Frame 1489: 238 bytes on wire (1904 bits), 238 bytes captured (1904 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: Jul 22, 2017 02:44:49.549198000 UTC
    UTC Arrival Time: Jul 22, 2017 02:44:49.549198000 UTC
    Epoch Arrival Time: 1500691489.549198000
    [Time shift for this packet: 0.000000000 seconds]
    [Time delta from previous captured frame: 0.000162000 seconds]
    [Time delta from previous displayed frame: 0.000000000 seconds]
    [Time since reference or first frame: 75.023849000 seconds]
    Frame Number: 1489
    Frame Length: 238 bytes (1904 bits)
    Capture Length: 238 bytes (1904 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:tls]
Ethernet II, Src: Cisco_01:e9:5c (00:09:e8:01:e9:5c), Dst: SamsungElect_75:be:14 (08:ec:a9:75:be:14)
    Destination: SamsungElect_75:be:14 (08:ec:a9:75:be:14)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: Cisco_01:e9:5c (00:09:e8:01:e9:5c)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IPv4 (0x0800)
    [Stream index: 4]
Internet Protocol Version 4, Src: 172.217.11.84, Dst: 172.16.45.172
    0100 .... = Version: 4
    .... 0101 = Header Length: 20 bytes (5)
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
        0000 00.. = Differentiated Services Codepoint: Default (0)
        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
    Total Length: 224
    Identification: 0x5b50 (23376)
    000. .... = Flags: 0x0
        0... .... = Reserved bit: Not set
        .0.. .... = Don't fragment: Not set
        ..0. .... = More fragments: Not set
    ...0 0000 0000 0000 = Fragment Offset: 0
    Time to Live: 60
    Protocol: TCP (6)
    Header Checksum: 0x204a [validation disabled]
    [Header checksum status: Unverified]
    Source Address: 172.217.11.84
    Destination Address: 172.16.45.172
    [Source GeoIP: US, ASN 15169, GOOGLE]
        [Source GeoIP Country: United States]
        [Source or Destination GeoIP Country: United States]
        [Source GeoIP ISO Two Letter Country Code: US]
        [Source or Destination GeoIP ISO Two Letter Country Code: US]
        [Source GeoIP AS Number: 15169]
        [Source or Destination GeoIP AS Number: 15169]
        [Source GeoIP AS Organization: GOOGLE]
        [Source or Destination GeoIP AS Organization: GOOGLE]
        [Source GeoIP Latitude: 37.751]
        [Source or Destination GeoIP Latitude: 37.751]
        [Source GeoIP Longitude: -97.822]
        [Source or Destination GeoIP Longitude: -97.822]
    [Stream index: 21]
Transmission Control Protocol, Src Port: 443, Dst Port: 34529, Seq: 1, Ack: 534, Len: 172
    Source Port: 443
    Destination Port: 34529
    [Stream index: 32]
    [Stream Packet Number: 6]
    [Conversation completeness: Incomplete, DATA (15)]
        ..0. .... = RST: Absent
        ...0 .... = FIN: Absent
        .... 1... = Data: Present
        .... .1.. = ACK: Present
        .... ..1. = SYN-ACK: Present
        .... ...1 = SYN: Present
        [Completeness Flags: ··DASS]
    [TCP Segment Len: 172]
    Sequence Number: 1    (relative sequence number)
    Sequence Number (raw): 3717083685
    [Next Sequence Number: 173    (relative sequence number)]
    Acknowledgment Number: 534    (relative ack number)
    Acknowledgment number (raw): 489696544
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Accurate ECN: Not set
        .... 0... .... = Congestion Window Reduced: Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 340
    [Calculated window size: 43520]
    [Window size scaling factor: 128]
    Checksum: 0x1058 [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - No-Operation (NOP)
            Kind: No-Operation (1)
        TCP Option - Timestamps: TSval 1439006611, TSecr 114200
            Kind: Time Stamp Option (8)
            Length: 10
            Timestamp value: 1439006611
            Timestamp echo reply: 114200
    [Timestamps]
        [Time since first frame in this TCP stream: 0.145123000 seconds]
        [Time since previous frame in this TCP stream: 0.000700000 seconds]
    [SEQ/ACK analysis]
        [iRTT: 0.069904000 seconds]
        [Bytes in flight: 172]
        [Bytes sent since last PSH flag: 172]
    TCP payload (172 bytes)
Transport Layer Security
    TLSv1.2 Record Layer: Handshake Protocol: Server Hello
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 116
        Handshake Protocol: Server Hello
            Handshake Type: Server Hello (2)
            Length: 112
            Version: TLS 1.2 (0x0303)
            Random: 5972bc1f9cad457836cbbc1ebeff8770127c7bfddbc880a650386407a8ecb263
                GMT Unix Time: Jul 22, 2017 02:44:47.000000000 UTC
                Random Bytes: 9cad457836cbbc1ebeff8770127c7bfddbc880a650386407a8ecb263
            Session ID Length: 32
            Session ID: 9be681b7e682fc54b642d031ac9cc4f26feaad2a30257396f4dd96b9f8412a1c
            Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
            Compression Method: null (0)
            Extensions Length: 40
            Extension: renegotiation_info (len=1)
                Type: renegotiation_info (65281)
                Length: 1
                Renegotiation Info extension
                    Renegotiation info extension length: 0
            Extension: next_protocol_negotiation (len=21)
                Type: next_protocol_negotiation (13172)
                Length: 21
                Next Protocol Negotiation
                    Protocol string length: 8
                    Next Protocol: grpc-exp
                    Protocol string length: 2
                    Next Protocol: h2
                    Protocol string length: 8
                    Next Protocol: http/1.1
            Extension: channel_id (len=0)
                Type: channel_id (30032)
                Length: 0
                Data: <MISSING>
            Extension: ec_point_formats (len=2)
                Type: ec_point_formats (11)
                Length: 2
                EC point formats Length: 1
                Elliptic curves point formats (1)
                    EC point format: uncompressed (0)
            [JA3S Fullstring: 771,49199,65281-13172-30032-11]
            [JA3S: 4c1f860b6da8d0e03d2e6356bd040f52]
    TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
        Content Type: Change Cipher Spec (20)
        Version: TLS 1.2 (0x0303)
        Length: 1
        Change Cipher Spec Message
            [Expert Info (Note/Sequence): This session reuses previously negotiated keys (Session resumption)]
                [This session reuses previously negotiated keys (Session resumption)]
                [Severity level: Note]
                [Group: Sequence]
    TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 40
        Handshake Protocol: Encrypted Handshake Message