diff --git a/bpf/http_sock.h b/bpf/http_sock.h
index 53d8b15d6..33c8f7f0b 100644
--- a/bpf/http_sock.h
+++ b/bpf/http_sock.h
@@ -12,6 +12,7 @@
 
 #define MIN_HTTP_SIZE  12 // HTTP/1.1 CCC is the smallest valid request we can have
 #define RESPONSE_STATUS_POS 9 // HTTP/1.1 <--
+#define MAX_HTTP_STATUS 599
 
 #define PACKET_TYPE_REQUEST 1
 #define PACKET_TYPE_RESPONSE 2
@@ -105,8 +106,8 @@ static __always_inline u8 is_http(unsigned char *p, u32 len, u8 *packet_type) {
     if (len < MIN_HTTP_SIZE) {
         return 0;
     }
-    //HTTP
-    if ((p[0] == 'H') && (p[1] == 'T') && (p[2] == 'T') && (p[3] == 'P')) {
+    //HTTP/1.x
+    if ((p[0] == 'H') && (p[1] == 'T') && (p[2] == 'T') && (p[3] == 'P') && (p[4] == '/') && (p[5] == '1') && (p[6] == '.')) {
        *packet_type = PACKET_TYPE_RESPONSE;
        return 1;
     } else if (
@@ -337,6 +338,9 @@ static __always_inline void process_http_response(http_info_t *info, unsigned ch
     info->status += (buf[RESPONSE_STATUS_POS]     - '0') * 100;
     info->status += (buf[RESPONSE_STATUS_POS + 1] - '0') * 10;
     info->status += (buf[RESPONSE_STATUS_POS + 2] - '0');
+    if (info->status > MAX_HTTP_STATUS) { // we read something invalid
+        info->status = 0;
+    }
 }
 
 static __always_inline http_connection_metadata_t *connection_meta(pid_connection_info_t *pid_conn, u8 direction, u8 packet_type) {
@@ -593,7 +597,7 @@ static __always_inline void handle_buf_with_connection(pid_connection_info_t *pi
 
         bpf_dbg_printk("=== http_buffer_event len=%d pid=%d still_reading=%d ===", bytes_len, pid_from_pid_tgid(bpf_get_current_pid_tgid()), still_reading(info));
 
-        if (packet_type == PACKET_TYPE_REQUEST && (info->status == 0)) {
+        if (packet_type == PACKET_TYPE_REQUEST && (info->status == 0) && (info->start_monotime_ns == 0)) {
             http_connection_metadata_t *meta = connection_meta(pid_conn, direction, PACKET_TYPE_REQUEST);
 
             get_or_create_trace_info(meta, pid_conn->pid, &pid_conn->conn, u_buf, bytes_len, capture_header_buffer);
@@ -625,7 +629,7 @@ static __always_inline void handle_buf_with_connection(pid_connection_info_t *pi
             // incomplete trace info in user space.
             bpf_probe_read(info->buf, FULL_BUF_SIZE, u_buf);
             process_http_request(info, bytes_len, meta, direction);
-        } else if (packet_type == PACKET_TYPE_RESPONSE) {
+        } else if ((packet_type == PACKET_TYPE_RESPONSE) && (info->status == 0)) {
             handle_http_response(small_buf, pid_conn, info, bytes_len, direction, ssl);
         } else if (still_reading(info)) {
             info->len += bytes_len;
diff --git a/pkg/internal/ebpf/httpfltr/bpf_bpfel_arm64.o b/pkg/internal/ebpf/httpfltr/bpf_bpfel_arm64.o
index f64c7bcb0..317c82c18 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_bpfel_arm64.o and b/pkg/internal/ebpf/httpfltr/bpf_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_bpfel_x86.o b/pkg/internal/ebpf/httpfltr/bpf_bpfel_x86.o
index 40c60b931..fd7555981 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_bpfel_x86.o and b/pkg/internal/ebpf/httpfltr/bpf_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_arm64.o b/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_arm64.o
index d7bfffebe..484cd8d70 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_arm64.o and b/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_x86.o b/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_x86.o
index 2405a9cdc..a5990de00 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_x86.o and b/pkg/internal/ebpf/httpfltr/bpf_debug_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_arm64.o b/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_arm64.o
index 109383566..93e7b011c 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_arm64.o and b/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_x86.o b/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_x86.o
index 27788eb19..48edbb714 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_x86.o and b/pkg/internal/ebpf/httpfltr/bpf_tp_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_arm64.o b/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_arm64.o
index 458e73ca1..83520ed0b 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_arm64.o and b/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_x86.o b/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_x86.o
index bb0365be1..aa12659be 100644
Binary files a/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_x86.o and b/pkg/internal/ebpf/httpfltr/bpf_tp_debug_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_bpfel_arm64.o b/pkg/internal/ebpf/httpssl/bpf_bpfel_arm64.o
index f4fcdf785..a7a4dee94 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_bpfel_arm64.o and b/pkg/internal/ebpf/httpssl/bpf_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_bpfel_x86.o b/pkg/internal/ebpf/httpssl/bpf_bpfel_x86.o
index c599f6c81..bc2bedd85 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_bpfel_x86.o and b/pkg/internal/ebpf/httpssl/bpf_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_arm64.o b/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_arm64.o
index 574876181..4647a59ff 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_arm64.o and b/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_x86.o b/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_x86.o
index 3aa7c851a..1dd853f1e 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_x86.o and b/pkg/internal/ebpf/httpssl/bpf_debug_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_arm64.o b/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_arm64.o
index 9cb1ebf8d..bb238b106 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_arm64.o and b/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_x86.o b/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_x86.o
index 0ebb25c0b..ab4d3c12e 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_x86.o and b/pkg/internal/ebpf/httpssl/bpf_tp_bpfel_x86.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_arm64.o b/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_arm64.o
index b7730406c..72c122c1d 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_arm64.o and b/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_arm64.o differ
diff --git a/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_x86.o b/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_x86.o
index ed6a42a64..1399e097f 100644
Binary files a/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_x86.o and b/pkg/internal/ebpf/httpssl/bpf_tp_debug_bpfel_x86.o differ