Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
ARP Flooding und HTTP 1.1 im Wireshark

ARP Flooding und HTTP 1.1 im Wireshark


Log-Analyse und Auswertung: ARP Flooding und HTTP 1.1 im Wireshark

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Thema geschlossen
Alt 01.12.2023, 18:04   #1
Koolman
 
ARP Flooding und HTTP 1.1 im Wireshark - Standard

ARP Flooding und HTTP 1.1 im Wireshark


Hallo liebes Forum,

unsere PCs weisen alle die gleichen ARP Anfragen und HTTP 1.1 ist zu sehen. Kann man das bitte überprüfen bzw. was genau soll ich noch hier reinschreiben, dass man schauen kann was los ist?

Liebe Grüße
Koolman

Code:
ATTFilter
21037	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.155? Tell 192.168.2.1
21038	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.156? Tell 192.168.2.1
21039	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.157? Tell 192.168.2.1
21040	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.158? Tell 192.168.2.1
21041	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.159? Tell 192.168.2.1
21042	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.160? Tell 192.168.2.1
21043	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.161? Tell 192.168.2.1
21044	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.162? Tell 192.168.2.1
21045	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.163? Tell 192.168.2.1
21046	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.164? Tell 192.168.2.1
21047	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.165? Tell 192.168.2.1
21048	557.853911	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.166? Tell 192.168.2.1
21049	557.854177	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.167? Tell 192.168.2.1
21050	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.168? Tell 192.168.2.1
21051	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.169? Tell 192.168.2.1
21052	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.170? Tell 192.168.2.1
21053	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.171? Tell 192.168.2.1
21054	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.172? Tell 192.168.2.1
21055	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.173? Tell 192.168.2.1
21056	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.174? Tell 192.168.2.1
21057	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.175? Tell 192.168.2.1
21058	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.176? Tell 192.168.2.1
21059	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.177? Tell 192.168.2.1
21060	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.178? Tell 192.168.2.1
21061	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.179? Tell 192.168.2.1
21062	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.180? Tell 192.168.2.1
21063	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.181? Tell 192.168.2.1
21064	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.182? Tell 192.168.2.1
21065	557.865116	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.183? Tell 192.168.2.1
21066	557.865182	46:8e:cc:78:7e:72	Sercomm_79:79:ca	ARP	42	192.168.2.180 is at 46:8e:cc:78:7e:72
21067	557.867288	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.185? Tell 192.168.2.1
21068	557.869517	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.186? Tell 192.168.2.1
21069	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.187? Tell 192.168.2.1
21070	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.188? Tell 192.168.2.1
21071	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.189? Tell 192.168.2.1
21072	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.190? Tell 192.168.2.1
21073	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.191? Tell 192.168.2.1
21074	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.192? Tell 192.168.2.1
21075	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.193? Tell 192.168.2.1
21076	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.194? Tell 192.168.2.1
21077	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.195? Tell 192.168.2.1
21078	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.196? Tell 192.168.2.1
21079	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.197? Tell 192.168.2.1
21080	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.198? Tell 192.168.2.1
21081	557.881427	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.199? Tell 192.168.2.1
21082	558.854279	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21083	559.512885	34.203.175.187	192.168.2.180	TCP	54	[TCP Dup ACK 42#37] 443 → 49863 [ACK] Seq=1 Ack=1 Win=8 Len=0
21084	559.512937	192.168.2.180	34.203.175.187	TCP	54	[TCP Dup ACK 43#37] 49863 → 443 [ACK] Seq=1 Ack=2 Win=260 Len=0
21085	560.075351	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21086	560.805495	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21087	560.998528	192.168.2.105	192.168.2.255	NBNS	92	Name query NB BRW30C9AB0B4EA3<00>
21088	560.998528	192.168.2.105	224.0.0.251	MDNS	81	Standard query 0x0000 A BRW30C9AB0B4EA3.local, "QM" question
21089	560.998528	fe80::1a14:397b:c0ff:2890	ff02::fb	MDNS	101	Standard query 0x0000 A BRW30C9AB0B4EA3.local, "QM" question
21090	560.998528	192.168.2.105	224.0.0.251	MDNS	81	Standard query 0x0000 AAAA BRW30C9AB0B4EA3.local, "QM" question
21091	560.998528	fe80::1a14:397b:c0ff:2890	ff02::fb	MDNS	101	Standard query 0x0000 AAAA BRW30C9AB0B4EA3.local, "QM" question
21092	560.998528	fe80::1a14:397b:c0ff:2890	ff02::1:3	LLMNR	95	Standard query 0xb830 A BRW30C9AB0B4EA3
21093	560.998528	192.168.2.105	224.0.0.252	LLMNR	75	Standard query 0xb830 A BRW30C9AB0B4EA3
21094	560.998528	fe80::1a14:397b:c0ff:2890	ff02::1:3	LLMNR	95	Standard query 0x63be AAAA BRW30C9AB0B4EA3
21095	560.998528	192.168.2.105	224.0.0.252	LLMNR	75	Standard query 0x63be AAAA BRW30C9AB0B4EA3
21096	561.611843	fe80::1a14:397b:c0ff:2890	ff02::1:3	LLMNR	95	Standard query 0xb830 A BRW30C9AB0B4EA3
21097	561.611843	fe80::1a14:397b:c0ff:2890	ff02::1:3	LLMNR	95	Standard query 0x63be AAAA BRW30C9AB0B4EA3
21098	561.611843	192.168.2.105	224.0.0.252	LLMNR	75	Standard query 0x63be AAAA BRW30C9AB0B4EA3
21099	561.611843	192.168.2.105	224.0.0.252	LLMNR	75	Standard query 0xb830 A BRW30C9AB0B4EA3
21100	561.918821	192.168.2.105	192.168.2.255	NBNS	92	Name query NB BRW30C9AB0B4EA3<00>
21101	561.918821	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21102	562.226266	192.168.2.105	224.0.0.251	MDNS	81	Standard query 0x0000 AAAA BRW30C9AB0B4EA3.local, "QM" question
21103	562.226266	fe80::1a14:397b:c0ff:2890	ff02::fb	MDNS	101	Standard query 0x0000 AAAA BRW30C9AB0B4EA3.local, "QM" question
21104	562.226266	192.168.2.105	224.0.0.251	MDNS	81	Standard query 0x0000 A BRW30C9AB0B4EA3.local, "QM" question
21105	562.226266	fe80::1a14:397b:c0ff:2890	ff02::fb	MDNS	101	Standard query 0x0000 A BRW30C9AB0B4EA3.local, "QM" question
21106	562.532731	192.168.2.105	192.168.2.255	NBNS	92	Name query NB BRW30C9AB0B4EA3<00>
21107	563.147523	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21108	563.881975	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21109	564.990650	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21110	572.064478	fe80::162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fe80::2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21111	572.064557	fe80::2314:508f:2d41:9410	fe80::162e:5eff:fe79:79ca	ICMPv6	86	Neighbor Advertisement fe80::2314:508f:2d41:9410 (sol, ovr) is at 46:8e:cc:78:7e:72
21112	572.068883	fe80::162e:5eff:fe79:79ca	fe80::2314:508f:2d41:9410	ICMPv6	128	Echo (ping) request id=0xeb35, seq=1, hop limit=64 (reply in 21113)
21113	572.069039	fe80::2314:508f:2d41:9410	fe80::162e:5eff:fe79:79ca	ICMPv6	128	Echo (ping) reply id=0xeb35, seq=1, hop limit=64 (request in 21112)
21114	574.617260	34.203.175.187	192.168.2.180	TCP	54	[TCP Dup ACK 42#38] 443 → 49863 [ACK] Seq=1 Ack=1 Win=8 Len=0
21115	574.617281	192.168.2.180	34.203.175.187	TCP	54	[TCP Dup ACK 43#38] 49863 → 443 [ACK] Seq=1 Ack=2 Win=260 Len=0
21116	576.873434	fe80::2314:508f:2d41:9410	fe80::162e:5eff:fe79:79ca	ICMPv6	86	Neighbor Solicitation for fe80::162e:5eff:fe79:79ca from 46:8e:cc:78:7e:72
21117	576.876830	fe80::162e:5eff:fe79:79ca	fe80::2314:508f:2d41:9410	ICMPv6	78	Neighbor Advertisement fe80::162e:5eff:fe79:79ca (rtr, sol)
21118	577.821326	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21119	577.821958	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21120	577.992044	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21121	578.070601	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21122	578.321579	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21123	578.568432	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21124	578.986875	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21125	579.560755	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21126	580.307822	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21127	581.541362	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21128	582.312688	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21129	582.502799	192.168.2.182	192.168.2.255	BROWSER	255	Local Master Announcement HPB7243D, Workstation, Server, Print Queue Server, Xenix Server, NT Workstation, NT Server, Master Browser, DFS server
21130	582.502799	192.168.2.182	192.168.2.255	BROWSER	251	Domain/Workgroup Announcement WORKGROUP, NT Workstation, Domain Enum
21131	583.549771	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21132	583.985621	192.168.2.180	23.35.238.131	TCP	55	[TCP Keep-Alive] 50201 → 443 [ACK] Seq=1054 Ack=7109 Win=66560 Len=1
21133	583.998655	23.35.238.131	192.168.2.180	TCP	66	[TCP Keep-Alive ACK] 443 → 50201 [ACK] Seq=7109 Ack=1055 Win=64128 Len=0 SLE=1054 SRE=1055
21134	584.196891	13.107.21.239	192.168.2.180	TCP	54	443 → 50262 [RST, ACK] Seq=7053 Ack=1531 Win=0 Len=0
21135	584.313720	192.168.2.180	239.255.255.250	UDP	698	51227 → 3702 Len=656
21136	585.556416	fe80::2314:508f:2d41:9410	ff02::c	UDP	718	51228 → 3702 Len=656
21137	587.117055	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21138	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.100? Tell 192.168.2.1
21139	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.101? Tell 192.168.2.1
21140	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.102? Tell 192.168.2.1
21141	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.103? Tell 192.168.2.1
21142	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.104? Tell 192.168.2.1
21143	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.105? Tell 192.168.2.1
21144	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.106? Tell 192.168.2.1
21145	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.107? Tell 192.168.2.1
21146	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.108? Tell 192.168.2.1
21147	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.109? Tell 192.168.2.1
21148	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.110? Tell 192.168.2.1
21149	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.111? Tell 192.168.2.1
21150	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.112? Tell 192.168.2.1
21151	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.113? Tell 192.168.2.1
21152	587.819894	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.114? Tell 192.168.2.1
21153	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.115? Tell 192.168.2.1
21154	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.116? Tell 192.168.2.1
21155	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.117? Tell 192.168.2.1
21156	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.118? Tell 192.168.2.1
21157	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.119? Tell 192.168.2.1
21158	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.120? Tell 192.168.2.1
21159	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.121? Tell 192.168.2.1
21160	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.122? Tell 192.168.2.1
21161	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.123? Tell 192.168.2.1
21162	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.124? Tell 192.168.2.1
21163	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.125? Tell 192.168.2.1
21164	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.126? Tell 192.168.2.1
21165	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.127? Tell 192.168.2.1
21166	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.128? Tell 192.168.2.1
21167	587.830103	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.129? Tell 192.168.2.1
21168	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.130? Tell 192.168.2.1
21169	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.131? Tell 192.168.2.1
21170	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.132? Tell 192.168.2.1
21171	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.133? Tell 192.168.2.1
21172	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.134? Tell 192.168.2.1
21173	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.135? Tell 192.168.2.1
21174	587.833525	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.136? Tell 192.168.2.1
21175	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.137? Tell 192.168.2.1
21176	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.138? Tell 192.168.2.1
21177	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.139? Tell 192.168.2.1
21178	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.140? Tell 192.168.2.1
21179	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.141? Tell 192.168.2.1
21180	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.142? Tell 192.168.2.1
21181	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.143? Tell 192.168.2.1
21182	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.144? Tell 192.168.2.1
21183	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.145? Tell 192.168.2.1
21184	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.146? Tell 192.168.2.1
21185	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.147? Tell 192.168.2.1
21186	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.148? Tell 192.168.2.1
21187	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.149? Tell 192.168.2.1
21188	587.844312	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.150? Tell 192.168.2.1
21189	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.151? Tell 192.168.2.1
21190	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.152? Tell 192.168.2.1
21191	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.153? Tell 192.168.2.1
21192	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.154? Tell 192.168.2.1
21193	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.155? Tell 192.168.2.1
21194	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.156? Tell 192.168.2.1
21195	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.157? Tell 192.168.2.1
21196	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.158? Tell 192.168.2.1
21197	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.159? Tell 192.168.2.1
21198	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.160? Tell 192.168.2.1
21199	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.161? Tell 192.168.2.1
21200	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.162? Tell 192.168.2.1
21201	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.163? Tell 192.168.2.1
21202	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.164? Tell 192.168.2.1
21203	587.855114	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.165? Tell 192.168.2.1
21204	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.166? Tell 192.168.2.1
21205	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.167? Tell 192.168.2.1
21206	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.168? Tell 192.168.2.1
21207	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.169? Tell 192.168.2.1
21208	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.170? Tell 192.168.2.1
21209	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.171? Tell 192.168.2.1
21210	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.172? Tell 192.168.2.1
21211	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.173? Tell 192.168.2.1
21212	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.174? Tell 192.168.2.1
21213	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.175? Tell 192.168.2.1
21214	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.176? Tell 192.168.2.1
21215	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.177? Tell 192.168.2.1
21216	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.178? Tell 192.168.2.1
21217	587.865551	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.179? Tell 192.168.2.1
21218	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.180? Tell 192.168.2.1
21219	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.181? Tell 192.168.2.1
21220	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.182? Tell 192.168.2.1
21221	587.876203	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21222	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.183? Tell 192.168.2.1
21223	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.184? Tell 192.168.2.1
21224	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.185? Tell 192.168.2.1
21225	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.186? Tell 192.168.2.1
21226	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.187? Tell 192.168.2.1
21227	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.188? Tell 192.168.2.1
21228	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.189? Tell 192.168.2.1
21229	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.190? Tell 192.168.2.1
21230	587.876203	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.191? Tell 192.168.2.1
21231	587.876269	46:8e:cc:78:7e:72	Sercomm_79:79:ca	ARP	42	192.168.2.180 is at 46:8e:cc:78:7e:72
21232	587.876642	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.192? Tell 192.168.2.1
21233	587.877011	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.193? Tell 192.168.2.1
21234	587.882728	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.194? Tell 192.168.2.1
21235	587.882728	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.195? Tell 192.168.2.1
21236	587.882728	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.196? Tell 192.168.2.1
21237	587.882728	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.197? Tell 192.168.2.1
21238	587.882728	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.198? Tell 192.168.2.1
21239	587.882728	Sercomm_79:79:ca	Broadcast	ARP	60	Who has 192.168.2.199? Tell 192.168.2.1
21240	588.952787	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21241	589.717300	34.203.175.187	192.168.2.180	TCP	54	[TCP Dup ACK 42#39] 443 → 49863 [ACK] Seq=1 Ack=1 Win=8 Len=0
21242	589.717370	192.168.2.180	34.203.175.187	TCP	54	[TCP Dup ACK 43#39] 49863 → 443 [ACK] Seq=1 Ack=2 Win=260 Len=0
21243	590.181733	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21244	590.892820	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21245	590.996779	13.107.21.239	192.168.2.180	TCP	54	443 → 50263 [RST, ACK] Seq=6358 Ack=1037 Win=0 Len=0
21246	592.024877	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21247	592.946603	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21248	593.911949	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21249	594.094659	192.168.2.180	192.168.2.1	DNS	70	Standard query 0xcb0e A wpad.local
21250	594.094692	192.168.2.180	192.168.2.1	DNS	70	Standard query 0xcbbc A wpad.local
21251	594.094811	192.168.2.180	192.168.2.1	DNS	70	Standard query 0x4048 AAAA wpad.local
21252	594.094821	192.168.2.180	192.168.2.1	DNS	70	Standard query 0x7126 AAAA wpad.local
21253	594.097815	192.168.2.1	192.168.2.180	DNS	70	Standard query response 0xcb0e No such name A wpad.local
21254	594.098844	192.168.2.1	192.168.2.180	DNS	70	Standard query response 0xcbbc No such name A wpad.local
21255	594.100867	192.168.2.1	192.168.2.180	DNS	70	Standard query response 0x4048 No such name AAAA wpad.local
21256	594.101790	192.168.2.1	192.168.2.180	DNS	70	Standard query response 0x7126 No such name AAAA wpad.local
21257	594.179684	192.168.2.183	239.255.255.250	SSDP	775	NOTIFY * HTTP/1.1 
21258	594.179684	192.168.2.183	255.255.255.255	SSDP	775	NOTIFY * HTTP/1.1 
21259	594.486740	192.168.2.183	239.255.255.250	SSDP	828	NOTIFY * HTTP/1.1 
21260	594.486740	192.168.2.183	255.255.255.255	SSDP	828	NOTIFY * HTTP/1.1 
21261	594.791554	192.168.2.183	239.255.255.250	SSDP	778	NOTIFY * HTTP/1.1 
21262	594.791554	192.168.2.183	255.255.255.255	SSDP	778	NOTIFY * HTTP/1.1 
21263	595.098102	192.168.2.183	239.255.255.250	SSDP	781	NOTIFY * HTTP/1.1 
21264	595.098102	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21265	595.407940	192.168.2.183	239.255.255.250	SSDP	833	NOTIFY * HTTP/1.1 
21266	595.407940	192.168.2.183	239.255.255.250	SSDP	781	NOTIFY * HTTP/1.1 
21267	595.712092	192.168.2.183	239.255.255.250	SSDP	837	NOTIFY * HTTP/1.1 
21268	596.019323	192.168.2.183	239.255.255.250	SSDP	830	NOTIFY * HTTP/1.1 
21269	596.326974	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21270	596.326974	192.168.2.183	239.255.255.250	SSDP	836	NOTIFY * HTTP/1.1 
21271	596.634884	192.168.2.183	239.255.255.250	SSDP	842	NOTIFY * HTTP/1.1 
21272	596.634884	192.168.2.183	239.255.255.250	SSDP	842	NOTIFY * HTTP/1.1 
21273	596.943310	192.168.2.183	239.255.255.250	SSDP	844	NOTIFY * HTTP/1.1 
21274	596.943310	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21275	597.118811	192.168.2.183	239.255.255.250	SSDP	840	NOTIFY * HTTP/1.1 
21276	597.555283	192.168.2.183	239.255.255.250	SSDP	826	NOTIFY * HTTP/1.1 
21277	597.862543	192.168.2.183	239.255.255.250	SSDP	845	NOTIFY * HTTP/1.1 
21278	598.171477	192.168.2.183	239.255.255.250	SSDP	847	NOTIFY * HTTP/1.1 
21279	598.171477	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ff41:9410	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:2314:508f:2d41:9410 from 14:2e:5e:79:79:ca
21280	598.171477	192.168.2.183	239.255.255.250	SSDP	845	NOTIFY * HTTP/1.1 
21281	598.476909	192.168.2.183	239.255.255.250	SSDP	847	NOTIFY * HTTP/1.1 
21282	598.784131	192.168.2.183	239.255.255.250	SSDP	835	NOTIFY * HTTP/1.1 
21283	599.091306	192.168.2.183	239.255.255.250	SSDP	825	NOTIFY * HTTP/1.1 
21284	599.399784	192.168.2.183	239.255.255.250	SSDP	855	NOTIFY * HTTP/1.1 
21285	599.399784	192.168.2.183	239.255.255.250	SSDP	839	NOTIFY * HTTP/1.1 
21286	602.163507	fdee:569e:153:1:162e:5eff:fe79:79ca	ff02::1:ffef:103e	ICMPv6	86	Neighbor Solicitation for fdee:569e:153:1:b0a2:3501:bfef:103e from 14:2e:5e:79:79:ca
21287	602.163689	fdee:569e:153:1:b0a2:3501:bfef:103e	fdee:569e:153:1:162e:5eff:fe79:79ca	ICMPv6	86	Neighbor Advertisement fdee:569e:153:1:b0a2:3501:bfef:103e (sol, ovr) is at 46:8e:cc:78:7e:72
21288	602.167861	fdee:569e:153:1:162e:5eff:fe79:79ca	fdee:569e:153:1:b0a2:3501:bfef:103e	ICMPv6	128	Echo (ping) request id=0xf27b, seq=1, hop limit=64 (reply in 21289)
21289	602.168047	fdee:569e:153:1:b0a2:3501:bfef:103e	fdee:569e:153:1:162e:5eff:fe79:79ca	ICMPv6	128	Echo (ping) reply id=0xf27b, seq=1, hop limit=64 (request in 21288)
21290	602.393078	192.168.2.180	40.113.110.67	TLSv1.2	154	Application Data
21291	602.409655	40.113.110.67	192.168.2.180	TLSv1.2	225	Application Data
21292	602.454304	192.168.2.180	40.113.110.67	TCP	54	49732 → 443 [ACK] Seq=1653 Ack=2565 Win=516 Len=0
21293	603.835216	192.168.2.180	192.168.2.1	DNS	87	Standard query 0x6bce AAAA api.edgeoffer.microsoft.com
21294	603.835367	192.168.2.180	192.168.2.1	DNS	87	Standard query 0x2099 A api.edgeoffer.microsoft.com
21295	603.835443	192.168.2.180	192.168.2.1	DNS	87	Standard query 0x4c8b HTTPS api.edgeoffer.microsoft.com
21296	603.849181	192.168.2.1	192.168.2.180	DNS	285	Standard query response 0x6bce AAAA api.edgeoffer.microsoft.com CNAME bingadsedgeextension-prod.trafficmanager.net CNAME bingadsedgeextension-prod-europe.azurewebsites.net CNAME ssl.bingadsedgeextension-prod-europe.azurewebsites.net SOA ns1-224.azure-dns.com
21297	603.849181	192.168.2.1	192.168.2.180	DNS	240	Standard query response 0x2099 A api.edgeoffer.microsoft.com CNAME bingadsedgeextension-prod.trafficmanager.net CNAME bingadsedgeextension-prod-europe.azurewebsites.net CNAME ssl.bingadsedgeextension-prod-europe.azurewebsites.net A 94.245.104.56
21298	603.850917	192.168.2.1	192.168.2.180	DNS	285	Standard query response 0x4c8b HTTPS api.edgeoffer.microsoft.com CNAME bingadsedgeextension-prod.trafficmanager.net CNAME bingadsedgeextension-prod-europe.azurewebsites.net CNAME ssl.bingadsedgeextension-prod-europe.azurewebsites.net SOA ns1-224.azure-dns.com
21299	603.851160	192.168.2.180	23.35.238.131	TCP	54	50201 → 443 [FIN, ACK] Seq=1055 Ack=7109 Win=66560 Len=0
21300	603.851358	192.168.2.180	94.245.104.56	TCP	66	50277 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
21301	603.856112	192.168.2.180	192.168.2.1	DNS	69	Standard query 0x7090 AAAA google.de
21302	603.856305	192.168.2.180	192.168.2.1	DNS	69	Standard query 0x7313 A google.de
21303	603.866780	23.35.238.131	192.168.2.180	TLSv1.3	78	Application Data
21304	603.866780	23.35.238.131	192.168.2.180	TCP	54	443 → 50201 [FIN, ACK] Seq=7133 Ack=1056 Win=64128 Len=0
21305	603.866818	192.168.2.180	23.35.238.131	TCP	54	50201 → 443 [RST, ACK] Seq=1056 Ack=7133 Win=0 Len=0
21306	603.869404	192.168.2.1	192.168.2.180	DNS	97	Standard query response 0x7090 AAAA google.de AAAA 2a00:1450:4001:812::2003
21307	603.870798	192.168.2.1	192.168.2.180	DNS	85	Standard query response 0x7313 A google.de A 142.250.185.195
21308	603.881581	94.245.104.56	192.168.2.180	TCP	66	443 → 50277 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1440 WS=256 SACK_PERM
21309	603.881653	192.168.2.180	94.245.104.56	TCP	54	50277 → 443 [ACK] Seq=1 Ack=1 Win=66048 Len=0
21310	603.881865	192.168.2.180	94.245.104.56	TLSv1.3	665	Client Hello (SNI=api.edgeoffer.microsoft.com)
21311	603.899750	192.168.2.180	192.168.2.1	DNS	77	Standard query 0x1140 AAAA business.bing.com
21312	603.899898	192.168.2.180	192.168.2.1	DNS	77	Standard query 0x5362 A business.bing.com
21313	603.899975	192.168.2.180	192.168.2.1	DNS	77	Standard query 0x991f HTTPS business.bing.com
21314	603.904412	192.168.2.180	192.168.2.1	DNS	69	Standard query 0xc7dd AAAA google.de
21315	603.904594	192.168.2.180	192.168.2.1	DNS	69	Standard query 0xeaef A google.de
21316	603.904682	192.168.2.180	192.168.2.1	DNS	69	Standard query 0xfa5b HTTPS google.de
21317	603.907446	192.168.2.1	192.168.2.180	DNS	97	Standard query response 0xc7dd AAAA google.de AAAA 2a00:1450:4001:812::2003
21318	603.907612	192.168.2.1	192.168.2.180	DNS	85	Standard query response 0xeaef A google.de A 142.250.185.195
21319	603.911989	94.245.104.56	192.168.2.180	TLSv1.3	153	Hello Retry Request, Change Cipher Spec
21320	603.912818	192.168.2.180	94.245.104.56	TLSv1.3	731	Change Cipher Spec, Client Hello (SNI=api.edgeoffer.microsoft.com)
21321	603.914791	192.168.2.1	192.168.2.180	DNS	185	Standard query response 0x991f HTTPS business.bing.com CNAME business-bing-com.b-0005.b-msedge.net SOA ns1.b-msedge.net
21322	603.915278	fdee:569e:153:1:b0a2:3501:bfef:103e	2a00:1450:4001:812::2003	TCP	86	50278 → 80 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM
21323	603.915430	fdee:569e:153:1:b0a2:3501:bfef:103e	2a00:1450:4001:812::2003	TCP	86	50279 → 80 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM
21324	603.918159	fdee:569e:153:1:162e:5eff:fe79:79ca	fdee:569e:153:1:b0a2:3501:bfef:103e	ICMPv6	134	Destination Unreachable (no route to destination)
21325	603.919146	fdee:569e:153:1:162e:5eff:fe79:79ca	fdee:569e:153:1:b0a2:3501:bfef:103e	ICMPv6	134	Destination Unreachable (no route to destination)
21326	603.919907	192.168.2.1	192.168.2.180	DNS	199	Standard query response 0x1140 AAAA business.bing.com CNAME business-bing-com.b-0005.b-msedge.net CNAME b-0005.b-msedge.net SOA ns1.b-msedge.net
21327	603.921420	192.168.2.1	192.168.2.180	DNS	158	Standard query response 0x5362 A business.bing.com CNAME business-bing-com.b-0005.b-msedge.net CNAME b-0005.b-msedge.net A 13.107.6.158
21328	603.921801	192.168.2.180	13.107.6.158	TCP	66	50280 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
21329	603.921806	192.168.2.1	192.168.2.180	DNS	129	Standard query response 0xfa5b HTTPS google.de SOA ns1.google.com
21330	603.936711	13.107.6.158	192.168.2.180	TCP	66	443 → 50280 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1440 WS=256 SACK_PERM
21331	603.936773	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=1 Ack=1 Win=66048 Len=0
21332	603.936968	192.168.2.180	13.107.6.158	TLSv1.2	591	Client Hello (SNI=business.bing.com)
21333	603.947446	192.168.2.180	192.168.2.1	DNS	73	Standard query 0xeba5 AAAA www.google.de
21334	603.947629	192.168.2.180	192.168.2.1	DNS	73	Standard query 0x8aea A www.google.de
21335	603.947940	94.245.104.56	192.168.2.180	TLSv1.3	1506	Server Hello
21336	603.948734	94.245.104.56	192.168.2.180	TCP	1506	443 → 50277 [ACK] Seq=1552 Ack=1289 Win=4193536 Len=1452 [TCP segment of a reassembled PDU]
21337	603.948766	192.168.2.180	94.245.104.56	TCP	54	50277 → 443 [ACK] Seq=1289 Ack=3004 Win=66048 Len=0
21338	603.949659	94.245.104.56	192.168.2.180	TCP	1506	443 → 50277 [ACK] Seq=3004 Ack=1289 Win=4193536 Len=1452 [TCP segment of a reassembled PDU]
21339	603.950308	94.245.104.56	192.168.2.180	TCP	1506	443 → 50277 [ACK] Seq=4456 Ack=1289 Win=4193536 Len=1452 [TCP segment of a reassembled PDU]
21340	603.950331	192.168.2.180	94.245.104.56	TCP	54	50277 → 443 [ACK] Seq=1289 Ack=5908 Win=66048 Len=0
21341	603.951684	94.245.104.56	192.168.2.180	TLSv1.3	287	Application Data
21342	603.952557	13.107.6.158	192.168.2.180	TCP	54	443 → 50280 [ACK] Seq=1 Ack=538 Win=4194048 Len=0
21343	603.954507	13.107.6.158	192.168.2.180	TCP	1506	443 → 50280 [ACK] Seq=1 Ack=538 Win=4194048 Len=1452 [TCP segment of a reassembled PDU]
21344	603.954507	13.107.6.158	192.168.2.180	TCP	1506	[TCP Previous segment not captured] 443 → 50280 [ACK] Seq=2905 Ack=538 Win=4194048 Len=1452 [TCP segment of a reassembled PDU]
21345	603.954543	192.168.2.180	13.107.6.158	TCP	66	50280 → 443 [ACK] Seq=538 Ack=1453 Win=66048 Len=0 SLE=2905 SRE=4357
21346	603.955755	13.107.6.158	192.168.2.180	TCP	1506	[TCP Out-Of-Order] 443 → 50280 [ACK] Seq=1453 Ack=538 Win=4194048 Len=1452 [TCP segment of a reassembled PDU]
21347	603.955755	13.107.6.158	192.168.2.180	TCP	2958	443 → 50280 [ACK] Seq=4357 Ack=538 Win=4194048 Len=2904 [TCP segment of a reassembled PDU]
21348	603.955793	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=538 Ack=4357 Win=66048 Len=0
21349	603.955829	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=538 Ack=7261 Win=66048 Len=0
21350	603.956607	13.107.6.158	192.168.2.180	TLSv1.2	57	Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done
21351	603.956648	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=538 Ack=7264 Win=66048 Len=0
21352	603.959490	192.168.2.180	192.168.2.1	DNS	73	Standard query 0xfebd AAAA www.google.de
21353	603.959605	192.168.2.180	192.168.2.1	DNS	73	Standard query 0x03d5 A www.google.de
21354	603.959685	192.168.2.180	192.168.2.1	DNS	73	Standard query 0x5857 HTTPS www.google.de
21355	603.962313	192.168.2.1	192.168.2.180	DNS	101	Standard query response 0xeba5 AAAA www.google.de AAAA 2a00:1450:4001:809::2003
21356	603.963286	192.168.2.1	192.168.2.180	DNS	101	Standard query response 0xfebd AAAA www.google.de AAAA 2a00:1450:4001:809::2003
21357	603.965480	192.168.2.1	192.168.2.180	DNS	89	Standard query response 0x8aea A www.google.de A 172.217.18.99
21358	603.965789	192.168.2.1	192.168.2.180	DNS	89	Standard query response 0x03d5 A www.google.de A 172.217.18.99
21359	603.974652	192.168.2.1	192.168.2.180	DNS	142	Standard query response 0x5857 HTTPS www.google.de HTTPS A 172.217.18.99 AAAA 2a00:1450:4001:809::2003
21360	603.975676	192.168.2.180	172.217.18.99	QUIC	1292	Initial, DCID=f00c94dba977c66f, PKN: 1, PING, CRYPTO, CRYPTO, PADDING, PING, PADDING, CRYPTO, PING, PING, CRYPTO, PADDING, PING, PING, PADDING, PING, PADDING, CRYPTO, PADDING, PING, PADDING, CRYPTO, PADDING, CRYPTO
21361	603.984527	192.168.2.180	94.245.104.56	TLSv1.3	128	Application Data
21362	603.984805	192.168.2.180	94.245.104.56	TLSv1.3	521	Application Data
21363	603.987052	192.168.2.180	13.107.6.158	TLSv1.2	212	Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
21364	603.987656	192.168.2.180	192.168.2.1	DNS	73	Standard query 0xe7a1 AAAA www.google.de
21365	603.987783	192.168.2.180	192.168.2.1	DNS	73	Standard query 0xaa7b A www.google.de
21366	603.987849	192.168.2.180	13.107.6.158	TLSv1.2	153	Application Data
21367	603.987988	192.168.2.180	13.107.6.158	TLSv1.2	978	Application Data
21368	603.988012	192.168.2.180	13.107.6.158	TLSv1.2	160	Application Data
21369	603.990445	192.168.2.1	192.168.2.180	DNS	101	Standard query response 0xe7a1 AAAA www.google.de AAAA 2a00:1450:4001:809::2003
21370	603.991465	192.168.2.1	192.168.2.180	DNS	89	Standard query response 0xaa7b A www.google.de A 172.217.18.99
21371	603.993771	172.217.18.99	192.168.2.180	QUIC	1292	Initial, SCID=f00c94dba977c66f, PKN: 1, ACK, CRYPTO, PADDING
21372	604.000694	172.217.18.99	192.168.2.180	QUIC	1292	Handshake, SCID=f00c94dba977c66f
21373	604.000825	192.168.2.180	172.217.18.99	QUIC	1292	Initial, DCID=f00c94dba977c66f, PKN: 2, ACK, PADDING
21374	604.001021	fdee:569e:153:1:b0a2:3501:bfef:103e	2a00:1450:4001:809::2003	TCP	86	50281 → 443 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM
21375	604.001149	172.217.18.99	192.168.2.180	QUIC	1292	Handshake, SCID=f00c94dba977c66f
21376	604.001211	192.168.2.180	172.217.18.99	QUIC	81	Handshake, DCID=f00c94dba977c66f
21377	604.001483	13.107.6.158	192.168.2.180	TCP	54	443 → 50280 [ACK] Seq=7264 Ack=696 Win=4194048 Len=0
21378	604.002271	13.107.6.158	192.168.2.180	TLSv1.2	396	New Session Ticket, Change Cipher Spec, Encrypted Handshake Message
21379	604.002512	13.107.6.158	192.168.2.180	TLSv1.2	123	Application Data
21380	604.002521	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=1825 Ack=7675 Win=65792 Len=0
21381	604.002576	192.168.2.180	13.107.6.158	TLSv1.2	92	Application Data
21382	604.002991	13.107.6.158	192.168.2.180	TCP	54	443 → 50280 [ACK] Seq=7675 Ack=795 Win=4193792 Len=0
21383	604.003752	13.107.6.158	192.168.2.180	TLSv1.2	92	Application Data
21384	604.006623	fdee:569e:153:1:162e:5eff:fe79:79ca	fdee:569e:153:1:b0a2:3501:bfef:103e	ICMPv6	134	Destination Unreachable (no route to destination)
21385	604.012625	94.245.104.56	192.168.2.180	TLSv1.3	157	Application Data
21386	604.013815	94.245.104.56	192.168.2.180	TCP	54	443 → 50277 [ACK] Seq=6244 Ack=1830 Win=4194816 Len=0
21387	604.013815	13.107.6.158	192.168.2.180	TLSv1.2	1110	Application Data
21388	604.013863	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=1863 Ack=8769 Win=66048 Len=0
21389	604.014572	13.107.6.158	192.168.2.180	TLSv1.2	93	Application Data
21390	604.014572	13.107.6.158	192.168.2.180	TLSv1.2	92	Application Data
21391	604.014621	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=1863 Ack=8846 Win=66048 Len=0
21392	604.015538	94.245.104.56	192.168.2.180	TLSv1.3	715	Application Data
21393	604.015538	94.245.104.56	192.168.2.180	TLSv1.3	81	Application Data
21394	604.015549	192.168.2.180	192.168.2.1	DNS	79	Standard query 0x46d6 AAAA bzib.nelreports.net
21395	604.015572	192.168.2.180	94.245.104.56	TCP	54	50277 → 443 [ACK] Seq=1830 Ack=6932 Win=65024 Len=0
21396	604.015717	192.168.2.180	192.168.2.1	DNS	79	Standard query 0x13f4 A bzib.nelreports.net
21397	604.015806	192.168.2.180	192.168.2.1	DNS	79	Standard query 0xb166 HTTPS bzib.nelreports.net
21398	604.020136	13.107.6.158	192.168.2.180	TCP	54	443 → 50280 [ACK] Seq=8846 Ack=1863 Win=4194560 Len=0
21399	604.021350	172.217.18.99	192.168.2.180	QUIC	1285	Protected Payload (KP0)
21400	604.023687	192.168.2.180	172.217.18.99	QUIC	82	Handshake, DCID=f00c94dba977c66f
21401	604.024020	192.168.2.180	172.217.18.99	QUIC	125	Handshake, DCID=f00c94dba977c66f
21402	604.024117	192.168.2.180	172.217.18.99	QUIC	113	Protected Payload (KP0), DCID=f00c94dba977c66f
21403	604.024386	192.168.2.180	172.217.18.99	QUIC	1288	Protected Payload (KP0), DCID=f00c94dba977c66f
21404	604.024404	192.168.2.180	172.217.18.99	QUIC	591	Protected Payload (KP0), DCID=f00c94dba977c66f
21405	604.027645	192.168.2.1	192.168.2.180	DNS	210	Standard query response 0x46d6 AAAA bzib.nelreports.net CNAME bzib.nelreports.net.akamaized.net CNAME a416.dscd.akamai.net AAAA 2a02:26f0:e600::687c:b13 AAAA 2a02:26f0:e600::687c:b20
21406	604.029376	192.168.2.1	192.168.2.180	DNS	186	Standard query response 0x13f4 A bzib.nelreports.net CNAME bzib.nelreports.net.akamaized.net CNAME a416.dscd.akamai.net A 23.48.23.26 A 23.48.23.51
21407	604.031076	192.168.2.1	192.168.2.180	DNS	218	Standard query response 0xb166 HTTPS bzib.nelreports.net CNAME bzib.nelreports.net.akamaized.net CNAME a416.dscd.akamai.net SOA n0dscd.akamai.net
21408	604.031449	fdee:569e:153:1:b0a2:3501:bfef:103e	2a02:26f0:e600::687c:b13	TCP	86	50282 → 443 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM
21409	604.033554	fdee:569e:153:1:162e:5eff:fe79:79ca	fdee:569e:153:1:b0a2:3501:bfef:103e	ICMPv6	134	Destination Unreachable (no route to destination)
21410	604.039367	172.217.18.99	192.168.2.180	QUIC	980	Protected Payload (KP0)
21411	604.039511	172.217.18.99	192.168.2.180	QUIC	163	Protected Payload (KP0)
21412	604.039564	192.168.2.180	172.217.18.99	QUIC	74	Protected Payload (KP0), DCID=f00c94dba977c66f
21413	604.041012	172.217.18.99	192.168.2.180	QUIC	65	Protected Payload (KP0)
21414	604.043006	172.217.18.99	192.168.2.180	QUIC	69	Protected Payload (KP0)
21415	604.072432	192.168.2.180	172.217.18.99	QUIC	74	Protected Payload (KP0), DCID=f00c94dba977c66f
21416	604.089948	13.107.6.158	192.168.2.180	TLSv1.2	213	Application Data
21417	604.133516	192.168.2.180	13.107.6.158	TCP	54	50280 → 443 [ACK] Seq=1863 Ack=9005 Win=65792 Len=0
21418	604.191123	172.217.18.99	192.168.2.180	QUIC	1288	Protected Payload (KP0)
21419	604.191254	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21420	604.191323	192.168.2.180	172.217.18.99	QUIC	77	Protected Payload (KP0), DCID=f00c94dba977c66f
21421	604.191696	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21422	604.191785	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21423	604.192189	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21424	604.192352	172.217.18.99	192.168.2.180	QUIC	78	Protected Payload (KP0)
21425	604.192352	172.217.18.99	192.168.2.180	QUIC	175	Protected Payload (KP0)
21426	604.192426	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21427	604.198007	172.217.18.99	192.168.2.180	QUIC	1287	Protected Payload (KP0)
21428	604.198152	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21429	604.198411	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21430	604.199159	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21431	604.199212	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21432	604.199678	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21433	604.199959	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21434	604.200042	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21435	604.200836	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21436	604.201158	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21437	604.201223	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21438	604.202072	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21439	604.202072	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21440	604.202072	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21441	604.202175	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21442	604.203500	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21443	604.203633	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21444	604.204510	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21445	604.204984	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21446	604.205069	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21447	604.205284	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21448	604.205748	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21449	604.205805	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21450	604.206071	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21451	604.206897	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21452	604.206974	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21453	604.207213	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21454	604.207693	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21455	604.207743	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21456	604.209982	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21457	604.210934	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21458	604.210991	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21459	604.211250	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21460	604.212106	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21461	604.212159	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21462	604.212423	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21463	604.212938	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21464	604.213016	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21465	604.213542	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21466	604.213846	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21467	604.213884	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21468	604.215456	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21469	604.215651	192.168.2.180	142.250.185.195	TCP	66	50283 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
21470	604.215732	192.168.2.180	142.250.185.195	TCP	66	50284 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
21471	604.215748	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21472	604.216033	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21473	604.218527	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21474	604.218829	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21475	604.218912	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21476	604.219775	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21477	604.220097	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21478	604.220166	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21479	604.221188	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21480	604.221188	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21481	604.221363	192.168.2.180	172.217.18.99	QUIC	78	Protected Payload (KP0), DCID=f00c94dba977c66f
21482	604.222826	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21483	604.222826	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21484	604.222826	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21485	604.222826	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21486	604.223062	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21487	604.223132	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21488	604.224067	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21489	604.224067	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21490	604.224138	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21491	604.225069	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21492	604.225069	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21493	604.225164	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21494	604.226007	172.217.18.99	192.168.2.180	QUIC	1292	Protected Payload (KP0)
21495	604.226007	172.217.18.99	192.168.2.180	QUIC	1066	Protected Payload (KP0)
21496	604.226104	192.168.2.180	172.217.18.99	QUIC	73	Protected Payload (KP0), DCID=f00c94dba977c66f
21497	604.229952	142.250.185.195	192.168.2.180	TCP	66	80 → 50283 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1412 SACK_PERM WS=256
21498	604.230095	192.168.2.180	142.250.185.195	TCP	54	50283 → 80 [ACK] Seq=1 Ack=1 Win=66304 Len=0
21499	604.230474	142.250.185.195	192.168.2.180	TCP	66	80 → 50284 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1412 SACK_PERM WS=256
21500	604.230537	192.168.2.180	142.250.185.195	TCP	54	50284 → 80 [ACK] Seq=1 Ack=1 Win=66304 Len=0
21501	604.260309	172.217.18.99	192.168.2.180	QUIC	67	Protected Payload (KP0)
21502	604.267884	192.168.2.180	172.217.18.99	QUIC	346	Protected Payload (KP0), DCID=f00c94dba977c66f
21503	604.281786	fdee:569e:153:1:b0a2:3501:bfef:103e	2a02:26f0:e600::687c:b13	TCP	86	50285 → 443 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM
21504	604.282156	192.168.2.180	192.168.2.1	DNS	73	Standard query 0xcd7c AAAA aa.google.com
21505	604.282262	192.168.2.180	192.168.2.1	DNS	73	Standard query 0x543b A aa.google.com
21506	604.282337	192.168.2.180	192.168.2.1	DNS	73	Standard query 0x5460 HTTPS aa.google.com
21507	604.283660	172.217.18.99	192.168.2.180	QUIC	70	Protected Payload (KP0)
21508	604.283983	fdee:569e:153:1:162e:5eff:fe79:79ca	fdee:569e:153:1:b0a2:3501:bfef:103e	ICMPv6	134	Destination Unreachable (no route to destination)
21509	604.295909	192.168.2.1	192.168.2.180	DNS	122	Standard query response 0xcd7c AAAA aa.google.com CNAME www3.l.google.com AAAA 2a00:1450:4001:812::200e
21510	604.297526	192.168.2.1	192.168.2.180	DNS	110	Standard query response 0x543b A aa.google.com CNAME www3.l.google.com A 142.250.185.206
21511	604.298395	192.168.2.1	192.168.2.180	DNS	144	Standard query response 0x5460 HTTPS aa.google.com CNAME www3.l.google.com SOA ns1.google.com
21512	604.298861	192.168.2.180	142.250.185.206	QUIC	1292	Initial, DCID=c1aadbe53ad17040, PKN: 1, CRYPTO, PING, PING, CRYPTO, CRYPTO, PING, PADDING, CRYPTO, PADDING, PING, CRYPTO, PING, CRYPTO, PADDING, PING, CRYPTO, CRYPTO, PADDING, CRYPTO
21513	604.304562	172.217.18.99	192.168.2.180	QUIC	247	Protected Payload (KP0)
21514	604.304744	192.168.2.180	172.217.18.99	TCP	66	50286 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
21515	604.304896	192.168.2.180	172.217.18.99	QUIC	77	Protected Payload (KP0), DCID=f00c94dba977c66f
21516	604.305471	172.217.18.99	192.168.2.180	QUIC	64	Protected Payload (KP0)
21517	604.316417	142.250.185.206	192.168.2.180	QUIC	1292	Initial, SCID=e1aadbe53ad17040, PKN: 1, ACK, CRYPTO, PADDING
21518	604.319883	192.168.2.180	142.250.185.206	QUIC	1292	Initial, DCID=e1aadbe53ad17040, PKN: 2, ACK, PADDING
21519	604.323538	192.168.2.180	172.217.18.99	QUIC	485	Protected Payload (KP0), DCID=f00c94dba977c66f
21520	604.324009	172.217.18.99	192.168.2.180	TCP	66	443 → 50286 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1412 SACK_PERM WS=256
21521	604.324009	142.250.185.206	192.168.2.180	QUIC	1292	Handshake, SCID=e1aadbe53ad17040
21522	604.324065	192.168.2.180	172.217.18.99	TCP	54	50286 → 443 [ACK] Seq=1 Ack=1 Win=66304 Len=0
21523	604.324467	192.168.2.180	172.217.18.99	TLSv1.3	587	Client Hello (SNI=www.google.de)
21524	604.325375	142.250.185.206	192.168.2.180	QUIC	1292	Handshake, SCID=e1aadbe53ad17040
21525	604.325464	192.168.2.180	142.250.185.206	QUIC	81	Handshake, DCID=e1aadbe53ad17040
21526	604.333630	192.168.2.180	23.48.23.26	TCP	66	50287 → 443 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM
21527	604.340112	142.250.185.206	192.168.2.180	QUIC	1292	Handshake, SCID=e1aadbe53ad17040
21528	604.340480	fdee:569e:153:1:b0a2:3501:bfef:103e	2a00:1450:4001:812::200e	TCP	86	50288 → 443 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM
21529	604.340519	142.250.185.206	192.168.2.180	QUIC	864	Protected Payload (KP0)
21530	604.340774	192.168.2.180	142.250.185.206	QUIC	81	Handshake, DCID=e1aadbe53ad17040
21531	604.341478	192.168.2.180	142.250.185.206	QUIC	125	Handshake, DCID=e1aadbe53ad17040
21532	604.341504	172.217.18.99	192.168.2.180	TCP	54	443 → 50286 [ACK] Seq=1 Ack=534 Win=66816 Len=0
Geändert von cosinus (01.12.2023 um 21:15 Uhr) Grund: code tags

Alt 01.12.2023, 18:07   #2
Koolman
 
ARP Flooding und HTTP 1.1 im Wireshark - Standard

ARP Flooding und HTTP 1.1 im Wireshark


Hallo liebes Forum,

unsere PCs weisen alle die gleichen ARP Anfragen und HTTP 1.1 ist zu sehen. Kann man das bitte überprüfen bzw. was genau soll ich noch hier reinschreiben, dass man schauen kann was los ist?

Koolman

doppeltes Log gelöscht //cosinus
__________________

Geändert von cosinus (01.12.2023 um 21:17 Uhr)

Alt 01.12.2023, 21:04   #3
M-K-D-B
/// TB-Ausbilder
 
ARP Flooding und HTTP 1.1 im Wireshark - Standard

ARP Flooding und HTTP 1.1 im Wireshark






Vermutest du Malware auf deinem System?
Oder hast du Netzwerkprobleme?
__________________
Alt 01.12.2023, 21:52   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ARP Flooding und HTTP 1.1 im Wireshark - Standard

ARP Flooding und HTTP 1.1 im Wireshark


Zitat:
Zitat von Koolman Beitrag anzeigen
unsere PCs weisen alle die gleichen ARP Anfragen und HTTP 1.1 ist zu sehen. Kann man das bitte überprüfen bzw. was genau soll ich noch hier reinschreiben, dass man schauen kann was los ist?
Und wie bitte kommst du darauf? Es muss ja einen Anlass gegeben haben, sowas wie wireshark führt man ja nicht aus Langeweile aus. Mal weniger mit Infos geizen und die Vorgeschichte erklären. Und auch was für ein Gerät das hier ist:

Zitat:
Sercomm_79:79:ca
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.12.2023, 17:06   #5
M-K-D-B
/// TB-Ausbilder
 
ARP Flooding und HTTP 1.1 im Wireshark - Standard

ARP Flooding und HTTP 1.1 im Wireshark


Fehlende Rückmeldung
Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten.
Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und ein eigenes Thema erstellen!


Thema geschlossen

Themen zu ARP Flooding und HTTP 1.1 im Wireshark
advertisement, anfrage, anfragen, crypted, encrypted, exchange, forum, frage, fragen, hello, https, mas, master, payload, pcs, print, reply, server, status, virus sercomm arp http worm, win, wireshark, works, workstation, überprüfe, überprüfen


« Kein Windows update nach Hackerangriff | Diverse unregelmäßigkeiten - USB erkennt keine Speichermedien - cmd läßt sich nicht ausführen - Windostaste funkt. nicht... »


Ähnliche Themen: ARP Flooding und HTTP 1.1 im Wireshark


  1. Abgesichert und aktualisiert: Netzwerk-Analyse-Tool Wireshark 3.0.4 ist da
    Nachrichten - 13.09.2019 (0)
  2. Chrome öffnet bei externen Links automatisch 2 Tabs mit http://--use-spdy%3Doff/ und http://--disable-http2/
    Plagegeister aller Art und deren Bekämpfung - 22.03.2017 (27)
  3. Win7 64bit, ARP-SPOOFING_abwehren/identifizieren
    Überwachung, Datenschutz und Spam - 09.01.2017 (11)
  4. Brauche euren Rat ..Meldung über ARP Angriff. Zweite Mac Adresse. Router.
    Mülltonne - 25.12.2016 (1)
  5. Mac läuft ziemlich heiß, lüftet die ganze Zeit und wenn ich Wireshark laufen lasse hört es auf...
    Alles rund um Mac OSX & Linux - 18.12.2015 (2)
  6. Wireshark Auswertung
    Log-Analyse und Auswertung - 01.11.2015 (1)
  7. ARP -a Abfrage
    Netzwerk und Hardware - 14.10.2015 (3)
  8. Panda Internet Security 2016 - SMART ARP ATTACK
    Antiviren-, Firewall- und andere Schutzprogramme - 12.10.2015 (37)
  9. Ungewollte Startseiten: *http://wisersearch.com/?channel=de_nt* und *http://search.fbdownloader.com/?channel=sfde203fbdgy21*
    Log-Analyse und Auswertung - 16.12.2013 (13)
  10. Infektion mit http://www.qvo6.com und http://static.icmapp.com
    Log-Analyse und Auswertung - 04.12.2013 (7)
  11. Win7 - 64bit: Öffnen von http://serve.bannersdontwork.com/text/javascript und http://serve.bannersdontwork.com/&m=true in Firefox
    Log-Analyse und Auswertung - 13.08.2013 (17)
  12. WireShark und dubiose IPs ohne Grund...
    Überwachung, Datenschutz und Spam - 18.12.2012 (1)
  13. "C:\Windows\System32\wermgr.exe" wird von AntiVir im Zusammenhang mit Flooding gemeldet
    Log-Analyse und Auswertung - 07.02.2012 (1)
  14. Update macht Wireshark sicherer und stabiler
    Nachrichten - 20.07.2011 (0)
  15. Statische ARP Einträge
    Log-Analyse und Auswertung - 11.06.2011 (2)
  16. Wireshark 1.2.1 beseitigt zahlreiche Lücken und Fehler
    Nachrichten - 21.07.2009 (0)
  17. Wireshark Frage
    Überwachung, Datenschutz und Spam - 11.03.2009 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ARP Flooding und HTTP 1.1 im Wireshark - Hallo liebes Forum, unsere PCs weisen alle die gleichen ARP Anfragen und HTTP 1.1 ist zu sehen. Kann man das bitte überprüfen bzw. was genau soll ich noch hier reinschreiben, - ARP Flooding und HTTP 1.1 im Wireshark...
Archiv
Du betrachtest: ARP Flooding und HTTP 1.1 im Wireshark auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131