1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running?

HTTP 1.1

2. What languages (if any) does your browser indicate that it can accept to the server?

en-US (US English) as shown in prior screenshot

3. What is the IP address of your computer? Of the gaia.cs.umass.edu server?

IP address of my computer: 192.168.30.40

IP address of the gaia.cs.umass.edu server: 128.119.245.12

4. What is the status code returned from the server to your browser?

200 OK as shown in prior screenshot

5. When was the HTML file that you are retrieving last modified at the server?
We can filter messages by http.last_modified and we see that the HTTP response I received for the html
file doesn’t show this field. We do have a http.last_modified field in the favicon response

however, as shown in the screenshot below. This says the favicon was last modified on 09 Oct 2024

6. How many bytes of content are being returned to your browser?

Content-length = 128 bytes

 7. By inspecting the raw data in the packet content window, do you see any headers within the
data that are not displayed in the packet-listing window? If so, name one.

If so, name one. No. The raw data appears to match up exactly with what is shown in the packet-listing
window

8. Inspect the contents of the first HTTP GET request from your browser to the server. Do you see
an “IF-MODIFIED-SINCE” line in the HTTP GET?

No

9. Inspect the contents of the server response. Did the server explicitly return the contents of the
file? How can you tell?

The server did explicitly return the contents of the file. Wireshark includes a section titled “Line-Based
Text Data” which shows what the server sent back to my browser which is specifically what the website
showed when I brought it up on my browser.
 10. Now inspect the contents of the second HTTP GET request from your browser to the server. Do
you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information follows the “IF-
MODIFIED-SINCE:” header?

Yes in the second HTTP message an IF-MODIFIED-SINCE line is included. The information that follows is
the date and time that I last accessed the webpage
 11. What is the HTTP status code and phrase returned from the server in response to this second
HTTP GET? Did the server explicitly return the contents of the file? Explain.
 The HTTP status code is “304: Not Modified”
 The server did not return the contents of the file because the browser simply retrieved the
contents from its cache. Had the file been modified since it was last accessed, it would have
returned the contents of the file, instead it simply told my browser to retrieve the old file from
its cached memory.
12. How many HTTP GET request messages did your browser send? Which packet number in the
trace contains the GET message for the Bill or Rights?

My browser only sent 1 HTTP GET request to the server. The Packet that contained the GET message
was packet number 115.
 13. Which packet number in the trace contains the status code and phrase associated with the
response to the HTTP GET request?

The packet that contains the status code and phrase which the server sent in response to the GET
message was packet number 138
 14. What is the status code and phrase in the response?

The code and phrase in the response was 200 OK, see the image from question 13.

15. How many data-containing TCP segments were needed to carry the single HTTP response and
the text of the Bill of Rights?

The data was sent in 2 TCP segments to the browser, then reassembled.
 16. How many HTTP GET request messages did your browser send? To which Internet addresses
were these GET requests sent?

My browser sent 4 http GET message requests.

which Internet addresses were these GET requests sent: 128.119.245.12 and 178.79.137.164
 17. Can you tell whether your browser downloaded the two images serially, or whether they were
downloaded from the two web sites in parallel? Explain.

The browser downloaded the two images in serially. I believe this to be the case because the first image
was requested and sent before the second image was requested by the browser. Had they been running
in parallel, both files would have been requested then would have returned in the same time period. In
this case however, the second image was only requested after the first image came back.

18. What is the server’s response (status code and phrase) in response to the initial HTTP GET
message from your browser?

The servers intial response was “401 Unauthorized”

19. When your browser’s sends the HTTP GET message for the second time, what new field is included in
the HTTP GET message?

The new field that is now included is the authorization field. This is included because we sent the server
a username and password along with our request stating that we were authorized to receive the page.