This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to capturing HTTP POST endpoint hosted on multiple boxes?

0

I am running a Java application upon my Ubuntu box that is making API calls to endpoint https://int.tangocard.com.

This endpoint has multiple hosts when I ping-ed it:

  • 54.243.76.183
  • 23.23.233.116
  • 50.17.183.39
  • 54.243.72.138

This API endpoint has DigiCert certificate, and the data communication is using HTTP POST using Basic Authentication, and the body requests and responses are JSON.

I am trying to capture these HTTP POST requests & responses, I have tried using the following as the filter, but nothing is getting captured:

(ip.addr == 54.243.76.183 || ip.addr == 23.23.233.116 || ip.addr == 50.17.183.39 || ip.addr == 54.243.72.138) && http

I am use to working with "Fiddler 2" on Windows 7, so I am new to this tool on Ubuntu.

Thanks

Jeff in Seattle

asked 07 Nov '12, 16:05

jeff00tangocard's gravatar image

jeff00tangocard
1223
accept rate: 0%

edited 07 Nov '12, 17:46


One Answer:

0

Ok, I am able to capture traffic between a Java app using HttpsURLConnection POST to API endpoint https://int.tangocard.com

Using ping, the discovered IP addresses included in filter are:

(ip.addr == 54.243.76.183 || ip.addr == 23.23.233.116 || ip.addr == 50.17.183.39 || ip.addr == 54.243.72.138) && tcp

answered 08 Nov '12, 08:22

jeff00tangocard's gravatar image

jeff00tangocard
1223
accept rate: 0%