Wireshark filter to monitor website traffic

This wireshark filter demonstrates how to monitor traffic to a specific website from an IP address. The filter captures all traffic from the IP address to the website www.facebook.com.


1. To display packets originating from a specific source address, the filter ip.src is applied.

2. To filter packets containing the website name, the http attribute host is used. http.host refers to the website name.

The filter ip.src == && http.host==www.facebook.com would display all packets from the ip address to the website www.facebook.com

