This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Client awareness in fetching multiple HTTP objects pertaining to a website

0

Hi,

I got a basic doubt regarding opening TCP connections to fetch multiple HTTP objects pertaining to a website.

Here is an example:

I clicked www.disney.com and captured port 53(DNS) packets associated to that site

Sample queries included

A www.disney.com

A a.dilcdn.com

A ajax.googleapis.com

A cdnvideo.dolimg.com

etc..........

Here, on my browser i typed only www.disney.com but my doubt is who will inform to client that in order to get full page it needs to open connections to a.dilcdn.com ,ajax.............

Thanks

asked 22 May '13, 14:57

krishnayeddula's gravatar image

krishnayeddula
629354148
accept rate: 6%

edited 22 May '13, 15:24


2 Answers:

3

A webpage consists of many objects, like images, javascript files, stylesheets etc. Most of the object are coming from the site itself or maybe another server in the same site (like: images.disney.com).

However, there can also be objects linked from other sites like the ones that you have found. Think of ad-banners, statistics (like google-analytics), or social media links (like facebook).

answered 22 May '13, 15:24

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

If it is from images.disney.com and assume that there is no load balancer in front of disney web farm so that it will result in different ip address compared to www.disney.com.In this case who will tell to client that "Hey! in order to get images from disney you need to go to images.disney.com"

(22 May '13, 15:49) krishnayeddula

and in second case like analytics or Facebook who told to my client to open connections to ajax.googleapis.com or a.dilcdn.com.All i did was typing www.disney.com and waiting for objects to load but lot of things happened in back end.

(22 May '13, 15:51) krishnayeddula
1

There are links in the html file (or created by javascript code) pointing to the external objects. The browser needs to download the objects to be able to show the whole page. So in order to fetch the objects, it will need to do a dns lookup first :-)

(just like it does the dns lookup for www.disney.com)

(22 May '13, 15:56) SYN-bit ♦♦

2

While Wireshark is pretty good at helping you work out how a browser works, you are probably better off using the debugging tools available for browsers. These probably allow better context for the various HTTP calls that are triggered.

Chrome has debugging tools under the Tools > Developer Tools and then click the Network tab Firefox has the Firebug add on Internet Explorer has Tools > Developer Tools (or press F12)

answered 22 May '13, 16:12

martyvis's gravatar image

martyvis
8911525
accept rate: 7%