osqa-ask.wireshark.org
Open in
urlscan Pro
2606:4700:20::6819:db15
Public Scan
Submission: On October 22 via api from US
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 7th 2019. Valid for: 6 months.
This is the only time osqa-ask.wireshark.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 2606:4700:20:... 2606:4700:20::6819:db15 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
3 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
2 | 2a00:1450:400... 2a00:1450:4001:81f::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
33 | 5 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
osqa-ask.wireshark.org | |
www.wireshark.org |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
secure.gravatar.com |
ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
wireshark.org
osqa-ask.wireshark.org www.wireshark.org |
103 KB |
3 |
gravatar.com
secure.gravatar.com |
4 KB |
3 |
googleapis.com
ajax.googleapis.com |
89 KB |
2 |
google-analytics.com
ssl.google-analytics.com |
17 KB |
1 |
google.com
www.google.com |
6 KB |
33 | 5 |
Domain | Requested by | |
---|---|---|
23 | osqa-ask.wireshark.org |
osqa-ask.wireshark.org
|
3 | secure.gravatar.com |
osqa-ask.wireshark.org
|
3 | ajax.googleapis.com |
osqa-ask.wireshark.org
www.google.com |
2 | ssl.google-analytics.com |
osqa-ask.wireshark.org
|
1 | www.wireshark.org |
osqa-ask.wireshark.org
|
1 | www.google.com |
osqa-ask.wireshark.org
|
33 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
ask.wireshark.org |
www.sans.org |
daringfireball.net |
www.riverbed.com |
www.wireshark.org |
bugs.wireshark.org |
creativecommons.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl380445.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-08-07 - 2020-02-13 |
6 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-10-03 - 2019-12-26 |
3 months | crt.sh |
*.gravatar.com COMODO RSA Domain Validation Secure Server CA |
2018-09-06 - 2020-09-05 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-10-03 - 2019-12-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://osqa-ask.wireshark.org/questions/2824/unexplained-netbios-traffic
Frame ID: 4B32FF89299B5C0F6231C7D72A4C8100
Requests: 33 HTTP requests in this frame
Screenshot
Detected technologies
Python (Programming Languages) ExpandDetected patterns
- html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i
Django (Web Frameworks) Expand
Detected patterns
- html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: ask.wireshark.org
Search URL Search Domain Scan URL
Title: there's a worm that looks for machines to infect, and it sends out NetBIOS NBSTAT packets
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Riverbed Technology
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Wireshark web site
Search URL Search Domain Scan URL
Title: support
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
unexplained-netbios-traffic
osqa-ask.wireshark.org/questions/2824/ |
36 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
osqa-ask.wireshark.org/m/default/media/style/ |
24 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cstyle.css
osqa-ask.wireshark.org/ |
1 KB 526 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.7.1/themes/base/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsapi
www.google.com/ |
26 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osqa.main.js
osqa-ask.wireshark.org/m/default/media/js/ |
54 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osqa.question.js
osqa-ask.wireshark.org/m/default/media/js/ |
216 B 202 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.caret.js
osqa-ask.wireshark.org/m/default/media/js/ |
1 KB 746 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showdown.js
osqa-ask.wireshark.org/m/default/media/js/wmd/ |
35 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wmd.js
osqa-ask.wireshark.org/m/default/media/js/wmd/ |
70 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html_sanitizer.js
osqa-ask.wireshark.org/m/default/media/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wmd.css
osqa-ask.wireshark.org/m/default/media/js/wmd/ |
2 KB 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewbox_min.js
osqa-ask.wireshark.org/m/default/media/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.js
osqa-ask.wireshark.org/m/default/media/js/ |
137 B 185 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewbox.css
osqa-ask.wireshark.org/m/default/media/js/ |
2 KB 720 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wsbadge@186x57.png
osqa-ask.wireshark.org/upfiles/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a37c1e32633215d68a10f1767976f988
secure.gravatar.com/avatar/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f93de7000747ab5efb5acd3034b2ebd7
secure.gravatar.com/avatar/ |
978 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3b60e92020a427bb24332efc0b560943
secure.gravatar.com/avatar/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_riverbed_150.png
www.wireshark.org/image/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
by-sa-88x31.png
osqa-ask.wireshark.org/m/default/media/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.autocomplete.css
osqa-ask.wireshark.org/m/default/media/style/ |
495 B 305 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ |
92 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.17/ |
198 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vote-arrow-up.png
osqa-ask.wireshark.org/m/default/media/images/ |
843 B 924 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vote-arrow-down.png
osqa-ask.wireshark.org/m/default/media/images/ |
876 B 960 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vote-favorite-off.png
osqa-ask.wireshark.org/m/default/media/images/ |
930 B 1014 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dot-list.gif
osqa-ask.wireshark.org/m/default/media/images/ |
56 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vote-accepted-on.png
osqa-ask.wireshark.org/m/default/media/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feed-icon-small.png
osqa-ask.wireshark.org/m/default/media/images/ |
689 B 860 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wmd-buttons.png
osqa-ask.wireshark.org/m/default/media/js/wmd/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| googleLT_ object| google object| ca function| google_exportSymbol function| google_exportProperty string| i18nLang string| appUrl string| scriptUrl string| osqaSkin object| messages function| $ function| jQuery function| DP_jQuery_1571772970554 object| response_commands function| show_dialog function| show_message function| load_prompt function| process_ajax_response boolean| running function| start_command function| end_command number| comment_box_cursor_position function| canned_comment function| pickedTags undefined| __onload function| mediaUrl object| i18nZh object| i18nEn object| i18nEs object| i18n object| i18n_dict object| notify function| yourWorkWillBeLost function| browserTester object| Hilite object| Attacklab object| Showdown function| ajaxFileUpload object| html4 object| html function| html_sanitize function| submitClicked function| beforeUnload object| _gaq object| rExp object| interestingTags object| ignoredTags object| _gat object| gaGlobal9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.osqa-ask.wireshark.org/ | Name: __utmb Value: 159738531.1.10.1571772971 |
|
.osqa-ask.wireshark.org/ | Name: __utmt Value: 1 |
|
.osqa-ask.wireshark.org/ | Name: __utmz Value: 159738531.1571772971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.osqa-ask.wireshark.org/ | Name: __utmc Value: 159738531 |
|
osqa-ask.wireshark.org/ | Name: greeting_set Value: True |
|
.osqa-ask.wireshark.org/ | Name: __utma Value: 159738531.422116955.1571772971.1571772971.1571772971.1 |
|
osqa-ask.wireshark.org/ | Name: csrftoken Value: 4Rz7vNIJNay95ywJmdoVvAXJNr1Wd8KM |
|
osqa-ask.wireshark.org/ | Name: sessionid Value: wg91l45w39p7lsq8o1eg31xvd7yg4nwa |
|
.wireshark.org/ | Name: __cfduid Value: db6fe7d35d615354b1e72f888251ef4f31571772969 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
osqa-ask.wireshark.org
secure.gravatar.com
ssl.google-analytics.com
www.google.com
www.wireshark.org
2606:4700:20::6819:db15
2a00:1450:4001:816::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2008
2a04:fa87:fffe::c000:4902
027264ecdb69cf12c6c3d0a6413fa3ade311a72102d40b1acaa7af8d240fd7c8
09d914dd25cb0460b9042ede089b8875fdb2681390c0f365065e990cc58ce43b
1053d247b8642723d6866ed10752605ebf808fa396511b8b79df79ff2e8826c4
1092fa24b19ebd204d0b3dd39a8303795e30c90ed4e25221026fccd0476a2b73
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1469e43eaed21f928c5201f630e34aa83f34dbe47b01ec143f72145f1ebfb38d
1619d2bb09409180913ccb70963de139c038ae6c93f614018d20c6e8b7945596
1e29e8c47091821cf1ff2036555d58662f2fb21a9614dd41977a7eb9e6733b40
2314013bb7e7fc0e3ceee1d16a94f6c2dab2ce96a5d56b3a0b8943d9bd5b36a7
3017e39707c6adb55e039db6b6ed8f35fad5fc93f94ffdcb5c3987f090466e9a
3ca03ee3f6911acc7806866a3e97cff2f3f29b93f62aad488ba1439e8f765b54
3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641
56ac519d0ffdb4474b8aec89bfc14026929724ddc289ca27fc70e5cf2ac04512
6b430be02756916e027abbef7ae9244b0b6af5761e5f70f11939b78affac5e69
6eff1661cd1f7e68def49c037fcc6f8ca1c75d7dacee9f8b47519ec028b62068
72a35e66b5b860677d9e8b398b6a0d8c6ed677c39e6c8f5876027837188fdf77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8
a27291eaae86309a9cbc6820a249c32002d9c6c120beef9da7b3ffeb2a454506
ac3412d5d5c9c915c101ad10b9999ebf48f4281304fa80aa5eba2b32a8433242
aed3d34ec0b9ebcddd6e5bbd47fc2a876840fea56b18623e78c40f1ead15f171
b9595f9abd2aa4d24b14e872b5f0d62e760593a0c603f512af74f93deba2b3c2
b98594c2cb33c99d4ddd0f844f76bd10e75e4f7b534338f18c74d7dad93050c7
c102909bd981444e7456e2e604c90094c25f9f3e65415b71687b0d1766da4421
c2040b12f2d6cb568ddc33587a070a29a18fed20099260c3ecbbfdbd62042f7b
c41548322707799a806e85aab799722dc7c9c2b1a41277fd7d431b4e54ad1705
d7e68f4a5c88108711f928f307a0b199338506df884e328beb535c1c61bc69d2
d90fb00859414e385608f5c480a3f4a58156818eba0fff0553558edcab49e60e
dae28723f8c341ab540c81f001b632727f79189adf3d8b415534d061558102db
f71174a226bf42aad087c7aa6849b1d52069ff73a12dc81d9581ee85933d277f
fc13fe0a48bf5175b333dfd72a6ff91697642d81cae78b79284e9b44c8120c9e
ffddd6cc26e7efd7463bd533f12f5e89c89678b65ffe4a521e3ea11ebfa2fa9b