is there any way to know if a certain tcp segment which has a request message to a server is directly accessed by a user through a browser. not just that its linked by the browser itself to complete the requested page. like for example, a web page with images, when one browses this page, the sniffer tends to get all this urls including the web page's and that of the images. what factors would let me identify which is which?!...
thanks alot in advance:)