I connected my computer to the back of the Hitron Modem, just watched the traffic capture. I had no Web Browser active, yet I have HTTP traffic. So, why would that be happening.
Also, This shows a Cadant Device, and I was connected to the Hitron Modem and this is not the Hitron Modem Mac Address. So, what is happening here and why?
If your interested in telling me when I copied this from Libre Office, I had to enter everything on the right side, skip a line so it would not be all swished together.
Thank you,
Vtechie
Frame 127: 66 bytes on wire, 66 bytes captured on interface \Device\NPF_{MY COMPUTERS ID}, id 0
Arrival Time: Jun 10, 2022 11:39:52.983081000 Central Daylight Time
Ethernet II, Src: Dell_XX:XX:XX (XX:XX:XX :XX:XX:XX ), Dst: Cadant_XX:XX:XX (XX:XX:XX:XX:XX:XX )
Destination: Cadant_XX:XX:XX (XX:XX:XX:XX:XX:XX )
Source: Dell_XX:XX:XX (XX:XX:XX :XX:XX:XX )
Type: IPv4 (0x0800) Internet Protocol Version 4, Src: XX.XXX.140.197 (XX.XXX.140.197), Dst: 13.107.4.52 (XX.XXX.4.52)
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 52
Identification: 0x4d32 (19762)
Flags: 0x40, Don't fragment
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 128
Protocol: TCP (6)
Header Checksum: 0x0000 incorrect, should be 0xf6c2(may be caused by "IP checksum offload"?)
[Header checksum status: Bad]
[Calculated Checksum: 0xf6c2]
Source Address: XX.XXX.140.197(XX.XXX.140.197)
<Source or Destination Address: XX.XXX.140.197 (XX.XXX.140.197)>
<[Source Host: XX.XXX.140.197]>
<[Source or Destination Host:XX.XXX.140.197]>
Destination Address: XX.XXX.4.52(XX.XXX.4.52)
<Source or Destination Address: XX.XXX.4.52 (XX.XXX.4.52)>
<[Destination Host: XX.XXX.4.52]>
<[Source or Destination Host:XX.XXX.4.52]>
Transmission Control Protocol, Src Port: 54223 (54223), Dst Port: http (80), Seq: 0, Len: 0
Source Port: 54223 (54223)
Destination Port: http (80)
<Source or Destination Port: 54223 (54223)>
<Source or Destination Port: http (80)>
[Stream index: 0]
[Conversation completeness: Complete, WITH_DATA (31)]
[TCP Segment Len: 0]
Sequence Number: 0 (relative sequence number)
Sequence Number (raw): 1053122550
[Next Sequence Number: 1 (relative sequence number)]
Acknowledgment Number: 0
Acknowledgment number (raw): 0
1000 .... = Header Length: 32 bytes (8)
Flags: 0x002 (SYN)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
. .... ..0. .... = Urgent: Not set
.... ...0 .... = Acknowledgment: Not set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..1. = Syn: Set
.... .... ...0 = Fin: Not set
[TCP Flags: ··········S·]
Window: 64416
[Calculated window size: 64416]
Checksum: 0xb6f5 incorrect, should be 0x49c1(maybe caused by "TCP checksum offload"?)
[Expert Info (Error/Checksum): Bad checksum [should be 0x49c1]]
[Bad checksum [should be 0x49c1]]
<Message: Bad checksum [should be 0x49c1]>
[Severity level: Error]
[Group: Checksum]
[Checksum Status: Bad]
[Calculated Checksum: 0x49c1]
Urgent Pointer: 0
Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
TCP Option - Maximum segment size: 1464 bytes
Kind: Maximum Segment Size (2)
Length: 4
MSS Value: 1464
TCP Option - No-Operation (NOP)
Kind: No-Operation (1)
TCP Option - Window scale: 8 (multiply by 256)
TCP Option - No-Operation (NOP)
TCP Option - No-Operation (NOP)
TCP Option - SACK permitted
[Timestamps]
