Frame 4: 904 bytes on wire (7232 bits), 904 bytes captured (7232 bits) Encapsulation type: Ethernet (1) Arrival Time: Apr 30, 2011 17:29:21.788406000 EEST [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1304173761.788406000 seconds [Time delta from previous captured frame: 0.034084000 seconds] [Time delta from previous displayed frame: 0.034084000 seconds] [Time since reference or first frame: 0.042290000 seconds] Frame Number: 4 Frame Length: 904 bytes (7232 bits) Capture Length: 904 bytes (7232 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp:http:urlencoded-form] [Coloring Rule Name: HTTP] [Coloring Rule String: http || tcp.port == 80 || http2] Ethernet II, Src: HewlettP_e2:80:8c (00:17:a4:e2:80:8c), Dst: D-LinkIn_f6:b1:db (1c:bd:b9:f6:b1:db) Destination: D-LinkIn_f6:b1:db (1c:bd:b9:f6:b1:db) Address: D-LinkIn_f6:b1:db (1c:bd:b9:f6:b1:db) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: HewlettP_e2:80:8c (00:17:a4:e2:80:8c) Address: HewlettP_e2:80:8c (00:17:a4:e2:80:8c) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 172.20.1.101, Dst: 123.125.56.248 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 890 Identification: 0x8823 (34851) Flags: 0x4000, Don't fragment 0... .... .... .... = Reserved bit: Not set .1.. .... .... .... = Don't fragment: Set ..0. .... .... .... = More fragments: Not set ...0 0000 0000 0000 = Fragment offset: 0 Time to live: 64 Protocol: TCP (6) Header checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source: 172.20.1.101 Destination: 123.125.56.248 Transmission Control Protocol, Src Port: 2255, Dst Port: 80, Seq: 1, Ack: 1, Len: 850 Source Port: 2255 Destination Port: 80 [Stream index: 0] [TCP Segment Len: 850] Sequence number: 1 (relative sequence number) [Next sequence number: 851 (relative sequence number)] Acknowledgment number: 1 (relative ack number) 0101 .... = Header Length: 20 bytes (5) Flags: 0x018 (PSH, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgment: Set .... .... 1... = Push: Set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set [TCP Flags: ·······AP···] Window size value: 65535 [Calculated window size: 65535] [Window size scaling factor: -2 (no window scaling used)] Checksum: 0x655b [unverified] [Checksum Status: Unverified] Urgent pointer: 0 [SEQ/ACK analysis] [iRTT: 0.008206000 seconds] [Bytes in flight: 850] [Bytes sent since last PSH flag: 850] [Timestamps] [Time since first frame in this TCP stream: 0.042290000 seconds] [Time since previous frame in this TCP stream: 0.034084000 seconds] TCP payload (850 bytes) Hypertext Transfer Protocol POST /login/login_api.php HTTP/1.1\r\n [Expert Info (Chat/Sequence): POST /login/login_api.php HTTP/1.1\r\n] [POST /login/login_api.php HTTP/1.1\r\n] [Severity level: Chat] [Group: Sequence] Request Method: POST Request URI: /login/login_api.php Request Version: HTTP/1.1 Host: www.kaixin001.com\r\n User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1\r\n Accept: text/javascript, text/html, application/xml, text/xml, */*\r\n Accept-Language: zh-cn,zh;q=0.5\r\n Accept-Encoding: gzip, deflate\r\n Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7\r\n Keep-Alive: 115\r\n Connection: keep-alive\r\n X-Requested-With: XMLHttpRequest\r\n X-Prototype-Version: 1.6.1\r\n Content-Type: application/x-www-form-urlencoded; charset=UTF-8\r\n Referer: http://www.kaixin001.com/\r\n Content-Length: 114\r\n [Content length: 114] Cookie: _ref=2f0141334b30b16c922601692b87b573..7DA3.4dbc1bd0c2f6a; _cpmuid=1852648832; SERVERID=_srv58-215_; _vid=C4C0F7B2FA8000015B26A63BE45014D5\r\n Cookie pair: _ref=2f0141334b30b16c922601692b87b573..7DA3.4dbc1bd0c2f6a Cookie pair: _cpmuid=1852648832 Cookie pair: SERVERID=_srv58-215_ Cookie pair: _vid=C4C0F7B2FA8000015B26A63BE45014D5 Pragma: no-cache\r\n Cache-Control: no-cache\r\n \r\n [Full request URI: http://www.kaixin001.com/login/login_api.php] [HTTP request 1/1] [Response in frame: 5] File Data: 114 bytes HTML Form URL Encoded: application/x-www-form-urlencoded Form item: "ver" = "1" Key: ver Value: 1 Form item: "email" = "jijch@163.com" Key: email Value: jijch@163.com Form item: "rpasswd" = "18334b0d099ff74ffbd825840b72cb8d3bdce429" Key: rpasswd Value: 18334b0d099ff74ffbd825840b72cb8d3bdce429 Form item: "url" = "/home/" Key: url Value: /home/