Frame 2136: 1037 bytes on wire (8296 bits), 1037 bytes captured (8296 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: Jul 22, 2017 02:50:06.415492000 UTC
    UTC Arrival Time: Jul 22, 2017 02:50:06.415492000 UTC
    Epoch Arrival Time: 1500691806.415492000
    [Time shift for this packet: 0.000000000 seconds]
    [Time delta from previous captured frame: 0.021089000 seconds]
    [Time delta from previous displayed frame: 0.000000000 seconds]
    [Time since reference or first frame: 391.890143000 seconds]
    Frame Number: 2136
    Frame Length: 1037 bytes (8296 bits)
    Capture Length: 1037 bytes (8296 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:http]
Ethernet II, Src: Dell_c3:1b:e9 (00:26:b9:c3:1b:e9), Dst: Cisco_01:e9:5c (00:09:e8:01:e9:5c)
    Destination: Cisco_01:e9:5c (00:09:e8:01:e9:5c)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: Dell_c3:1b:e9 (00:26:b9:c3:1b:e9)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IPv4 (0x0800)
    [Stream index: 3]
Internet Protocol Version 4, Src: 172.16.45.52, Dst: 204.79.197.200
    0100 .... = Version: 4
    .... 0101 = Header Length: 20 bytes (5)
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
        0000 00.. = Differentiated Services Codepoint: Default (0)
        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
    Total Length: 1023
    Identification: 0x00be (190)
    010. .... = Flags: 0x2, Don't fragment
        0... .... = Reserved bit: Not set
        .1.. .... = Don't fragment: Set
        ..0. .... = More fragments: Not set
    ...0 0000 0000 0000 = Fragment Offset: 0
    Time to Live: 128
    Protocol: TCP (6)
    Header Checksum: 0x1a44 [validation disabled]
    [Header checksum status: Unverified]
    Source Address: 172.16.45.52
    Destination Address: 204.79.197.200
    [Destination GeoIP: US, ASN 8068, MICROSOFT-CORP-MSN-AS-BLOCK]
        [Destination GeoIP Country: United States]
        [Source or Destination GeoIP Country: United States]
        [Destination GeoIP ISO Two Letter Country Code: US]
        [Source or Destination GeoIP ISO Two Letter Country Code: US]
        [Destination GeoIP AS Number: 8068]
        [Source or Destination GeoIP AS Number: 8068]
        [Destination GeoIP AS Organization: MICROSOFT-CORP-MSN-AS-BLOCK]
        [Source or Destination GeoIP AS Organization: MICROSOFT-CORP-MSN-AS-BLOCK]
        [Destination GeoIP Latitude: 37.751]
        [Source or Destination GeoIP Latitude: 37.751]
        [Destination GeoIP Longitude: -97.822]
        [Source or Destination GeoIP Longitude: -97.822]
    [Stream index: 31]
Transmission Control Protocol, Src Port: 49159, Dst Port: 80, Seq: 4889, Ack: 76625, Len: 983
    Source Port: 49159
    Destination Port: 80
    [Stream index: 42]
    [Stream Packet Number: 132]
    [Conversation completeness: Incomplete, DATA (15)]
        ..0. .... = RST: Absent
        ...0 .... = FIN: Absent
        .... 1... = Data: Present
        .... .1.. = ACK: Present
        .... ..1. = SYN-ACK: Present
        .... ...1 = SYN: Present
        [Completeness Flags: ··DASS]
    [TCP Segment Len: 983]
    Sequence Number: 4889    (relative sequence number)
    Sequence Number (raw): 3769463255
    [Next Sequence Number: 5872    (relative sequence number)]
    Acknowledgment Number: 76625    (relative ack number)
    Acknowledgment number (raw): 1987514029
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Accurate ECN: Not set
        .... 0... .... = Congestion Window Reduced: Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 257
    [Calculated window size: 65792]
    [Window size scaling factor: 256]
    Checksum: 0xa7e9 [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    [Timestamps]
        [Time since first frame in this TCP stream: 1.199477000 seconds]
        [Time since previous frame in this TCP stream: 0.036707000 seconds]
    [SEQ/ACK analysis]
        [iRTT: 0.063843000 seconds]
        [Bytes in flight: 983]
        [Bytes sent since last PSH flag: 983]
    TCP payload (983 bytes)
Hypertext Transfer Protocol
    […] GET /rms/AutoSug/cj,nj/d7921180/4a2f060c.js?bu=rms+answers+AutoSuggest+Service%2cWeb%24Utils%2cWeb%24EventRegisterer%2cWeb%24EventRegistration%2cEmpty%2cEmpty%2cEmpty%2cWeb%24WebCore%2cWeb%24DataProvider%2cEmpty%2cEmpty%2cWeb%24Canva
        Request Method: GET
        Request URI […]: /rms/AutoSug/cj,nj/d7921180/4a2f060c.js?bu=rms+answers+AutoSuggest+Service%2cWeb%24Utils%2cWeb%24EventRegisterer%2cWeb%24EventRegistration%2cEmpty%2cEmpty%2cEmpty%2cWeb%24WebCore%2cWeb%24DataProvider%2cEmpty%2cEmpty%2cWe
            Request URI Path: /rms/AutoSug/cj,nj/d7921180/4a2f060c.js
            Request URI Path Segment: /rms/AutoSug/cj
            Request URI Path Segment: nj/d7921180/4a2f060c.js
            Request URI Query […]: bu=rms+answers+AutoSuggest+Service%2cWeb%24Utils%2cWeb%24EventRegisterer%2cWeb%24EventRegistration%2cEmpty%2cEmpty%2cEmpty%2cWeb%24WebCore%2cWeb%24DataProvider%2cEmpty%2cEmpty%2cWeb%24Canvas%2cWeb%24Layout%2cWeb%24
                Request URI Query Parameter: bu=rms
                Request URI Query Parameter: answers
                Request URI Query Parameter: AutoSuggest
                Request URI Query Parameter […]: Service%2cWeb%24Utils%2cWeb%24EventRegisterer%2cWeb%24EventRegistration%2cEmpty%2cEmpty%2cEmpty%2cWeb%24WebCore%2cWeb%24DataProvider%2cEmpty%2cEmpty%2cWeb%24Canvas%2cWeb%24Layout%2cWeb%24SearchForm%2cWeb%
        Request Version: HTTP/1.1
    Accept: application/javascript, */*;q=0.8\r\n
    Referer: http://www.bing.com/\r\n
    Accept-Language: en-US\r\n
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko\r\n
    Accept-Encoding: gzip, deflate\r\n
    Host: www.bing.com\r\n
    Connection: Keep-Alive\r\n
    […] Cookie: SRCHD=AF=NOFORM; SRCHUID=V=2&GUID=48C4243B9E874B50B1AD4C59E1C59234&dmnchg=1; SRCHUSR=DOB=20170722; _SS=SID=26477A5BFE9663A232DE709CFF5662B9; _EDGE_S=F=1&SID=26477A5BFE9663A232DE709CFF5662B9; _EDGE_V=1; MUID=3B34C29A3E1C6FBD13
        Cookie pair: SRCHD=AF=NOFORM
        Cookie pair: SRCHUID=V=2&GUID=48C4243B9E874B50B1AD4C59E1C59234&dmnchg=1
        Cookie pair: SRCHUSR=DOB=20170722
        Cookie pair: _SS=SID=26477A5BFE9663A232DE709CFF5662B9
        Cookie pair: _EDGE_S=F=1&SID=26477A5BFE9663A232DE709CFF5662B9
        Cookie pair: _EDGE_V=1
        Cookie pair: MUID=3B34C29A3E1C6FBD1368C85D3FDC6ED5
        Cookie pair: _UR=D=1
        Cookie pair: ULC=T=11A19|1:1
        Cookie pair: SRCHHPGUSR=CW=650&CH=271&DPR=1.25&UTC=-240
        Cookie pair: MUIDB=3B34C29A3E1C6FBD1368C85D3FDC6ED5
    \r\n
    [Full request URI […]: http://www.bing.com/rms/AutoSug/cj,nj/d7921180/4a2f060c.js?bu=rms+answers+AutoSuggest+Service%2cWeb%24Utils%2cWeb%24EventRegisterer%2cWeb%24EventRegistration%2cEmpty%2cEmpty%2cEmpty%2cWeb%24WebCore%2cWeb%24DataProvi]