-------- From local system to Finalog licence valation---------------------------

Frame 1745: 984 bytes on wire (7872 bits), 984 bytes captured (7872 bits) on
interface 0
Interface id: 0 (\Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55})
Interface name: \Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55}
Interface description: Local Area Connection
Encapsulation type: Ethernet (1)
Arrival Time: Jul 6, 2019 11:32:30.968021000 India Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1562392950.968021000 seconds
[Time delta from previous captured frame: 0.000036000 seconds]
[Time delta from previous displayed frame: 0.000036000 seconds]
[Time since reference or first frame: 199.501243000 seconds]
Frame Number: 1745
Frame Length: 984 bytes (7872 bits)
Capture Length: 984 bytes (7872 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp:http:xml]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Ethernet II, Src: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a), Dst: TendaTec_43:5f:a0
(c8:3a:35:43:5f:a0)
Destination: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
Address: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
Address: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.0.102, Dst: 98.129.229.147
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 970
Identification: 0x1b76 (7030)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
...0 0000 0000 0000 = Fragment offset: 0
Time to live: 128
Protocol: TCP (6)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 192.168.0.102
Destination: 98.129.229.147
Transmission Control Protocol, Src Port: 50300, Dst Port: 80, Seq: 313, Ack: 1,
Len: 930
Source Port: 50300
 Destination Port: 80
[Stream index: 61]
[TCP Segment Len: 930]
Sequence number: 313 (relative sequence number)
[Next sequence number: 1243 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
0101 .... = Header Length: 20 bytes (5)
Flags: 0x018 (PSH, ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 1... = Push: Set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
[TCP Flags: �������AP���]
Window size value: 16425
[Calculated window size: 65700]
[Window size scaling factor: 4]
Checksum: 0x0ce0 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[iRTT: 0.237318000 seconds]
[Bytes in flight: 930]
[Bytes sent since last PSH flag: 930]
[Timestamps]
[Time since first frame in this TCP stream: 0.476329000 seconds]
[Time since previous frame in this TCP stream: 0.000036000 seconds]
TCP payload (930 bytes)
TCP segment data (930 bytes)
[2 Reassembled TCP Segments (1242 bytes): #1742(312), #1745(930)]
[Frame: 1742, payload: 0-311 (312 bytes)]
[Frame: 1745, payload: 312-1241 (930 bytes)]
[Segment count: 2]
[Reassembled TCP length: 1242]
[Reassembled TCP Data: 504f5354202f53657276696365732f4c6963656e73654150�]
Hypertext Transfer Protocol
POST /Services/LicenseAPI.asmx HTTP/1.1\r\n
[Expert Info (Chat/Sequence): POST /Services/LicenseAPI.asmx HTTP/1.1\r\n]
[POST /Services/LicenseAPI.asmx HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: POST
Request URI: /Services/LicenseAPI.asmx
Request Version: HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol
4.0.30319.42000)\r\n
Content-Type: text/xml; charset=utf-8\r\n
SOAPAction: "http://Licensing.org/Services/CheckLicenseV2"\r\n
Host: license.fin-alg.info\r\n
Content-Length: 930\r\n
[Content length: 930]
Connection: Keep-Alive\r\n
\r\n
[Full request URI: http://license.fin-alg.info/Services/LicenseAPI.asmx]
 [HTTP request 1/1]
[Response in frame: 1747]
File Data: 930 bytes
eXtensible Markup Language
<?xml
version="1.0"
encoding="utf-8"
?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<CheckLicenseV2
xmlns="http://Licensing.org/Services/">
<sessionKey>

[truncated]gAAAACPyigbdVp6HM38tSsXiz18A7obirKJZdUtH+OzJ8jawcouUidUprA9jBaYSpf2jl2Ir
COzvDseL9W2qrmVzYD7h5o76cwQG7Nmu5rMCKmP4e8YjzWz/wER0jc2KjPH+BeACV4kDnJJrxfWYZsmTfH5
+M3O4iXOOV/NkLi9VX10dgAAAAAcvTPH+UDSrSLZoYDNZ2u+krq+XEzYO7DeBXqETSs3PDH
</sessionKey>
<encryptedArgs>

pYe5g+nGuJFHTBjnB6WZu3uEjM0H3DXKk2+dvk5fRp/9eRxoDYgXpm+Rjq8wDFamecMk7087EGRxvVf2Yeu
hjr+N8luNNQZX37e9TtlY0PhN7hgtuBE0QJvum1+G6W6yybxk2LwtVaP3xFCwurwh+a97xkb2hthJOOI0HK
xyHF/sGdnR8iUCosbtDFa9MUaotOReux9BxcE=
</encryptedArgs>
</CheckLicenseV2>
</soap:Body>
</soap:Envelope>

------------------------------ ack from finalog to

localsystem-------------------------------------------------

Frame 1746: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface
0
Interface id: 0 (\Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55})
Interface name: \Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55}
Interface description: Local Area Connection
Encapsulation type: Ethernet (1)
Arrival Time: Jul 6, 2019 11:32:31.205017000 India Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1562392951.205017000 seconds
[Time delta from previous captured frame: 0.236996000 seconds]
[Time delta from previous displayed frame: 0.236996000 seconds]
[Time since reference or first frame: 199.738239000 seconds]
Frame Number: 1746
Frame Length: 60 bytes (480 bits)
Capture Length: 60 bytes (480 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Ethernet II, Src: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0), Dst: Giga-Byt_8f:9c:6a
(fc:aa:14:8f:9c:6a)
Destination: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
 Address: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
Address: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Padding: 000000000000
Internet Protocol Version 4, Src: 98.129.229.147, Dst: 192.168.0.102
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 40
Identification: 0xca26 (51750)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
...0 0000 0000 0000 = Fragment offset: 0
Time to live: 50
Protocol: TCP (6)
Header checksum: 0x7586 [validation disabled]
[Header checksum status: Unverified]
Source: 98.129.229.147
Destination: 192.168.0.102
Transmission Control Protocol, Src Port: 80, Dst Port: 50300, Seq: 1, Ack: 1243,
Len: 0
Source Port: 80
Destination Port: 50300
[Stream index: 61]
[TCP Segment Len: 0]
Sequence number: 1 (relative sequence number)
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 1243 (relative ack number)
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
[TCP Flags: �������A����]
Window size value: 63
[Calculated window size: 32256]
[Window size scaling factor: 512]
Checksum: 0x20cd [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
 [This is an ACK to the segment in frame: 1745]
[The RTT to ACK the segment was: 0.236996000 seconds]
[iRTT: 0.237318000 seconds]
[Timestamps]
[Time since first frame in this TCP stream: 0.713325000 seconds]
[Time since previous frame in this TCP stream: 0.236996000 seconds]

------------- from fin alg to

localsystem---------------------------------------------------------------

Frame 1747: 1097 bytes on wire (8776 bits), 1097 bytes captured (8776 bits) on
interface 0
Interface id: 0 (\Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55})
Interface name: \Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55}
Interface description: Local Area Connection
Encapsulation type: Ethernet (1)
Arrival Time: Jul 6, 2019 11:32:31.327594000 India Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1562392951.327594000 seconds
[Time delta from previous captured frame: 0.122577000 seconds]
[Time delta from previous displayed frame: 0.122577000 seconds]
[Time since reference or first frame: 199.860816000 seconds]
Frame Number: 1747
Frame Length: 1097 bytes (8776 bits)
Capture Length: 1097 bytes (8776 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp:http:xml]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Ethernet II, Src: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0), Dst: Giga-Byt_8f:9c:6a
(fc:aa:14:8f:9c:6a)
Destination: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
Address: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
Address: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 98.129.229.147, Dst: 192.168.0.102
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 1083
Identification: 0xca27 (51751)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
 ...0 0000 0000 0000 = Fragment offset: 0
Time to live: 50
Protocol: TCP (6)
Header checksum: 0x7172 [validation disabled]
[Header checksum status: Unverified]
Source: 98.129.229.147
Destination: 192.168.0.102
Transmission Control Protocol, Src Port: 80, Dst Port: 50300, Seq: 1, Ack: 1243,
Len: 1043
Source Port: 80
Destination Port: 50300
[Stream index: 61]
[TCP Segment Len: 1043]
Sequence number: 1 (relative sequence number)
[Next sequence number: 1044 (relative sequence number)]
Acknowledgment number: 1243 (relative ack number)
0101 .... = Header Length: 20 bytes (5)
Flags: 0x018 (PSH, ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 1... = Push: Set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
[TCP Flags: �������AP���]
Window size value: 63
[Calculated window size: 32256]
[Window size scaling factor: 512]
Checksum: 0x1f29 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[iRTT: 0.237318000 seconds]
[Bytes in flight: 1043]
[Bytes sent since last PSH flag: 1043]
[Timestamps]
[Time since first frame in this TCP stream: 0.835902000 seconds]
[Time since previous frame in this TCP stream: 0.122577000 seconds]
TCP payload (1043 bytes)
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n]
[HTTP/1.1 200 OK\r\n]
[Severity level: Chat]
[Group: Sequence]
Response Version: HTTP/1.1
Status Code: 200
[Status Code Description: OK]
Response Phrase: OK
Server: Microsoft-IIS/8.5\r\n
X-AspNet-Version: 2.0.50727\r\n
Cache-Control: private, max-age=0\r\n
Content-Type: text/xml; charset=utf-8\r\n
Date: Sat, 06 Jul 2019 06:02:26 GMT\r\n
Set-Cookie: X-Mapping-nadiglig=A0E7032F553171112ACF98F0735010D1; path=/\r\n
 X-UA-Compatible: IE=EmulateIE7\r\n
Content-Length: 731\r\n
[Content length: 731]
\r\n
[HTTP response 1/1]
[Time since request: 0.359573000 seconds]
[Request in frame: 1745]
[Request URI: http://license.fin-alg.info/Services/LicenseAPI.asmx]
File Data: 731 bytes
eXtensible Markup Language
<?xml
version="1.0"
encoding="utf-8"
?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<CheckLicenseV2Response
xmlns="http://Licensing.org/Services/">
<CheckLicenseV2Result>

[truncated]9yRmKhbesxRtk5yLYRBMAHeuYNSO+IzJzK752cbwAEF2qLftHxJ3xjwGe5ghQZVHs5zcpYOQ
FcKxLlcB7WQMccW7R1GEMu6Y7auyu8y47lW3ve9XXSqJ1lXzUxv7s95oRYYBkSgbvZ+YsivbQ3hbd7Vjh2G
fpf5Nk8exIiSgoeOuIHgs+ViQKNAR9X5gepE/YOTpoEebhIhzTjDop/ln4h4zcONtWbv0Hc
</CheckLicenseV2Result>
</CheckLicenseV2Response>
</soap:Body>
</soap:Envelope>

-----------------------------act from localsystem to

finalog-------------------------------------

Frame 1748: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface
0
Interface id: 0 (\Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55})
Interface name: \Device\NPF_{2FE1BE90-F0EA-47CC-9E61-1F121B2B5F55}
Interface description: Local Area Connection
Encapsulation type: Ethernet (1)
Arrival Time: Jul 6, 2019 11:32:31.530315000 India Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1562392951.530315000 seconds
[Time delta from previous captured frame: 0.202721000 seconds]
[Time delta from previous displayed frame: 0.202721000 seconds]
[Time since reference or first frame: 200.063537000 seconds]
Frame Number: 1748
Frame Length: 54 bytes (432 bits)
Capture Length: 54 bytes (432 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Ethernet II, Src: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a), Dst: TendaTec_43:5f:a0
(c8:3a:35:43:5f:a0)
Destination: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
Address: TendaTec_43:5f:a0 (c8:3a:35:43:5f:a0)
 .... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
Address: Giga-Byt_8f:9c:6a (fc:aa:14:8f:9c:6a)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory
default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.0.102, Dst: 98.129.229.147
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 40
Identification: 0x1b77 (7031)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
...0 0000 0000 0000 = Fragment offset: 0
Time to live: 128
Protocol: TCP (6)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 192.168.0.102
Destination: 98.129.229.147
Transmission Control Protocol, Src Port: 50300, Dst Port: 80, Seq: 1243, Ack: 1044,
Len: 0
Source Port: 50300
Destination Port: 80
[Stream index: 61]
[TCP Segment Len: 0]
Sequence number: 1243 (relative sequence number)
[Next sequence number: 1243 (relative sequence number)]
Acknowledgment number: 1044 (relative ack number)
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
[TCP Flags: �������A����]
Window size value: 16164
[Calculated window size: 64656]
[Window size scaling factor: 4]
Checksum: 0x093e [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 1747]
[The RTT to ACK the segment was: 0.202721000 seconds]
 [iRTT: 0.237318000 seconds]
[Timestamps]
[Time since first frame in this TCP stream: 1.038623000 seconds]
[Time since previous frame in this TCP stream: 0.202721000 seconds]