Created
January 2, 2015 15:07
-
-
Save SpringMT/feeb955226df21a633ad to your computer and use it in GitHub Desktop.
tcpdump for ssl_client
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 22:41:54.444298 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [S], seq 1497432669, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 946049109 ecr 0,sackOK,eol], length 0 | |
| ..C0Rw.85O]H..E..@d.@.@.....de..~..E..YA.].........C............. | |
| 8c.U........ | |
| 22:41:54.609915 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [S.], seq 1784227309, ack 1497432670, win 42540, options [mss 1360,sackOK,TS val 3615605143 ecr 946049109,nop,wscale 7], length 0 | |
| .85O]H..C0Rw..E..<J.../.....~...de...EjY%.YA.^...,:......P... | |
| ....8c.U.... | |
| 22:41:54.609979 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [.], ack 1, win 8256, options [nop,nop,TS val 946049273 ecr 3615605143], length 0 | |
| ..C0Rw.85O]H..E..4GK@.@.....de..~..E..YA.^jY%... @....... | |
| 8c...... | |
| 22:41:54.611008 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [P.], seq 1:131, ack 1, win 8256, options [nop,nop,TS val 946049274 ecr 3615605143], length 130 | |
| .......85O]H..E...:.@.@..'..de..~..E..YA.^jY%... @ | |
| 8c............W... ..9..8..5........ | |
| .....3..2../............................. ..@..............................M.xhL...)...........T.. K. | |
| 22:41:54.761906 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [.], ack 131, win 341, options [nop,nop,TS val 3615605273 ecr 946049274], length 0 | |
| .85O]H..C0Rw..E..4J.../.....~...de...EjY%.YA.....U....... | |
| ....8c.. | |
| 22:41:54.769011 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [.], seq 1:1349, ack 131, win 341, options [nop,nop,TS val 3615605273 ecr 946049274], length 1348 | |
| .85O]H..C0Rw..E..xJ.../..H..~...de...EjY%.YA.....U....... | |
| .....0I1.0H.......U....US1.0...U.&........[.z;..E.. ...&...h{..G.U`y..{@$..G<.W...#>........................z0..v0..^.......1iH|....0 | |
| . | |
| 150310000000Z0h1.0...Goo..U....US1.0...U...ity G20.. | |
| Mountain View1.0...U. | |
| . | |
| ..........0.....U....www.google.com0.."0 | |
| .......jbe...T....A.(.>e#F..U..r...&~6..RXc..iqu6f.....x.W..\.Z).[....p.k.2l...a;..<...M.c;.T..~SP .&..J.f .t.......n...#.{B)Wap..asQ. .7(Fl.sJ..{.......m...2.;=.h.tKyL.F...C....r.C..3...G"..m...G=...[.....x..I..&.]p....`...V....e.0.\y..._-:.L.........A0..=0...U.%..0...+.........+.......0...U....0...www.google.com0h..+........\0Z0+..+.....0...http://pki.google.com/GIAG2.crt0+..+.....0...http://clients1.google.com/ocsp0...U.........{n .h"..6..^P*s..0...U.......0.0...U.#..0...J......h.v....b..Z./0...U. ..0.0.. | |
| ....i.M.....I.&......../-y..qO!8.:.E7....7...CH.Q........R..}...=j.n..o.....cb$I...T..T.@c...3P.FZ.\G.Q.`.1...hD..}R....)...d..81SA."L...Z.R...3.C.....0B1.0H.......U....US1.0...U. | |
| GeoTrust Inc.1.0...U....GeoTrust Global | |
| 22:41:54.769090 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [.], seq 1349:2697, ack 131, win 341, options [nop,nop,TS val 3615605273 ecr 946049274], length 1348 | |
| .85O]H..C0Rw..E..xJ.../..G..~...de...EjY+2YA.....U....... | |
| 161231235959Z0I1.0 ..U....US1.0...U. | |
| . | |
| ..........0..#..U....Google Internet Authority G20.."0 | |
| .J..T.}..ko...P.(0.@..sQl..:<.7...K...}$....1q...`..J.B....j...S..K....a....>c+.5ie....F".S....J..*... ..9.....az.%.NRu........"j.N.F....~...{.E3.5......y..7...ri........0..0...U.#..0....z.h.....d..}.}e...N0...U......J......h.v....b..Z./0...U.......0.......0...U...........05..U....0,0*.(.&.$http://g.symcb.com/crls/gtglobal.crl0...+........"0 0...+.....0...http://g.symcd.com0...U. ..0.0.. | |
| ..........'....;..o.....\]..w..2`.e..&.....dN... [ .... 4E.e%7=.Zo .........:...v......9...Gv...1.`.....<...(.....4..Rz..: ..........d.. | |
| %BQ..8.........F.........u........[.5.f......#w...T.`.....(*...4m%.....{.....X..........?..q......!##U..... ~....Sd.q/.9.0...T.G....0..}0..........0N1.0H.. ..U....US1.0...U. | |
| 180821040000Z0B1.0.$Equi..U....US1.0...U.icate Authority0.. | |
| ..........0..1.0...U....GeoTrust Global CA0.."0 | |
| ........c0...#.V~[.<l8.q.x.....L..C...M!....X/f9)..x..8...j~q...`......(..%..........B.5....F..O...C...W-P..-.zW..._k........5..F.{r....U+...>.&d.....q.N...{...U....^8S.\O.-.P#6.f....9.....9 | |
| 22:41:54.769140 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [.], ack 2697, win 8088, options [nop,nop,TS val 946049431 ecr 3615605273], length 0 | |
| ..C0Rw.85O]H..E..4.g@.@.'...de..~..E..YA..jY0v.....:..... | |
| 8c...... | |
| 22:41:54.769249 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [P.], seq 2697:3172, ack 131, win 341, options [nop,nop,TS val 3615605273 ecr 946049274], length 475 | |
| .85O]H..C0Rw..E...J.../.....~...de...EjY0vYA.....US...... | |
| ....8c......8......M>o....,..`9..6S.9.^&+.=...2...(R.q..3=.8..6.b.y..0._.+.qk..........0..0...U.#..0...H.h.+....G.# .O3....0...U.......z.h.....d..}.}e...N0...U.......0....0...U...........0:..U...3010/.-.+.)http://crl.geotrust.com/crls/secureca.crl0N..U. .G0E0C..U. .0;09..+........-https://ww.........v..nNK...0.........q~f....;.....N.C8..0}..U..j.6...Hf.m....G..Z\s....2.8..4.........I......6..Vo...sc...{>".=.._8t...PN....a..?.......... | |
| 22:41:54.769285 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [.], ack 3172, win 8162, options [nop,nop,TS val 946049431 ecr 3615605273], length 0 | |
| ..C0Rw.85O]H..E..4..@.@.....de..~..E..YA..jY2Q........... | |
| 8c...... | |
| 22:41:54.804024 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [P.], seq 131:445, ack 3172, win 8192, options [nop,nop,TS val 946049465 ecr 3615605273], length 314 | |
| ..C0Rw.85O]H..E..n=.@.@.....de..~..E..YA..jY2Q.. ........ | |
| 8c.................P..k....hA. .(..d.M..nUPP..H1...Px...k?..w|.....o.m..z- ..&....:o...o&.I....yf...7T2{.] #.. ..M...@...7.....<....i.7N......._{.l.u..w.fx.RJ...:.-.$0h...v.p$.$.m.g......vXQ`{..:..N..d,A'...o.A..a...j........$+.......i..X......9*i......d...N.@........B)D.Ff.........H.@lw..A.79.P | |
| P..* | |
| 22:41:54.904878 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [P.], seq 3172:3219, ack 445, win 350, options [nop,nop,TS val 3615605439 ecr 946049465], length 47 | |
| .85O]H..C0Rw..E..cJ.../..K..~...de...EjY2QYA.....^.w..... | |
| ....8c............$...._.gJ).(...W.B*p.....p0.Q.o.N!{.. | |
| 22:41:54.904929 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [.], ack 3219, win 8189, options [nop,nop,TS val 946049565 ecr 3615605439], length 0 | |
| ..C0Rw.85O]H..E..43n@.@.....de..~..E..YA..jY2......e..... | |
| 8c...... | |
| 22:41:54.905155 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [P.], seq 445:510, ack 3219, win 8192, options [nop,nop,TS val 946049565 ecr 3615605439], length 65 | |
| ..C0Rw.85O]H..E..u%.@.@.....de..~..E..YA..jY2... .+...... | |
| 8c..........<O...=`.?oQ...-<@..s.m.....Z.....Rv.].......S.....A".....c#l. | |
| 22:41:55.031478 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [P.], seq 3219:3777, ack 510, win 350, options [nop,nop,TS val 3615605563 ecr 946049565], length 558 | |
| ../..&..~...de...EjY2.YA.[...^....... | |
| ...;8c......).3..c.. u.B$.......9..T.~..Y.B9..h.1{.QY..,B......'\6`..._1..Pw.....'.e{........Dj4..;gdYTP.~~..H...tf|..H...IH[.[..BA...,..F..W.@y...V...J..v.=.W.........3..y?....zA.E.p5..,.#..O.....&x.?).C.K.'uc......O.`.Nh...'R....-.P..w.b......x....XS..D.5N...&............i../,.).h...`..2~g>.~3.M..l.>.9.y\=.}"f.......QU.;m..g.......0<....q.L~..>..B......Mlgyz.~xt... | |
| v..'.8.....3\2....m.C..(.......X..;9..8....UP..8.j..O..x..v.JQ....9....)..."0.H.a.."]T..0...R*...... ..Z/e.b.O......".V..R.n&..|}......0.0..u..-/.}.>]..'.[..ow.r6.E......_..;.|,5Z-..4......k..C.}& | |
| 22:41:55.031559 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [.], ack 3777, win 8157, options [nop,nop,TS val 946049691 ecr 3615605563], length 0 | |
| ..C0Rw.85O]H..E..4.j@.@.....de..~..E..YA.[jY4............ | |
| 8c.....; | |
| 22:41:55.035746 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [F.], seq 3777, ack 510, win 350, options [nop,nop,TS val 3615605563 ecr 946049565], length 0 | |
| .85O]H..C0Rw..E..4K.../..S..~...de...EjY4.YA.[...^....... | |
| ...;8c.. | |
| 22:41:55.035803 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [.], ack 3778, win 8192, options [nop,nop,TS val 946049695 ecr 3615605563], length 0 | |
| ..C0Rw.85O]H..E..4f.@.@.....de..~..E..YA.[jY4... ........ | |
| 8c.....; | |
| 22:41:55.035934 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [P.], seq 510:537, ack 3778, win 8192, options [nop,nop,TS val 946049695 ecr 3615605563], length 27 | |
| ..C0Rw.85O]H..E..O..@.@.H?..de..~..E..YA.[jY4... .@...... | |
| 8c.....;.......F".b.$M.j.fP^...(..~ | |
| 22:41:55.036439 IP 192.168.100.101.51013 > nrt04s05-in-f18.1e100.net.https: Flags [F.], seq 537, ack 3778, win 8192, options [nop,nop,TS val 946049695 ecr 3615605563], length 0 | |
| ..C0Rw.85O]H..E..4.k@.@.....de..~..E..YA.vjY4... ........ | |
| 8c.....; | |
| 22:41:55.160033 IP nrt04s05-in-f18.1e100.net.https > 192.168.100.101.51013: Flags [.], ack 538, win 350, options [nop,nop,TS val 3615605692 ecr 946049695], length 0 | |
| .85O]H..C0Rw..E..4K.../..F..~...de...EjY4.YA.w...^....... | |
| ....8c.. | |
| ^C | |
| 21 packets captured | |
| 45 packets received by filter | |
| 0 packets dropped by kernel |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment