UNIVERSITY OF ENGINEERING AND TECHNOLOGY,

PESHAWAR PAKISTAN
Main Campus

CS-311 Web Programming

Task . 02
Submitted By
Name: M.AWAIS NOOR
Registration No. 21PWBCS0837
Semester: 5th
Section: A
Submission Date: 09/oct/2023

Submitted To Dr Syed Adeel Ali Shah

DEPARTMENT OF COMPUTER SCIENCE & IT

 UNIVERSITY OF ENGINEERING AND TECHNOLOGY, PESHAWAR, PAKISTAN

1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server
running? HTTP 1.1 (see screenshot)

2. What languages (if any) does your browser indicate that it can accept to the server?

en-US(US English) as shown in prior screenshot

What is the IP address of your computer? Of the spinlab.wpi.edu server?

My computer is 10.211.55.3 (this is a virtual IP address assigned by my virtual machine
software) and the destination is 130.215.16.168. See prior screenshot. 3. What is the
status code returned from the server to your browser?

200 OK (see prior screenshot)

4. When was the HTML file that you are retrieving last modified at the server?

We can filtermessages by http.last_modified and we see that the HTTP response I

received for the html file doesn’t show this field. We do have a http.last_modified field
in the favicon response however, as shown in the screenshot below. This says the favicon
was last modified on Feb 25, 2010.

5. How many bytes of content are being returned to your browser?

Content-length = 209 bytes.See screenshot below.

6. By inspecting the raw data in the packet content window, do you see any headers
within thedata that are not displayed in the packet-listing window?
 If so, name one. No. The raw data appears to match up exactly with what is shown in
the packet-listing window.

7. Inspect the contents of the first HTTP GET request from your browser to the server. Do
yousee an “IF-MODIFIED-SINCE” line in the HTTP GET?

No.
8. Inspect the contents of the server response. Did the server explicitly return the contents
ofthe file? How can you tell? See screenshot of response with Alice’s Adventures...
9. Now inspect the contents of the second HTTP GET request from your browser to the
server.Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what
information follows the “IF-MODIFIED-SINCE:” header?
Yes.
If-Modified-Since: Wed, 12 Mar 2014 17:29:08 GMT\r\n.
See screenshot below.
10. What is the HTTP status code and phrase returned from the server in response to this
secondHTTP GET? Did the server explicitly return the contents of the file? Explain.

As seen in the previous screenshot, we get a HTTP/1.1 304 Not Modified Response. This
is much shorter than the full response packet seen previously which contained all of
Alice in Wonderland.
11. How many HTTP GET request messages were sent by your browser (again, ignoring
requestsfor favicon.ico)?

Just one.
12. How many data-containing TCP segments were needed to carry the single HTTP
response?

From the screenshot below, there are 4 TCP segments.

13. What is the status code and phrase associated with the response to the HTTP GET
request?

HTTP/1.1 200 OK (as seen in previous screenshot)

14. Are there any HTTP status lines in the transmitted data associated with a TCP-
induced“Continuation”?

No.
15. How many HTTP GET request messages were sent by your browser?

To which Internetaddresses were these GET requests sent? Three: 130.215.16.168,

130.215.36.26, 208.122.28.10. See screenshot below.
16. Can you tell whether your browser downloaded the two images serially, or whether
they weredownloaded from the two web sites in parallel? Explain.
 Based on the timestamps, it appears the images were downloaded serially. Also, the
source port is incrementing each time from 64444, 64445, 64446 which means that the
images were received serially over separate TCP connections.
17. What is the server’s response (status code and phrase) in response to the initial HTTP
GETmessage from your browser?

HTTP/1.1 401 Authorization Required (see screenshot below)

18. When your browser’s sends the HTTP GET message for the second time, what new
field isincluded in the HTTP GET message?

Authorization field. See screenshot below.

19. Copy the string of text that appears after “Authorization: Basic ”, and enter it into the
 Base64 decoder here – http://www.motobit.com/util/base64-decoder-encoder.asp.
Make sure to click on “decode”. To what ASCII string does the Base64 string decode
to? (Hint: you should see the username and password for the course website
embedded in the string).

No need since Wireshark has already done the decoding. See the previous screenshot. Our
credentials are clearly visible in wireshark