david/netsec-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hw2

Browse Source
This commit is contained in:
David Westgate 2024-04-27 14:50:19 -07:00
parent 262c186ef7
commit a6dbeceeba
5 changed files with 482 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
hw2/README.md
View File

@ -1 +1,29 @@
Todo # Homework 2 - tcpdump
For each TCP dump below, I will show the command used, and the output of 10 packets
## tcpdump to capture only DNS packets
### Command
```bash
sudo tcpdump -c 10 -tt -XX -v -i any 'tcp port 53 or udp port 53'
```
### Result
[t1.md](t1.md)
## tcpdump to capture TCP packets destined for either port 443 or 8080, originating from my computer
### Command
```bash
sudo tcpdump -c 10 -tt -XX -v -i any 'tcp and src host 10.0.2.15 and (dst port 443 or dst port 8080)'
```
### Result
[t2.md](t2.md)
## tcpdump capture where traffic is either UDP or TCP, inbound to my computer, and destined to a port in range 20000 to 35000
### Command
```bash
sudo tcpdump -c 10 -tt -XX -v -i any 'dst host 10.0.2.15 and (tcp or udp) and dst portrange 20000-35000'
```
### Result
[t3.md](t3.md)

8
hw2/script.sh
View File

@ -1,8 +0,0 @@
#!/bin/sh
#Perform a tcpdump capture where you only capture DNS packets.
sudo tcpdump -c 10 -ttt 'tcp port 53 or udp port 53'
#Perform a tcpdump capture where you capture TCP packets that are destined for either port 443 or 8080, and originate from your computer.
#Perform a tcpdump capture where traffic is either UDP or TCP, is inbound to your computer, and destined for a port between 20000 and 35000.

93
hw2/t1.md Normal file
View File

@ -0,0 +1,93 @@
```
1714254134.555529 eth0 Out IP (tos 0x0, ttl 64, id 16968, offset 0, flags [DF], proto UDP (17), length 66)
10.0.2.15.38419 > 10.0.2.3.domain: 25484+ A? fonts.googleapis.com. (38)
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0042 4248 4000 4011 e051 6J..E..BBH@.@..Q
0x0020: 0a00 020f 0a00 0203 9613 0035 002e 1851 ...........5...Q
0x0030: 638c 0100 0001 0000 0000 0000 0566 6f6e c............fon
0x0040: 7473 0a67 6f6f 676c 6561 7069 7303 636f ts.googleapis.co
0x0050: 6d00 0001 0001 m.....
1714254134.555549 eth0 Out IP (tos 0x0, ttl 64, id 16969, offset 0, flags [DF], proto UDP (17), length 66)
10.0.2.15.38419 > 10.0.2.3.domain: 31117+ AAAA? fonts.googleapis.com. (38)
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0042 4249 4000 4011 e050 6J..E..BBI@.@..P
0x0020: 0a00 020f 0a00 0203 9613 0035 002e 1851 ...........5...Q
0x0030: 798d 0100 0001 0000 0000 0000 0566 6f6e y............fon
0x0040: 7473 0a67 6f6f 676c 6561 7069 7303 636f ts.googleapis.co
0x0050: 6d00 001c 0001 m.....
1714254134.555875 eth0 In IP (tos 0x0, ttl 64, id 3880, offset 0, flags [none], proto UDP (17), length 94)
10.0.2.3.domain > 10.0.2.15.38419: 31117 1/0/0 fonts.googleapis.com. AAAA 2607:f8b0:400a:801::200a (66)
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 005e 0f28 0000 4011 5356 5...E..^.(..@.SV
0x0020: 0a00 0203 0a00 020f 0035 9613 004a 2ad1 .........5...J*.
0x0030: 798d 8180 0001 0001 0000 0000 0566 6f6e y............fon
0x0040: 7473 0a67 6f6f 676c 6561 7069 7303 636f ts.googleapis.co
0x0050: 6d00 001c 0001 c00c 001c 0001 0000 0032 m..............2
0x0060: 0010 2607 f8b0 400a 0801 0000 0000 0000 ..&...@.........
0x0070: 200a ..
1714254134.555875 eth0 In IP (tos 0x0, ttl 64, id 3881, offset 0, flags [none], proto UDP (17), length 82)
10.0.2.3.domain > 10.0.2.15.38419: 25484 1/0/0 fonts.googleapis.com. A 172.217.14.202 (54)
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0052 0f29 0000 4011 5361 5...E..R.)..@.Sa
0x0020: 0a00 0203 0a00 020f 0035 9613 003e 0c6a .........5...>.j
0x0030: 638c 8180 0001 0001 0000 0000 0566 6f6e c............fon
0x0040: 7473 0a67 6f6f 676c 6561 7069 7303 636f ts.googleapis.co
0x0050: 6d00 0001 0001 c00c 0001 0001 0000 001e m...............
0x0060: 0004 acd9 0eca ......
1714254135.031463 eth0 Out IP (tos 0x0, ttl 64, id 63960, offset 0, flags [DF], proto UDP (17), length 67)
10.0.2.15.54837 > 10.0.2.3.domain: 19639+ PTR? 3.2.0.10.in-addr.arpa. (39)
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0043 f9d8 4000 4011 28c0 6J..E..C..@.@.(.
0x0020: 0a00 020f 0a00 0203 d635 0035 002f 1852 .........5.5./.R
0x0030: 4cb7 0100 0001 0000 0000 0000 0133 0132 L............3.2
0x0040: 0130 0231 3007 696e 2d61 6464 7204 6172 .0.10.in-addr.ar
0x0050: 7061 0000 0c00 01 pa.....
1714254135.038848 eth0 In IP (tos 0x0, ttl 64, id 3888, offset 0, flags [none], proto UDP (17), length 139)
10.0.2.3.domain > 10.0.2.15.54837: 19639 NXDomain 0/1/0 (111)
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 008b 0f30 0000 4011 5321 5...E....0..@.S!
0x0020: 0a00 0203 0a00 020f 0035 d635 0077 0d96 .........5.5.w..
0x0030: 4cb7 8183 0001 0000 0001 0000 0133 0132 L............3.2
0x0040: 0130 0231 3007 696e 2d61 6464 7204 6172 .0.10.in-addr.ar
0x0050: 7061 0000 0c00 01c0 1200 0600 0100 002a pa.............*
0x0060: 3000 3c08 7265 736f 6c76 6572 0571 7765 0.<.resolver.qwe
0x0070: 7374 036e 6574 0009 646e 732d 6164 6d69 st.net..dns-admi
0x0080: 6e07 7177 6573 7469 70c0 4277 ce7b c100 n.qwestip.Bw.{..
0x0090: 000e 1000 0004 b000 093a 8000 002a 30 .........:...*0
1714254135.039070 eth0 Out IP (tos 0x0, ttl 64, id 12433, offset 0, flags [DF], proto UDP (17), length 68)
10.0.2.15.50909 > 10.0.2.3.domain: 48255+ PTR? 15.2.0.10.in-addr.arpa. (40)
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0044 3091 4000 4011 f206 6J..E..D0.@.@...
0x0020: 0a00 020f 0a00 0203 c6dd 0035 0030 1853 ...........5.0.S
0x0030: bc7f 0100 0001 0000 0000 0000 0231 3501 .............15.
0x0040: 3201 3002 3130 0769 6e2d 6164 6472 0461 2.0.10.in-addr.a
0x0050: 7270 6100 000c 0001 rpa.....
1714254135.046173 eth0 In IP (tos 0x0, ttl 64, id 3889, offset 0, flags [none], proto UDP (17), length 140)
10.0.2.3.domain > 10.0.2.15.50909: 48255 NXDomain 0/1/0 (112)
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 008c 0f31 0000 4011 531f 5...E....1..@.S.
0x0020: 0a00 0203 0a00 020f 0035 c6dd 0078 2c6e .........5...x,n
0x0030: bc7f 8183 0001 0000 0001 0000 0231 3501 .............15.
0x0040: 3201 3002 3130 0769 6e2d 6164 6472 0461 2.0.10.in-addr.a
0x0050: 7270 6100 000c 0001 c013 0006 0001 0000 rpa.............
0x0060: 2a30 003c 0872 6573 6f6c 7665 7205 7177 *0.<.resolver.qw
0x0070: 6573 7403 6e65 7400 0964 6e73 2d61 646d est.net..dns-adm
0x0080: 696e 0771 7765 7374 6970 c043 77ce 7bc1 in.qwestip.Cw.{.
0x0090: 0000 0e10 0000 04b0 0009 3a80 0000 2a30 ..........:...*0
1714254136.037374 eth0 Out IP (tos 0x0, ttl 64, id 11193, offset 0, flags [DF], proto UDP (17), length 66)
10.0.2.15.50558 > 10.0.2.3.domain: 13058+ A? imgsct.cookiebot.com. (38)
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0042 2bb9 4000 4011 f6e0 6J..E..B+.@.@...
0x0020: 0a00 020f 0a00 0203 c57e 0035 002e 1851 .........~.5...Q
0x0030: 3302 0100 0001 0000 0000 0000 0669 6d67 3............img
0x0040: 7363 7409 636f 6f6b 6965 626f 7403 636f sct.cookiebot.co
0x0050: 6d00 0001 0001 m.....
1714254136.037388 eth0 Out IP (tos 0x0, ttl 64, id 11194, offset 0, flags [DF], proto UDP (17), length 66)
10.0.2.15.50558 > 10.0.2.3.domain: 28420+ AAAA? imgsct.cookiebot.com. (38)
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0042 2bba 4000 4011 f6df 6J..E..B+.@.@...
0x0020: 0a00 020f 0a00 0203 c57e 0035 002e 1851 .........~.5...Q
0x0030: 6f04 0100 0001 0000 0000 0000 0669 6d67 o............img
0x0040: 7363 7409 636f 6f6b 6965 626f 7403 636f sct.cookiebot.co
0x0050: 6d00 001c 0001 m.....
```

140
hw2/t2.md Normal file
View File

@ -0,0 +1,140 @@
```
1714254281.586163 eth0 Out IP (tos 0x0, ttl 64, id 35615, offset 0, flags [DF], proto TCP (6), length 122)
10.0.2.15.43676 > 104.18.4.159.https: Flags [P.], cksum 0x792c (incorrect -> 0x37fd), seq 3715821991:3715822073, ack 148907904, win 56940, length 82
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 007a 8b1f 4000 4006 369f 6J..E..z..@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f1a7 ....h........z..
0x0030: 08e0 2780 5018 de6c 792c 0000 1703 0300 ..'.P..ly,......
0x0040: 4db5 9255 fc41 b626 1eef 9481 df22 5e00 M..U.A.&....."^.
0x0050: 481e 443c fb27 e5a0 5aa7 043a a507 bd15 H.D<.'..Z..:....
0x0060: 19d0 b147 7173 24fb 13a9 b087 9310 ef70 ...Gqs$........p
0x0070: 5258 cea4 9fdb fb8e edc0 0c58 4d89 3af2 RX.........XM.:.
0x0080: 35fe 8732 89bd 064f f0eb 11ee 71fd 5..2...O....q.
1714254281.966538 eth0 Out IP (tos 0x0, ttl 64, id 35616, offset 0, flags [DF], proto TCP (6), length 40)
10.0.2.15.43676 > 104.18.4.159.https: Flags [.], cksum 0x78da (incorrect -> 0x64a5), ack 9796, win 65535, length 0
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0028 8b20 4000 4006 36f0 6J..E..(..@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f1f9 ....h........z..
0x0030: 08e0 4dc3 5010 ffff 78da 0000 ..M.P...x...
1714254281.999313 eth0 Out IP (tos 0x0, ttl 64, id 35617, offset 0, flags [DF], proto TCP (6), length 263)
10.0.2.15.43676 > 104.18.4.159.https: Flags [P.], cksum 0x79b9 (incorrect -> 0xef5a), seq 82:305, ack 9796, win 65535, length 223
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0107 8b21 4000 4006 3610 6J..E....!@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f1f9 ....h........z..
0x0030: 08e0 4dc3 5018 ffff 79b9 0000 1703 0300 ..M.P...y.......
0x0040: da1f b729 c748 ca0f a8d0 7161 7344 e0f4 ...).H....qasD..
0x0050: 2100 a952 c0d9 d145 cce8 26a4 6c46 9cd5 !..R...E..&.lF..
0x0060: 1533 932a 7ea9 bb94 1d02 40e1 96db 48e9 .3.*~.....@...H.
0x0070: 1485 4f08 7623 640e 82be 0a04 f5be 41b3 ..O.v#d.......A.
0x0080: ba3b 77c2 d33b 65cf 6d72 5f4e 8d2b d713 .;w..;e.mr_N.+..
0x0090: f27d 89e0 091d c154 0e88 5521 3065 3944 .}.....T..U!0e9D
0x00a0: a0db 2d11 bf43 2fc9 9ce0 815e 46fc 6ca3 ..-..C/....^F.l.
0x00b0: bb34 0f2a c0e1 7fda fd96 7d75 35c0 68c4 .4.*......}u5.h.
0x00c0: 65d2 1ee0 2378 f9ec ebec 9194 75e9 258a e...#x......u.%.
0x00d0: dabb 2873 791c b5a1 58ae f7de eaf1 4693 ..(sy...X.....F.
0x00e0: abb8 1c70 b87d e725 3ffe bb90 01d3 9657 ...p.}.%?......W
0x00f0: 22f6 898d a69a cb65 ff82 18e0 9a5c 4fda "......e.....\O.
0x0100: ba8d 1c01 e843 00f3 f3e2 697c 759b 5857 .....C....i|u.XW
0x0110: 92b9 e78f e175 c7dd 78e7 d7 .....u..x..
1714254281.999822 eth0 Out IP (tos 0x0, ttl 64, id 35618, offset 0, flags [DF], proto TCP (6), length 75)
10.0.2.15.43676 > 104.18.4.159.https: Flags [P.], cksum 0x78fd (incorrect -> 0x99ff), seq 305:340, ack 9796, win 65535, length 35
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 004b 8b22 4000 4006 36cb 6J..E..K."@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f2d8 ....h........z..
0x0030: 08e0 4dc3 5018 ffff 78fd 0000 1703 0300 ..M.P...x.......
0x0040: 1e2d 0837 daa4 6875 18f9 3347 a959 0f2f .-.7..hu..3G.Y./
0x0050: cccd 40b3 4587 2c65 286e 0ae3 e091 ae ..@.E.,e(n.....
1714254282.537813 eth0 Out IP (tos 0x0, ttl 64, id 35619, offset 0, flags [DF], proto TCP (6), length 141)
10.0.2.15.43676 > 104.18.4.159.https: Flags [P.], cksum 0x793f (incorrect -> 0x0202), seq 340:441, ack 9796, win 65535, length 101
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 008d 8b23 4000 4006 3688 6J..E....#@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f2fb ....h........z..
0x0030: 08e0 4dc3 5018 ffff 793f 0000 1703 0300 ..M.P...y?......
0x0040: 6081 f9a3 d9c0 29de 5f42 5f8a a658 d3af `.....)._B_..X..
0x0050: 975c afec 748a 65e0 72b3 6a75 fac1 a88c .\..t.e.r.ju....
0x0060: b187 59b2 713c 7731 e28a becb 83ba d9a3 ..Y.q<w1........
0x0070: 6cba 6ea5 7114 15af 9eca bd43 1b71 85a8 l.n.q......C.q..
0x0080: be9e 4a4f 537b 4592 25be 838c 9d29 84eb ..JOS{E.%....)..
0x0090: b83b 7e1b ba13 1143 57c0 a2da f1fd 7620 .;~....CW.....v.
0x00a0: eb .
1714254282.829738 eth0 Out IP (tos 0x0, ttl 64, id 35620, offset 0, flags [DF], proto TCP (6), length 137)
10.0.2.15.43676 > 104.18.4.159.https: Flags [P.], cksum 0x793b (incorrect -> 0x461d), seq 441:538, ack 9901, win 65535, length 97
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0089 8b24 4000 4006 368b 6J..E....$@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f360 ....h........z.`
0x0030: 08e0 4e2c 5018 ffff 793b 0000 1703 0300 ..N,P...y;......
0x0040: 5cb0 cd20 2d53 e0ab 8b63 3a7e 3cb7 69ae \...-S...c:~<.i.
0x0050: 5b54 5929 4f8a 609b 8f22 4c94 f028 1002 [TY)O.`.."L..(..
0x0060: a241 ede3 a819 97f3 a254 d610 d3be 4a53 .A.......T....JS
0x0070: 0536 ec32 2e72 1f4e b9ec d12c b8a9 7ff6 .6.2.r.N...,....
0x0080: ed63 64eb 0fb3 82f2 8ef9 a583 c026 1dc8 .cd..........&..
0x0090: c648 08e7 8d08 5c07 95bf b1c0 bd .H....\......
1714254282.962675 eth0 Out IP (tos 0x0, ttl 64, id 35621, offset 0, flags [DF], proto TCP (6), length 40)
10.0.2.15.43676 > 104.18.4.159.https: Flags [.], cksum 0x78da (incorrect -> 0x6239), ack 9960, win 65535, length 0
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0028 8b25 4000 4006 36eb 6J..E..(.%@.@.6.
0x0020: 0a00 020f 6812 049f aa9c 01bb dd7a f3c1 ....h........z..
0x0030: 08e0 4e67 5010 ffff 78da 0000 ..NgP...x...
1714254283.266608 eth0 Out IP (tos 0x0, ttl 64, id 51895, offset 0, flags [DF], proto TCP (6), length 60)
10.0.2.15.54604 > cloudproxy10013.sucuri.net.https: Flags [S], cksum 0xc5c7 (incorrect -> 0x90c0), seq 2831405068, win 32120, options [mss 1460,sackOK,TS val 3900914639 ecr 0,nop,wscale 10], length 0
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 003c cab7 4000 4006 aa6b 6J..E..<..@.@..k
0x0020: 0a00 020f c07c f90d d54c 01bb a8c3 d00c .....|...L......
0x0030: 0000 0000 a002 7d78 c5c7 0000 0204 05b4 ......}x........
0x0040: 0402 080a e883 3bcf 0000 0000 0103 030a ......;.........
1714254283.288387 eth0 Out IP (tos 0x0, ttl 64, id 51896, offset 0, flags [DF], proto TCP (6), length 40)
10.0.2.15.54604 > cloudproxy10013.sucuri.net.https: Flags [.], cksum 0xc5b3 (incorrect -> 0x21d4), ack 185856002, win 32120, length 0
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 0028 cab8 4000 4006 aa7e 6J..E..(..@.@..~
0x0020: 0a00 020f c07c f90d d54c 01bb a8c3 d00d .....|...L......
0x0030: 0b13 f002 5010 7d78 c5b3 0000 ....P.}x....
1714254283.294936 eth0 Out IP (tos 0x0, ttl 64, id 51897, offset 0, flags [DF], proto TCP (6), length 720)
10.0.2.15.54604 > cloudproxy10013.sucuri.net.https: Flags [P.], cksum 0xc85b (incorrect -> 0xeb29), seq 0:680, ack 1, win 32120, length 680
0x0000: 0800 0000 0000 0002 0001 0406 0800 271e ..............'.
0x0010: 364a 0000 4500 02d0 cab9 4000 4006 a7d5 6J..E.....@.@...
0x0020: 0a00 020f c07c f90d d54c 01bb a8c3 d00d .....|...L......
0x0030: 0b13 f002 5018 7d78 c85b 0000 1603 0102 ....P.}x.[......
0x0040: a301 0002 9f03 0375 036c 0067 3d60 1347 .......u.l.g=`.G
0x0050: a1ac a757 e60e b984 ba79 3de9 49a2 7186 ...W.....y=.I.q.
0x0060: 44a6 6dd6 4fd8 7420 cfd2 3e3e a5e2 4255 D.m.O.t...>>..BU
0x0070: 9c3d e990 e7cd db94 18d2 4b88 71ba 5ccd .=........K.q.\.
0x0080: 5397 3daa 80cf a71b 0022 1301 1303 1302 S.=......"......
0x0090: c02b c02f cca9 cca8 c02c c030 c00a c009 .+./.....,.0....
0x00a0: c013 c014 009c 009d 002f 0035 0100 0234 ........./.5...4
0x00b0: 0000 0017 0015 0000 1277 7777 2e65 7870 .........www.exp
0x00c0: 6c6f 6974 2d64 622e 636f 6d00 1700 00ff loit-db.com.....
0x00d0: 0100 0100 000a 000e 000c 001d 0017 0018 ................
0x00e0: 0019 0100 0101 000b 0002 0100 0010 000e ................
0x00f0: 000c 0268 3208 6874 7470 2f31 2e31 0005 ...h2.http/1.1..
0x0100: 0005 0100 0000 0000 2200 0a00 0804 0305 ........".......
0x0110: 0306 0302 0300 3300 6b00 6900 1d00 20ea ......3.k.i.....
0x0120: c87c 82da f088 0c0c aadc 4155 078b b80c .|........AU....
0x0130: 0f90 fd4c a426 d49f eeac 0a14 545b 2700 ...L.&......T['.
0x0140: 1700 4104 70b8 f315 70a3 1646 383e 0267 ..A.p...p..F8>.g
0x0150: a19c c600 d350 b82c b14f aba3 1b3a 8f78 .....P.,.O...:.x
0x0160: 9666 7d0e 5402 4409 1833 a77e 7e73 50a0 .f}.T.D..3.~~sP.
0x0170: bf53 333b 805c b610 6c5e a20b f06c 8498 .S3;.\..l^...l..
0x0180: 39fa b60f 002b 0005 0403 0403 0300 0d00 9....+..........
0x0190: 1800 1604 0305 0306 0308 0408 0508 0604 ................
0x01a0: 0105 0106 0102 0302 0100 2d00 0201 0100 ..........-.....
0x01b0: 1c00 0240 0100 2901 2b00 f600 f0f4 0c8b ...@..).+.......
0x01c0: 5112 991d 83a6 c0ea 7598 add7 132c 9e10 Q.......u....,..
0x01d0: 36d0 b637 2cff 8174 f477 73a1 a2c9 31e4 6..7,..t.ws...1.
0x01e0: 0468 69d0 bb72 0273 82b0 5425 920b 0831 .hi..r.s..T%...1
0x01f0: ec69 51f0 166a defa 9dc4 36ee 688e 1055 .iQ..j....6.h..U
0x0200: d384 0f61 3265 5873 8cf6 5aa4 5859 7d7e ...a2eXs..Z.XY}~
0x0210: 0ac1 d28e bd3b a4fa 2914 bf60 eec9 f11a .....;..)..`....
0x0220: 9920 9541 7e5d 874b 0d98 b142 91fc 6255 ...A~].K...B..bU
0x0230: ac49 07ea 891c e4bf 8348 38fe d556 f6fa .I.......H8..V..
0x0240: 20c0 5024 eb07 aa5c a50d 96ec c8f0 6986 ..P$...\......i.
0x0250: 5d5e db93 7f35 cdda 3cec fc59 3322 b2a1 ]^...5..<..Y3"..
0x0260: 21af 1fd7 3f40 c56e 1eec 35c2 8fd6 a3ab !...?@.n..5.....
0x0270: 23a9 63df fa89 21ba 2e7e 40bd bc2a 10dd #.c...!..~@..*..
0x0280: ee6c 6484 6011 680f 7ba4 b253 e30f 6eb1 .ld.`.h.{..S..n.
0x0290: fc3a f8b4 28f0 576a 795f b6fe 8d9a 7867 .:..(.Wjy_....xg
0x02a0: 3a7f dc7c 6635 47e2 3abe 01f5 764a 815c :..|f5G.:...vJ.\
0x02b0: 3900 3130 ef7d 112b 0c56 ea3c 4640 a251 9.10.}.+.V.<F@.Q
0x02c0: d7a6 cb88 a05e 4f92 5e3c 287f 7b77 720d .....^O.^<(.{wr.
0x02d0: ae34 5e13 57a0 a646 5364 473e 9d1f 331b .4^.W..FSdG>..3.
0x02e0: 3a4a f2bd :J..
```

220
hw2/t3.md Normal file
View File

@ -0,0 +1,220 @@
```
1714254316.558048 eth0 In IP (tos 0x0, ttl 64, id 4247, offset 0, flags [none], proto UDP (17), length 1385)
sea30s01-in-f3.1e100.net.https > 10.0.2.15.34445: UDP, length 1357
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0569 1097 0000 4011 9d42 5...E..i....@..B
0x0020: acd9 0ec3 0a00 020f 01bb 868d 0555 e4ac .............U..
0x0030: ce00 0000 0103 f2a6 0d08 f31e ab68 d326 .............h.&
0x0040: 84ab 0044 02f2 7175 4bab 6b76 cf99 8811 ...D..quK.kv....
0x0050: 067c 5e40 72ef b138 8470 5659 87de f08a .|^@r..8.pVY....
0x0060: 01bb bb92 198b 4b51 1d0e 2336 3750 2292 ......KQ..#67P".
0x0070: 6e01 6a1f 9b8f 7550 5b94 de81 65d7 6517 n.j...uP[...e.e.
0x0080: ff73 c171 119b 2fd7 2f43 3c2e e4c7 6480 .s.q.././C<...d.
0x0090: a2ff af8b ed42 b215 f57f f5f2 72af 9992 .....B......r...
0x00a0: 8fb2 ea97 0127 3b2b 02b2 aae6 83c4 e9a8 .....';+........
0x00b0: f095 643a f301 b9b8 e493 6489 c38e e446 ..d:......d....F
0x00c0: 0da4 25fc bce3 0f9c a25f 8749 fa5b a06d ..%......_.I.[.m
0x00d0: ce01 973e 114b acbb 8fe2 ecea 595f 6399 ...>.K......Y_c.
0x00e0: 0fec 7da2 66cc 38ed 8205 53d6 9937 9b0b ..}.f.8...S..7..
0x00f0: 53d9 5773 f7eb d433 0290 da80 fc8b 4376 S.Ws...3......Cv
0x0100: 801b 2bed e4d8 1bc1 ff4d e7f4 0048 b7d1 ..+......M...H..
0x0110: ed47 5240 69f0 81e9 3e08 4908 f544 021f .GR@i...>.I..D..
0x0120: e5ad e281 72d5 6b4e aee1 a4c4 cf53 bce2 ....r.kN.....S..
0x0130: db59 2c23 f450 e4a3 d3ac e848 fc12 203e .Y,#.P.....H...>
0x0140: f9bd ace7 e7bf d0b0 b468 842f 4162 cc57 .........h./Ab.W
0x0150: 222f 7854 40f5 fe7d c9a4 0100 1d31 b066 "/xT@..}.....1.f
0x0160: ede2 0e29 3406 385a b91a def1 c991 46e2 ...)4.8Z......F.
0x0170: f92a 61e3 0afa 3a8a 56a7 5417 64a8 104f .*a...:.V.T.d..O
0x0180: 7b30 d22c 1489 f82b 52a7 837a 4c26 a08d {0.,...+R..zL&..
0x0190: e5be 5886 69ca 38f7 cda3 498a e69d 6404 ..X.i.8...I...d.
0x01a0: 7817 0a64 0ff1 7d92 3412 6de9 04ef 7c6e x..d..}.4.m...|n
0x01b0: 0fde 5c41 de73 8b0d 3d90 5e0d d492 7cb1 ..\A.s..=.^...|.
0x01c0: 4f0c f63c 73e4 238f ed7b a833 47c5 8355 O..<s.#..{.3G..U
0x01d0: 67ca da78 c1fb d304 8cca 623b 405e 5c15 g..x......b;@^\.
0x01e0: a650 0520 762d 8191 8272 b77c 62ad 2c92 .P..v-...r.|b.,.
0x01f0: 613d b4f7 7a71 f6bf c75b e521 f517 1265 a=..zq...[.!...e
0x0200: f336 100e 1919 e4fd 5288 49c3 d8a4 c8a6 .6......R.I.....
0x0210: 71cf c455 33f2 9b29 5880 4530 f3bd 2a41 q..U3..)X.E0..*A
0x0220: fb86 78ad 95b5 0c8f 5b30 f278 de40 6963 ..x.....[0.x.@ic
0x0230: 9455 94e1 2dab 46bf 899e 5685 9358 bd0f .U..-.F...V..X..
0x0240: 2c10 1f90 455e e37d 3a12 5793 d834 3be1 ,...E^.}:.W..4;.
0x0250: 3916 cd51 d4b9 d968 7d39 7455 31cb 5c8a 9..Q...h}9tU1.\.
0x0260: 9794 450a 73d0 1840 51e1 2832 fe91 d1ca ..E.s..@Q.(2....
0x0270: 69b6 b2d3 4acf 68fa ccbe a4fd 5365 d3cf i...J.h.....Se..
0x0280: 7909 53f0 0e24 69be dd7d a0c4 4e3b f160 y.S..$i..}..N;.`
0x0290: 9335 5447 4f4a 59f9 a22c afe5 727b e4da .5TGOJY..,..r{..
0x02a0: 2ee1 d816 c14a f92e 6095 69c9 5c8e 2ef1 .....J..`.i.\...
0x02b0: 1ea2 a8fe a6a0 a718 cfd6 c983 ecd4 fba7 ................
0x02c0: 5a1f 15a9 3b08 e04d f212 3d60 aab4 d1ef Z...;..M..=`....
0x02d0: 6e71 4eb0 fc4a 9e66 eecf 0d8d 8629 4e2a nqN..J.f.....)N*
0x02e0: 279e 7e3d c876 f7db 9ba1 cb15 9729 224c '.~=.v.......)"L
0x02f0: d4ef 76d6 452e fe67 8d00 4bf2 6a29 2dbd ..v.E..g..K.j)-.
0x0300: 8ac3 1ec6 dbb8 be2f 33ee af43 538f 064c ......./3..CS..L
0x0310: b30f e471 54fd 8730 7905 93e2 aaa1 79ec ...qT..0y.....y.
0x0320: ca9b bd72 5760 5f98 5f2d 4f72 4709 a8e3 ...rW`_._-OrG...
0x0330: b0f6 c1eb d71d ae31 c6e1 1edb c8d3 8672 .......1.......r
0x0340: e595 e4aa b638 8318 3081 a446 e106 7f71 .....8..0..F...q
0x0350: b76d 2431 e109 033c 8b51 4e9e e57f e4b6 .m$1...<.QN.....
0x0360: 51cd 8ca0 6d57 fec8 a3e4 d429 fd63 ff6e Q...mW.....).c.n
0x0370: 20a7 4853 81e4 7770 85e0 85ec 6062 1394 ..HS..wp....`b..
0x0380: c850 c896 9568 737d 079a 6dfe c281 522b .P...hs}..m...R+
0x0390: d00e 74a9 3ebd 3926 f871 9355 b0a1 8191 ..t.>.9&.q.U....
0x03a0: 9014 ce57 8432 45cf 4ae9 a049 739b 7313 ...W.2E.J..Is.s.
0x03b0: ba12 0cb4 22c4 c966 f6f9 6cd4 06fa 3b91 ...."..f..l...;.
0x03c0: 8911 1acc 9dc1 f253 820c 222e af6e 1487 .......S.."..n..
0x03d0: 7ad3 3dd5 9c0b 2d77 c1de 1801 f7b9 5729 z.=...-w......W)
0x03e0: 6c75 5d45 cf1f ebc8 57a8 0cb9 6562 66ce lu]E....W...ebf.
0x03f0: 5caa 4047 97c6 3678 d423 b329 d873 016c \.@G..6x.#.).s.l
0x0400: 00a7 758c 2414 ea61 dd7e e96b f994 8707 ..u.$..a.~.k....
0x0410: 05a1 6979 3212 c989 206e 49d9 8942 789c ..iy2....nI..Bx.
0x0420: 4bb5 7b34 f359 c439 d511 f6c4 1afe aa31 K.{4.Y.9.......1
0x0430: bbca d56e b0b8 e065 377e 1779 1f79 dc8c ...n...e7~.y.y..
0x0440: 56df 0ee5 f483 ecea 0000 0001 03f2 a60d V...............
0x0450: 08f3 1eab 68d3 2684 ab40 dd08 6c36 6c5a ....h.&..@..l6lZ
0x0460: 7f64 e00a 53a4 3bb7 1f4a ea72 6011 f830 .d..S.;..J.r`..0
0x0470: 8601 9ed8 9afc c60b 8adc 0622 e347 c967 ...........".G.g
0x0480: cbe0 67d8 fdaa 2975 692b f930 ff5e 431a ..g...)ui+.0.^C.
0x0490: c897 f26e ffc2 48dd 773a 18f2 24da 3368 ...n..H.w:..$.3h
0x04a0: 6bc3 93bd 2367 b101 6a14 bd97 27ae 27c0 k...#g..j...'.'.
0x04b0: e5a2 ef4a 3308 aa78 af83 0666 d69d 4cf2 ...J3..x...f..L.
0x04c0: 7113 2e91 e7c9 3d4c 096f 4bc6 6b08 c71b q.....=L.oK.k...
0x04d0: 1ec3 a3c0 f41c 1369 c003 806c cb39 d250 .......i...l.9.P
0x04e0: df68 9e08 b3aa 6518 b285 e137 9d44 006a .h....e....7.D.j
0x04f0: 5d38 6582 5717 4641 6214 65e1 9f32 2889 ]8e.W.FAb.e..2(.
0x0500: d1fc 469a b875 0be6 a96f e88b fed3 3717 ..F..u...o....7.
0x0510: 8219 a65f 7880 7a9d 5b4d 5bea 380a 02d0 ..._x.z.[M[.8...
0x0520: bce2 27ba 9f1c 0feb a26f a205 9e99 0b2a ..'......o.....*
0x0530: bbb8 d7c0 b294 5782 5af2 a60d 918a 6cfc ......W.Z.....l.
0x0540: ff82 2b9a 5848 7388 f625 1c3a da6c 968d ..+.XHs..%.:.l..
0x0550: 970c b1b1 7f1c bcff 68a6 8334 7fbb 809d ........h..4....
0x0560: 15fa 581a 0176 281c 740c aa0e ab44 717e ..X..v(.t....Dq~
0x0570: 1221 9487 b404 41b2 2b29 3b8a c6 .!....A.+);..
1714254316.558108 eth0 In IP (tos 0x0, ttl 64, id 4248, offset 0, flags [none], proto UDP (17), length 643)
sea30s01-in-f3.1e100.net.https > 10.0.2.15.34445: UDP, length 615
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0283 1098 0000 4011 a027 5...E.......@..'
0x0020: acd9 0ec3 0a00 020f 01bb 868d 026f 1655 .............o.U
0x0030: 41f2 a60d 2871 a44f db08 f3e0 2860 fcff A...(q.O....(`..
0x0040: 03bf 6ac6 5c78 9a8f 6222 318b 6a7c f41b ..j.\x..b"1.j|..
0x0050: 0ec0 1aeb 441e 6f39 91ab 0120 cd6f 8f43 ....D.o9.....o.C
0x0060: f0a5 a8c5 77b5 0144 afa3 a4f5 82b7 d5d4 ....w..D........
0x0070: 9bb7 c357 76f0 6ce6 d2c3 1b3e 547b 6b6f ...Wv.l....>T{ko
0x0080: aae0 0bb4 1cc3 2f9e 2749 c69a 6d73 1b5f ....../.'I..ms._
0x0090: ed26 87e9 f7e8 bbca e007 a3d0 a862 9fbd .&...........b..
0x00a0: 5409 fa68 07c2 57e2 60e5 e5c5 de2c d33f T..h..W.`....,.?
0x00b0: 64d0 7b3f 99af 0e07 13ad 43db d048 fcce d.{?......C..H..
0x00c0: a4d0 c2c2 4284 e280 cc44 c29d 3314 3945 ....B....D..3.9E
0x00d0: 1a70 040b 96fc 9122 9497 f054 5300 552c .p....."...TS.U,
0x00e0: 15c4 e5a1 3b5c 61cd 7157 9d09 1d2e 19ae ....;\a.qW......
0x00f0: c009 1d61 be19 1ac9 5736 2239 cbbb ca5f ...a....W6"9..._
0x0100: b61b 581d d399 a637 52bc 31cc 76ab 6f10 ..X....7R.1.v.o.
0x0110: 4df6 1af2 5ecf cb79 4d71 4a07 f733 2a87 M...^..yMqJ..3*.
0x0120: 2243 b8a8 d803 b2bc d249 0bd1 9ca3 4305 "C.......I....C.
0x0130: f463 580a 4d0c 61d8 2078 4d6d ae09 ad24 .cX.M.a..xMm...$
0x0140: 7342 985b a634 1d01 106f 230a cbf3 ee3c sB.[.4...o#....<
0x0150: 93e2 410a b3fc 68c4 60ce 467a 7ad2 92eb ..A...h.`.Fzz...
0x0160: 9448 cbcf b722 feb6 5692 177f e622 4f4b .H..."..V...."OK
0x0170: 69c3 fb73 c918 8a03 8824 eb0b c603 884c i..s.....$.....L
0x0180: 650f c9c1 0715 e3a0 4465 f379 7e0b bd2d e.......De.y~..-
0x0190: de30 3fb3 c21b 2ef3 261d 2d5e 4bcc 58c4 .0?.....&.-^K.X.
0x01a0: fa32 892b 84a2 f248 07a7 7a62 39e8 cc65 .2.+...H..zb9..e
0x01b0: aeab 84a4 cbf5 8aa0 b9e5 19b3 ac8c 57a2 ..............W.
0x01c0: bed5 bb77 dd2a 03a8 b903 6ea1 9545 506e ...w.*....n..EPn
0x01d0: 9601 07a7 a9ef f8ff ffe0 6753 6cf6 9078 ..........gSl..x
0x01e0: 4e4f 9338 53a1 e061 9ac3 b60c 3789 7f45 NO.8S..a....7..E
0x01f0: 3459 0f7a dcdd bf28 7e6d 6234 6a8f 9329 4Y.z...(~mb4j..)
0x0200: e734 75f6 93df 5c21 a3c2 02b4 18d0 ce5b .4u...\!.......[
0x0210: 318d 9829 c576 8c16 7d08 857e 217a 0571 1..).v..}..~!z.q
0x0220: 722f 567a 15f9 4961 4e60 36b1 be19 ff20 r/Vz..IaN`6.....
0x0230: ebe7 24de 79a8 3d73 cb09 162b eaa7 cb0b ..$.y.=s...+....
0x0240: 364e 4667 cc8e 0984 2932 97f7 7ae1 cd6e 6NFg....)2..z..n
0x0250: 4bd3 c286 13a6 dd0d 0093 5556 05cc 976e K.........UV...n
0x0260: cca2 dff2 8bd8 c881 85b2 b2a3 4f06 e8bd ............O...
0x0270: ef3d 81d7 dab4 5114 0ca4 b481 490c 5676 .=....Q.....I.Vv
0x0280: 6e7f b88b fdf6 f0d9 77f8 02e0 1d5d c7cd n.......w....]..
0x0290: 1e30 4a8d 8f94 85 .0J....
1714254316.564957 eth0 In IP (tos 0x0, ttl 64, id 4249, offset 0, flags [none], proto UDP (17), length 157)
sea30s01-in-f3.1e100.net.https > 10.0.2.15.34445: UDP, length 129
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 009d 1099 0000 4011 a20c 5...E.......@...
0x0020: acd9 0ec3 0a00 020f 01bb 868d 0089 bd88 ................
0x0030: 5ff2 a60d e917 0419 2aeb ae64 e88f 2ebd _.......*..d....
0x0040: 27e1 0011 ab82 e5b2 8f78 fb95 0ca0 8b09 '........x......
0x0050: 1834 0872 ea3b 7a80 e14f 54f5 8daf 5aa4 .4.r.;z..OT...Z.
0x0060: 9294 92ac 6a59 2cbe f702 597c 7f76 de51 ....jY,...Y|.v.Q
0x0070: a401 d9bf fd8f 7b36 9a8a 6c32 e526 4810 ......{6..l2.&H.
0x0080: d54b a65f e328 3fe1 37c0 7d6c ecee a7ae .K._.(?.7.}l....
0x0090: 38a7 0013 5dde 320c b220 7851 21eb b051 8...].2...xQ!..Q
0x00a0: ad12 35c1 2047 cbe2 b6f8 2826 27cd 04dc ..5..G....(&'...
0x00b0: 70 p
1714254317.554248 eth0 In IP (tos 0x0, ttl 64, id 4294, offset 0, flags [none], proto UDP (17), length 86)
10.0.2.3.domain > 10.0.2.15.33426: 13745 1/0/0 www.googletagmanager.com. A 142.251.33.72 (58)
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0056 10c6 0000 4011 51c0 5...E..V....@.Q.
0x0020: 0a00 0203 0a00 020f 0035 8292 0042 8dcb .........5...B..
0x0030: 35b1 8180 0001 0001 0000 0000 0377 7777 5............www
0x0040: 1067 6f6f 676c 6574 6167 6d61 6e61 6765 .googletagmanage
0x0050: 7203 636f 6d00 0001 0001 c00c 0001 0001 r.com...........
0x0060: 0000 0091 0004 8efb 2148 ........!H
1714254317.554276 eth0 In IP (tos 0x0, ttl 64, id 4295, offset 0, flags [none], proto UDP (17), length 98)
10.0.2.3.domain > 10.0.2.15.33426: 51377 1/0/0 www.googletagmanager.com. AAAA 2607:f8b0:400a:806::2008 (70)
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0062 10c7 0000 4011 51b3 5...E..b....@.Q.
0x0020: 0a00 0203 0a00 020f 0035 8292 004e 23d6 .........5...N#.
0x0030: c8b1 8180 0001 0001 0000 0000 0377 7777 .............www
0x0040: 1067 6f6f 676c 6574 6167 6d61 6e61 6765 .googletagmanage
0x0050: 7203 636f 6d00 001c 0001 c00c 001c 0001 r.com...........
0x0060: 0000 009f 0010 2607 f8b0 400a 0806 0000 ......&...@.....
0x0070: 0000 0000 2008 ......
1714254318.343893 eth0 In IP (tos 0x0, ttl 64, id 4658, offset 0, flags [none], proto TCP (6), length 44)
a104-70-127-13.deploy.static.akamaitechnologies.com.https > 10.0.2.15.34136: Flags [S.], cksum 0x37e4 (correct), seq 190976001, ack 4000635876, win 65535, options [mss 1460], length 0
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 002c 1232 0000 4006 7538 5...E..,.2..@.u8
0x0020: 6846 7f0d 0a00 020f 01bb 8558 0b62 1001 hF.........X.b..
0x0030: ee74 dbe4 6012 ffff 37e4 0000 0204 05b4 .t..`...7.......
0x0040: 0000 ..
1714254318.344841 eth0 In IP (tos 0x0, ttl 64, id 4659, offset 0, flags [none], proto TCP (6), length 40)
a104-70-127-13.deploy.static.akamaitechnologies.com.https > 10.0.2.15.34136: Flags [.], cksum 0x4cf6 (correct), ack 684, win 65535, length 0
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0028 1233 0000 4006 753b 5...E..(.3..@.u;
0x0020: 6846 7f0d 0a00 020f 01bb 8558 0b62 1002 hF.........X.b..
0x0030: ee74 de8f 5010 ffff 4cf6 0000 0000 0000 .t..P...L.......
0x0040: 0000 ..
1714254318.351551 eth0 In IP (tos 0x0, ttl 64, id 4660, offset 0, flags [none], proto TCP (6), length 304)
a104-70-127-13.deploy.static.akamaitechnologies.com.https > 10.0.2.15.34136: Flags [P.], cksum 0xa8b1 (correct), seq 1:265, ack 684, win 65535, length 264
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0130 1234 0000 4006 7432 5...E..0.4..@.t2
0x0020: 6846 7f0d 0a00 020f 01bb 8558 0b62 1002 hF.........X.b..
0x0030: ee74 de8f 5018 ffff a8b1 0000 1603 0300 .t..P...........
0x0040: 8002 0000 7c03 0312 bfa2 bf23 d972 256f ....|......#.r%o
0x0050: fe18 a1be 4b0e f895 89be ac10 e7a8 5dfa ....K.........].
0x0060: 95a0 f782 9742 8020 dc8f 4f02 c646 249e .....B....O..F$.
0x0070: 4d68 d3a4 663d dff0 f2fb bab2 a79c 296d Mh..f=........)m
0x0080: f954 f5bf f503 414c 1302 0000 3400 2b00 .T....AL....4.+.
0x0090: 0203 0400 3300 2400 1d00 20d1 e36c 57c7 ....3.$......lW.
0x00a0: 8781 356c d2e6 55e8 ba83 fd4d 1196 e88b ..5l..U....M....
0x00b0: 0e97 49da 5223 bb84 3846 6d00 2900 0200 ..I.R#..8Fm.)...
0x00c0: 0014 0303 0001 0117 0303 002e 9b5a 5a26 .............ZZ&
0x00d0: 87ae 2093 6f99 beea bc25 7091 78bf e262 ....o....%p.x..b
0x00e0: 56cb c257 9ec2 0207 8bfc 3063 5fe9 ff9e V..W......0c_...
0x00f0: fa4d 3723 d2ba 85cf 6f7b 1703 0300 455f .M7#....o{....E_
0x0100: 6101 2a9b 0062 831c afbf 097b b431 ad7b a.*..b.....{.1.{
0x0110: 3968 ab9c 007d 7b1f a690 bfc8 af31 752f 9h...}{......1u/
0x0120: 3d54 0d58 76ae 736c f81b 45f5 4702 668c =T.Xv.sl..E.G.f.
0x0130: 9209 b73c c159 c9ea 457a 14dc 1fdb 56d9 ...<.Y..Ez....V.
0x0140: 7da0 eee4 }...
1714254318.352141 eth0 In IP (tos 0x0, ttl 64, id 4661, offset 0, flags [none], proto TCP (6), length 40)
a104-70-127-13.deploy.static.akamaitechnologies.com.https > 10.0.2.15.34136: Flags [.], cksum 0x4b9e (correct), ack 764, win 65535, length 0
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0028 1235 0000 4006 7539 5...E..(.5..@.u9
0x0020: 6846 7f0d 0a00 020f 01bb 8558 0b62 110a hF.........X.b..
0x0030: ee74 dedf 5010 ffff 4b9e 0000 0000 0000 .t..P...K.......
0x0040: 0000 ..
1714254318.352216 eth0 In IP (tos 0x0, ttl 64, id 4662, offset 0, flags [none], proto TCP (6), length 40)
a104-70-127-13.deploy.static.akamaitechnologies.com.https > 10.0.2.15.34136: Flags [.], cksum 0x4af4 (correct), ack 934, win 65535, length 0
0x0000: 0800 0000 0000 0002 0001 0006 5254 0012 ............RT..
0x0010: 3502 0000 4500 0028 1236 0000 4006 7538 5...E..(.6..@.u8
0x0020: 6846 7f0d 0a00 020f 01bb 8558 0b62 110a hF.........X.b..
0x0030: ee74 df89 5010 ffff 4af4 0000 0000 0000 .t..P...J.......
0x0040: 0000 ..
```