Interpretation of HTTP protocol packet for Wireshark packet analysis

Last Update:2018-06-06 Source: Internet

Author: User

Tags html form prev webp

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

* This blog only as a personal note and study reference

Packet analysis of the Get method

Hypertext Transfer Protocol
get/http/1.1\r\n #请求行信息 #
[Expert Info (chat/sequence): get/http/1.1\r\n] #专家信息 #
Request Method:get #请求的方法 #
Request URI:/#请求的URI #
Request version:http/1.1 #请求的版本 #
host:www.boomgg.cn\r\n #请求主机 #
connection:keep-alive\r\n #使用持久链接 #
upgrade-insecure-requests:1\r\n #升级不安全请求 #
user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/55.0.2883.87 safari/537.36\r\n #浏览器类型 #
ACCEPT:TEXT/HTML,APPLICATION/XHTML+XML,APPLICATION/XML;Q=0.9,IMAGE/WEBP,/; q=0.8\r\n #请求的类型 #
Accept-encoding:gzip, deflate, sdch\r\n #请求的编码格式 #
accept-language:zh-cn,zh;q=0.8\r\n #请求语言 #
cookie:cnzzdata155540=cnzz_eid%3d2093723420-1483596271-%26ntime%3d1483596271\r\n #Cookie信息 #
Cookie pair:cnzzdata155540=cnzz_eid%3d2093723420-1483596271-%26ntime%3d1483596271\r\n #Cookie对 #
[Full Request uri:http://www.boomgg.cn/] #请求的URI全称 #
[HTTP request 1/3] #HTTP请求进度 #
[Response in Frame:12] #响应帧 #
[Next request in frame:15] #下一个请求帧 #

Hypertext Transfer Protocol
http/1.1 ok\r\n #响应行信息 #
[Expert Info (chat/sequence): http/1.1-ok\r\n] #专家信息 #
Request version:http/1.1 #请求版本 #
Status code:200 #状态码 #
Response phrase:ok #响应短语 #
Date:tue, 2017 07 : 34:36 gmt\r\n #响应时间 #
server:apache/2.4.6 (CentOS) php/5.4.16\r\n #服务器信息 #
Last-modified:tue, June 2014 16:00:47 gmt\r\n #上一次修改 #
ETag: "4b8d-4fc0a3f32a9c0" \ r \ n #上一次修改标识 #
accept-ranges:bytes\r\n #接收范围 #
Content-length: 19341\r\n #内容长度 #
Keep-alive:timeout=5, max=99\r\n #保持响应时间, and maximum value #
connection:keep-alive\r\n #使用持久链接 #
content-type:text/css\r\n #响应的内容类型 #
[HTTP Response 2/3] #HTTP响应 #
[time since request:0.423110000 seconds] # Response usage Length #
[Prev request in Frame:5] #上一个请求的帧 #
[Prev response in Frame:12] #上一个响应的帧 #
[request in frame:15] #请求的帧 #
[Next request in frame:47] #下一个请求的帧 #
[Next response in frame:59] #下一个响应的帧 #
File data:19341 bytes #文件数据大小 #
line-based text Data:text/css #数据 #

Packet analysis of the POST method

Basic Ibid.
Hypertext Transfer Protocol
Post/login.aspx http/1.1\r\n
[Expert Info (chat/sequence): post/login.aspx http/1.1\r\n]
[Post/login.aspx http/1.1\r\n]
[Severity Level:chat]
[Group:sequence]
Request Method:post
Request URI:/login.aspx
Request version:http/1.1
host:192.168.1.113\r\n
connection:keep-alive\r\n
content-length:232\r\n
[Content length:232]
cache-control:max-age=0\r\n
origin:http://192.168.1.113\r\n
upgrade-insecure-requests:1\r\n
user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/55.0.2883.87 safari/537.36\r\n
content-type:application/x-www-form-urlencoded\r\n
ACCEPT:TEXT/HTML,APPLICATION/XHTML+XML,APPLICATION/XML;Q=0.9,IMAGE/WEBP,/; q=0.8\r\n
referer:http://192.168.1.113/login.aspx\r\n
Accept-encoding:gzip, deflate\r\n
accept-language:zh-cn,zh;q=0.8\r\n
cookie:cnzzdata155540=cnzz_eid%3d1111972901-1485847397-%26ntime%3d1485847397\r\n
Cookie pair:cnzzdata155540=cnzz_eid%3d1111972901-1485847397-%26ntime%3d1485847397
\ r \ n
[Full request uri:http://192.168.1.113/login.aspx]
[HTTP Request 3/5]
[Prev request in frame:103]
[Response in frame:116]
[Next request in frame:117]
File data:232 bytes
HTML Form URL encoded:application/x-www-form-urlencoded
Form Item: "VIEWSTATE "="/wepdwullte2ndixodkzmtdkzj7mzhenuufxodvtoykvaxvn0yfdfhjukeo48w8qcgna "
Form Item: "Eventvalidation "="/wewbakgrjh+cqlr/4hfaglpyszgdqkr1yrvcg3y+w/qsnhr3jldwqbq34u2wh/m2l3/ijydfw7qhppt "
Form item: "UserID" = "Kemin" #这里可以看到发送的用户名
Form item: "Userpass" = "Fang" #这里可以看到发送的密码
Form item: "Log" = "Login"

Basic Ibid.
Hypertext Transfer Protocol
http/1.1 + ok\r\n
[Expert Info (chat/sequence): http/1.1 Ok\r\n]
[http/1.1 ok\r\n]
[Severity level:chat]
[group:sequence]
Request version:http/1.1
Status code:200
Response phrase:ok
cache-control:private\r\n
content-type:text/html; charset=utf-8\r\n
content-encoding:gzip\r\n
vary:accept-encoding\r\n
server:microsoft-iis/7.5\r\n
X-AspNet-Version: 4.0.30319\r\n
x-powered-by:asp.net\r\n
Date:tue, 07:43:17 gmt\r\n
content-length:1434\r\n
[ Content length:1434]
\ r \ n
[HTTP response 4/5]
[time since request:0.102894000 seconds]
[Prev request in FRA ME:114]
[Prev response in frame:116]
[request in frame:117]
[next Request in frame:133]
[Next response in FRAME:176]
content-encoded entity Body (gzip): 1434 bytes, 2563 bytes
File data:2563 bytes
line-based text data:text/html

Interpretation of HTTP protocol packets for Wireshark packet analysis

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More