Analysis

Category Package Started Completed Duration Log
PCAP 2020-06-11 01:39:38 2020-06-11 01:39:38 0 seconds Show Log

    


Signatures

No signatures

Hosts

Direct IP Country Name
Y 90.221.240.70 [VT] United Kingdom
Y 85.252.215.37 [VT] Norway
Y 63.187.99.171 [VT] United States
Y 58.180.60.100 [VT] Korea, Republic of
Y 53.207.172.141 [VT] Germany
Y 49.167.50.214 [VT] Korea, Republic of
Y 23.6.177.186 [VT] United States
Y 222.167.8.65 [VT] Hong Kong
Y 209.98.223.198 [VT] United States
Y 67.215.65.132 [VT] United States
Y 173.57.194.8 [VT] United States
Y 150.209.49.168 [VT] United States
Y 112.71.187.131 [VT] Japan
Y 111.77.115.44 [VT] China

DNS

No domains contacted.


Sorry! No behavior.

Hosts

Direct IP Country Name
Y 90.221.240.70 [VT] United Kingdom
Y 85.252.215.37 [VT] Norway
Y 63.187.99.171 [VT] United States
Y 58.180.60.100 [VT] Korea, Republic of
Y 53.207.172.141 [VT] Germany
Y 49.167.50.214 [VT] Korea, Republic of
Y 23.6.177.186 [VT] United States
Y 222.167.8.65 [VT] Hong Kong
Y 209.98.223.198 [VT] United States
Y 67.215.65.132 [VT] United States
Y 173.57.194.8 [VT] United States
Y 150.209.49.168 [VT] United States
Y 112.71.187.131 [VT] Japan
Y 111.77.115.44 [VT] China

TCP

Source Source Port Destination Destination Port
111.77.115.44 52077 172.24.1.80 8080
112.71.187.131 35105 172.24.1.81 8080
150.209.49.168 51024 172.22.1.80 8080
172.22.1.80 8080 150.209.49.168 50292
172.22.2.33 3306 172.22.1.80 53745
172.23.1.101 54799 172.23.2.33 3306
172.23.1.80 45987 172.23.2.33 3306
172.23.1.81 38700 172.23.2.33 3306
172.24.1.80 36159 172.24.2.33 3306
172.24.1.81 35646 172.24.2.33 3306
173.57.194.8 37565 172.22.1.80 8080
173.57.194.8 54020 172.22.1.80 8080
192.168.0.101 50036 192.168.0.1 80
192.168.0.101 50038 192.168.0.1 80
192.168.0.101 50040 192.168.0.1 80
192.168.0.101 50042 192.168.0.1 80
192.168.0.101 50046 192.168.0.1 80
192.168.0.101 50052 192.168.0.1 80
192.168.0.101 50066 192.168.0.1 80
192.168.0.101 50070 192.168.0.1 80
192.168.0.101 50072 192.168.0.1 80
192.168.0.101 50076 192.168.0.1 80
192.168.0.101 50078 192.168.0.1 80
192.168.0.101 50080 192.168.0.1 80
192.168.0.101 50082 192.168.0.1 80
192.168.0.101 50088 192.168.0.1 80
192.168.0.101 50090 192.168.0.1 80
192.168.0.101 50092 192.168.0.1 80
192.168.0.101 50094 192.168.0.1 80
192.168.0.101 50096 192.168.0.1 80
192.168.0.101 50100 192.168.0.1 80
192.168.0.101 50102 192.168.0.1 80
192.168.0.101 50108 192.168.0.1 80
192.168.0.101 51044 192.168.1.91 22
192.168.0.101 51046 192.168.1.91 22
192.168.0.101 51048 192.168.1.91 22
192.168.0.101 51050 192.168.1.91 22
192.168.0.101 51052 192.168.1.91 22
192.168.0.101 51054 192.168.1.91 22
192.168.0.101 51056 192.168.1.91 22
192.168.0.101 51058 192.168.1.91 22
192.168.0.101 51060 192.168.1.91 22
192.168.0.101 51062 192.168.1.91 22
192.168.0.101 51064 192.168.1.91 22
192.168.0.101 51066 192.168.1.91 22
192.168.0.101 51068 192.168.1.91 22
192.168.0.101 51070 192.168.1.91 22
192.168.0.101 51072 192.168.1.91 22
192.168.0.101 51074 192.168.1.91 22
192.168.0.101 51076 192.168.1.91 22
192.168.0.101 51078 192.168.1.91 22
192.168.0.101 51080 192.168.1.91 22
192.168.0.101 51082 192.168.1.91 22
192.168.0.101 51084 192.168.1.91 22
192.168.0.101 51086 192.168.1.91 22
192.168.0.101 51088 192.168.1.91 22
192.168.0.101 51092 192.168.1.91 22
192.168.0.101 51104 192.168.1.91 22
192.168.0.101 51108 192.168.1.91 22
192.168.0.101 51116 192.168.1.91 22
192.168.0.101 51122 192.168.1.91 22
192.168.0.101 51128 192.168.1.91 22
192.168.0.101 51132 192.168.1.91 22
192.168.0.101 51134 192.168.1.91 22
192.168.0.101 51444 192.168.1.91 22
192.168.0.101 51448 192.168.1.91 22
192.168.0.101 51450 192.168.1.91 22
192.168.0.101 51454 192.168.1.91 22
192.168.0.101 51456 192.168.1.91 22
192.168.0.101 51458 192.168.1.91 22
192.168.0.101 51460 192.168.1.91 22
192.168.0.101 51462 192.168.1.91 22
192.168.0.101 51464 192.168.1.91 22
192.168.0.101 51468 192.168.1.91 22
192.168.0.101 51474 192.168.1.91 22
192.168.0.101 51484 192.168.1.91 22
192.168.0.101 51486 192.168.1.91 22
192.168.0.101 51498 192.168.1.91 22
192.168.0.101 51504 192.168.1.91 22
192.168.0.101 51506 192.168.1.91 22
192.168.0.101 51510 192.168.1.91 22
192.168.0.101 51512 192.168.1.91 22
192.168.0.101 51514 192.168.1.91 22
192.168.0.101 51516 192.168.1.91 22
192.168.0.103 57920 192.168.0.1 80
192.168.0.103 57922 192.168.0.1 80
192.168.0.103 57924 192.168.0.1 80
192.168.0.103 57926 192.168.0.1 80
192.168.0.103 57928 192.168.0.1 80
192.168.0.103 57930 192.168.0.1 80
192.168.0.103 57932 192.168.0.1 80
192.168.0.103 57934 192.168.0.1 80
192.168.0.103 57936 192.168.0.1 80
192.168.0.103 57938 192.168.0.1 80
192.168.0.103 57940 192.168.0.1 80
192.168.0.103 57942 192.168.0.1 80
192.168.0.103 57944 192.168.0.1 80
192.168.0.103 57946 192.168.0.1 80
192.168.0.103 57948 192.168.0.1 80
192.168.0.103 57950 192.168.0.1 80
192.168.0.103 57952 192.168.0.1 80
192.168.0.103 57954 192.168.0.1 80
192.168.0.103 57956 192.168.0.1 80
192.168.0.103 57958 192.168.0.1 80
192.168.0.103 57960 192.168.0.1 80
192.168.0.103 57962 192.168.0.1 80
192.168.0.103 57964 192.168.0.1 80
192.168.0.103 57966 192.168.0.1 80
192.168.0.103 57968 192.168.0.1 80
192.168.0.103 57970 192.168.0.1 80
192.168.0.103 57972 192.168.0.1 80
192.168.0.103 57974 192.168.0.1 80
192.168.0.105 1494 192.168.2.22 51236
192.168.1.1 443 192.168.1.101 54366
192.168.1.1 443 192.168.1.101 54368
192.168.1.1 443 192.168.1.102 55056
192.168.1.1 443 192.168.1.102 55058
192.168.1.1 443 192.168.1.102 55062
192.168.1.1 443 192.168.1.103 39600
192.168.1.1 443 192.168.1.103 39602
192.168.1.1 443 192.168.1.103 39604
192.168.1.101 54370 192.168.1.1 443
192.168.1.103 39606 192.168.1.1 443
192.168.2.92 53268 192.168.0.104 1494
209.98.223.198 35717 172.22.1.80 8080
209.98.223.198 58329 172.22.1.80 8080
222.167.8.65 47155 172.24.1.81 8080
23.6.177.186 52553 172.22.1.80 8080
23.6.177.186 58178 172.22.1.80 8080
49.167.50.214 41423 172.24.1.81 8080
53.207.172.141 42421 172.23.1.80 8080
53.207.172.141 44784 172.23.1.80 8080
58.180.60.100 55619 172.24.1.80 8080
63.187.99.171 34277 172.22.1.90 443
85.252.215.37 47879 172.23.1.81 8080
85.252.215.37 56111 172.23.1.81 8080
90.221.240.70 35190 172.23.1.80 8080
90.221.240.70 55490 172.23.1.80 8080

UDP

Source Source Port Destination Destination Port
192.168.222.208 60075 67.215.65.132 7079
67.215.65.132 7078 192.168.222.206 60074
67.215.65.132 7078 192.168.222.208 60074
67.215.65.132 7078 192.168.222.210 60074

DNS

No domains contacted.

HTTP Requests

URI Data
http://192.168.0.1/jpetstore/images/separator.gif
GET /jpetstore/images/separator.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewProduct=&productId=K9-RT-01
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/sm_cats.gif
GET /jpetstore/images/sm_cats.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewProduct=&productId=K9-RT-01
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=FISH
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=FISH HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewProduct=&productId=RP-LI-02
User-Agent: Mozilla/5.0 (Android; Mobile; rv:28.0) Gecko/28.0 Firefox/28.0
Cookie: JSESSIONID=0DC918C9EA905DBD6E166A48B292687F
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/images/sm_birds.gif
GET /jpetstore/images/sm_birds.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewProduct=&productId=K9-RT-01
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=REPTILES
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=REPTILES HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewProduct=&productId=RP-SN-01
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36
Cookie: JSESSIONID=5FB310DAC2059B6F67258FAECA20AF15
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/css/jpetstore.css
GET /jpetstore/css/jpetstore.css HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewProduct=&productId=K9-RT-01
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://demo.example.com:8080/ecomapp/actions/Catalog.action
GET /ecomapp/actions/Catalog.action HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/admin/
User-Agent: Mozilla/5.0 (Android; Mobile; rv:28.0) Gecko/28.0 Firefox/28.0
Connection: close

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=BIRDS
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=BIRDS HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=CATS
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
Cookie: JSESSIONID=F67171BFF922C6349032AB89804FFDC0
Cookie2: $Version="1"
Connection: close

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=CATS
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=CATS HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=CATS
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
Cookie: JSESSIONID=A0416668D74C531BC8816DAB27758DBA
Cookie2: $Version="1"
Connection: close

http://demo.example.com:8080/ecomapp/actions/Catalog.action
GET /ecomapp/actions/Catalog.action HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=BIRDS
User-Agent: Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405
Cookie: JSESSIONID=6DB8BC5C8923168AD1483EA84C10BC7A
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
GET /jpetstore/actions/Cart.action?viewCart= HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: Keep-Alive, TE
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewProduct=&productId=K9-RT-01
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=REPTILES
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=REPTILES HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action
User-Agent: Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405
Cookie: JSESSIONID=721FD672B1E02F68CD38ADA7565942DC
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/images/logo-topbar.gif
GET /jpetstore/images/logo-topbar.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/actions/Catalog.action
GET /jpetstore/actions/Catalog.action HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: Keep-Alive, TE
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/cart.gif
GET /jpetstore/images/cart.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/logo-topbar.gif
GET /jpetstore/images/logo-topbar.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/separator.gif
GET /jpetstore/images/separator.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/cart.gif
GET /jpetstore/images/cart.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/separator.gif
GET /jpetstore/images/separator.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_fish.gif
GET /jpetstore/images/sm_fish.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_fish.gif
GET /jpetstore/images/sm_fish.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://demo.example.com:8080/ecomapp/actions/Catalog.action
GET /ecomapp/actions/Catalog.action HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=FISH
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0
Cookie: JSESSIONID=69A308CFF735E9B78A9584435BF93381
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/images/sm_dogs.gif
GET /jpetstore/images/sm_dogs.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_dogs.gif
GET /jpetstore/images/sm_dogs.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/sm_reptiles.gif
GET /jpetstore/images/sm_reptiles.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=DOGS
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=DOGS HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=CATS
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36
Cookie: JSESSIONID=811E6C2043C81ABF91912A7827CF0CA7
Cookie2: $Version="1"
Connection: close

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=FISH
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=FISH HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action
User-Agent: Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405
Cookie: JSESSIONID=0E4EB78C1A3206416E2F1CFEF7C03D9A
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/images/sm_cats.gif
GET /jpetstore/images/sm_cats.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_reptiles.gif
GET /jpetstore/images/sm_reptiles.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/sm_birds.gif
GET /jpetstore/images/sm_birds.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/fish_icon.gif
GET /jpetstore/images/fish_icon.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_cats.gif
GET /jpetstore/images/sm_cats.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/dogs_icon.gif
GET /jpetstore/images/dogs_icon.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/cats_icon.gif
GET /jpetstore/images/cats_icon.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/reptiles_icon.gif
GET /jpetstore/images/reptiles_icon.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_birds.gif
GET /jpetstore/images/sm_birds.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://192.168.0.1/jpetstore/images/birds_icon.gif
GET /jpetstore/images/birds_icon.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/splash.gif
GET /jpetstore/images/splash.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewProduct=&productId=RP-LI-02
GET /ecomapp/actions/Catalog.action?viewProduct=&productId=RP-LI-02 HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=REPTILES
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36
Cookie: JSESSIONID=3E7B56955A289AAD4583ACE3D58F944F
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/css/jpetstore.css
GET /jpetstore/css/jpetstore.css HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/css/jpetstore.css
GET /jpetstore/css/jpetstore.css HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Cart.action?viewCart=
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~9F4609FBA74F3C90C62717B935FD96F3
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-1

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewCategory=&categoryId=DOGS
GET /ecomapp/actions/Catalog.action?viewCategory=&categoryId=DOGS HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=FISH
User-Agent: Mozilla/5.0 (Android; Mobile; rv:28.0) Gecko/28.0 Firefox/28.0
Cookie: JSESSIONID=0DC918C9EA905DBD6E166A48B292687F
Cookie2: $Version="1"
Connection: close

http://192.168.0.1/jpetstore/actions/Catalog.action?viewCategory=&categoryId=DOGS
GET /jpetstore/actions/Catalog.action?viewCategory=&categoryId=DOGS HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: Keep-Alive, TE
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/logo-topbar.gif
GET /jpetstore/images/logo-topbar.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewCategory=&categoryId=DOGS
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/cart.gif
GET /jpetstore/images/cart.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewCategory=&categoryId=DOGS
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/separator.gif
GET /jpetstore/images/separator.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewCategory=&categoryId=DOGS
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://192.168.0.1/jpetstore/images/sm_fish.gif
GET /jpetstore/images/sm_fish.gif HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Accept-Encoding: gzip
Host: 192.168.0.1
Referer: http://192.168.0.1/jpetstore/actions/Catalog.action?viewCategory=&categoryId=DOGS
User-Agent: WWW::Scripter/0.032
Cookie: JSESSIONID=main~10AC3D9C7316D971DEA1D3927A4AAB4C
Cookie2: $Version="1"
X-TME-Webbot-Host: gartner-sea-client-3

http://demo.example.com:8080/ecomapp/actions/Catalog.action?viewProduct=&productId=AV-SB-02
GET /ecomapp/actions/Catalog.action?viewProduct=&productId=AV-SB-02 HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: TE
Accept-Encoding: gzip
Host: demo.example.com
Referer: http://demo.example.com/ecomapp/actions/Catalog.action?viewCategory=&categoryId=BIRDS
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
Cookie: JSESSIONID=F67171BFF922C6349032AB89804FFDC0
Cookie2: $Version="1"
Connection: close

SMTP traffic

No SMTP traffic performed.

IRC traffic

No IRC requests performed.

ICMP traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No dropped Suricata Extracted files.

JA3

Source Source Port Destination Destination Port JA3 Hash JA3 Description
192.168.1.102 55062 192.168.1.1 443 05a58a685c5b62b4363b55d4432d52b1 unknown
192.168.1.102 55062 192.168.1.1 443 05a58a685c5b62b4363b55d4432d52b1 unknown
Sorry! No dropped files.
Sorry! No CAPE files.
Sorry! No process dumps.
JSON Report Download

Processing ( 1.7859999999999998 seconds )

  • 1.654 NetworkAnalysis
  • 0.107 CAPE
  • 0.02 AnalysisInfo
  • 0.004 Debug
  • 0.001 Suricata

Signatures ( 0.054000000000000006 seconds )

  • 0.011 ransomware_files
  • 0.006 antiav_detectreg
  • 0.006 ransomware_extensions
  • 0.004 antiav_detectfile
  • 0.003 persistence_autorun
  • 0.003 antianalysis_detectfile
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_ftp
  • 0.003 territorial_disputes_sigs
  • 0.002 infostealer_im
  • 0.001 kibex_behavior
  • 0.001 tinba_behavior
  • 0.001 antianalysis_detectreg
  • 0.001 antivm_vbox_files
  • 0.001 geodo_banking_trojan
  • 0.001 browser_security
  • 0.001 disables_browser_warn
  • 0.001 infostealer_mail
  • 0.001 masquerade_process_name
  • 0.001 revil_mutexes

Reporting ( 0.054 seconds )

  • 0.054 PCAP2CERT