Display Filter Reference: Hypertext Transfer Protocol
Protocol field name: http
Versions: 1.0.0 to 1.8.7
Back to Display Filter Reference
| Field name | Description | Type | Versions |
|---|---|---|---|
| http.accept | Accept | Character string | 1.0.0 to 1.8.7 |
| http.accept_encoding | Accept Encoding | Character string | 1.0.0 to 1.8.7 |
| http.accept_language | Accept-Language | Character string | 1.0.0 to 1.8.7 |
| http.authbasic | Credentials | Character string | 1.0.0 to 1.8.7 |
| http.authorization | Authorization | Character string | 1.0.0 to 1.8.7 |
| http.cache_control | Cache-Control | Character string | 1.0.0 to 1.8.7 |
| http.connection | Connection | Character string | 1.0.0 to 1.8.7 |
| http.content_encoding | Content-Encoding | Character string | 1.0.0 to 1.8.7 |
| http.content_length | Content length | Unsigned integer, 8 bytes | 1.0.0 to 1.8.7 |
| http.content_length_header | Content-Length | Character string | 1.0.5 to 1.8.7 |
| http.content_type | Content-Type | Character string | 1.0.0 to 1.8.7 |
| http.cookie | Cookie | Character string | 1.0.0 to 1.8.7 |
| http.date | Date | Character string | 1.0.0 to 1.8.7 |
| http.host | Host | Character string | 1.0.0 to 1.8.7 |
| http.last_modified | Last-Modified | Character string | 1.0.0 to 1.8.7 |
| http.location | Location | Character string | 1.0.0 to 1.8.7 |
| http.notification | Notification | Boolean | 1.0.0 to 1.8.7 |
| http.proxy_authenticate | Proxy-Authenticate | Character string | 1.0.0 to 1.8.7 |
| http.proxy_authorization | Proxy-Authorization | Character string | 1.0.0 to 1.8.7 |
| http.proxy_connect_host | Proxy-Connect-Hostname | Character string | 1.0.0 to 1.8.7 |
| http.proxy_connect_port | Proxy-Connect-Port | Unsigned integer, 2 bytes | 1.0.0 to 1.8.7 |
| http.referer | Referer | Character string | 1.0.0 to 1.8.7 |
| http.request | Request | Boolean | 1.0.0 to 1.8.7 |
| http.request.full_uri | Full request URI | Character string | 1.6.0 to 1.8.7 |
| http.request.method | Request Method | Character string | 1.0.0 to 1.8.7 |
| http.request.uri | Request URI | Character string | 1.0.0 to 1.8.7 |
| http.request.version | Request Version | Character string | 1.0.0 to 1.8.7 |
| http.response | Response | Boolean | 1.0.0 to 1.8.7 |
| http.response.code | Status Code | Unsigned integer, 2 bytes | 1.0.0 to 1.8.7 |
| http.response.phrase | Response Phrase | Character string | 1.6.0 to 1.8.7 |
| http.sec_websocket_accept | Sec-WebSocket-Accept | Character string | 1.8.0 to 1.8.7 |
| http.sec_websocket_extensions | Sec-WebSocket-Extensions | Character string | 1.8.0 to 1.8.7 |
| http.sec_websocket_key | Sec-WebSocket-Key | Character string | 1.8.0 to 1.8.7 |
| http.sec_websocket_protocol | Sec-WebSocket-Protocol | Character string | 1.8.0 to 1.8.7 |
| http.sec_websocket_version | Sec-WebSocket-Version | Character string | 1.8.0 to 1.8.7 |
| http.server | Server | Character string | 1.0.0 to 1.8.7 |
| http.set_cookie | Set-Cookie | Character string | 1.0.0 to 1.8.7 |
| http.transfer_encoding | Transfer-Encoding | Character string | 1.0.0 to 1.8.7 |
| http.upgrade | Upgrade | Character string | 1.8.0 to 1.8.7 |
| http.user_agent | User-Agent | Character string | 1.0.0 to 1.8.7 |
| http.www_authenticate | WWW-Authenticate | Character string | 1.0.0 to 1.8.7 |
| http.x_forwarded_for | X-Forwarded-For | Character string | 1.0.0 to 1.8.7 |
Enhance Wireshark
Troubleshoot your Network
Free 30 day trial
- Save hours on network and application issue diagnoses
- Monitor physical and virtual environments
- GUI packet capture and analysis
- Fully integrated with Wireshark
Try Cascade Shark VE & Cascade Pilot Free for 30 Days
802.11 Packet Capture
- WLAN packet capture and transmission
- Full 802.11 a/b/g/n support
- View management, control and data frames
- Multi-channel aggregation (with multiple adapters)
Packet Analysis Made Easy
- Visually rich, powerful LAN analyzer
- Quickly access very large pcap files
- Professional, customizable reports
- Advanced triggers and alerts
- Fully integrated with Wireshark
