| dot.net/v1/dotnet-install.ps1 | 20.236.44.162 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2dot.net/v1/dotnet-install.ps1 IP20.236.44.162:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectvb.dev FingerprintAA:A7:C1:27:00:18:B4:AE:CA:AC:C4:6B:FA:59:44:1C:3B:6E:9B:7E ValidityTue, 16 Apr 2024 09:09:51 GMT - Fri, 11 Apr 2025 09:09:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/dotnet-install.ps1 HTTP/1.1
Host: dot.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 23:05:31 GMT
server: Kestrel
location: https://dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1
content-length: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
| dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1 | 13.107.246.53 | 403 Forbidden | 1.3 kB |
URL User Request GET HTTP/2dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectdotnet.microsoft.com FingerprintC2:2D:EF:8B:24:2D:FA:B2:B5:4F:1F:4E:15:7D:72:1A:A2:07:3B:81 ValidityFri, 22 Mar 2024 17:48:50 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashc98c13fbfd7bd335cb194c733ed5c23f 3b858ffb8fd06ac31977e1bc9c78c82627e4e980 3be1350c731a1f9066de4f492a57ae9390cd47298e76af7f76b38861fa885228
NIDS | Severity | Alert | suricata | medium | ET INFO PS1 Powershell File Request |
GET /download/dotnet/scripts/v1/dotnet-install.ps1 HTTP/1.1
Host: dotnet.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 23:05:32 GMT
content-type: text/html
content-length: 1261
cache-control: no-store
x-azure-ref: 20240418T230532Z-17f9dd4c48bd57sl1ck94su90c00000002p0000000004tne
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
| dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1 | 13.107.213.53 | 403 Forbidden | 1.3 kB |
URL User Request GET HTTP/2dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectdotnet.microsoft.com FingerprintC2:2D:EF:8B:24:2D:FA:B2:B5:4F:1F:4E:15:7D:72:1A:A2:07:3B:81 ValidityFri, 22 Mar 2024 17:48:50 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashccf20a7677c9c5470e3a2662ec1e69dd 8da66e5a1a2daffac90a74615d2841b471bb86ce b3a53b7ab84c69d0112b7b6d7822d9349426d09e83a7952a960c4ceb8da099b7
NIDS | Severity | Alert | suricata | medium | ET INFO PS1 Powershell File Request |
GET /download/dotnet/scripts/v1/dotnet-install.ps1 HTTP/1.1
Host: dotnet.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 18 Apr 2024 23:05:33 GMT
Content-Type: text/html
Content-Length: 1261
Connection: close
Cache-Control: no-store
x-azure-ref: 20240418T230533Z-17f9dd4c48bpw5gpvd09qb5x4400000002z0000000000wp9
X-Cache: CONFIG_NOCACHE
|
| dotnet.microsoft.com/favicon.ico | 13.107.213.53 | 403 Forbidden | 1.3 kB |
URL GET HTTP/1.1dotnet.microsoft.com/favicon.ico IP13.107.213.53:80 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttp://dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1
File typeHTML document, ASCII text Hash08f6505647fbb6db03638352d6e03f88 59a837372308fa6f3056e84b999a53844d18b74c b432aec08aec95db63e56228ffd98f9fd55912fdd99b82cf66625797e8036afd
GET /favicon.ico HTTP/1.1
Host: dotnet.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.ps1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 18 Apr 2024 23:05:33 GMT
Content-Type: text/html
Content-Length: 1261
Connection: close
Cache-Control: no-store
x-azure-ref: 20240418T230533Z-17f9dd4c48b5st7ze9vsq76th0000000009g000000007fhg
X-Cache: CONFIG_NOCACHE
|