Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

The packets shown as TCP are probably ACK-only TCP packets.

The packets shown as TLS are probably not being decrypted by Wireshark. As they appear on the network (Wireshark, like other sniffers, captures raw network traffic), they don't look like HTTP, they look like random values, and that's a feature - the whole point of TLS is to make it hard for people to use sniffers to see the HTTP traffic! (Remember, if it's easy for you to see your credit card number when buying something over the Internet, because you can see the HTTP traffic, it's easy for somebody else to see it as well.)

You might be able to get Wireshark to decrypt the traffic, if you can give Wireshark information it needs to decrypt it (which means it's information you need to get some way other than packet capture, so that only you - and the server to which you're communicating - can decrypt it). See the notes on TLS decryption in the Wireshark Wiki.