I am trying to use wireshark to sniff the traffic so i can fill in the mangle content field properly.
i am basically trying to see what the packet says for yahoo and by the picture attached i am seeing its separating things.
when i type the word in the “mangle content” box. do i type in “yah” or “yahoo.com”
so is wireshark just splitting up the fields or … ???
please advise.
