Frame 2939: Packet, 380 bytes on wire (3040 bits), 380 bytes captured (3040 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: Mar 19, 2019 02:03:35.031296000 UTC
    UTC Arrival Time: Mar 19, 2019 02:03:35.031296000 UTC
    Epoch Arrival Time: 1552961015.031296000
    [Time shift for this packet: 0.000000000 seconds]
    [Time delta from previous captured frame: 578.000 microseconds]
    [Time since reference or first frame: 18 minutes, 39.394530000 seconds]
    Frame Number: 2939
    Frame Length: 380 bytes (3040 bits)
    Capture Length: 380 bytes (3040 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:tls]
    Character encoding: ASCII (0)
Ethernet II, Src: Intel_57:2b:42 (64:32:a8:57:2b:42), Dst: Netgear_b6:93:f1 (20:e5:2a:b6:93:f1)
    Destination: Netgear_b6:93:f1 (20:e5:2a:b6:93:f1)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: Intel_57:2b:42 (64:32:a8:57:2b:42)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IPv4 (0x0800)
    [Stream index: 4]
Internet Protocol Version 4, Src: 10.0.90.215, Dst: 31.22.4.176
    0100 .... = Version: 4
    .... 0101 = Header Length: 20 bytes (5)
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
        0000 00.. = Differentiated Services Codepoint: Default (0)
        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
    Total Length: 366
    Identification: 0x04bd (1213)
    010. .... = Flags: 0x2, Don't fragment
        0... .... = Reserved bit: Not set
        .1.. .... = Don't fragment: Set
        ..0. .... = More fragments: Not set
    ...0 0000 0000 0000 = Fragment Offset: 0
    Time to Live: 128
    Protocol: TCP (6)
    Header Checksum: 0xb27c [validation disabled]
    [Header checksum status: Unverified]
    Source Address: 10.0.90.215
    Destination Address: 31.22.4.176
    [Destination GeoIP: Newcastle upon Tyne, GB]
        [Destination GeoIP City: Newcastle upon Tyne]
        [Source or Destination GeoIP City: Newcastle upon Tyne]
        [Destination GeoIP Country: United Kingdom]
        [Source or Destination GeoIP Country: United Kingdom]
        [Destination GeoIP ISO Two Letter Country Code: GB]
        [Source or Destination GeoIP ISO Two Letter Country Code: GB]
        [Destination GeoIP Latitude: 54.9881]
        [Source or Destination GeoIP Latitude: 54.9881]
        [Destination GeoIP Longitude: -1.6194]
        [Source or Destination GeoIP Longitude: -1.6194]
    [Stream index: 12]
Transmission Control Protocol, Src Port: 49216, Dst Port: 3389, Seq: 128, Ack: 1016, Len: 326
    Source Port: 49216
    Destination Port: 3389
    [Stream index: 60]
    [Stream Packet Number: 8]
    [Conversation completeness: Incomplete, DATA (15)]
        ..0. .... = RST: Absent
        ...0 .... = FIN: Absent
        .... 1... = Data: Present
        .... .1.. = ACK: Present
        .... ..1. = SYN-ACK: Present
        .... ...1 = SYN: Present
        [Completeness Flags: ··DASS]
    [TCP Segment Len: 326]
    Sequence Number: 128    (relative sequence number)
    Sequence Number (raw): 1570357437
    [Next Sequence Number: 454    (relative sequence number)]
    Acknowledgment Number: 1016    (relative ack number)
    Acknowledgment number (raw): 3612963884
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Accurate ECN: Not set
        .... 0... .... = Congestion Window Reduced: Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 63225
    [Calculated window size: 63225]
    [Window size scaling factor: -2 (no window scaling used)]
    Checksum: 0xf676 [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    [Timestamps]
        [Time since first frame in this TCP stream: 307.071000 milliseconds]
        [Time since previous frame in this TCP stream: 578.000 microseconds]
    [SEQ/ACK analysis]
        [iRTT: 152.559000 milliseconds]
        [Bytes in flight: 326]
        [Bytes sent since last PSH flag: 326]
    [Client Contiguous Streams: 1]
    [Server Contiguous Streams: 1]
    TCP payload (326 bytes)
Transport Layer Security
    [Stream index: 3]
    TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 262
        Handshake Protocol: Client Key Exchange
            Handshake Type: Client Key Exchange (16)
            Length: 258
            RSA Encrypted PreMaster Secret
                Encrypted PreMaster length: 256
                Encrypted PreMaster […]: 6d1072b13c565fad20ed890ef901f04b70cf7029e981abde0d7407010e30605c3f9f996d2496747770f439501c3cf28273a3a0a25e28e5276147f771aeeeb6203f83157135996058078d6b221effb73c58808430306d08be9872cbfa2f3928ecdeee2f53529ab64ab87d
    TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
        Content Type: Change Cipher Spec (20)
        Version: TLS 1.0 (0x0301)
        Length: 1
        Change Cipher Spec Message
    TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 48
        Handshake Protocol: Encrypted Handshake Message