Interpretation of HTTP protocol packet for Wireshark packet analysis

Source: Internet
Author: User
Tags html form prev webp

* This blog only as a personal note and study reference

Packet analysis of the Get method

Hypertext Transfer Protocol
get/http/1.1\r\n #请求行信息 #
[Expert Info (chat/sequence): get/http/1.1\r\n] #专家信息 #
Request Method:get #请求的方法 #
Request URI:/#请求的URI #
Request version:http/1.1 #请求的版本 #
host:www.boomgg.cn\r\n #请求主机 #
connection:keep-alive\r\n #使用持久链接 #
upgrade-insecure-requests:1\r\n #升级不安全请求 #
user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/55.0.2883.87 safari/537.36\r\n #浏览器类型 #
ACCEPT:TEXT/HTML,APPLICATION/XHTML+XML,APPLICATION/XML;Q=0.9,IMAGE/WEBP,/; q=0.8\r\n #请求的类型 #
Accept-encoding:gzip, deflate, sdch\r\n #请求的编码格式 #
accept-language:zh-cn,zh;q=0.8\r\n #请求语言 #
cookie:cnzzdata155540=cnzz_eid%3d2093723420-1483596271-%26ntime%3d1483596271\r\n #Cookie信息 #
Cookie pair:cnzzdata155540=cnzz_eid%3d2093723420-1483596271-%26ntime%3d1483596271\r\n #Cookie对 #
[Full Request uri:http://www.boomgg.cn/] #请求的URI全称 #
[HTTP request 1/3] #HTTP请求进度 #
[Response in Frame:12] #响应帧 #
[Next request in frame:15] #下一个请求帧 #

Hypertext Transfer Protocol
http/1.1 ok\r\n #响应行信息 #
[Expert Info (chat/sequence): http/1.1-ok\r\n] #专家信息 #
Request version:http/1.1 #请求版本 #
Status code:200 #状态码 #
Response phrase:ok #响应短语 #
Date:tue, 2017 07 : 34:36 gmt\r\n #响应时间 #
server:apache/2.4.6 (CentOS) php/5.4.16\r\n #服务器信息 #
Last-modified:tue, June 2014 16:00:47 gmt\r\n #上一次修改 #
ETag: "4b8d-4fc0a3f32a9c0" \ r \ n #上一次修改标识 #
accept-ranges:bytes\r\n #接收范围 #
Content-length: 19341\r\n #内容长度 #
Keep-alive:timeout=5, max=99\r\n #保持响应时间, and maximum value #
connection:keep-alive\r\n #使用持久链接 #
content-type:text/css\r\n #响应的内容类型 #
[HTTP Response 2/3] #HTTP响应 #
[time since request:0.423110000 seconds] # Response usage Length #
[Prev request in Frame:5] #上一个请求的帧 #
[Prev response in Frame:12] #上一个响应的帧 #
[request in frame:15] #请求的帧 #
[Next request in frame:47] #下一个请求的帧 #
[Next response in frame:59] #下一个响应的帧 #
File data:19341 bytes #文件数据大小 #
line-based text Data:text/css #数据 #

Packet analysis of the POST method

Basic Ibid.
Hypertext Transfer Protocol
Post/login.aspx http/1.1\r\n
[Expert Info (chat/sequence): post/login.aspx http/1.1\r\n]
[Post/login.aspx http/1.1\r\n]
[Severity Level:chat]
[Group:sequence]
Request Method:post
Request URI:/login.aspx
Request version:http/1.1
host:192.168.1.113\r\n
connection:keep-alive\r\n
content-length:232\r\n
[Content length:232]
cache-control:max-age=0\r\n
origin:http://192.168.1.113\r\n
upgrade-insecure-requests:1\r\n
user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/55.0.2883.87 safari/537.36\r\n
content-type:application/x-www-form-urlencoded\r\n
ACCEPT:TEXT/HTML,APPLICATION/XHTML+XML,APPLICATION/XML;Q=0.9,IMAGE/WEBP,/; q=0.8\r\n
referer:http://192.168.1.113/login.aspx\r\n
Accept-encoding:gzip, deflate\r\n
accept-language:zh-cn,zh;q=0.8\r\n
cookie:cnzzdata155540=cnzz_eid%3d1111972901-1485847397-%26ntime%3d1485847397\r\n
Cookie pair:cnzzdata155540=cnzz_eid%3d1111972901-1485847397-%26ntime%3d1485847397
\ r \ n
[Full request uri:http://192.168.1.113/login.aspx]
[HTTP Request 3/5]
[Prev request in frame:103]
[Response in frame:116]
[Next request in frame:117]
File data:232 bytes
HTML Form URL encoded:application/x-www-form-urlencoded
Form Item: "VIEWSTATE "="/wepdwullte2ndixodkzmtdkzj7mzhenuufxodvtoykvaxvn0yfdfhjukeo48w8qcgna "
Form Item: "
Eventvalidation "="/wewbakgrjh+cqlr/4hfaglpyszgdqkr1yrvcg3y+w/qsnhr3jldwqbq34u2wh/m2l3/ijydfw7qhppt "
Form item: "UserID" = "Kemin" #这里可以看到发送的用户名
Form item: "Userpass" = "Fang" #这里可以看到发送的密码
Form item: "Log" = "Login"

Basic Ibid.
Hypertext Transfer Protocol
http/1.1 + ok\r\n
[Expert Info (chat/sequence): http/1.1 Ok\r\n]
[http/1.1 ok\r\n]
[Severity level:chat]
[group:sequence]
Request version:http/1.1
Status code:200
Response phrase:ok
cache-control:private\r\n
content-type:text/html; charset=utf-8\r\n
content-encoding:gzip\r\n
vary:accept-encoding\r\n
server:microsoft-iis/7.5\r\n
X-AspNet-Version: 4.0.30319\r\n
x-powered-by:asp.net\r\n
Date:tue, 07:43:17 gmt\r\n
content-length:1434\r\n
[ Content length:1434]
\ r \ n
[HTTP response 4/5]
[time since request:0.102894000 seconds]
[Prev request in FRA ME:114]
[Prev response in frame:116]
[request in frame:117]
[next Request in frame:133]
[Next response in FRAME:176]
content-encoded entity Body (gzip): 1434 bytes, 2563 bytes
File data:2563 bytes
line-based text data:text/html

Interpretation of HTTP protocol packets for Wireshark packet analysis

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.