On every Windows Server 2000 and 2003 install disk, Microsoft includes a tool called Network Monitor, or what is commonly called NetMon. This tool is probably not ideal for someone's first look into things at the HTTP level, because it captures all things at the network level and up--TCP handshakes, broadcast packets, anything that passes through your NIC. However, more information is better than none, and if you already have the install disk, the price for this tool is right.
Since the Network Monitor tool is a Windows component included on your install disk, you can install it through Settings >> Control Panel >> Add/Remove Programs. Select the Add/Remove Windows Components button on the left. NetMon is included in the Management and Monitoring Tools group.
Once installed, you access NetMon through Start >> Programs >> Administrative Tools. Capturing and viewing what happens during an HTTP request is easy. There are only two buttons that you'll need to use--Play and Stop and View Capture.
To get a clean capture you'll need to close any applications that might make HTTP or other network level requests.
- Prepare a browser to make the request.
- Click Play on Netmon.
- Request the page through the browser.
- After the page has displayed, click Stop and View Capture.
The Capture can then even be saved as a .cap file.