Sniffing — Wireshark
Grab HTTP POST request data
Navigate http://ezi2care.jkm.gov.my/login and fill in the User ID and Password fields.
Start Wireshark and click Login on http://ezi2care.jkm.gov.my/login. Filter for “http” protocol results
Click on the destination 184.108.40.206. Check the description under Packet Details Pane by clicking HTML Form URL Encoded or Hypertext Transfer Protocol — search for userid and password.
On the “Host” row / line, please confirm that the IP we selected above is belongs to the ezi2care.jkm.gov.my
Alternatively, we can use “http.request.method == “POST” as the filter to show only POST methods under Packet List Pane.