download winpcap drivers download windump (portable?)
right click on cmd.exe -> open as administrator net start npf
Choose an interface and start a capture, do a transaction then stop a capture
Filter: ip.src == 1.2.3.4 OR ip.dst == 1.2.3.4
Analyze -> Follow TCP Stream