How does google image work and how can I test https with wireshark?
Basically, I am very confused about how google image work?
For example, I tried to search "apple" in google image.
Then, you'll see a lot of images relating to apple.
https://www.google.co.uk/search?q=app...XAhUsLMAKHdyOAWYQAUICygC
Now, next step, I click the first image
https://www.google.co.uk/search?q=app...XAhUsLMAKHdyOAWYQAUICygC#imgrc=-TtEc9M5pE7LPM:
I get the image enlarged and in a preview mode. At this point, I am not leaving Google Image literally, because I didn't click the image to be redirected to another website outside of google.
So, I was expecting all my dns record at this point should have been with google, right?
However, I saw many dns address which are not google domains at all.....
So, if my ISP was viewing my traffic, did they see I actually visited those non-google domain instead of staying along with Google image.....
I am very confused.
Question 2
Can somebody tell me how could I repeat the "checking of https://" process described in this articule step by step?
https://duck.co/blog/post/225/what-do...
Basically I want to test how https works by using wireshark, whether a HTTPS can really help to encrypt the full URL address across connections, especially the "query=keyword#target" part.....
Many thanks!
Comments
In wireshark you will only see encrypted packets. In order to view the actual payload, you need to setup premaster secret key on your local machine and use it to decrypt on wireshark. This is explained in https://knowledge.broadcom.com/extern...