3

kU Capturing from Microsoft (tcp port http) [Wireshark 1.6.8 (SVN Rev 42761 from /trunk-1.6)] |nldHiUfc£3ail i

File Edit View Go Capture Ąnalyze Statistics Telephony Tools Internals Help

Hi I <3. <£> O © W & BIB ĄĄeiEl

Sl M 91 91 | | X

Filter:

http

▼j Expression... Clear

Appiy

No. Time	Source	Destination	Protocol	Length Info
17 75.380757	150.254.78.29	192.168.0.12	HTTP	1114 HTTP/1.1 200 OK (text/html)
19 75.533581	192.168.0.12	150.254.78.29	HTTP	597 GET /DSlKLlO/header_ip.png HTTP/1.1
38 75.561154	150.254.78.29	192.168.0.12	HTTP	943 HTTP/1.1 200 OK (PNG)
45 75.613739	192.168.0.12	150.254.78.29	HTTP	598 GET /DSlKLlO/header_tcp.png HTTP/1.1
71 75.657606	150.254.78.29	192.168.0.12	HTTP	1514 [TCP out-of-order] http/1.1 200 ok (png)
73 75.670726	192.168.0.12	150.254.78.29	HTTP	598 GET /DSlKLlO/header_udp.png HTTP/1.1
74 75.671230	192.168.0.12	150.254.78.29	HTTP	603 GET /DSlKLlO/header_ethernet.png HTTP/1.1
92 75.698028	192.168.0.12	150.254.78.29	HTTP	597 GET /DSlKLlO/wireshark.png HTTP/1.1
106 75.708343	150.254.78.29	192.168.0.12	HTTP	1133 HTTP/1.1 200 OK (PNG)
228 75.781407	150.254.78.29	192.168.0.12	HTTP	248 HTTP/1.1 200 OK (PNG)
255 126.583708	192.168.0.12	150.254.78.29	HTTP	624 GET /DSIKLlO/pingl.tcpd HTTP/1.1 1
257 126.598910	150.254.78.29	192.168.0.12	HTTP	1072 HTTP/1.1 200 OK (text/plai n)

El Frame 255: 624 bytes on wire (4992 bits), 624 bytes captured (4992 bits)

©Ethernet II, src: HonHaiPr_68:98:2b (ec:55:f9:68:98:2b), Dst: Thomson_c3:2e:f6 (00:26:24:c3:2e:f6) ©internet Protocol Version4, Src: 192.168.0.12 (192.168.0.12), Dst: 150.254.78.29 (150.254.78.29)

© Transmission contro! Protocol, src Port: 58467 (58467), Dst Port: http (80), Seq: 1, Ack: 1, Len: 570 ©pypertejct Transfer Protocol

© get ,/DSlKLlO/pingl. tcpd HTTP/l.l\r\n

© [Expert info (chat/sequence): get /DSlKLlO/pingl.tcpd http/1.l\r\n]

Request Method: get Request URI: /DSlKLlO/pingl. tcpd Request version: http/1.1 Host: marcing.faculty.wmi.amu. edu. pl\r\n

user-Agent: Mozilla/5.0 (Windows NT 6.1; W0W64; rv:12.0) Gecko/20100101 Firefox/12.0\r\n Accept: text/html,application/xhtml+xml,application/xml; q=0. 9,*/*; q=0. 8\r\n Accept-Language: pl,en-us;q=0.7,en;q=0.3\r\n Accept-Encoding: gzip, deflate\r\n connection: keep-alive\r\n

Referer: http://marcing.faculty.wmi.amu.edu.pl/DSlKLlO/cwiczenia7. html\r\n

Cookie: _utma=223752132.779658542.1327943247.1335168401.1337933746. 8; _utmz=223752132.1337933746.8.5.utmcsr=facebook.com|utmccn=(referral)|utmcmd=referral|utmcct=

0000

0010

0020

0030

0040

nnen

00 26    24    c3    2e    f6    ec    55

02 62    Od    8e    40    00    80    06

4e ld    e4    63    00    50    22    54

40 29    f4    ad    00    00    47    45

49 30    2f    70    69    6e    67    31

->-P    31    ->«    31 n/-i

f9    68    98    2b    08    00    45    00

45    38    cO    a8    00    Oc    96    fe

fl    c6    cd    5a    8b    2f    50    18

54    20    2f    44    53    49    4b    4c

2e    74    63    70    64    20    48    54

A O    a.-£    -70    -7A    ->n    G.r\    C1

.&$____u .h. + . . E.

.b..@... E8......

N..C.P"T ...Z./P.

@)____GE T /DSIKL

10/pingl .tcpd HT

rn /1

O Microsoft: <live capture in progress> File: C:... Packets: 258 Displayed: 15 Marked: 0

Profile: Default

A

11:24

2012-06-04