How to View Status Codes in Wireshark

The world’s most powerful network protocol analyzer, Wireshark, essentially monitors data packets sent through a computer’s network in real-time. Since the conception of this open-source tool in 1998, a global team of protocol and networking specialists have developed and maintained it.

How to View Status Codes in Wireshark

If you need to investigate the status codes of data packets using Wireshark, we’ve outlined the steps to do this for HTTP requests. In addition, our FAQ’s include the meanings for each status code and some of the most common HTTP request methods with examples.

How to Find the Status Code for an HTTP Request in WireShark

To find the status code of a webserver’s response to an HTTP request:

  1. Launch your Internet browser.
  2. Clear your browser cache.
  3. Launch “Wireshark.”
  4. From the list of network interfaces on your computer:
    • Double-click on your Ethernet or Wi-Fi adapter.
    • Wireshark will automatically start collecting packets.
  5. Launch a new web browser then navigate to the website you’d like to examine the status codes of.
  6. To see the HTTP packets only, enter “HTTP” in the “Filter” text field towards the top-left.
  7. Then, under the main menu, click on the start icon (the first icon) to start capturing packets.
  8. Refresh the page. Once Wireshark displays the HTTP packets for your website request, stop the capture by clicking on the stop icon.
  9. Select the packet entry where the “Info” column reads: “HTTP/1.1 [XXX a number] OK.”
  10. The number part of the “Info” will be the status code.

Note: The status code and other useful information about the selected data packet are available in the window below the packets window. Expand the “Hypertext Transfer Protocol” option, then the “HTTP/1.1….” option underneath to see it.

How to View All Status Codes for an HTTP Request

  1. Launch your Internet browser.
  2. Clear your browser cache.
  3. Launch “Wireshark.”
  4. From the list of network interfaces on your computer:
    • Double-click on your Ethernet or Wi-Fi adapter.
    • Wireshark will automatically start collecting packets.
  5. Launch a new web browser then navigate to the website you’d like to examine the status codes of.
  6. To see the HTTP packets only, enter “HTTP” in the “Filter” text field towards the top-left.
  7. Then, under the main menu, click on the start icon (the first icon) to start capturing packets.
  8. Refresh the page. Once Wireshark displays the HTTP packets for your website request, stop the capture by clicking on the stop icon.
  9. From the top menu, select “Statistics,” “HTTP,” then “Packet Counter.”
  10. A filter window will pop up. Leave the text field blank and click on “Create Stat.”
  11. Click on the plus sign next to the “HTTP Response Packets” option to expand it.
  12. Expand the status code groupings for more details of each status code.

FAQ’s

What do the status codes in WireShark mean?

Status codes are responses given by the web server in response to a request made to it. Requests are made to webservers when navigating to a webpage[s] from your web browser and all other interactions you have with the webpage[s].

Can I filter status codes in WireShark?

To list the status codes only for HTTP requests:

1. Launch your Internet browser.

2. Clear your browser cache.

3. Launch “Wireshark.”

4. From the list of network interfaces on your computer:

· Double-click on your Ethernet or Wi-Fi adapter.

· Wireshark will automatically start collecting packets.

5. Launch a new web browser then navigate to the website you’d like to examine the status codes of.

6. In the “Filter” text field at the top-left, enter “http.response.code.”

7. Then, under the main menu, click on the start icon (the first icon) to start capturing packets.

· The status codes for your webserver requests will display in the packets window.

What is the meaning of the different HTTP Response Status Codes?

The HTTP status codes are divided into five categories. Each response is made up of three digits – only the first digit describes the category of the response. The categories are:

• 1XX is an information response to say the request has been received by the server and is being processed.

• 2XX is a success response to confirm that the request was received successfully, comprehended, and accepted.

• 3XX is a redirection message, to advise that more action is necessary before the request can be completed successfully.

• 4XX is a client error, issued when the request cannot be accomplished.

• 5XX is a server error, for when the request is valid, but the server did not fulfill it.

Sniffing Packets Through the Wire With Wireshark

Wireshark is an established open-source packet analysis tool, designed to capture the internet traffic running on your computer in real-time. It has been developed over the years by a global team of talented and passionate specialists. It’s an effective troubleshooting tool and helps to get to the bottom of network issues, including inactivity or malicious activity.

We’ve shown you how to view the status codes when sending HTTP requests to a web server, how to filter them, and what they mean. What type of responses and information did you find in your analysis? Were you able to use Wireshark to achieve what you wanted? Let us know what you think about the tool generally in the comments section below.

Leave a Reply

Your email address will not be published. Required fields are marked *


Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos