19\x1f, U\x85\x9cDP\t%z\xe6\x16v\x05\n\xe5&\xa14\x0c\xb2\x8e\xf5\xb0G\x1d6\xac\x05\x8fj\xd3MSW4T\x81\xb3t/"\x0f*\x040\xf1\x9d\xf1\xe8Z\xe8\x96\xe0\xd4\x19\x1cj\xf8\x82\xcd\xd6\x13\xb8\xcc}j\xbb\xb4\xe0\xd2U\x11e\xf3\xf6r\x13\xb6k<\xff\xb2\x12nA\x1cR\xf6\x9a\xbb.\x9d\x8c*\xf3\'^J\xa8\x8665\xec\x14\xd1\xd9\xf6\x82\x9fn\xcc\xefi\xa6\xd3\x8d\xe8tP\xa9\xec`\xc5Jm\xc8\xc7S\x0e\xc5%\x0e\xb9\xfc\xc1\x81\xa4\xa4D\x06|>i|\x8c\x13\x82\x93d!\xf0\x9c\xa1\xe0\x07H\x94s\xcfc_\xdd!\n\x96\x89\xbd\x02\xa6\xef\xf9\xf3\xec\xafg_\xc1\xe0>\x9bx\x87x-+\x80x#\x91\x1c6u\xb2\xe8=\xa36\x11\xf9\xbd\x92\x96\x08\xe4\x91\xca]`|\xf5m\xc3\x12F\xb1\x18\x1b\x01\xfa\xcb\x10\xbe\xac\x86m\xd5\xf8\xd9\x8cw.\xb7\xb6\xc1S\x10\xa1o\xe7\xa7\xe8\xf3%\x01\x1d\xdf\xc1\n\xa9p\\\xaf2\xc7\xee\xdc\xb2\xbe\x8b\x8b\xcc/\x9626\xa2\x80\x01\xd2\xc7[k\x803\x07w\x9dTM8\xc3M5\xd6|\xc1\xdb\xb3 ~\x8bkQ\xe6\xa2ek^\xc0\xe8\xd3\xf6\x9f\xc6\x0c\xce\xff\xf6\x0b"F\x88\xd6\x99\xe9[\x83>\x92\x8d\xb9\x7fWb}5,\xea\xc5\x1a\x9d\xdf\x86(d\xb2\x7f\xcf\xac\x9a)\xa3\xf0\x8f\xee\xde1l\xa52{f\xb3|\x01\x0b\xf7\xddK\xcb\xc0<[\xed\xfb\xebz\x95\xe3=\\E!z\x1f\xa9\x94\xda\x1a\xd8\xd6K\xed\x0fK\xa8R\xe9\xd5\x84\xd8\xca\x1c^\x95I0\x05\xe2Z\xd8$\x0b\xc8\xf1\xc6\x0b\xc3\x89\xe04\x98U8{\x8d\x06\xca|<\x7f]\x19\x1f\x98\x922@ \xedCq\x1f\x9e%\xf9{r\x80\x89\x8bQ\xc6\xcei\x96\x0e`Y\xfbe :\xe8ia\xc6Y\x10\xc6\x136=G\x8f\x8b\'\xc17\xb9\x840\xdf\x07\xd0b+\x9b\x895x"Y\xdac\x1d\xa2&l6\xf4\xe4%\x00]%\xf1QC\xe3\xfeX\x8b\x8bk/\x87o\x1c\xb6O\xb2\x0ev\x97\x86\x93\xe2#,Ab\xb7\xe1\xfaL\xc2BbD9>\xa0S\x8c\xc0\x1a\x1c\xe9\x10\xe3K\xee\x9eR\x1b\xf5\xe9\x11\xf9f\xe19\x9d\x0f\x111\xc2\x96\x85\x92v\x80\xd2\x13\x0f^PNp\'\xd9\xe5\xee:z\xc9\xef\n3\xed\xae\x00A4\xfa/}\xbb7\xab\x80\x87\x90\xe4\x93\x97\xaa\nq"`\xe7\'S\x87\x92n\xe4D*\x91\x9bn.\xd4\xdd\xaa\xc4\xfd\xa6\x13\xa4\xe0 f3\x83\xfb\x04]H.\xc1\xa5ci\xa0\xcd7\xc44\xb0\xe3q-\xd5\xe1\x9bC\xe5Y\xab\x1a~\x9aw\xd9\xfc\xedX\xe7\xe8\xb6\xbf\xc8,\x08\xba\x8a\xc9L \xbaH`%,\xfb\x88?\x8cp\x13o\x9c\xbf\xd2\xf7\xfa}&\xd9l\x0f\xa0}\xf3*s\xd1\xa36gb\xee\xbeMKX\xb7\xa9k\x9dc\xba\x9e\x14\xc3\x8a\xf5\xdc\x98Y\xa9\xf1,\xfe\xf0\x1e\xc7%\xc7\x18N\x80\xab\x84\x91\xb8>\x18\xb7\x91\x0e\xba$\x1c\x9dr\x01\x02\xcf\x98RO/o\xf5^Q\xa0\x1cgs\xf3\xc0\xbd]\x0bI\xf6\r\xc5\xe1\xe7\x91=\xbd\x89~\xbb\xfeu\x84U \xc4\x8a/\x9dZT\xe4\x92-\x19\xbde\xf2\x99F\xc4\x0e\xe3X\xa2\x1c\xfd\x92\xae\x10UmkF>t\xd9.M\xfe\x06\x9b\xa0\x1d$8\x98\x08.\x06\xd1\xf2\xb2\xe5\xa4\xc0\xb0\xbb{\xdf\xde\xd3Q\xc6d\xec\xa7R?\xa9\x8d\xa6\x19mY\x92j!\x84\t\x19\xbf\x9dK|T\xd3#\x08\x8bM\xf1LDnhw\x8fJ\xccE\x9b\x9ahx\x9e\xd8eOs\x08\xf5?!\xb7%\x0c\xf0\xa8C\xf1c Gh\xb2N\xd56\xe0\xdc\x10\x08.x\x99\x1d\x81\x9a{\xfe\xc4\x8b\x02\xc4\x872;\x87UkWN\x9f!VLe\xa5kC{Kw\xb2K\x03\x99\xffX\xaa\xe7mp]\xd8\xa4$A\x1e\tX\xfa\xf1\x04\x98\xca0\x07\xac\xde\x08\xa5\x80\x01\'b\xa0G\'\xb0\xe3\x14\xa4\xc9\xef1\xca' + + +2024-12-14 20:36:00.847963 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42770 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 464 + id = 54906 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xefd2 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959623774 + ack = 3308738714 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0xbb4f + urgptr = 0 + options = [] +###[ Raw ]### + load = b'm\xc1\xc3\xdc\x8fN\x1d\xdd\xb7M\\\x83>\x10k\x83\xe5n\xedH\xea\x88R\x8b\x94?\xf1[\x19\x87\xa9\x1c\xf8x\xd2\'LR\x1dx\x07.\xb7\x04\xdb\x16\xc0X\xb8\xca\x14\xfd\xb7d2V\xa2\x06 \xb29X\x84#\x96UK\x85\xe4\xae\xa8\xf3\xa1\xae\x1aa\xe9\x8e7\x93\xbf\x18a\xa1\xb7R\xb6\xb8.~\xf7\x83\x85T\xea\x9a\xf0\xe2\xa7\x9c\xb4\x1f\x16\xef\x9f\xae\x89^\xa9u\x08\xfa/\xf8t\xact\'\x16\x06U.a\x0b\x9b\xf6\xfaU\x89(\xa7ZXo\xc0\xca\xa1\xa0\xb9R\xe8w\x06[\xbf\x1abp4\x0b\x00\x93\xcb\xde\xc32\xde\x08OKv\xe7\xd6SB\x95\xedf"\xb8\xcd+\x08c\x12\xe9t\xcf\xd2=SI\x1c\x0fc\xe4\xe8\x824\xd9\x1a&HX\x85I}#+\x13\'>\xea\xed\xe03\xe5\x8e\x8f0\x07Q\x02\xd1\x96\x90\xf2\x0b\xa8!D\xc7bv\xd7C\xb8\xc2\xd1N\x9e-\xf6\xfc\xe0\x02\xa8\x82\xc6\x9c\xef[vW\xc9\xb6dU\x83\xea\x831\x80\x08\x05V\x8fC\xf4=\xfe.K\\\xf6\xeb\x9a\x8f\x13\xe5\x85\xb0\x03HX\xff\xc18X\xc66s\x8bS\xca\xa4\x94*\x9f\xb0\x04\x03\xe9\xe0\xea\xd7\xdb\x11\nh\\\x80\xb0!\xf1\x99X\x08\xb6\x96\x07\x8eX\xb8\xd0H\x1dr\xdfV\x81\n\xf4rF\x02_\xcc\xcbA]\x975\xe2\x9b\xda\xcc\xff\x1dr\x02\xe3\xfe\xe9\x8a\x88]\xadk\xd3G+\xa2\x89\xb5q\x03_T\xc4j\xb3\x8d\xf4\xf2\xc8\xc8\xa4\xbb\x0fD\xbf\xf1ZJT\xaf\x1a$\xe57SS\xaa)\x0b>f\xb3A\xf2\xfc\xd2\xd2\x04\x8b\xce\xca~9\xe4\xe8\x17\xacg\xd4q3+\x1e\x97E\x14\xa6\xd0h\x1a\x9a\x06f\x86\x92\x1a\x05' + + +2024-12-14 20:36:00.922357 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28437 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308738714 + ack = 959623774 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.954422 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28438 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308738714 + ack = 959624198 + dataofs = 5 + reserved = 0 + flags = A + window = 1022 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:00.957852 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 433 + id = 28439 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308738714 + ack = 959624198 + dataofs = 5 + reserved = 0 + flags = PA + window = 1022 + chksum = 0x817e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x01\x84\xed2\xd913\x1f\xff\xf0\xd8\x83\xe9\x9cNa\xad\x8e\x8cx\x99~\xefj\xfc(P\xa4\xf3&\x867\xa0)\xfc,\x0e\x03\xfc6D\x83d\x7fz\x87(\xaa\xb6S\'o<\'\xbd\x89\xa6zO\\\xfcG\xf3eE\x08\xcf\x02\\\x8a}\xb4mF1kox\x12a\xa4\x9d\x9eA[\x00\xcc\xc43\x10vE`\x1f\xce\xcbG\x81\\t,\x05\xf2\xa3e\x1a\xd7l\xa2\x9eN\xcc\x018u\xff\xc1\xaf\xb7\xb0p%\x80z\x1d\x1e\x826\x88\xc6\xb0es\xfaq\x8b\xe5\x11bZ\xe7h<\x03\xaf\xae\xcbD\xacn8\xb9\xaa=q/\x97L\x98\xa3r\x9a\x99\x90a\x1f\x11\xd6\xc6\xd5\xc1d\xd9Op\xf2\x18\x87\xd6,\xf5\xac&\xfdR\xd0\x00\xe2R\xf5\x10\xf2\x00%\xe2\x01\xbfS\xc6\x04\xd29\xed\xc8\xa3\xd9d\xc66\x1e@x\xaeh\xbd{\xe4\xca\x9dU\xc0d\xf3c\x8d\xcb\xc3\x06\x83\xfe=\xb3\xbe\x03:\x867\x1e,\x95\xb5\x92"\xc6} 192.168.1.11:42771 A / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1500 + id = 37745 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0x2ed0 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767155766 + ack = 4156347747 + dataofs = 5 + reserved = 0 + flags = A + window = 501 + chksum = 0xd91e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x07X\x0c\x93`\x91b\x8fi\xe4\nx\xf2o\xde\xab\xd7\x0bv>\xf6\xd5>\x12w\x95\xf4\xb6\x89\x89\xb2\xc8\x98`,jz\'\x00\xa8\xdf\x08\x85)\xc6Ke\xd0f=\x0c#Ou\xbda\x1b\x80fa\xf3\xfc[\xd2w\xfd\xcf+\xde\xed\xeba}\xf5\x05U\x1a\xa8\xaf\x13\x13\xd4\xe4^!\xa2\x0b>\xcf\xfa\xadK\x92\xcao\x98F\xc7\xf0\xd2\r\xab\xde\xcc\xdf\xf9\x97?\xf5\xd2M\xf2C\xe9NJ\xcc\xa0r\x94M\x82X5\xdf/6\x83r\x90\xf8,\xf0Q\x9d>\xf7`\xe5\x10zY\xe1\xe1\xc7\xf9\xd2\xd5\xa1\'\xab\x94\x07\x1d\xea\xabL\xad)T]JGR%$\xb3\xa7k\xb5RjbX&X\x17\xe4\xd5\xc6\x1fT\xe3 u\x08J\x9c\x8f\xd8\xb7\xde\xfe*t\x80\xaep\xeb\xcdOO\xbd\'7\x8bL\xac0\xafQ\x98\x00W\xad\x8b\xfa\xb3G\t\x9a\xb0\xb0\xbd\xc4xMaJH\r{+F\xab\xf6\xbb\x12\x99j9\x92\x8d^C\xb1\x14[\xfb\xef\xb0\x17Gj\xa2\xfe\x0b>\xd60Ne\xae\xc3\x00\x92\xe1\xc7\nO;\xc4\xbekW\xc9E\xf6\\P\xf0\x1b\xa0\xdclN\xa5\x1f\xb5scPUo*\xfd\xe8\x99\x03:lDX\xc0\x92\xead\x975%\xb3\x7f(\xae\x8eLV\xce@\xd8\x0e\xff\'E\x04f|\x88 \x8a\x05n\xa7g!\x99\xcf\x97\x0c\xbdq\xb3`\x82\xdb\x9aA\xdf\xcb\xa7A\x81\xcd[2p\x86\xfe]<#\xd0\x82\x9d\xa1\xe6v\xe1\xc6a\xba\x95$\x0em\xdb\xaf\xdc\xe0\xa9B(\xdd\xd2I\x95\xb3\x9b\xbf\xf1\xbf\xcf\x86C\x9f\xb6\xb0\x1a\xe8\xa3\xa4\x16:\xd5e*\x01\x93\x8f\x06\xb9\x17\xae\xdd\x86_\x05\xbb\xf8\xa6\\\xeb\xb6:\xf0\x88\x0c_\xa0\xc0\xd3\xf6E\x0fk\x81\xda9\xf3RB\xf7\xb1/\xcf\xce\xda\xe2\xc2\x92P\xedx\xfe+S\x96\x82x\xab4\x16+\x93\xf2\x897\xeb\x01\xa41\xe8\t\x05j\xf4\xe0<\x87\xa3\x0e\xb0h3\x8d\'\xe1j\x8e\xd9\xfd%\xa40v7\xf9+\x97\xb6\xc4\x1e\x1dO5\x18%r\xde1\xda\x99\xe3\xf9W\x01\x01]O)\xd5\x1b\xb5\xa05Z\x1b\xb6\x1f\xd4\nA\x8b\xb3\xfa\x04J\x19Cn4\xfd\x9ei|C\xdc\xaa\xf9%\xc7\xf7\xfb\xf5<\xc8\x16\xe6!o\xf3}S\x1d\xc2m\r\x86\\\xa1M\xe8\r\x96\xd4gp_=\xeb\xc3\x18\xc3\x17\xe9R\xf7\xe4\xa4j\x12\xc3$\xe0\x992\xb6\x9bp\r\x8c\x9e \xa8\x164\xe7\x0bx\xbf\xfas\x84\xe2\xe1$\xaa\xfd-\xb0#X\xf3\\U\xa9\xaf\xeaiR\xc4\x80\x1b ;\x08\x9e\\\x8f|\xc1^KE\xf5\x9cB\xb0\x99\xc6=e\xd6`?\x06\xb1\xedK\xc2$\xd7\x8a\x8b\xa2{*\xdf\xc7\xd8\xc3u\xd2\xb5g\x1d\xa9Ka\xf4G\xd0\xf0\xbbCL\x94\xc1#N\x9doV\x97g\xab\x8a\xc3\xb0\xe2\x19\xc6\xcdm\xd1\x0bE\x82u\xee\x84\x8bj\xe2\x92\x8c\xa3\x17\xe6r\x07\xf2\xde6\xaf\xce\xe9\xdb\xa4V\xe8W\xa1NobP{\x9b"\xe4j\xc6\'\x97\xd4P\x13\x04,\x01\xe0\xe0:\x1e\x8d\xa5\x8fZ\xf2\x94\xf4oM\xe5\xd1\xc8RkS\xf3\x0c\n\x04\xe0\xb8;l\x92D\xc3\xd8-n\xe5@BNb\x99C\x08\xc1\xba\x1f\x91b\xa1\x0bD\xb7\xe5n\x1f\xd3\xca_\xed\xe0\xa9\xf8+\xa8wGF\x8c/\x8eXA\xf7\xf8\xdb\x0c#\x91\x92\xba\x0f\x99f\x14\xc2\x97\x90\xb1\xd9\xcf6`y\x10i\x1cM\x0e]QS-\xdd1\xca\xe1$V\xf8\xa1\x1b\x901\xb6\x8dQ\xbavJ/R\xfc\xdf\x1a\xee\xb4\x89N^\xb3\xcb\xea\xbe\xb7^.&_\x86\x1b\nxn\xd9!\xf4\x1a5sA\x82% \xa4\x1fpm\xe4\x96\xf1q\x9fB\x87 c\xfe\x87cs\xf9\x15=\xcc\xbc\x0e\xb3\xc7\xf3\xc6\x17o\x96\x89"\nv\xed\xacx\xd9Y\xaa\x18S&\x18\xe2xRw\xe0\xc0u\xc3\x7f\x8d\xe3\x16\tMJ\xa6\xdc\xaf\x93\ro%\'\x18\x8a\x96\x184\xed\xee\x136\xad6\x1f\xff\x08\x00n\xfe\xcd\xef\xed@d\xbe\xcd\x05\xd4\xdb\xcaH\xfd\t\xbc\xf2\xda\x08\x15\xc3l&\xa3W\x03\x9b\xd0\xe6\x97\xb6\xc2\x18\xeeBF\x90H\xf7a\xa0j\xb1\xd1]\xa4\x8d\xf7\x07\xa8&\xfd\x1c\x94D\xe1p\x9f\x80\xe0\xb2m\x80]\xe3\'^\xb8Ys\xda\xad4\x1e\\\x07?\xb54\xa7\xbb4\x1e\xb3=\xe2\xa3\xbe\xb8\x94\x16\xc1\xbb\x8d\xa7\xe6\xe6\xd3\xe8\x96\xf3\x92\xcdu;*\xa9a3\xc5\xdf\x19\x01\x7fD4w5e\xc7\xd6\xef;:\x11U\xfa7g\xbe\x17Ev\x96\xb7b\x08\xa3\xd3\xa0\xcc\x08\x87\x9d\xd9\xf9\x95\xe4\x9b7\t~\x03\x07\x11;\xd9\x06\x16\xd3\x17l\x1en\xe3\x8c\\\xb3\xa9\xb1%7H\x9a\x9a\x8d[ \xc6\x0f\xdd-#\xea7#;,~BW\xa8\x89]\xc6T\xd4\xdd\xd1Uf\xd9\xae\xaa\x17T\xfa\'\xdc\xb6\x96\xfd\x80|4\xe8-\xe0q\x9e\x9bx\x9ci\x0e\xdd\xb61\xf4j\x9e\x13\x84\xfe\x8d\xa7\xf8\xc4\x03\xc8[T|;\x92\xa7\x99\xc6\xd8\x102Hr\xfc\xd4pW^\xdd\x03.\xa2@]\xad\xfaA\x8c}\xe7_\x9e\xb8/\xfe\x1fX\xc8O\xdb\xe2\xa0\xa38\xb6\xcb\xe7\xb0c\x9c\xf2\xb0\x84M\x9a\xfe\xefgO\xad\x03\xa6q\x1f\x90\'7\x8b\xd3#\xf5\x87\xad\xde' + + +2024-12-14 20:36:01.077933 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42771 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 465 + id = 37746 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0x32da + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767157226 + ack = 4156347747 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0x644f + urgptr = 0 + options = [] +###[ Raw ]### + load = b"c\x93\xdc\xb6|\xf3\xc3c\x07\xb0\xbf2\xe9\xe3E\x7f\xbbD\x81\xae\xf0\x14\x8d\x8b\xe7\xb0\xb3\x06\r\x93\xdf\xd7Af(\xbe4\x80s\xc4\xa6\xddY\x0f*\xf8\xfe\xc4\x99\x0e\xd3\x83\xfdg\x9dv\xf7\xe7\xf9\x06\x00\x11\xd0\x97\x8b\x05\x02r\x89\xc6\xe7\x9a\x06\xa6|!\xfc#\x8e\xea(\xdd\xe7M\xbc\x96\xb0k\xc3\x1b3\xe8\xde\x85\r\xb6\xebr\xba\xf8N\xae\x87\xc6g\xf1\xf8\xd0\x85\xfd\xce\xc8\xa5d\xb73\xb8\xfcG\xdc\x02\xe1\xf8\x88\x01\xe9R\x05\xfcX/\x94\xfd`!\x9em\x07\xddFx\xf9*\xf1Y9:\x90\xbf$\xb9Jc\xd3\xe4\xb3\xaf\x02\xbb\xc0/\xce5\xfb0DL\x16\xc1\xa2\xb4z\x87\xd2\xbd;=\xe6(\x1f\x8c^\xd6\x9bL\x1cD\n\xa6.y\x92\x1d\xbfW\xea 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28440 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156347747 + ack = 2767157226 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:01.185899 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28441 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156347747 + ack = 2767157651 + dataofs = 5 + reserved = 0 + flags = A + window = 1022 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:01.204624 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 433 + id = 28442 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156347747 + ack = 2767157651 + dataofs = 5 + reserved = 0 + flags = PA + window = 1022 + chksum = 0x817e + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x01\x84$\xf8\xe4c\xb3c\xdc\x10cA\xeb\x96o\xcf\xac\n\xdd\xa3\x82:\xb6>\xa1\xcc=LG\x07\xae!\xb0ql\xca\x04\x99!\\\xbe-\xfbq\xd1\x96\x00\x80\x89(\xcc\xe8$\x06c\xab?\xd5\x87U\x1di\xb5\x0bIE9b\x8c\x0c\xca\x06g\x83\x17\xb7\x0e3\xaa\xba\xf1U\xe1w4T\x8a6c\x03qy&\xca\xaa\x9cw!0bDI\xa0\x0eg:E~s\xf5\xe5\xdf\x98\xe1\xeaij\xa9\xaa\xa0\xb4\xaa\xc3\x12\x8aY\xbc\xc7\x8f\x96\x82e\xb9\xd6ez\xdf\x83\xf4\x80\xd4\x8c\x9f\xe5'T\xdb^\xb6\x00F\x9c\xb0=\x16U\x91\x80\xe5\xb6\x068\xec/\xf8\xd9\xdbp\x8aux\xb1(z\x92{$\x01f4\xafl\xa7\xfd\x0b\x89\xb3\xdf\xdc\x95\xc3\x91\xda\\\x01!;\x98\x902w\xe3\x14`\xa9-\x0b1@rC\x02\xb3\x90\xf4%\xb1\xf02\xf7(\xf6\x9c,\xf2\x08\xffs\xc4\xc64\xe0\xed\xa2\xc1\x95\x85{_U\x06\x10th+\x8e{\xf0\x1fx\xca0\xb8\xc93aq6\x1c\x1aW" + + +2024-12-14 20:36:01.229451 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42770 A / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1500 + id = 54907 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xebc5 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959624198 + ack = 3308739107 + dataofs = 5 + reserved = 0 + flags = A + window = 501 + chksum = 0x53a7 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x07R4\xb5\xe1?"\xf5\xf2Q\xbe\xd8\x150\xf1\x13h\xaf\xbd/\x8e\x7fG\xe7\xa5\x12w\xbb\xbb1z#&KRdL\x13{4\x8bU\xa0\x82\xb8\'\xa0+\xbeP\xac8*k\x83|\xce\xda\xc7i\xa0\xe3gmkf\xe8o\xe9Kd\xb2\x8e\x0c\x1bh~\x01f\xb5J\xbc\xdcj\x0c,\x0b\xe5w\x1c|\xf2\xda\xfd\x0f\xcb\x99S@|\x89$/\xea`tY\xc7\x08z\xd0\xa4\x18\x07O5\xd2\xc2\x8f\x03\xcek\x80\x0es]\x8c\xc6\xef\xbf\xd0\xd6C\x06\xfd\x1e]\x05\xf3\xa89\xf21\xc3R\x9c\x00L\xbc\xbd\xdde`\x97K\xc7\xbc\xb1\x88\xf5\xae\xd5{\xa4\xf3~\xe8\x1f\xb3\x0c\xe2k\x99u\xbciLT:6\xb5\x18\xfe\\*\xbaz\xb5_<\x93\x92A\x968\x04\x06\xf5W\xbc\x85\x16pM\x1dDYYy\xa81\x83\xccHoY\xde\x02K/\x13\xean\x04\xfd&\x99\x0e\xf5\x18\xf9\xf9\xbd\xe7\x91\xbf\x8b&.\xd2n\xebMuS\xb2\xcf\x08eK2\x91/\xdf\x84\xcb\xd30\x8c\xe8]\xceJ\x01\x88V\xba\xbd\xb4Ehu5\x84\xb0\x02\x08\xa1j\xb9\xd9}\xce\xd9\x0f\xa7u%\x0f\xc3\xf9\xc1\x89\xbc\xe2%V\x94\x17\x04 \xeb\x12\xbc\xfd\x0eKkrq`\xa1|&Z\xc2\x85W\xbd\xe5\x0f\x89\xc7\xf3NE"9Y\xd0/\x07\xc3\xb2zZL\xc2\xbf`&W\xab\xd1\x0bw+q\xfct0\xedZ\x01\xab\xa6\x93VH|M_DfT\x1f\xb4\xea\rw}\x88\xe8O\x14Y\x95\x9ch\xa0\x9d\x93\xc3+\xeb\xbc}t\x8f\xeb/\xde\x15\x0c\xb6j\x0b\xdb\x8egw\x0f\xa2\xc6\x9b\xca&\x87/\xb4\xa5\x063\x00\x02\xd4s\x83*\x07\xa39$s\x82\xc8\x17\x9bx\xd4\x12\x90\xea\x87\xa7e\xeet\xbd\x97$\xd6\x06l@\xe9Q\xb3\xf3[U\x00TS\x85\xf3\x9b\x13\xef\x8f\x00]\xaf\xb5\xddSR\x01U\xa7S\x8b\xa8\xa3\x8c\xb4\xd8\xed*\x1c\x9b\x80\xf2\x08\x8da6\x91O\x80x\xe9\x06>~\xfbdKd\x03*\xcb\x01\x1a\x91c\x1dA\x82Y\xdc\xb5AW\xb0K\xe6&\xd9\xc2\x8ak4Odd>\x85b\xe2\x1b7U\xc4\xcd\xe2\x8cOE\xd9\x0f\x84C\x83;\x0f)\xa4\xa7\x94l\xa8\x01\xc2\xf9f\xb6\xd6\xb5i\xcd\xdbT4\xcb\xefc\x11\x1e\xf4\x1eRAG\x91J\x99\xfa,}:\xfd\xb6\xdbMFX\xf2\xf7l\xde\x85\xdaB\x8e8\x80/+\xc6=5gXd\xb1\xa0F\xd2Q\xd5!\xbc.c\xc2+\x9dpW\x172A0\x81\x01\xd9|\x1fi8\xe0*\xbe\xf9}\xbf\xd1?\xcc\x1d\xdb\xcf\x10\xd4i\xa1\xc0T\x0c\xe1\xdb\x07\xa0g2DX\xf2\xb0\x9f\xa2W8a\x0f\xedT\x15\xa8\xb2\x9azN<\x00\xc6%\xa7\xafy\xbdWK\xc5[(uv\xbf\xd4U\x8f?\x0e\xbb.\x94\xd3\x1a\xce\xf4\x815\x8f\xa8\xf9q\x8e\xc7\xb2\t$A\xc7\xb0\xc8\xe9\x8d\x00:t#\xa3\xb6G\xd0\xf6\x88\x05\x8d\x01~\xc7\xe9D\xb5\x06C\x96~\xac\xa0\xff\xe5.\xedu\xa8\x14\xc0\xe0\x95:\x99bg\x8a\x07*\x85\t\xb0\xfd_\xa2/\x10\n\xff\xc3\xbb\x7f&T\xcd\xbc\xfeX\xc1]\x9c\xb8\xa7a\xf9w\x15V\xfe\x94d$\x90J\xf9\xc2\xe9(\xec\x90\x86\xb2\x95c\xa7\xa2\x166\xb6\x80\x82F\x161\xeeJ\xf5\xae\xb7\xb9\x84\x01\x8a\xde\xccSC"E\x99a\xc1\xd0\xc7Bt\xdf\xca\x17\x9f\x02\x03\x99\x00\xf4\xe4\x1fj\x95\x05E\xdb\xbc\xbe\x82\xa6"\xd9\xa1b\x0b+(\xdc\xb0\x19\xaf\xbf\x9dp\xe9\xcf\x17\xcc\xc8{Oi\xf2\x85\xa0\x11\x082>\\\xa5I\x90\x02\x1b\xb9\x16+\x82\xc3\xcb\xc1\x99\xa9\x910\xbf&\x14\xfa\x82\x95yY`\xbe\xa8H\x950W\'^\xb7\xd0\xba&wG$\x93\xcaS0\xfe\xbf\xa6\xd1"\x07\xa4\xa33v\xd5\x06\xd4\xfd\xb3\xe0\xc1\x12i\xd4l]\x84\x9e\x862S,\xacr\n\x90\xb0\'\xa2\xf0\xb0\xe2VP\xa3%\xd7\xff1V\x7f\xf2\x1f\xfc* \xb9<\x8e\r}\xc7f\xb7\xda\x08\xd5\x98:\xcbH\xa0\xa8.S 192.168.1.11:42770 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 459 + id = 54908 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xefd5 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959625658 + ack = 3308739107 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0xb9a8 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\xc0\x8a\xe2\x84\x13\x01\x88\xe7\xb2Q\x8c\xf6\x96@\xae\x95dn\xe4V\xd4\xef\xbc\x16\xb7\x94\x82\xfa\xa3l\xae\xf8\x87\xa4\xc3\xd2B\x8d\xfa\xe2\xact^\x1d\xce\xd2\xaa\x7f\xb4]\xdft6w\xe9\x9c\xeb\xc6;\xce\x81h\xa9h8T`\x99\x1c\xeb\xc3\xb5(\x9cu\x90!\xfe\x8f}\xe3\x1eB\x06Ow\x0e\xfe\xd2\x1f\\\xde\xde2\xff\xda>q,l\xef\xdb\xd9t\xbavY\x1d\xf0\n\x98\xa8ng\t\xe7Fs$*c\x980\xb2\xcb\xe1ftUJ\xc3\xb0\x9d\x893\xd2\xa8\x0fe\xb8\x03\xb8\xefC\x10\x89N\xb3\xf8\x98\xe7G\x11ro\xf2{\x02\xd1\x84\xca\xa8\xc4\xbf<\x91U \xa8{\x81\xc0#c\x87\xa4-?\x10b\xec98\x95\n\xbc\xe3\xf3\xd8\xa3"\x89R "\xd6?\xbb*\x9cq\xd9T\xd7\xf4\xabN\x02=\xc3>7\x98>\x8dQ\x97\x00\x8b\x9a\x14\xc43l\xb4\x8e\x1a\xf36f\xe5\xdc\xe6\xe2\xa0\xf3o.\x92\x00:\xd4ltf\x9cK\xa0\x0f\xdf\'\xc6Fcjf\x08\xdf\xc6\x98\x1b\x90`\xdd\xad;\x99z\xcb:\x00\xfdI\xde;\xa8cp\x94\xe6\xd41X\x89\xe0C8&Ri\xcbjJ\xd6\xebZ\'\x0e\xa8+)_)\x91\xc8\xf6C8\xf4\xda\x05\x93!\xb7\xd7\xf2\x8d\xda\xac\x9aql\x18r\xcf\xa1>x\x14\xd3c\xfa\xc8m7\xcdnO\x9d\xf1\x05\xaa\x05\xad\xd26\x04\xd0b\xc2&w\xca\x12M\xd1>H\x95\xb7F\x14]\xd4Bk|z\xf4)\x8c;\xf59i\'\xdd\xff7\xf7\x9b1\xc8~\xbd=\xed\x05\xc6SQc\xa1R\xf6\x1b\xb4\xd6r{l\xfc\xf4\x11\x1dY\xe8R(Q\xdb\xcb\x87\xd0\x00k\xa3\xaf\xa6' + + +2024-12-14 20:36:01.369228 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28443 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308739107 + ack = 959625658 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:01.432465 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28444 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308739107 + ack = 959626077 + dataofs = 5 + reserved = 0 + flags = A + window = 1022 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:01.453229 - Ether / IP / TCP 192.168.1.11:42770 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 433 + id = 28445 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42770 + dport = https + seq = 3308739107 + ack = 959626077 + dataofs = 5 + reserved = 0 + flags = PA + window = 1022 + chksum = 0x817e + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x01\x84\xd3\x18x\xe1(\\/'.\x9c\x9e\x93\xb9H\xbb\x07\t\xa8D\x1a\xf2\x81@\\\xb3\x13$]\x1d\xa0\xdc\xb3\xf3\xebV\xbaXL DU\x04j\xd643e\x92\xc4\xc2\xed&\\\xab=\xb7Z@ux:\xbbN\xf6\x0e\x9c\xe0\xdd\xfc\x01\x11\x92\x8a\x15\x90\xe0\xb1\x96\xd1jo\xa8Y\xcf\xda\xe6\x1d5\xa5N\xb4T\xca\xfc\x11\x11\xf0\xb9\xfb&n\xd2\xa6V\x8bi\xec\xa0\xc4\xc7m\xca\xecO\x0b\x02\xba\x87\x9f\x97\xfb\r0\xcei=\xfaM\xdf\x00\x9e \x06\xdbi[5\xa6O\x0c\x1dg\x12\xe1\x7f\xf6\xf1h\xc3y\x0f@M{C\xd1\xd0\xa7\xd8\x05\xa0fd\x9a\xe3\xf0kI\x12\x9b\x03\xed&p\xaa\x06\x96e\x8b\xed\x17\xa2\xf7\x14b34\x16\x91h\xb1\x06\x7fND\xa4g!x\xd0\x88LO\x15\xd9\xb1@u\xbd\x1f\x92m\xecO4\xd1\xcd\x19\x9d2\x9d\x86\xb3T5\xdf\x9e\x17\x1a\xbf\x9a\xc5\xbf\xa8yC\xdbA\xaeP\xf8D[\xa9F4\x80\xe336X\x0f\xf4C\x0b\x11,\xae\xfe\xcav\xf1\xb2\xd4k7m\xd12u\x84b%z\x95M\xbb\t\xdf\x86\xb3\x92\xc7)IhlX\xac\xa0`Wzc\xd4\\R\xb6\x7ff\xca\xae\xdb\xda\xb4:\x99\x91\x10\rceu\x1faTR\x7f `-z\x99T\xd9^\x81J}\xa7CT\x9bd\xf0\xe0BR\xf3\xb0\x0b^\xef\xb88g\xfa\x95\xc0\xf8\x19\xc3~\x959\xf8\xff\x83t4]a\x92\xf7F\xd2\xe1\xee\xb3\x16\xc8\x1d\x1fWv\xf2\x898\x8b\xb7\x9bX\x9b\x97\x1aF\x85\x13" + + +2024-12-14 20:36:01.496760 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42771 A / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1500 + id = 37747 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0x2ece + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767157651 + ack = 4156348140 + dataofs = 5 + reserved = 0 + flags = A + window = 501 + chksum = 0x17a5 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x07MX\x18BW5#\xaa_\xf1\xdf\x92"*\xedy\xd8\xe4\x86\xe7\xacr\x04SO\rm\xc3B/\xa0\x03P\xdf\xfe\x7f\x1alnq\x8c\x16\x8f\xbcL\x86\xb0\xb6+\x88\xb4$\xb3.\xca\x96\xd1[\xde\x91\xee?]\xfc\xfd\x83\xf5\x9c\x98/;\x0f\x97W\xaf3v\xf1\xd3\x86\x89\x1f\x92V\x90P9cCY\xf9\xa01uo\xbb@\xd8f\x19\xf3\xb7p<\x14\x1c\x17\xbb\xd1K\xea\x83\xa3_V \xa4\xc1\xfaj\xebu\x88>\x89\x85\xb8KU\x97@km\x88/#C\xa5\x95\tK\xfd\x84\xde\xa3\xef\xa2\xb6\x1c\xad\xbc\xfc\x80\xe9\xa6\xd9\x05\xbc\xcc\x1fOd\xcc\xfc\xbcZ\'\xd9do4*\xeb\x0e&r_z@\xc3\xff\x0e\x8aS\x85\xc1v"S\x84\xe1P]\xd8\xe4\x1d\xe2\x9eM"\x95T\x9f\xb0U\xcb\xe1\xe0:\xf4\x84\xa4F\xbf\xdf\xd0\xa43\xd6\xc9\xa1\xcc\x17\xce\xf9\xbf\x1e_\xf5\xc6\\\xb7=z\x17*\xdb\x7f\xf4\x98@\x89+\x8dc\xcf\xcd:\xb8\x98\x15z;FI\xa1)\x06k\x13\xcbG)\x10\x8dr.D\x86\xd0{/\x1c\x9e\xd2\xb1a)0\xe3,G\xcf\xff\xa4V\xc0\xdc\xb4\xf6\x8aSG\xbd\x0fk6lwPLv\x00;\x9d\x02\xfb\x17\xa8gs#}\xf5\x9a\xae\t\xd9_\x9e\x84\x06\x83\xe1\xdbC\x02\xba\r2\x9c\x1c0\xd5\xc5|74zo\x8a\xfb\x13/\xc6\x0b\x82\xfd\xa1\x15\x8b\xcb\xc0c,\xf3\x1d\xfaD\xd9\x14\xba\xb2j\x0f\x8f\xe5WN\x0b\'\xbd9\x9e\xecB\x84\x1ex\xeb\xca\xeb\xf9\x9e\x0c\xee\x1a\x9e\xf6~\x1b\xc1OT}\x9f\xbeH\x8c_\xbc\xa3\xccj =\x04d$\x89\xdfD\xa9\xad\xf5:\xe3\xafv4\xc0\x08\x06i\x82\x1e\xe7\xcfb\xf9\t\xae\xfe\x14\xbf\t8i)H\xe9\xcc\x17\x8b+S\xaa\xf7G\x0c\x1b\xa3\xc9yh~\xfa\xfc\xf6\xb4\x88\xd5\x04\xec_\xaf\x81\xe6\x14\xbc\x95zR\xe0\xba#\xb9|7!\xbb\xd2kyZ\xf2\xd9?\x1a6\x1fj\x99\x00\x0f\x81b\xd5\xe7M2\x96\xf3K\x1d\xbe*\xac\xb9N|!\x94\xed`1Q\xc1\xaa h\xc3\xf1}\\\x92\x83G\xe4?\xf3p\x93\x83kMM\xd2\xa2\x8d\xde\xb1\x91g\xc0)\x8fg\xea\xed\x8c\xa5Y\x0f\xd6%\x92@\xd4l\x06\xc9AB\xfc-\xd9\xf8\x15`G\x14\xef\xda\xd5\xbf\xcb\x111d\xdb\xd9\xdf\xfe\x80\xe4Y\x0b\x82\xc7h\x8c6\xc9i,\x0f\xe8r\xd0\xec!\x8c# %7+r\x12\x0e\x06`\xfd\xe1\x89jO\x90c\xb2\x1c\xe9\xbe\x92`\xe3\x84\x15\xed`\x08[\x00~\xa8\xc6\x9c\x04o\xc0\xa0\xc9|\xa7\xe7\x927C\xe1cl\xc1:h5>\\\x03I8:\xa6\tS[\xf1&RlV\xab`\xfc\x1d\x88\x05\x98\xe4\xdbM\xf4\xb6C\x88\xff\xb2y\xd6Swh}DW\x97l\x8di+\x89\xc0\xbc\xd0\xb7\xa6\x87\x98\x1c\x13\xc44?Op*D\xb5w0\xfd\\L\xb3\x8dk\x9f\x92k\xb9\xe0y\xe0\r\x19\x9d!\x1b$\xe1\xcd\xba\x12\x12\x9d\x19\xcb^< \x17\x1f\xdeN\xf8\x8f\xda*M\xcag#\xf6\xfa\x1b\t\x85\x8f>d\xa2w\xbc\x94\xdd\xe8\xb1\xccT\xec\x965I.1\x1e\x04 \xe9\xbf\xa9n(\x07\x1f\x1e=\xb1\xb7)n\xf6\xc0\xe3\xbe\x9dS\xfarE\xf9l\x8a\xfa\xe4\xa3\xa8\xe3H$_\x9dB,I\x1f=\xf1}\xddyb~.\xad\xb0\xf7\x0b:R\x99f5\xf5>\xcfrL>@y=\xb7G56Z\xf8\xad\xf5\x13\x81\xce\xce\xbdX\xd5\x18A<;\xcb\x96"Q\xcd\xc7\x90"\xaf\xe9\xd9gM\x19\xcf\xec*q\x9e\xd7\x1f\x85\xaa\x1b\xa2\x8aR\xf12\x1f\xbd\xf2\xfa\x83\xdf\xdc@\x96\xea\xd5\xd5\x9f\xc7\xcd\x16\x85E8\xde\x92\xb1:\xb8\x8f?\xc2>f\x1f\xfeQ\x1f\xf9\rs\xf8\x8a\xc3\xf5b\'\xca\xc6\x9c\x1e0\xe1J\xef\xb8\r\x97\xdf\x1b\xc7\xf0d\xf5\xd5\x1d\x7f\x14\x9e\xa33B\x05\xcf\t\xd4\x86G\xe88B\xcfI\xc6*E\xfe\xa2\xe0\x84\xb3\x00Lj\x1c\x0f\xd59B\xe1%\x8d\xee\xd1X\x1dM\x11\xdf\x87s9#G\x8d%\x1e\x14?\xc1\xe1`\x9d#\xf1\x9c\xdab\\KM3\x83\x9c\x1b\x8f\xa9\x120F\xde\x96\x9a\x1bP\xf2c]\x90\xadImE$Y(\xb5\xbf\x0e\xb3\xac#9\x80\xacc\x16D,D\xa3\xdfX\x0f\x7f\xe3\xa1a\x06\x0bJC\x13\xa2\x96\xc0\xe6\xaa7\x98\xb2\xde\x0c\xf7D\xd71\x89k\xc3\xba\x08oe\x89\xed|U\x19\xfd\xfb*\x84\xd8\x90j\x7fz\xf9\xf4\xab\xfa\xd1`d\x12\xfc=K\xf0\xe1\xe1\xbbT\x868@\x1a%\xa2\x1d\xca_\x07\xd5\x9aq:^\r\x1e\x82\xb1`<\xca\x8c#F\x92\xe8\xe760\x88\xd1\x9exQO\xb7\\P\x17\x84pcC\x9f?\xceo\xfb\xfc;\x92[\xf3\xee$\xea\xe6\xe6\xf8%4\xaf\x9f|\x82\xb9\xb4\xbf\n\x84r\x1d\xba\x8b\xbe\x07\xa5\x04\xc4\xd5x\xf3AJa\x86\x9f?\xc6\x97\xa1\xe12\xda\xd0\xe4L\xe5k\xb2\xd7\x16\xfdfx\xd4\xdd\x85\xfb\xcbUn\x06!\x89\xf5\x8bHJ\xb4~\r5\xa0\x80\xf67)\xff\xf4KH\x82nd\xaeh\x19[A\x03\xbb\xaa\t,3\xa1s%\x9d/\xff\xeb\xa6\x9f\x8f\xc6\xb8\xcbJGs_\xd3{\xca\x82\xebR\x8a\xef3y\xf4\x97\xbbF\xab\xf4\xf3\x02\xe5\xef\x9c\xdb\xb6\x1d\xd9^R\xdf\x18\x05A\xe5\x04j\x9f\xde\xac\x98\x04{k\x93`\xd9\x13\xb9\xf0\xb7\xf0\xcb\xf9\x10\xf7\xbb5\xbc\xc8xW:\xbc \x95v\\x\x8f\xd2\xd0J\xc5L\x85\xc5\xf2' + + +2024-12-14 20:36:01.581654 - Ether / IP / TCP 2.18.188.21:https > 192.168.1.11:42771 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 454 + id = 37748 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0x32e3 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42771 + seq = 2767159111 + ack = 4156348140 + dataofs = 5 + reserved = 0 + flags = PA + window = 501 + chksum = 0x7ecd + urgptr = 0 + options = [] +###[ Raw ]### + load = b'K]f\xc4R\x93\xc1-\xb6+\xc2\xb06,z\xf1\xbc1\x81\xe0\x01_\xfa\xd1`K\xe3l#o\xb3\x17\xaa\xc0\xa1C~s\xa0\x93\xb7\xeb/~"\xfb3g\x17r\xd1d\x88\x1d\x97\x11q\xa9\x07\x97pi{]\x07\x83\xcf\x19\xc3W\xebw\xcf!\xb8\xf1\x88W\x14\x81\xba\xacSR\xb9GV\x8d]\x941\xceD^M\xd8\xe0\xee\xe4ig\xedZ\x03\xbb8a\x1bO%!(\xbc\x95K\x1a\xa2B\xa4^\x00\xcf])\x00\x1c\x1b\xeaa\x03F\xbe\xc5\x7f\xb3\xec\x96\tW]\x83\x1a\xd6C\xf4|<\xad\x82g\x0cB\t\xbc\x94\xea\xd5$\xd8\xcd\xd2T\xc0`\xdb\x8f\xae\x805\xfaL\xdc\xfa\xcdL\xd2T%\x11\x82K\x11!\xc4&j\xf9>S3\x85\x13bs\x9en\xcb\x049\xcf\x8f06H-g\xf0\x9f\x9a\xb0\xe8\xe5:\xcbaS^\xa0\xac\xd5T\xc6b\xff\xeb\xd8r\xf7\xdb\x9dB\xc5\x8cZX\xfb]4\xb3H\x11\x8aI\x87\xc6wpw\x0f\xc9\xd2\xee\x0bja\xfd\xe9b\xefm\xdfk\x88L\x8e"\x88\xefZ\x92\xa6\x12R@\x80\r0\x98\xc2\xb9\x8b p\x84\xc9\xdc\xb8\xf8(AP\x89\xf9\xc5#GJ\'\xc7!\x02\x97\xc1\xfd\xfc:kIEp\x8eW\x82rl\x89k\n+\x13\x86\x1d=\xf0\xeb\xd2\n\x1a\xcd.\x90;v\x86C,\xd54\xb4\xd2~o\xdb|+\x9c&\xe6\x0f\xb4>%-\x0e\x92\x01\xd5\x9bW\xa6p8\x1e"%\xf7\x89=\xc4q6\xa1\xfd:\t \x99BH}\x1f\x86\xb0\xf5p7\xc9:U0\xd1\x03\xc4\xcb\xea\xbdL,\x80\x95\xa8\xdbJ\x1d\xf4\x13\xe6\xd6\x91\xdd\xf4L~\xdd' + + +2024-12-14 20:36:01.649504 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28446 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156348140 + ack = 2767159111 + dataofs = 5 + reserved = 0 + flags = A + window = 1024 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:01.673769 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 28447 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156348140 + ack = 2767159525 + dataofs = 5 + reserved = 0 + flags = A + window = 1022 + chksum = 0x7ff5 + urgptr = 0 + options = [] + + +2024-12-14 20:36:01.697469 - Ether / IP / TCP 192.168.1.11:42771 > 2.18.188.21:https PA / Raw +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 433 + id = 28448 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 2.18.188.21 + \options \ +###[ TCP ]### + sport = 42771 + dport = https + seq = 4156348140 + ack = 2767159525 + dataofs = 5 + reserved = 0 + flags = PA + window = 1022 + chksum = 0x817e + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x01\x84k]\x99\xbb\xfb\xd4+^b\xd0nA\x95\xb0\x83n\x8f6\x14\x91\xd3C\xa4\xb7\r 192.168.1.11:42770 A / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 1500 + id = 54909 + flags = DF + frag = 0 + ttl = 51 + proto = tcp + chksum = 0xebc3 + src = 2.18.188.21 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42770 + seq = 959626077 + ack = 3308739500 + dataofs = 5 + reserved = 0 + flags = A + window = 501 + chksum = 0x15 + urgptr = 0 + options = [] +###[ Raw ]### + load = b'\x17\x03\x03\x07L\xad\x03F\x1a\xc9\x9e\xdb\xc2\xa4\xf3\x85\xf85\x8d{\xdd C-m\xaa\xc1S\xb3$\xecX\xcf\r"\xb6]\xd2\xf0\xb1\xb3\xa7\xfa\n\xfd\x8d\x13\x1d)\x8a\xf1\x96VPvD\xe7\x06\xaf\x1c\xa1\x04\xd2\x07\xb3\\\xd8\xbf\\\x81\xcaL\xeaak"\xba\xc0\xcaN\x04h\x0b8K\xf9G\x1c\x8c$\x8c\xe0K\xa5\x81O\xd2p\xbb&\x0b\x8d:B\xe4\xdb\x8a\xef=\xa5\x12\xaa\x1d\xceX\x1cK\x0e\xe5\xda\xd8\x9b;H\xf2\xf7\xb8a+\x84\xd0\x9f(\xb0\xb8\xa4h\x8f]\x18\xdc\x0b\x97)\x83\xdf\x01\x0eOj\xdf\r\xf4\xee.\xf5\r\xfe\xb4f\x81\x00\x9c\xf4F\x9c\xaa\x18\xa6\xc34y\xc5\x85\x7f\x12<\xf8"\x95\xac\xb5\xa4\x94I.ma7\xb2\xb4\xe1^#t\x80O\xe4\x8f\xa2\x0cL\x7f^\x90_\x15\xc4\xe0yy\x02\xd9\xf7\x8b|\xac\xa8:\xcas.\xbd\xdd2\x8e\x07\xf6\x07\xb4\xfc\x9a\xc8&\xb6\xe8y\xc9\x90\xb4\xe23\x15|\x87\x94\xbae\xb6&z\xe30=\x8f\x0b\x1e\x0f\x97dSq\xcd\xaf\xeb\\/\xd9r\xed\x84e\xb1RN\xa9\xce\xd9J$\xbd\xe7A5\xc1u9u\xdd\xd8\x95\x8d;\xf7\xc3\xaf\xb1\x9bnc\xdf\x84W\x19u\xce\xd0\xe1\x84-\x949\x0c\xb9sp\x0f.\xca<\xf1\xcc%\xf1\xa6\xd8\xf3R\xdf\x91\xf0\xb4\x03o\x8f\xe5\xf4\xe9)l)\xf7Q\xb1\x8b;\xa6\xd7\xd4\xa3\x8b+5\xa1j\x1f\xc4\x86\xd4\xfc`\x17\xa7H)\xa1\xd3\xce\xa9\xc7\xfd\'\x0c\x86\xbft\x99[\xbd\xadx\x05e\xba0\xdf\xa0\xee\x85\xd9\xce\xf4\x8dTF\x0f\x9e\xcc\xe5\x7fut(\xcf\xf5i\x86\xb7\x15\xc2\xfd\xb2\x1b;\x83\xbb\xe3\'Z6\xb6\xd1\x0f\xf4F\xba\xf37\xaa\x1a\x96;\xe3oY.\xa3\x82\xb3\x05\xfa\xc5\x12|\xbfss\xff}&[\xe0\x80X\x1df8\x97\x9aa\x12w\xaa\x02<\xf5\xda\x84\xc5\xa2\xc8\xe9\xa3\x9d9\xb7\xf7\x9f\xaeM\x01\xa8\xb3V\x1e#\x91g\x17\xd6\xee\x1f\xf6d\xea\x02H\xb6J\xa4\xf4z\x8c\x85S&\xe9_.\xb16txpS\x05\xf9\x9a\x7fv\x15(\x01\xa3\x9d0\xe7\xbf\xc07\xd4\x80g\xbd\xa0,\xcc\xb8!\xf0Q\xac\xea \xb0G\x1e%\x96\x04\x95O\x1d\xc0\x06yu\xd5^zx\x1c6\xe9\x15\xaa`/k\xbf\x13\xb60\xcfQ\xfe\xd3\x0e\x8a\x9f0\x98\xaa\x1e\xb0\xdcl&\xec\xc8D>\xff\xc0R\x0e\t\xe9\x1d0\xe9H\xcb\t\x97\x83Y\xf1\xe3\xd3Z\xa7!B\xc2\x98\x85\x9c\x19\xee\xad\xa3\xbf\xe8s\x98\xf3x\xc3$\xa8\xe0\xa8\xa9\xe9N\r\xfeG!\xe1=\xa1P\xad\xf8\'\xad\xdb\xe1]\xad\xecU\x01\xa5\xaf\x9dH\x03E\t\x89 \xb0\xca\xa6\xb4\x05\xcc\xcd/\x1e\xdb\xd0\xa1\xae\xa9R\xd8\x9c\xf8\xad\xf5\xf7\xbf\xc8l\xca\xe7\x0c\x1f\\\xf5\x82\x86\xd4\x83cfk\x9ec"X}da\x0e\xf6*\xeeC\x10\xdc\xdcj\xf5Rcp\x0c\x91CM\xf2\xc8^h\xf1,\x8f\xf1\x9cL"\xf6@\nvK\x8e\x94U\x85{\xc8b\xf2\x8a\xfe\\.\xa6\x06p\r\x9a[~\'#\xf9\x01T\xc2\xe8\x02\xd83\x84\x14T}\x17\x0f\xc9\x0e\x19\x0c\xfdj"L\x88Q\x8c\x16\x94\xfa\xeb\xef\xd7\xb0\xa3\xc5\x02`\x81\xb6-t"\xa9\xa6\xa5~\xa0F \x83\xf6\xa2\xf8Xm;N\xbdH\x87\xde\xf6B%\xca\xc7M\xe6\x9d:rg\x1dut\x94&\x16\xe3m[1\xca\xfepIC\xd3\xf3\xbf\x91\xf89\x01\xc7#S\xd1\x01w#\xbf\x97\x98\x9e\x00F\xa6\xf1\x1e\x08\xa63Gz\xf6\x07js\x9fV\xa5o\xba\x84=y\xc6\xd7\x01\x12Y{@\x93c\xc9\x13\xf8p\xacf\x84\xf9\xcf\x85\xc4\xfe\xb8Y\xc2\xc8.\x8e,\x7fzQ\nmm\xbe\xdes\x17\xf5=S\x96+\xc3%\xe2e\xbd\x8a\x15lp\x076\x0f-\x98\xdfX\x1dI\xb4\x1e,\x06\x90\xa4\x98*\x9a\xd2\xca)x\xa9\xf4\x8a-\x1a\x9d\x0f\x98\xe6CSG\x8e\xa3_I\x86\xbcR\x96y\x0by\xf72w\x07\x88\xee\x0f\xfd}m\xe4\xf3\xb4L\xd6P(}tnw9Y\x0c\xaa\xb8\xff_\xab\r\xb9\xfbce\xeb\x15\x12\x85E\xea\xcf\xed\x11h\xcb\xe4\x98@\xc1\xba\xc3\xf3*\r`_3)+\x9c\xc2\xf2\xd2\xf2F2\x10gV\x97l\xba\xa1\x07vq#6\xef\xe7\xc8q\xf3\xa8\x81\x80\x87IPF\x93\x0b\x8c\x83\x18Ps\xfc\xefI\xd2\xc8a1\xc1\x90\xe8\xa3\xc1Z\x1d\x0f\xee\xf3Bu\xa7\x99\xdfC\xcc\t2\x9c\xf1:\x8d\xda6\x1a(\x94\x12\x19\xd9\x1e@z\x1a\xec\xf1R\x02p\xc2\xd7\x910\xa7\xe9\x80\x11#\xec\x1b\xd3i@\xb1V\xdb\xd9FUQ\xb7\x87C\xdc\x19\x07\xfc\x16g\x1d\xee\xc5\xac]\x8b%\x05\xbb\xc8\x87(T"\xe4\xd4\xecs\xf3\x07\x93\x11\xe0\xec,\xfa\x0b\xe8h\x84\x90\xe7\x15Y\xceA\x8e7a\x981\x9d\xdd\x00\xef3s\xca\x88\x08\x12M\xfby6\xfc\xf7\xb8 \xf6\xa4\xf0\xd6B\xddk9\x94\xec\xf7\x04\xd9\x008\xe4\xd8W\x1c\xb3)\xf3\xdd\x99a)C7\x14\xb2|\xd9\x8a\t\xcd\t}\'\xd2\r\xc7\'\xa9\x1a\xd7l\x06\x88\xb2F\x8a\x7flub\xc4Y@\xe9z\xd6:!\xdc\xc7\xde\x84\x9d\xf9\x88\x0b\xf5\x15c\x8di\xaa\x1c\x82\xc0\xa3\x82\xfa\xf5\x0c\xa0W\x9e\xdc\x1dx\xff\x7f\xd9\x03d\x98\xfb"\\\xd5\x80T\x9f\xf6\xd2|\xf050>B\xe0\x08\xce\xb2H\xe4E\xd1\x9b\xa6\x16L\x82\xd3\xedxa/\xcf@\xff\'B\xa4\x80\xb2\x08k\xa9s\x8f\xfd\xcb<\xe1\xeeR\xeco\xa3&h\x93T\xdf\xddD\x803\xce05\xce\xfa\xa8s`#\xa2\xb0\'9u2\r\xef5\xd4\x08\xd0\xa6\xb9\xde\x9b\x9dj\r\x8c#\xb2\xb0\xae\x1a_\x03\xee\x94\xdf\x93\xf0\xfb\xae\n\x83\xae\xfb\x81\x8d\xa1\xd3\x8d\x00\xb1\x06\x04\x8d\xe0\x96\xd0\x10\xd6\xa7m\x1f\x19\xfa\x06h\x89a\xd1\xd3\xa7H\xe7\xec\x80\x98\xe9\xa7' + + +2024-12-14 20:36:02.169513 - Ether / IP / UDP / DNS Qry b'1.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 70 + id = 34273 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63889 + dport = domain + len = 50 + chksum = 0x83a0 +###[ DNS ]### + id = 14652 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:02.186889 - Ether / IP / UDP / DNS Qry b'27.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34274 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63890 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 14653 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:02.202672 - Ether / IP / UDP / DNS Qry b'28.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34275 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63889 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 14654 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:02.222181 - Ether / IP / UDP / DNS Qry b'62.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34276 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63890 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 14655 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:02.225155 - Ether / IP / UDP / DNS Ans b'liveboxfibra.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 96 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb730 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63889 + len = 76 + chksum = 0x338 +###[ DNS ]### + id = 14652 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'1.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'1.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'liveboxfibra.' + \ns \ + \ar \ + + +2024-12-14 20:36:02.227483 - Ether / IP / UDP / DNS Ans b'repetidorwifi6-DCC0.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 109 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb723 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63890 + len = 89 + chksum = 0x95af +###[ DNS ]### + id = 14653 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'27.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'27.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'repetidorwifi6-DCC0.home.' + \ns \ + \ar \ + + +2024-12-14 20:36:02.229160 - Ether / IP / UDP / DNS Ans b'Redmi-Note-11-Pro-5G.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 110 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb722 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63889 + len = 90 + chksum = 0xfbd4 +###[ DNS ]### + id = 14654 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'28.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'28.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'Redmi-Note-11-Pro-5G.home.' + \ns \ + \ar \ + + +2024-12-14 20:36:02.230864 - Ether / IP / UDP / DNS Ans name-error +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb749 + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63890 + len = 51 + chksum = 0x49df +###[ DNS ]### + id = 14655 + qr = 1 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = name-error + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'62.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:02.232855 - Ether / IP / UDP / DNS Qry b'11.1.168.192.in-addr.arpa.' +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 71 + id = 34277 + flags = + frag = 0 + ttl = 128 + proto = udp + chksum = 0x0 + src = 192.168.1.11 + dst = 192.168.1.1 + \options \ +###[ UDP ]### + sport = 63891 + dport = domain + len = 51 + chksum = 0x83a1 +###[ DNS ]### + id = 14656 + qr = 0 + opcode = QUERY + aa = 0 + tc = 0 + rd = 1 + ra = 0 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 0 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + \ns \ + \ar \ + + +2024-12-14 20:36:02.236381 - Ether / IP / UDP / DNS Ans b'KevinOlarte.home.' +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 101 + id = 0 + flags = DF + frag = 0 + ttl = 64 + proto = udp + chksum = 0xb72b + src = 192.168.1.1 + dst = 192.168.1.11 + \options \ +###[ UDP ]### + sport = domain + dport = 63891 + len = 81 + chksum = 0xd10f +###[ DNS ]### + id = 14656 + qr = 1 + opcode = QUERY + aa = 1 + tc = 0 + rd = 1 + ra = 1 + z = 0 + ad = 0 + cd = 0 + rcode = ok + qdcount = 1 + ancount = 1 + nscount = 0 + arcount = 0 + \qd \ + |###[ DNS Question Record ]### + | qname = b'11.1.168.192.in-addr.arpa.' + | qtype = PTR + | unicastresponse= 0 + | qclass = IN + \an \ + |###[ DNS Resource Record ]### + | rrname = b'11.1.168.192.in-addr.arpa.' + | type = PTR + | cacheflush= 0 + | rclass = IN + | ttl = 0 + | rdlen = None + | rdata = b'KevinOlarte.home.' + \ns \ + \ar \ + + +2024-12-14 20:36:03.669793 - Ether / IP / TCP 162.159.133.234:https > 192.168.1.11:42680 PA / Raw +###[ Ethernet ]### + dst = 6c:2f:80:f3:9a:99 + src = ec:f4:51:54:2f:0c + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 417 + id = 26772 + flags = DF + frag = 0 + ttl = 54 + proto = tcp + chksum = 0xf085 + src = 162.159.133.234 + dst = 192.168.1.11 + \options \ +###[ TCP ]### + sport = https + dport = 42680 + seq = 995231773 + ack = 212489243 + dataofs = 5 + reserved = 0 + flags = PA + window = 8 + chksum = 0xad6f + urgptr = 0 + options = [] +###[ Raw ]### + load = b"\x17\x03\x03\x01tG;\xb0\xe7\x8d\xa4\xb5>\x1f\xd1\xca\x9a\xc4\x92\x8e\xc6\xa3\xa4w>\xc4\xd8\xdb\x06Pp\xdb\xa1\xa7\xa2\xe0D\xf7B\xf7\x08>\xc7\xbc\xe7\xb0\xdf\xf5\x833J\x8bbts\xf3n\x9b\xe0\xa3\xbeHQ\xf3\xd2\xb4Mg8t\xd7\x08\x14\xc1\xfaW\xcd\x8f\xab\xa7\xc9\x8b\x1c\xb4\x16\x15\xa7,\xd4\xfa\xe1\xf1Px\xde@\xd9\x9f\xe0n\xf5\t\x8c\xc5EP\x06K\xac#0\xd1\x8aj)@\x06\xcc\xcc\xb8\x85\xaam\xc7-\x99\xc0\xde\x82\xec\x8f\xf9\xd9B\xd9\x81\x0bG\xd3.\x02\x1e\x1a\x14]\xfeWa\x16*.3\x8f\\\x01h\x8d\xf9f\xad\xd5*\xe0\xe3W\xaa(\xaf\x12&\xd3\x10\x94\xec\x00\x9a\xbe\xb6\xd1\x05\xf5\x10\xdb\x94\xc5`M\x1c}Z\x08\xbd\xc2\xe5\xcdw\xa7\xd7\xac90`Mk\xc9b\x06b\xa4[K\x0e\xcb\x901`P6v\xc3\xdd\x87\x921\xb4\x84V\xfa\xfcS',\x9d-|8\x86\x19\xd0Q\xd1\xf7\xedy\x914x.\xc6_e\x83\x86\xdb\x93\xe5\xdb\xaf\x80Dr\xc8\xce\x87\\A\x8a\x9c[\xfe z\x87\x94\xe6(A\x17\xc2}\x02\xd5\xc4\x15\x01r\x97\x18_\xe7X\xa4\x8b\xe3\x0bJ\xcbZ\x87\xb3\xe8\xa0\xbb\x96\xca\xbf\xdb\x82\xaa\xb2\xa0\xc5\xd0\xd8\x936T6O8\xac\xfb\xd7\x8c\xacK\xc9\xae\xff\xf6\xe4\x98)\r5\xe4\xf4y\xd0c< lH\x87\xc1\xd6t\xa2jX\x1f/\x8e?\xf0sW6g\xcb\xe7{\xc4\xf5\x9e0\xb6\xdb/\xc0\x93\x01zL.S" + + +2024-12-14 20:36:03.710090 - Ether / IP / TCP 192.168.1.11:42680 > 162.159.133.234:https A +###[ Ethernet ]### + dst = ec:f4:51:54:2f:0c + src = 6c:2f:80:f3:9a:99 + type = IPv4 +###[ IP ]### + version = 4 + ihl = 5 + tos = 0x0 + len = 40 + id = 37110 + flags = DF + frag = 0 + ttl = 128 + proto = tcp + chksum = 0x0 + src = 192.168.1.11 + dst = 162.159.133.234 + \options \ +###[ TCP ]### + sport = 42680 + dport = https + seq = 212489243 + ack = 995232150 + dataofs = 5 + reserved = 0 + flags = A + window = 509 + chksum = 0xea57 + urgptr = 0 + options = [] + + diff --git a/pruebas.py b/pruebas.py index cb667d9..8620488 100644 --- a/pruebas.py +++ b/pruebas.py @@ -1,60 +1,123 @@ import tkinter as tk -from tkinter import messagebox, Listbox -from models.MusicPlayer import MusicPlayerModel +from tkinter import messagebox +import threading +import random +import time -class MusicPlayerApp: + +class GamblingGameWithThreads: def __init__(self, root): self.root = root - self.root.title("Reproductor de Música") - self.root.geometry("400x300") - - self.player = MusicPlayerModel() - self.songs, self.message = self.player.load_songs() - - # Lista de canciones - self.song_listbox = Listbox(self.root, bg="white", fg="black", font=("Arial", 12)) - self.song_listbox.pack(fill=tk.BOTH, expand=True, padx=10, pady=10) - self.refresh_song_list() - - # Botones - self.button_frame = tk.Frame(self.root) - self.button_frame.pack(pady=10) - - self.play_button = tk.Button(self.button_frame, text="Reproducir", command=self.play_song, width=12) - self.play_button.grid(row=0, column=0, padx=5) - - self.stop_button = tk.Button(self.button_frame, text="Detener", command=self.stop_song, width=12) - self.stop_button.grid(row=0, column=1, padx=5) - - self.refresh_button = tk.Button(self.button_frame, text="Actualizar", command=self.refresh_song_list, width=12) - self.refresh_button.grid(row=0, column=2, padx=5) + self.root.title("Juego de Azar - Ruleta con Hilos") + self.root.geometry("400x400") - def refresh_song_list(self): - """Carga las canciones en el Listbox desde la carpeta resources.""" - self.songs, self.message = self.player.load_songs() - self.song_listbox.delete(0, tk.END) - if self.songs: - for song in self.songs: - self.song_listbox.insert(tk.END, song) - else: - messagebox.showinfo("Información", self.message) + # Variables del juego + self.balance = 100 + self.roulette_number = None + self.roulette_running = False + self.roulette_thread = None - def play_song(self): - """Reproduce la canción seleccionada.""" - selected = self.song_listbox.curselection() - if not selected: - messagebox.showwarning("Advertencia", "Selecciona una canción para reproducir.") + # Etiqueta de saldo + self.balance_label = tk.Label(self.root, text=f"Saldo: $ {self.balance}", font=("Arial", 14)) + self.balance_label.pack(pady=10) + + # Entrada para la apuesta + tk.Label(self.root, text="Tu Apuesta ($):", font=("Arial", 12)).pack() + self.bet_entry = tk.Entry(self.root, width=10, font=("Arial", 12)) + self.bet_entry.pack(pady=5) + + # Entrada para elegir número + tk.Label(self.root, text="Elige un número (1-10):", font=("Arial", 12)).pack() + self.number_entry = tk.Entry(self.root, width=10, font=("Arial", 12)) + self.number_entry.pack(pady=5) + + # Botones de control + self.start_button = tk.Button(self.root, text="Iniciar Ruleta", font=("Arial", 12), command=self.start_roulette) + self.start_button.pack(pady=10) + + self.stop_button = tk.Button(self.root, text="Detener Ruleta", font=("Arial", 12), state="disabled", command=self.stop_roulette) + self.stop_button.pack(pady=5) + + # Resultado del juego + self.result_label = tk.Label(self.root, text="", font=("Arial", 12), fg="blue") + self.result_label.pack(pady=10) + + # Número de la ruleta en tiempo real + self.roulette_label = tk.Label(self.root, text="Ruleta: ---", font=("Arial", 16), fg="red") + self.roulette_label.pack(pady=10) + + def start_roulette(self): + """Inicia el giro de la ruleta en un hilo.""" + if self.roulette_running: + messagebox.showwarning("Advertencia", "La ruleta ya está girando.") return - song_name = self.song_listbox.get(selected) - message = self.player.play_song(song_name) - messagebox.showinfo("Reproduciendo", message) - - def stop_song(self): - """Detiene la reproducción.""" - message = self.player.stop_song() - messagebox.showinfo("Detenido", message) + + try: + bet = int(self.bet_entry.get()) + chosen_number = int(self.number_entry.get()) + except ValueError: + messagebox.showerror("Error", "Por favor, ingresa valores numéricos válidos.") + return + + if bet <= 0 or chosen_number < 1 or chosen_number > 10: + messagebox.showwarning("Advertencia", "La apuesta debe ser mayor a $0 y elige un número entre 1 y 10.") + return + + if bet > self.balance: + messagebox.showwarning("Advertencia", "No tienes suficiente saldo para esta apuesta.") + return + + self.bet = bet + self.chosen_number = chosen_number + self.roulette_running = True + self.start_button.config(state="disabled") + self.stop_button.config(state="normal") + + # Crear y arrancar el hilo de la ruleta + self.roulette_thread = threading.Thread(target=self.spin_roulette) + self.roulette_thread.start() + + def spin_roulette(self): + """Simula el giro continuo de la ruleta.""" + while self.roulette_running: + self.roulette_number = random.randint(1, 10) + self.roulette_label.config(text=f"Ruleta: {self.roulette_number}") + time.sleep(0.1) + + def stop_roulette(self): + """Detiene la ruleta y evalúa el resultado del juego.""" + if not self.roulette_running: + return + + self.roulette_running = False + self.start_button.config(state="normal") + self.stop_button.config(state="disabled") + + # Evaluar resultado + if self.chosen_number == self.roulette_number: + winnings = self.bet * 2 + self.balance += winnings + self.result_label.config( + text=f"¡Ganaste! El número fue {self.roulette_number}. Ganaste $ {winnings}.", + fg="green", + ) + else: + self.balance -= self.bet + self.result_label.config( + text=f"Perdiste. El número fue {self.roulette_number}. Perdiste $ {self.bet}.", + fg="red", + ) + + # Actualizar saldo + self.balance_label.config(text=f"Saldo: $ {self.balance}") + + # Revisar si el jugador se quedó sin saldo + if self.balance <= 0: + messagebox.showinfo("Juego Terminado", "¡Te quedaste sin saldo! Gracias por jugar.") + + if __name__ == "__main__": root = tk.Tk() - app = MusicPlayerApp(root) + app = GamblingGameWithThreads(root) root.mainloop()