Scribd
Upload
5 views

Assignment 1 Q5

The document contains a packet capture analysis showing an HTTP GET request from the source IP 10.7.26.4 to the destination IP 128.119.245.12 for a specific HTML file. The server responded with a 200 OK status, indicating successful retrieval of the requested resource. The analysis includes detailed information about the TCP and HTTP headers involved in the communication.

Uploaded by

andi mandi
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
5 views

Assignment 1 Q5

The document contains a packet capture analysis showing an HTTP GET request from the source IP 10.7.26.4 to the destination IP 128.119.245.12 for a specific HTML file. The server responded with a 200 OK status, indicating successful retrieval of the requested resource. The analysis includes detailed information about the TCP and HTTP headers involved in the communication.

Uploaded by

andi mandi
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

C:\Users\SHIVAN~1\AppData\Local\Temp\wireshark_Wi-FiVE7TM2.

pcapng 35748 total packets, 20 shown

No. Time Source Destination Protocol Length Info


33578 18:03:23.714133 10.7.26.4 128.119.245.12 HTTP 535 GET /wireshark-labs/INTRO-wireshark-file1.html HTTP/1.1
Frame 33578: 535 bytes on wire (4280 bits), 535 bytes captured (4280 bits) on interface \Device\NPF_{55BAA451-B3D8-4539-B44B-6038FB16E743}, id
0
Ethernet II, Src: CloudNetwork_4c:90:cb (14:ac:60:4c:90:cb), Dst: JuniperNetwo_a1:85:01 (dc:38:e1:a1:85:01)
Internet Protocol Version 4, Src: 10.7.26.4, Dst: 128.119.245.12
Transmission Control Protocol, Src Port: 53194, Dst Port: 80, Seq: 1, Ack: 1, Len: 481
Source Port: 53194
Destination Port: 80
[Stream index: 119]
[Conversation completeness: Complete, WITH_DATA (31)]
[TCP Segment Len: 481]
Sequence Number: 1 (relative sequence number)
Sequence Number (raw): 3100998194
[Next Sequence Number: 482 (relative sequence number)]
Acknowledgment Number: 1 (relative ack number)
Acknowledgment number (raw): 1004776144
0101 .... = Header Length: 20 bytes (5)
Flags: 0x018 (PSH, ACK)
Window: 512
[Calculated window size: 131072]
[Window size scaling factor: 256]
Checksum: 0xcf13 [unverified]
[Checksum Status: Unverified]
Urgent Pointer: 0
[Timestamps]
[Time since first frame in this TCP stream: 0.244401000 seconds]
[Time since previous frame in this TCP stream: 0.000275000 seconds]
[SEQ/ACK analysis]
TCP payload (481 bytes)
Hypertext Transfer Protocol
GET /wireshark-labs/INTRO-wireshark-file1.html HTTP/1.1\r\n
[Expert Info (Chat/Sequence): GET /wireshark-labs/INTRO-wireshark-file1.html HTTP/1.1\r\n]
[GET /wireshark-labs/INTRO-wireshark-file1.html HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: /wireshark-labs/INTRO-wireshark-file1.html
Request Version: HTTP/1.1
Host: gaia.cs.umass.edu\r\n
Connection: keep-alive\r\n
DNT: 1\r\n
Upgrade-Insecure-Requests: 1\r\n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-
exchange;v=b3;q=0.7\r\n
Accept-Encoding: gzip, deflate\r\n
Accept-Language: en-IN,en;q=0.9\r\n
\r\n
[Full request URI: http://gaia.cs.umass.edu/wireshark-labs/INTRO-wireshark-file1.html]
[HTTP request 1/1]
[Response in frame: 33692]
No. Time Source Destination Protocol Length Info
33692 18:03:24.021556 128.119.245.12 10.7.26.4 HTTP 492 HTTP/1.1 200 OK (text/html)
Frame 33692: 492 bytes on wire (3936 bits), 492 bytes captured (3936 bits) on interface \Device\NPF_{55BAA451-B3D8-4539-B44B-6038FB16E743}, id
0
Ethernet II, Src: JuniperNetwo_a1:85:01 (dc:38:e1:a1:85:01), Dst: CloudNetwork_4c:90:cb (14:ac:60:4c:90:cb)
Internet Protocol Version 4, Src: 128.119.245.12, Dst: 10.7.26.4
Transmission Control Protocol, Src Port: 80, Dst Port: 53194, Seq: 1, Ack: 482, Len: 438
Source Port: 80
Destination Port: 53194
[Stream index: 119]
[Conversation completeness: Complete, WITH_DATA (31)]
[TCP Segment Len: 438]
Sequence Number: 1 (relative sequence number)
Sequence Number (raw): 1004776144
[Next Sequence Number: 439 (relative sequence number)]
Acknowledgment Number: 482 (relative ack number)
Acknowledgment number (raw): 3100998675
0101 .... = Header Length: 20 bytes (5)
Flags: 0x018 (PSH, ACK)
Window: 237
[Calculated window size: 30336]
[Window size scaling factor: 128]
Checksum: 0xfaca [unverified]
[Checksum Status: Unverified]
Urgent Pointer: 0
[Timestamps]
[Time since first frame in this TCP stream: 0.551824000 seconds]
[Time since previous frame in this TCP stream: 0.304438000 seconds]
[SEQ/ACK analysis]
C:\Users\SHIVAN~1\AppData\Local\Temp\wireshark_Wi-FiVE7TM2.pcapng 35748 total packets, 20 shown

TCP payload (438 bytes)


Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n]
[HTTP/1.1 200 OK\r\n]
[Severity level: Chat]
[Group: Sequence]
Response Version: HTTP/1.1
Status Code: 200
[Status Code Description: OK]
Response Phrase: OK
Date: Sun, 21 Apr 2024 12:33:23 GMT\r\n
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 mod_perl/2.0.11 Perl/v5.16.3\r\n
Last-Modified: Sun, 21 Apr 2024 05:59:01 GMT\r\n
ETag: "51-61695047b6d92"\r\n
Accept-Ranges: bytes\r\n
Content-Length: 81\r\n
Keep-Alive: timeout=5, max=100\r\n
Connection: Keep-Alive\r\n
Content-Type: text/html; charset=UTF-8\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.307423000 seconds]
[Request in frame: 33578]
[Request URI: http://gaia.cs.umass.edu/wireshark-labs/INTRO-wireshark-file1.html]
File Data: 81 bytes
Line-based text data: text/html (3 lines)

You might also like