I did enough research and failed to find a conclusive answer(version 1.12.7).
My local server is making a get call to https://hacker-news.firebaseio.com/v0/item/12345.json
when I see this packet in wireshark
I see the destination URL
as hacker-news.firebaseio.com
. My ask is simple
1) how can I see the entire URI including /v0/item/12345.json
part.
2) Why are somany dots in the following TCP stream and what does this TCP stream actually trying to say with jabbered English letters.
...........Z..d.2......j.q..n8..{."RE...wT...../.+.0.,...'.g.(.k.$...
.........j.i.h.9.8.7.6.2...*.&.......=.5.#...........@.?.>.3.2.1.0.1.-.).%
.....f.........localhost.........
.......3t......5...1..W:....".q.........m....r.>?t w..............#.................0...0..|.......%e.x.#s.0
..*.H..
.....0I1.0...U....US1.0...U.
.
Google Inc1%0#..U....Google Internet Authority G20..
151217200354Z.
161216000000Z0j1.0...U....US1.0...U...
California1.0...U...
Mountain View1.0...U.
..{.<...[L.......V..7.`?Yb.oF.z.....aC#..FtqyG0..p....-s...........d0.pe....3....5s.....T..y.F.I..w{.zX!...ou.db..j
<..+......y.]..`.{V ..q..z"P<T.,<.}..
..........._j.B.*F.\.0 gJa.E..........V).-z...][email protected]!n......<......`...........>....:Q
And description
244 19.329480000 sapy hacker-news.firebaseio.com TCP 435 47965→https [PSH, ACK] Seq=471 Ack=3948 Win=40576 Len=369 TSval=20106775 TSecr=4020547278 hacker-news.firebaseio.com 244
The problem is that you are using https. That means that the only informations that you have directly are the peer address and the ports used. All exchanged data is encrypted, including the request itself that should be GET /v0/item/12345.json
TL/DR: you cannot. That is one of the goals of the https protocol: wireshark acts as a man in the middle and https protects your privacy.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With