HTTP – axiom0510의 블로그

글 목록

HTTP

December 7, 2025

The Basic HTTP GET/response interaction

브라우저로 http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html로 HTTP 요청을 보내봅니다.

0000   60 29 d5 41 ac 08 8c b8 7e db 15 05 08 00 45 00   `).A....~.....E.
0010   02 12 b5 c1 40 00 80 06 00 00 ac 1e 01 12 80 77   ....@..........w
0020   f5 0c d5 16 00 50 73 4d b7 fb 26 31 c0 a9 50 18   .....PsM..&1..P.
0030   00 ff 24 b9 00 00 47 45 54 20 2f 77 69 72 65 73   ..$...GET /wires
0040   68 61 72 6b 2d 6c 61 62 73 2f 48 54 54 50 2d 77   hark-labs/HTTP-w
0050   69 72 65 73 68 61 72 6b 2d 66 69 6c 65 31 2e 68   ireshark-file1.h
0060   74 6d 6c 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f   tml HTTP/1.1..Ho
0070   73 74 3a 20 67 61 69 61 2e 63 73 2e 75 6d 61 73   st: gaia.cs.umas
0080   73 2e 65 64 75 0d 0a 43 6f 6e 6e 65 63 74 69 6f   s.edu..Connectio
0090   6e 3a 20 6b 65 65 70 2d 61 6c 69 76 65 0d 0a 55   n: keep-alive..U
00a0   70 67 72 61 64 65 2d 49 6e 73 65 63 75 72 65 2d   pgrade-Insecure-
00b0   52 65 71 75 65 73 74 73 3a 20 31 0d 0a 55 73 65   Requests: 1..Use
00c0   72 2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61   r-Agent: Mozilla
00d0   2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54   /5.0 (Windows NT
00e0   20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36    10.0; Win64; x6
00f0   34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35   4) AppleWebKit/5
0100   33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69   37.36 (KHTML, li
0110   6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65   ke Gecko) Chrome
0120   2f 31 34 32 2e 30 2e 30 2e 30 20 53 61 66 61 72   /142.0.0.0 Safar
0130   69 2f 35 33 37 2e 33 36 0d 0a 41 63 63 65 70 74   i/537.36..Accept
0140   3a 20 74 65 78 74 2f 68 74 6d 6c 2c 61 70 70 6c   : text/html,appl
0150   69 63 61 74 69 6f 6e 2f 78 68 74 6d 6c 2b 78 6d   ication/xhtml+xm
0160   6c 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 6d   l,application/xm
0170   6c 3b 71 3d 30 2e 39 2c 69 6d 61 67 65 2f 61 76   l;q=0.9,image/av
0180   69 66 2c 69 6d 61 67 65 2f 77 65 62 70 2c 69 6d   if,image/webp,im
0190   61 67 65 2f 61 70 6e 67 2c 2a 2f 2a 3b 71 3d 30   age/apng,*/*;q=0
01a0   2e 38 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 73   .8,application/s
01b0   69 67 6e 65 64 2d 65 78 63 68 61 6e 67 65 3b 76   igned-exchange;v
01c0   3d 62 33 3b 71 3d 30 2e 37 0d 0a 41 63 63 65 70   =b3;q=0.7..Accep
01d0   74 2d 45 6e 63 6f 64 69 6e 67 3a 20 67 7a 69 70   t-Encoding: gzip
01e0   2c 20 64 65 66 6c 61 74 65 0d 0a 41 63 63 65 70   , deflate..Accep
01f0   74 2d 4c 61 6e 67 75 61 67 65 3a 20 6b 6f 2c 65   t-Language: ko,e
0200   6e 2d 55 53 3b 71 3d 30 2e 39 2c 65 6e 3b 71 3d   n-US;q=0.9,en;q=
0210   30 2e 38 2c 6a 61 3b 71 3d 30 2e 37 0d 0a 0d 0a   0.8,ja;q=0.7....

0000   8c b8 7e db 15 05 60 29 d5 41 ac 08 08 00 45 00   ..~...`).A....E.
0010   02 11 4d 45 40 00 2e 06 da ed 80 77 f5 0c ac 1e   ..ME@......w....
0020   01 12 00 50 d5 16 26 31 c0 a9 73 4d b9 e5 50 18   ...P..&1..sM..P.
0030   01 f5 cc b2 00 00 48 54 54 50 2f 31 2e 31 20 32   ......HTTP/1.1 2
0040   30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 53 75 6e   00 OK..Date: Sun
0050   2c 20 30 37 20 44 65 63 20 32 30 32 35 20 30 38   , 07 Dec 2025 08
0060   3a 32 32 3a 32 34 20 47 4d 54 0d 0a 53 65 72 76   :22:24 GMT..Serv
0070   65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 36   er: Apache/2.4.6
0080   32 20 28 41 6c 6d 61 4c 69 6e 75 78 29 20 4f 70   2 (AlmaLinux) Op
0090   65 6e 53 53 4c 2f 33 2e 35 2e 31 20 6d 6f 64 5f   enSSL/3.5.1 mod_
00a0   66 63 67 69 64 2f 32 2e 33 2e 39 20 6d 6f 64 5f   fcgid/2.3.9 mod_
00b0   70 65 72 6c 2f 32 2e 30 2e 31 32 20 50 65 72 6c   perl/2.0.12 Perl
00c0   2f 76 35 2e 33 32 2e 31 0d 0a 4c 61 73 74 2d 4d   /v5.32.1..Last-M
00d0   6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 38   odified: Tue, 28
00e0   20 4f 63 74 20 32 30 32 35 20 30 35 3a 35 39 3a    Oct 2025 05:59:
00f0   30 31 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 38   01 GMT..ETag: "8
0100   30 2d 36 34 32 33 31 62 36 37 31 37 65 38 37 22   0-64231b6717e87"
0110   0d 0a 41 63 63 65 70 74 2d 52 61 6e 67 65 73 3a   ..Accept-Ranges:
0120   20 62 79 74 65 73 0d 0a 43 6f 6e 74 65 6e 74 2d    bytes..Content-
0130   4c 65 6e 67 74 68 3a 20 31 32 38 0d 0a 4b 65 65   Length: 128..Kee
0140   70 2d 41 6c 69 76 65 3a 20 74 69 6d 65 6f 75 74   p-Alive: timeout
0150   3d 35 2c 20 6d 61 78 3d 31 30 30 0d 0a 43 6f 6e   =5, max=100..Con
0160   6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c   nection: Keep-Al
0170   69 76 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70   ive..Content-Typ
0180   65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68   e: text/html; ch
0190   61 72 73 65 74 3d 55 54 46 2d 38 0d 0a 0d 0a 3c   arset=UTF-8....<
01a0   68 74 6d 6c 3e 0a 43 6f 6e 67 72 61 74 75 6c 61   html>.Congratula
01b0   74 69 6f 6e 73 2e 20 20 59 6f 75 27 76 65 20 64   tions.  You've d
01c0   6f 77 6e 6c 6f 61 64 65 64 20 74 68 65 20 66 69   ownloaded the fi
01d0   6c 65 20 0a 68 74 74 70 3a 2f 2f 67 61 69 61 2e   le .http://gaia.
01e0   63 73 2e 75 6d 61 73 73 2e 65 64 75 2f 77 69 72   cs.umass.edu/wir
01f0   65 73 68 61 72 6b 2d 6c 61 62 73 2f 48 54 54 50   eshark-labs/HTTP
0200   2d 77 69 72 65 73 68 61 72 6b 2d 66 69 6c 65 31   -wireshark-file1
0210   2e 68 74 6d 6c 21 0a 3c 2f 68 74 6d 6c 3e 0a      .html!.</html>.

Is your browser running HTTP version 1.0, 1.1, or 2? What version of HTTP is the server running?

브라우저는 HTTP 1.1로 요청했고, 서버도 HTTP 1.1로 응답했습니다. 서버는 HTTP 1.1을 지원하는 서버일 것입니다.
What languages (if any) does your browser indicate that it can accept to the server?
```
Accept-Language: ko,en-US;q=0.9,en;q=0.8,ja;q=0.7\r\n
```
브라우저가 보낸 HTTP 헤더에서 이 부분을 확인할 수 있습니다. 뒤에 붙은건 무슨 의미인지 모르겠지만 한글과 영어를 받을 수 있다고 전달한 것 같습니다.
What is the IP address of your computer? What is the IP address of the gaia.cs.umass.edu server?
```
Source Address: 172.30.1.18
Destination Address: 128.119.245.12
```
HTTP Message에서 서버와 클라이언트의 IP를 알 수 없습니다. 따라서 IP protocol의 헤더를 확인합니다.
What is the status code returned from the server to your browser?

HTTP Status code 200 OK가 반환되었습니다.
When was the HTML file that you are retrieving last modified at the server?
```
Last-Modified: Tue, 28 Oct 2025 05:59:01 GMT\r\n
```
응답 받은 HTTP Message의 헤더에서 Last-Modified를 확인할 수 있습니다.
How many bytes of content are being returned to your browser?
```
Content-Length: 128\r\n
```
Content-Length header는 바이트 단위입니다. 콘텐츠의 크기는 128바이트입니다.
By inspecting the raw data in the packet content window, do you see any headers within the data that are not displayed in the packet-listing window? If so, name one

보낸 메시지나 받은 메시지에 어떠한 HTTP 헤더도 packet-listing window에 표시되지 않는 것은 없었습니다.

The HTTP CONDITIONAL GET/response interaction

브라우저로 http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file2.html로 HTTP 요청을 보내봅니다. 그리고 페이지가 로드된 이후에 새로고침해서 총 두 번 요청을 보내봅니다.

0000   60 29 d5 41 ac 08 8c b8 7e db 15 05 08 00 45 00   `).A....~.....E.
0010   02 12 b5 e9 40 00 80 06 00 00 ac 1e 01 12 80 77   ....@..........w
0020   f5 0c df 46 00 50 11 b4 1c d4 25 7d fa 55 50 18   ...F.P....%}.UP.
0030   00 ff 24 b9 00 00 47 45 54 20 2f 77 69 72 65 73   ..$...GET /wires
0040   68 61 72 6b 2d 6c 61 62 73 2f 48 54 54 50 2d 77   hark-labs/HTTP-w
0050   69 72 65 73 68 61 72 6b 2d 66 69 6c 65 32 2e 68   ireshark-file2.h
0060   74 6d 6c 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f   tml HTTP/1.1..Ho
0070   73 74 3a 20 67 61 69 61 2e 63 73 2e 75 6d 61 73   st: gaia.cs.umas
0080   73 2e 65 64 75 0d 0a 43 6f 6e 6e 65 63 74 69 6f   s.edu..Connectio
0090   6e 3a 20 6b 65 65 70 2d 61 6c 69 76 65 0d 0a 55   n: keep-alive..U
00a0   70 67 72 61 64 65 2d 49 6e 73 65 63 75 72 65 2d   pgrade-Insecure-
00b0   52 65 71 75 65 73 74 73 3a 20 31 0d 0a 55 73 65   Requests: 1..Use
00c0   72 2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61   r-Agent: Mozilla
00d0   2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54   /5.0 (Windows NT
00e0   20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36    10.0; Win64; x6
00f0   34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35   4) AppleWebKit/5
0100   33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69   37.36 (KHTML, li
0110   6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65   ke Gecko) Chrome
0120   2f 31 34 32 2e 30 2e 30 2e 30 20 53 61 66 61 72   /142.0.0.0 Safar
0130   69 2f 35 33 37 2e 33 36 0d 0a 41 63 63 65 70 74   i/537.36..Accept
0140   3a 20 74 65 78 74 2f 68 74 6d 6c 2c 61 70 70 6c   : text/html,appl
0150   69 63 61 74 69 6f 6e 2f 78 68 74 6d 6c 2b 78 6d   ication/xhtml+xm
0160   6c 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 6d   l,application/xm
0170   6c 3b 71 3d 30 2e 39 2c 69 6d 61 67 65 2f 61 76   l;q=0.9,image/av
0180   69 66 2c 69 6d 61 67 65 2f 77 65 62 70 2c 69 6d   if,image/webp,im
0190   61 67 65 2f 61 70 6e 67 2c 2a 2f 2a 3b 71 3d 30   age/apng,*/*;q=0
01a0   2e 38 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 73   .8,application/s
01b0   69 67 6e 65 64 2d 65 78 63 68 61 6e 67 65 3b 76   igned-exchange;v
01c0   3d 62 33 3b 71 3d 30 2e 37 0d 0a 41 63 63 65 70   =b3;q=0.7..Accep
01d0   74 2d 45 6e 63 6f 64 69 6e 67 3a 20 67 7a 69 70   t-Encoding: gzip
01e0   2c 20 64 65 66 6c 61 74 65 0d 0a 41 63 63 65 70   , deflate..Accep
01f0   74 2d 4c 61 6e 67 75 61 67 65 3a 20 6b 6f 2c 65   t-Language: ko,e
0200   6e 2d 55 53 3b 71 3d 30 2e 39 2c 65 6e 3b 71 3d   n-US;q=0.9,en;q=
0210   30 2e 38 2c 6a 61 3b 71 3d 30 2e 37 0d 0a 0d 0a   0.8,ja;q=0.7....

0000   8c b8 7e db 15 05 60 29 d5 41 ac 08 08 00 45 00   ..~...`).A....E.
0010   03 05 60 87 40 00 2d 06 c7 b7 80 77 f5 0c ac 1e   ..`.@.-....w....
0020   01 12 00 50 df 46 25 7d fa 55 11 b4 1e be 50 18   ...P.F%}.U....P.
0030   01 f5 40 a6 00 00 48 54 54 50 2f 31 2e 31 20 32   ..@...HTTP/1.1 2
0040   30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 53 75 6e   00 OK..Date: Sun
0050   2c 20 30 37 20 44 65 63 20 32 30 32 35 20 30 38   , 07 Dec 2025 08
0060   3a 33 38 3a 30 36 20 47 4d 54 0d 0a 53 65 72 76   :38:06 GMT..Serv
0070   65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 36   er: Apache/2.4.6
0080   32 20 28 41 6c 6d 61 4c 69 6e 75 78 29 20 4f 70   2 (AlmaLinux) Op
0090   65 6e 53 53 4c 2f 33 2e 35 2e 31 20 6d 6f 64 5f   enSSL/3.5.1 mod_
00a0   66 63 67 69 64 2f 32 2e 33 2e 39 20 6d 6f 64 5f   fcgid/2.3.9 mod_
00b0   70 65 72 6c 2f 32 2e 30 2e 31 32 20 50 65 72 6c   perl/2.0.12 Perl
00c0   2f 76 35 2e 33 32 2e 31 0d 0a 4c 61 73 74 2d 4d   /v5.32.1..Last-M
00d0   6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 38   odified: Tue, 28
00e0   20 4f 63 74 20 32 30 32 35 20 30 35 3a 35 39 3a    Oct 2025 05:59:
00f0   30 31 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 31   01 GMT..ETag: "1
0100   37 33 2d 36 34 32 33 31 62 36 37 31 37 36 62 37   73-64231b67176b7
0110   22 0d 0a 41 63 63 65 70 74 2d 52 61 6e 67 65 73   "..Accept-Ranges
0120   3a 20 62 79 74 65 73 0d 0a 43 6f 6e 74 65 6e 74   : bytes..Content
0130   2d 4c 65 6e 67 74 68 3a 20 33 37 31 0d 0a 4b 65   -Length: 371..Ke
0140   65 70 2d 41 6c 69 76 65 3a 20 74 69 6d 65 6f 75   ep-Alive: timeou
0150   74 3d 35 2c 20 6d 61 78 3d 31 30 30 0d 0a 43 6f   t=5, max=100..Co
0160   6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41   nnection: Keep-A
0170   6c 69 76 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79   live..Content-Ty
0180   70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b 20 63   pe: text/html; c
0190   68 61 72 73 65 74 3d 55 54 46 2d 38 0d 0a 0d 0a   harset=UTF-8....
01a0   0a 3c 68 74 6d 6c 3e 0a 0a 43 6f 6e 67 72 61 74   .<html>..Congrat
01b0   75 6c 61 74 69 6f 6e 73 20 61 67 61 69 6e 21 20   ulations again! 
01c0   20 4e 6f 77 20 79 6f 75 27 76 65 20 64 6f 77 6e    Now you've down
01d0   6c 6f 61 64 65 64 20 74 68 65 20 66 69 6c 65 20   loaded the file 
01e0   6c 61 62 32 2d 32 2e 68 74 6d 6c 2e 20 3c 62 72   lab2-2.html. <br
01f0   3e 0a 54 68 69 73 20 66 69 6c 65 27 73 20 6c 61   >.This file's la
0200   73 74 20 6d 6f 64 69 66 69 63 61 74 69 6f 6e 20   st modification 
0210   64 61 74 65 20 77 69 6c 6c 20 6e 6f 74 20 63 68   date will not ch
0220   61 6e 67 65 2e 20 20 3c 70 3e 0a 54 68 75 73 20   ange.  <p>.Thus 
0230   20 69 66 20 79 6f 75 20 64 6f 77 6e 6c 6f 61 64    if you download
0240   20 74 68 69 73 20 6d 75 6c 74 69 70 6c 65 20 74    this multiple t
0250   69 6d 65 73 20 6f 6e 20 79 6f 75 72 20 62 72 6f   imes on your bro
0260   77 73 65 72 2c 20 61 20 63 6f 6d 70 6c 65 74 65   wser, a complete
0270   20 63 6f 70 79 20 3c 62 72 3e 0a 77 69 6c 6c 20    copy <br>.will 
0280   6f 6e 6c 79 20 62 65 20 73 65 6e 74 20 6f 6e 63   only be sent onc
0290   65 20 62 79 20 74 68 65 20 73 65 72 76 65 72 20   e by the server 
02a0   64 75 65 20 74 6f 20 74 68 65 20 69 6e 63 6c 75   due to the inclu
02b0   73 69 6f 6e 20 6f 66 20 74 68 65 20 49 4e 2d 4d   sion of the IN-M
02c0   4f 44 49 46 49 45 44 2d 53 49 4e 43 45 3c 62 72   ODIFIED-SINCE<br
02d0   3e 0a 66 69 65 6c 64 20 69 6e 20 79 6f 75 72 20   >.field in your 
02e0   62 72 6f 77 73 65 72 27 73 20 48 54 54 50 20 47   browser's HTTP G
02f0   45 54 20 72 65 71 75 65 73 74 20 74 6f 20 74 68   ET request to th
0300   65 20 73 65 72 76 65 72 2e 0a 0a 3c 2f 68 74 6d   e server...</htm
0310   6c 3e 0a                                          l>.

처음 요청과 응답입니다.

0000   60 29 d5 41 ac 08 8c b8 7e db 15 05 08 00 45 00   `).A....~.....E.
0010   02 82 b5 f7 40 00 80 06 00 00 ac 1e 01 12 80 77   ....@..........w
0020   f5 0c df 46 00 50 11 b4 1e be 25 7d fd 32 50 18   ...F.P....%}.2P.
0030   00 fd 25 29 00 00 47 45 54 20 2f 77 69 72 65 73   ..%)..GET /wires
0040   68 61 72 6b 2d 6c 61 62 73 2f 48 54 54 50 2d 77   hark-labs/HTTP-w
0050   69 72 65 73 68 61 72 6b 2d 66 69 6c 65 32 2e 68   ireshark-file2.h
0060   74 6d 6c 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f   tml HTTP/1.1..Ho
0070   73 74 3a 20 67 61 69 61 2e 63 73 2e 75 6d 61 73   st: gaia.cs.umas
0080   73 2e 65 64 75 0d 0a 43 6f 6e 6e 65 63 74 69 6f   s.edu..Connectio
0090   6e 3a 20 6b 65 65 70 2d 61 6c 69 76 65 0d 0a 43   n: keep-alive..C
00a0   61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61   ache-Control: ma
00b0   78 2d 61 67 65 3d 30 0d 0a 55 70 67 72 61 64 65   x-age=0..Upgrade
00c0   2d 49 6e 73 65 63 75 72 65 2d 52 65 71 75 65 73   -Insecure-Reques
00d0   74 73 3a 20 31 0d 0a 55 73 65 72 2d 41 67 65 6e   ts: 1..User-Agen
00e0   74 3a 20 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28   t: Mozilla/5.0 (
00f0   57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b   Windows NT 10.0;
0100   20 57 69 6e 36 34 3b 20 78 36 34 29 20 41 70 70    Win64; x64) App
0110   6c 65 57 65 62 4b 69 74 2f 35 33 37 2e 33 36 20   leWebKit/537.36 
0120   28 4b 48 54 4d 4c 2c 20 6c 69 6b 65 20 47 65 63   (KHTML, like Gec
0130   6b 6f 29 20 43 68 72 6f 6d 65 2f 31 34 32 2e 30   ko) Chrome/142.0
0140   2e 30 2e 30 20 53 61 66 61 72 69 2f 35 33 37 2e   .0.0 Safari/537.
0150   33 36 0d 0a 41 63 63 65 70 74 3a 20 74 65 78 74   36..Accept: text
0160   2f 68 74 6d 6c 2c 61 70 70 6c 69 63 61 74 69 6f   /html,applicatio
0170   6e 2f 78 68 74 6d 6c 2b 78 6d 6c 2c 61 70 70 6c   n/xhtml+xml,appl
0180   69 63 61 74 69 6f 6e 2f 78 6d 6c 3b 71 3d 30 2e   ication/xml;q=0.
0190   39 2c 69 6d 61 67 65 2f 61 76 69 66 2c 69 6d 61   9,image/avif,ima
01a0   67 65 2f 77 65 62 70 2c 69 6d 61 67 65 2f 61 70   ge/webp,image/ap
01b0   6e 67 2c 2a 2f 2a 3b 71 3d 30 2e 38 2c 61 70 70   ng,*/*;q=0.8,app
01c0   6c 69 63 61 74 69 6f 6e 2f 73 69 67 6e 65 64 2d   lication/signed-
01d0   65 78 63 68 61 6e 67 65 3b 76 3d 62 33 3b 71 3d   exchange;v=b3;q=
01e0   30 2e 37 0d 0a 41 63 63 65 70 74 2d 45 6e 63 6f   0.7..Accept-Enco
01f0   64 69 6e 67 3a 20 67 7a 69 70 2c 20 64 65 66 6c   ding: gzip, defl
0200   61 74 65 0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67   ate..Accept-Lang
0210   75 61 67 65 3a 20 6b 6f 2c 65 6e 2d 55 53 3b 71   uage: ko,en-US;q
0220   3d 30 2e 39 2c 65 6e 3b 71 3d 30 2e 38 2c 6a 61   =0.9,en;q=0.8,ja
0230   3b 71 3d 30 2e 37 0d 0a 49 66 2d 4e 6f 6e 65 2d   ;q=0.7..If-None-
0240   4d 61 74 63 68 3a 20 22 31 37 33 2d 36 34 32 33   Match: "173-6423
0250   31 62 36 37 31 37 36 62 37 22 0d 0a 49 66 2d 4d   1b67176b7"..If-M
0260   6f 64 69 66 69 65 64 2d 53 69 6e 63 65 3a 20 54   odified-Since: T
0270   75 65 2c 20 32 38 20 4f 63 74 20 32 30 32 35 20   ue, 28 Oct 2025 
0280   30 35 3a 35 39 3a 30 31 20 47 4d 54 0d 0a 0d 0a   05:59:01 GMT....

0000   8c b8 7e db 15 05 60 29 d5 41 ac 08 08 00 45 00   ..~...`).A....E.
0010   01 5e 60 88 40 00 2d 06 c9 5d 80 77 f5 0c ac 1e   .^`.@.-..].w....
0020   01 12 00 50 df 46 25 7d fd 32 11 b4 21 18 50 18   ...P.F%}.2..!.P.
0030   01 f1 e4 cd 00 00 48 54 54 50 2f 31 2e 31 20 33   ......HTTP/1.1 3
0040   30 34 20 4e 6f 74 20 4d 6f 64 69 66 69 65 64 0d   04 Not Modified.
0050   0a 44 61 74 65 3a 20 53 75 6e 2c 20 30 37 20 44   .Date: Sun, 07 D
0060   65 63 20 32 30 32 35 20 30 38 3a 33 38 3a 30 39   ec 2025 08:38:09
0070   20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70    GMT..Server: Ap
0080   61 63 68 65 2f 32 2e 34 2e 36 32 20 28 41 6c 6d   ache/2.4.62 (Alm
0090   61 4c 69 6e 75 78 29 20 4f 70 65 6e 53 53 4c 2f   aLinux) OpenSSL/
00a0   33 2e 35 2e 31 20 6d 6f 64 5f 66 63 67 69 64 2f   3.5.1 mod_fcgid/
00b0   32 2e 33 2e 39 20 6d 6f 64 5f 70 65 72 6c 2f 32   2.3.9 mod_perl/2
00c0   2e 30 2e 31 32 20 50 65 72 6c 2f 76 35 2e 33 32   .0.12 Perl/v5.32
00d0   2e 31 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65   .1..Last-Modifie
00e0   64 3a 20 54 75 65 2c 20 32 38 20 4f 63 74 20 32   d: Tue, 28 Oct 2
00f0   30 32 35 20 30 35 3a 35 39 3a 30 31 20 47 4d 54   025 05:59:01 GMT
0100   0d 0a 45 54 61 67 3a 20 22 31 37 33 2d 36 34 32   ..ETag: "173-642
0110   33 31 62 36 37 31 37 36 62 37 22 0d 0a 41 63 63   31b67176b7"..Acc
0120   65 70 74 2d 52 61 6e 67 65 73 3a 20 62 79 74 65   ept-Ranges: byte
0130   73 0d 0a 4b 65 65 70 2d 41 6c 69 76 65 3a 20 74   s..Keep-Alive: t
0140   69 6d 65 6f 75 74 3d 35 2c 20 6d 61 78 3d 39 39   imeout=5, max=99
0150   0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65   ..Connection: Ke
0160   65 70 2d 41 6c 69 76 65 0d 0a 0d 0a               ep-Alive....

두 번째 요청과 응답입니다. 특이하게 응답 Message가 304 Not Modified로 응답하였고 바디가 없습니다.

Inspect the contents of the first HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE” line in the HTTP GET?

첫 번째 HTTP GET 요청에는 IF-MODIFIED-SINCE가 없습니다.
Inspect the contents of the server response. Did the server explicitly return the contents of the file? How can you tell?

첫 번째 요청에는 content를 응답하였지만 두 번째는 content가 없습니다.
Now inspect the contents of the second HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information follows the “IF-MODIFIED-SINCE:” header?
```
If-Modified-Since: Tue, 28 Oct 2025 05:59:01 GMT\r\n
```
첫 번째 요청에 대한 응답에 Last modified 헤더가 있다면 이를 받아서 브라우저가 저장한 이후에, 브라우저가 그 다음부터 요청을 보낼때는 IF-MODIFIED-SINCE:에 해당 값을 넣어서 보내는 것 같습니다. 그리고 서버는 그 값을 보고 304로 응답할 수도 있는 것 같습니다.
What is the HTTP status code and phrase returned from the server in response to this second HTTP GET? Did the server explicitly return the contents of the file? Explain.

304 Not Modified로 응답하였고 content 파일이 없습니다.

Retrieving Long Documents

브라우저로 http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file3.html로 HTTP 요청을 보내봅니다. 아주 긴 페이지입니다.

관련된 TCP 요청도 확인하기 위해서 tcp.stream eq 19로 검색합니다.

No.	Time	Source	Destination	Protocol	Length	Info
1063	53.349090	172.30.1.18	128.119.245.12	TCP	66	54066 → 80 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=256 SACK_PERM
1177	53.609631	128.119.245.12	172.30.1.18	TCP	66	80 → 54066 [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460 WS=128
1185	53.609821	172.30.1.18	128.119.245.12	TCP	54	54066 → 80 [ACK] Seq=1 Ack=1 Win=65280 Len=0
1193	53.610374	172.30.1.18	128.119.245.12	HTTP	544	GET /wireshark-labs/HTTP-wireshark-file3.html HTTP/1.1
1217	53.857809	128.119.245.12	172.30.1.18	TCP	54	80 → 54066 [ACK] Seq=1 Ack=491 Win=64128 Len=0
1218	53.857809	128.119.245.12	172.30.1.18	TCP	1514	80 → 54066 [ACK] Seq=1 Ack=491 Win=64128 Len=1460 [Reassembled]
1219	53.857809	128.119.245.12	172.30.1.18	TCP	1514	80 → 54066 [PSH, ACK] Seq=1461 Ack=491 Win=64128 Len=1460 [Reassembled]
1220	53.857809	128.119.245.12	172.30.1.18	TCP	1514	80 → 54066 [ACK] Seq=2921 Ack=491 Win=64128 Len=1460 [Reassembled]
1221	53.857899	172.30.1.18	128.119.245.12	TCP	54	54066 → 80 [ACK] Seq=491 Ack=4381 Win=65280 Len=0
1222	53.859058	128.119.245.12	172.30.1.18	HTTP	538	HTTP/1.1 200 OK (text/html)
1223	53.859103	172.30.1.18	128.119.245.12	TCP	54	54066 → 80 [ACK] Seq=491 Ack=4865 Win=65024 Len=0
1723	58.862393	128.119.245.12	172.30.1.18	TCP	54	80 → 54066 [FIN, ACK] Seq=4865 Ack=491 Win=64128 Len=0
1724	58.862454	172.30.1.18	128.119.245.12	TCP	54	54066 → 80 [ACK] Seq=491 Ack=4866 Win=65024 Len=0
2885	103.876632	172.30.1.18	128.119.245.12	TCP	55	[TCP Keep-Alive] 54066 → 80 [ACK] Seq=490 Ack=4866 Win=65024 Len=1
2886	104.087870	128.119.245.12	172.30.1.18	TCP	54	[TCP Keep-Alive ACK] 80 → 54066 Seq=4866 Ack=491 Win=64128 Len=0
3529	149.099234	172.30.1.18	128.119.245.12	TCP	55	[TCP Keep-Alive] 54066 → 80 [ACK] Seq=490 Ack=4866 Win=65024 Len=1
3530	149.293611	128.119.245.12	172.30.1.18	TCP	54	80 → 54066 [RST] Seq=4866 Win=0 Len=0

처음 세 개의 TCP는 3 way handshake를 보여주고 있습니다. 여러 TCP Segment로 나눠서 문서가 도착하고 있습니다.

물론 HTTP Message 입장에서는 커다란 응답이 오는 것처럼 보입니다. TCP 레벨에서 Segment로 나눠서 모두 합쳐서 Message를 구성하기 때문일 것입니다.

How many HTTP GET request messages did your browser send? Which packet number in the trace contains the GET message for the Bill or Rights?

HTTP GET 요청은 한 번만 했습니다. 브라우저가 나눠서 보내지 않습니다. 브라우저의 역할은 HTTP 요청을 보내는 것이고, 아래 Layer인 TCP가 혼잡 제어의 일환으로 Segment로 나눠서 보내는 것입니다.

0000   60 29 d5 41 ac 08 8c b8 7e db 15 05 08 00 45 00   `).A....~.....E.
0010   02 12 b6 0c 40 00 80 06 00 00 ac 1e 01 12 80 77   ....@..........w
0020   f5 0c d3 32 00 50 01 dc 6e 70 bd 31 9a e9 50 18   ...2.P..np.1..P.
0030   00 ff 24 b9 00 00 47 45 54 20 2f 77 69 72 65 73   ..$...GET /wires
0040   68 61 72 6b 2d 6c 61 62 73 2f 48 54 54 50 2d 77   hark-labs/HTTP-w
0050   69 72 65 73 68 61 72 6b 2d 66 69 6c 65 33 2e 68   ireshark-file3.h
0060   74 6d 6c 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f   tml HTTP/1.1..Ho
0070   73 74 3a 20 67 61 69 61 2e 63 73 2e 75 6d 61 73   st: gaia.cs.umas
0080   73 2e 65 64 75 0d 0a 43 6f 6e 6e 65 63 74 69 6f   s.edu..Connectio
0090   6e 3a 20 6b 65 65 70 2d 61 6c 69 76 65 0d 0a 55   n: keep-alive..U
00a0   70 67 72 61 64 65 2d 49 6e 73 65 63 75 72 65 2d   pgrade-Insecure-
00b0   52 65 71 75 65 73 74 73 3a 20 31 0d 0a 55 73 65   Requests: 1..Use
00c0   72 2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61   r-Agent: Mozilla
00d0   2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54   /5.0 (Windows NT
00e0   20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36    10.0; Win64; x6
00f0   34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35   4) AppleWebKit/5
0100   33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69   37.36 (KHTML, li
0110   6b 65 20 47 65 63 6b 6f 29 20 43 68 72 6f 6d 65   ke Gecko) Chrome
0120   2f 31 34 32 2e 30 2e 30 2e 30 20 53 61 66 61 72   /142.0.0.0 Safar
0130   69 2f 35 33 37 2e 33 36 0d 0a 41 63 63 65 70 74   i/537.36..Accept
0140   3a 20 74 65 78 74 2f 68 74 6d 6c 2c 61 70 70 6c   : text/html,appl
0150   69 63 61 74 69 6f 6e 2f 78 68 74 6d 6c 2b 78 6d   ication/xhtml+xm
0160   6c 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 6d   l,application/xm
0170   6c 3b 71 3d 30 2e 39 2c 69 6d 61 67 65 2f 61 76   l;q=0.9,image/av
0180   69 66 2c 69 6d 61 67 65 2f 77 65 62 70 2c 69 6d   if,image/webp,im
0190   61 67 65 2f 61 70 6e 67 2c 2a 2f 2a 3b 71 3d 30   age/apng,*/*;q=0
01a0   2e 38 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 73   .8,application/s
01b0   69 67 6e 65 64 2d 65 78 63 68 61 6e 67 65 3b 76   igned-exchange;v
01c0   3d 62 33 3b 71 3d 30 2e 37 0d 0a 41 63 63 65 70   =b3;q=0.7..Accep
01d0   74 2d 45 6e 63 6f 64 69 6e 67 3a 20 67 7a 69 70   t-Encoding: gzip
01e0   2c 20 64 65 66 6c 61 74 65 0d 0a 41 63 63 65 70   , deflate..Accep
01f0   74 2d 4c 61 6e 67 75 61 67 65 3a 20 6b 6f 2c 65   t-Language: ko,e
0200   6e 2d 55 53 3b 71 3d 30 2e 39 2c 65 6e 3b 71 3d   n-US;q=0.9,en;q=
0210   30 2e 38 2c 6a 61 3b 71 3d 30 2e 37 0d 0a 0d 0a   0.8,ja;q=0.7....

Which packet number in the trace contains the status code and phrase associated with the response to the HTTP GET request?

1218 TCP Segment가 status code와 phrase를 담고 있습니다. 나머지 부분은 다른 TCP Segment에 담겨있습니다.

0000   8c b8 7e db 15 05 60 29 d5 41 ac 08 08 00 45 00   ..~...`).A....E.
0010   05 dc 81 ed 40 00 2d 06 a3 7a 80 77 f5 0c ac 1e   ....@.-..z.w....
0020   01 12 00 50 d3 32 bd 31 9a e9 01 dc 70 5a 50 10   ...P.2.1....pZP.
0030   01 f5 9b ec 00 00 48 54 54 50 2f 31 2e 31 20 32   ......HTTP/1.1 2
0040   30 30 20 4f 4b 0d 0a 44 61 74 65 3a 20 53 75 6e   00 OK..Date: Sun
0050   2c 20 30 37 20 44 65 63 20 32 30 32 35 20 30 38   , 07 Dec 2025 08
0060   3a 35 32 3a 31 31 20 47 4d 54 0d 0a 53 65 72 76   :52:11 GMT..Serv
0070   65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 36   er: Apache/2.4.6
0080   32 20 28 41 6c 6d 61 4c 69 6e 75 78 29 20 4f 70   2 (AlmaLinux) Op
0090   65 6e 53 53 4c 2f 33 2e 35 2e 31 20 6d 6f 64 5f   enSSL/3.5.1 mod_
00a0   66 63 67 69 64 2f 32 2e 33 2e 39 20 6d 6f 64 5f   fcgid/2.3.9 mod_
00b0   70 65 72 6c 2f 32 2e 30 2e 31 32 20 50 65 72 6c   perl/2.0.12 Perl
00c0   2f 76 35 2e 33 32 2e 31 0d 0a 4c 61 73 74 2d 4d   /v5.32.1..Last-M
00d0   6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 38   odified: Tue, 28
00e0   20 4f 63 74 20 32 30 32 35 20 30 35 3a 35 39 3a    Oct 2025 05:59:
00f0   30 31 20 47 4d 54 0d 0a 45 54 61 67 3a 20 22 31   01 GMT..ETag: "1
0100   31 39 34 2d 36 34 32 33 31 62 36 37 31 33 63 31   194-64231b6713c1
0110   66 22 0d 0a 41 63 63 65 70 74 2d 52 61 6e 67 65   f"..Accept-Range
0120   73 3a 20 62 79 74 65 73 0d 0a 43 6f 6e 74 65 6e   s: bytes..Conten
0130   74 2d 4c 65 6e 67 74 68 3a 20 34 35 30 30 0d 0a   t-Length: 4500..
0140   4b 65 65 70 2d 41 6c 69 76 65 3a 20 74 69 6d 65   Keep-Alive: time
0150   6f 75 74 3d 35 2c 20 6d 61 78 3d 31 30 30 0d 0a   out=5, max=100..
0160   43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70   Connection: Keep
0170   2d 41 6c 69 76 65 0d 0a 43 6f 6e 74 65 6e 74 2d   -Alive..Content-
0180   54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 3b   Type: text/html;
0190   20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 0d 0a    charset=UTF-8..
01a0   0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 0a   ..<html><head> .
01b0   3c 74 69 74 6c 65 3e 48 69 73 74 6f 72 69 63 61   <title>Historica
01c0   6c 20 44 6f 63 75 6d 65 6e 74 73 3a 54 48 45 20   l Documents:THE 
01d0   42 49 4c 4c 20 4f 46 20 52 49 47 48 54 53 3c 2f   BILL OF RIGHTS</
01e0   74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 0a 0a   title></head>...
01f0   3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23   <body bgcolor="#
0200   66 66 66 66 66 66 22 20 6c 69 6e 6b 3d 22 23 33   ffffff" link="#3
0210   33 30 30 30 30 22 20 76 6c 69 6e 6b 3d 22 23 36   30000" vlink="#6
0220   36 36 36 33 33 22 3e 0a 3c 70 3e 3c 62 72 3e 0a   66633">.<p><br>.
0230   3c 2f 70 3e 0a 3c 70 3e 3c 2f 70 3e 3c 63 65 6e   </p>.<p></p><cen
0240   74 65 72 3e 3c 62 3e 54 48 45 20 42 49 4c 4c 20   ter><b>THE BILL 
0250   4f 46 20 52 49 47 48 54 53 3c 2f 62 3e 3c 62 72   OF RIGHTS</b><br
0260   3e 0a 20 20 3c 65 6d 3e 41 6d 65 6e 64 6d 65 6e   >.  <em>Amendmen
0270   74 73 20 31 2d 31 30 20 6f 66 20 74 68 65 20 43   ts 1-10 of the C
0280   6f 6e 73 74 69 74 75 74 69 6f 6e 3c 2f 65 6d 3e   onstitution</em>
0290   0a 3c 2f 63 65 6e 74 65 72 3e 0a 0a 3c 70 3e 54   .</center>..<p>T
02a0   68 65 20 43 6f 6e 76 65 6e 74 69 6f 6e 73 20 6f   he Conventions o
02b0   66 20 61 20 6e 75 6d 62 65 72 20 6f 66 20 74 68   f a number of th
02c0   65 20 53 74 61 74 65 73 20 68 61 76 69 6e 67 2c   e States having,
02d0   20 61 74 20 74 68 65 20 74 69 6d 65 20 6f 66 20    at the time of 
02e0   61 64 6f 70 74 69 6e 67 0a 74 68 65 20 43 6f 6e   adopting.the Con
02f0   73 74 69 74 75 74 69 6f 6e 2c 20 65 78 70 72 65   stitution, expre
0300   73 73 65 64 20 61 20 64 65 73 69 72 65 2c 20 69   ssed a desire, i
0310   6e 20 6f 72 64 65 72 20 74 6f 20 70 72 65 76 65   n order to preve
0320   6e 74 20 6d 69 73 63 6f 6e 73 74 72 75 63 74 69   nt misconstructi
0330   6f 6e 0a 6f 72 20 61 62 75 73 65 20 6f 66 20 69   on.or abuse of i
0340   74 73 20 70 6f 77 65 72 73 2c 20 74 68 61 74 20   ts powers, that 
0350   66 75 72 74 68 65 72 20 64 65 63 6c 61 72 61 74   further declarat
0360   6f 72 79 20 61 6e 64 20 72 65 73 74 72 69 63 74   ory and restrict
0370   69 76 65 20 63 6c 61 75 73 65 73 0a 73 68 6f 75   ive clauses.shou
0380   6c 64 20 62 65 20 61 64 64 65 64 2c 20 61 6e 64   ld be added, and
0390   20 61 73 20 65 78 74 65 6e 64 69 6e 67 20 74 68    as extending th
03a0   65 20 67 72 6f 75 6e 64 20 6f 66 20 70 75 62 6c   e ground of publ
03b0   69 63 20 63 6f 6e 66 69 64 65 6e 63 65 20 69 6e   ic confidence in
03c0   20 74 68 65 0a 47 6f 76 65 72 6e 6d 65 6e 74 20    the.Government 
03d0   77 69 6c 6c 20 62 65 73 74 20 69 6e 73 75 72 65   will best insure
03e0   20 74 68 65 20 62 65 6e 65 66 69 63 65 6e 74 20    the beneficent 
03f0   65 6e 64 73 20 6f 66 20 69 74 73 20 69 6e 73 74   ends of its inst
0400   69 74 75 74 69 6f 6e 3b 20 3c 2f 70 3e 3c 70 3e   itution; </p><p>
0410   20 20 52 65 73 6f 6c 76 65 64 2c 20 62 79 20 74     Resolved, by t
0420   68 65 20 53 65 6e 61 74 65 20 61 6e 64 20 48 6f   he Senate and Ho
0430   75 73 65 20 6f 66 20 52 65 70 72 65 73 65 6e 74   use of Represent
0440   61 74 69 76 65 73 20 6f 66 20 74 68 65 20 55 6e   atives of the Un
0450   69 74 65 64 0a 53 74 61 74 65 73 20 6f 66 20 41   ited.States of A
0460   6d 65 72 69 63 61 2c 20 69 6e 20 43 6f 6e 67 72   merica, in Congr
0470   65 73 73 20 61 73 73 65 6d 62 6c 65 64 2c 20 74   ess assembled, t
0480   77 6f 2d 74 68 69 72 64 73 20 6f 66 20 62 6f 74   wo-thirds of bot
0490   68 20 48 6f 75 73 65 73 20 63 6f 6e 63 75 72 72   h Houses concurr
04a0   69 6e 67 2c 0a 74 68 61 74 20 74 68 65 20 66 6f   ing,.that the fo
04b0   6c 6c 6f 77 69 6e 67 20 61 72 74 69 63 6c 65 73   llowing articles
04c0   20 62 65 20 70 72 6f 70 6f 73 65 64 20 74 6f 20    be proposed to 
04d0   74 68 65 20 4c 65 67 69 73 6c 61 74 75 72 65 73   the Legislatures
04e0   20 6f 66 20 74 68 65 20 73 65 76 65 72 61 6c 0a    of the several.
04f0   53 74 61 74 65 73 2c 20 61 73 20 61 6d 65 6e 64   States, as amend
0500   6d 65 6e 74 73 20 74 6f 20 74 68 65 20 43 6f 6e   ments to the Con
0510   73 74 69 74 75 74 69 6f 6e 20 6f 66 20 74 68 65   stitution of the
0520   20 55 6e 69 74 65 64 20 53 74 61 74 65 73 3b 20    United States; 
0530   61 6c 6c 20 6f 72 20 61 6e 79 0a 6f 66 20 77 68   all or any.of wh
0540   69 63 68 20 61 72 74 69 63 6c 65 73 2c 20 77 68   ich articles, wh
0550   65 6e 20 72 61 74 69 66 69 65 64 20 62 79 20 74   en ratified by t
0560   68 72 65 65 2d 66 6f 75 72 74 68 73 20 6f 66 20   hree-fourths of 
0570   74 68 65 20 73 61 69 64 20 4c 65 67 69 73 6c 61   the said Legisla
0580   74 75 72 65 73 2c 0a 74 6f 20 62 65 20 76 61 6c   tures,.to be val
0590   69 64 20 74 6f 20 61 6c 6c 20 69 6e 74 65 6e 74   id to all intent
05a0   73 20 61 6e 64 20 70 75 72 70 6f 73 65 73 20 61   s and purposes a
05b0   73 20 70 61 72 74 20 6f 66 20 74 68 65 20 73 61   s part of the sa
05c0   69 64 20 43 6f 6e 73 74 69 74 75 74 69 6f 6e 2c   id Constitution,
05d0   0a 6e 61 6d 65 6c 79 3a 20 20 20 20 3c 2f 70 3e   .namely:    </p>
05e0   3c 70 3e 3c 61 20 6e 61 6d 65                     <p><a name

“namely:” 까지만 TCP Payload로 포함되어 있습니다.

What is the status code and phrase in the response?

200 OK입니다.
How many data-containing TCP segments were needed to carry the single HTTP response and the text of the Bill of Rights?

총 4개(1218, 1219, 1220, 1222)의 TCP Segment에 담겨있습니다.

HTML Documents with Embedded Objects

No.	Time	Source	Destination	Protocol	Length	Info
88	2.575177	192.168.100.16	128.119.245.12	HTTP	587	GET /wireshark-labs/HTTP-wireshark-file4.html HTTP/1.1
92	2.779376	128.119.245.12	192.168.100.16	HTTP	1358	HTTP/1.1 200 OK (text/html)
93	2.799847	192.168.100.16	128.119.245.12	HTTP	533	GET /pearson.png HTTP/1.1
97	3.004978	128.119.245.12	192.168.100.16	HTTP	636	HTTP/1.1 301 Moved Permanently (text/html)
103	3.099790	192.168.100.16	2.56.99.24	HTTP	500	GET /8E_cover_small.jpg HTTP/1.1
670	6.047741	2.56.99.24	192.168.100.16	HTTP	776	HTTP/1.1 200 OK (JPEG JFIF image)

(http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.html)[http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.html]에 접속합니다. 이번엔 응답 결과가 여러 object를 담고 있습니다. 브라우저는 추가적인 HTTP 요청을 통해 해당 object를 가져옵니다. /pearson.png는 같은 서버에 있는데, 301 Moved Permanently응답을 받은 이후에 https로 새로 바뀐 주소로 다시 요청했습니다. 패킷 캡쳐에는 왜 안잡히는지 모르겠습니다.

How many HTTP GET request messages did your browser send? To which Internet addresses were these GET requests sent? HTML, png, jpg 각각 한 번씩 (favicon 제외) 총 세 번 HTTP 요청을 보냈습니다. 128.119.245.12와 2.56.99.24에 보냈습니다.
Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel? Explain.

/pearson.png 에 대한 응답이 도착하기 전에 /8E_cover_small.jpg 요청을 보냈습니다. 따라서 병렬적으로 다운받고 있는 것 같습니다.

HTTP Authentication

No.	Time	Source	Destination	Protocol	Length	Info
124	5.731103	192.168.100.16	128.119.245.12	HTTP	560	GET /wireshark-labs/protected_pages/HTTP-wireshark-file5.html HTTP/1.1
128	5.931213	128.119.245.12	192.168.100.16	HTTP	774	HTTP/1.1 401 Unauthorized (text/html)
166	16.502295	192.168.100.16	128.119.245.12	HTTP	645	GET /wireshark-labs/protected_pages/HTTP-wireshark-file5.html HTTP/1.1
170	16.704232	128.119.245.12	192.168.100.16	HTTP	547	HTTP/1.1 200 OK (text/html)

(http://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html)[http://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html] 에 접속해서 Authentication을 진행합니다. HTTP 자체에서도 Authentication 방법을 정의해둔 것을 알 수 있습니다.

What is the server’s response (status code and phrase) in response to the initial HTTP GET message from your browser?

처음에 접속할 때는 401 Unauthorized로 응답하고 브라우저에서는 username과 password를 요구합니다.
When your browser’s sends the HTTP GET message for the second time, what new field is included in the HTTP GET message?

현재 서버가 WWW-Authenticate: Basic realm="wireshark-students only"\r\n에서 확인할 수 있듯이, Basic Authentication Scheme을 사용하고 있으므로 브라우저는 단순히 username:password 형태의 문자열을 만들고 Base64로 인코딩하여 Authorization: Basic d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=\r\n 헤더를 추가해서 보냅니다.

Getting Started