Network Analysis
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.microsoft.com | 23.200.154.12 | |
| download.visualstudio.microsoft.com |
CNAME
cs10.wpc.v0cdn.net
CNAME
4316b.wpc.azureedge.net
|
192.229.232.200 |
- UDP Requests
-
-
192.168.56.101:53004 164.124.101.2:53
-
192.168.56.101:53850 164.124.101.2:53
-
192.168.56.101:54148 164.124.101.2:53
-
192.168.56.101:55146 164.124.101.2:53
-
192.168.56.101:59002 164.124.101.2:53
-
192.168.56.101:137 192.168.56.255:137
-
192.168.56.101:138 192.168.56.255:138
-
192.168.56.101:54151 239.255.255.250:1900
-
52.231.114.183:123 192.168.56.101:123
-
HEAD
200
https://download.visualstudio.microsoft.com/download/pr/7afca223-55d2-470a-8edc-6a1739ae3252/f3ce41d8623e237d717257d9ae4cec5f/netfx_full_cab.exe
REQUEST
RESPONSE
BODY
HEAD /download/pr/7afca223-55d2-470a-8edc-6a1739ae3252/f3ce41d8623e237d717257d9ae4cec5f/netfx_full_cab.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 254207
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=netfx_full_cab.exe; filename*=UTF-8''netfx_full_cab.exe
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:47 GMT
Etag: "0x818FB11A530FB7A5872D1A4E08600A8CDD74CBF51151A09A480E1AA1979392D1"
Last-Modified: Fri, 05 Apr 2019 21:58:44 GMT
Server: ECAcc (tkb/7395)
X-Azure-Ref: 0s3oYZAAAAADLqIVIimzrS6T9XqPAOAKiSEtCRURHRTA3MTcAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: 42547BDB3CA84E2D87B7B79FB4919204 Ref B: SG2EDGE2619 Ref C: 2023-04-08T07:06:51Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: 2CC5470B600D4AF3938C93624C553B03 Ref B: HKBEDGE0509 Ref C: 2023-04-10T05:36:49Z
Content-Length: 49304816
GET
200
https://download.visualstudio.microsoft.com/download/pr/7afca223-55d2-470a-8edc-6a1739ae3252/f3ce41d8623e237d717257d9ae4cec5f/netfx_full_cab.exe
REQUEST
RESPONSE
BODY
GET /download/pr/7afca223-55d2-470a-8edc-6a1739ae3252/f3ce41d8623e237d717257d9ae4cec5f/netfx_full_cab.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 05 Apr 2019 21:58:44 GMT
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 254207
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=netfx_full_cab.exe; filename*=UTF-8''netfx_full_cab.exe
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:47 GMT
Etag: "0x818FB11A530FB7A5872D1A4E08600A8CDD74CBF51151A09A480E1AA1979392D1"
Last-Modified: Fri, 05 Apr 2019 21:58:44 GMT
Server: ECAcc (tkb/7395)
X-Azure-Ref: 0s3oYZAAAAADLqIVIimzrS6T9XqPAOAKiSEtCRURHRTA3MTcAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: 42547BDB3CA84E2D87B7B79FB4919204 Ref B: SG2EDGE2619 Ref C: 2023-04-08T07:06:51Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: 2CC5470B600D4AF3938C93624C553B03 Ref B: HKBEDGE0509 Ref C: 2023-04-10T05:36:49Z
Content-Length: 49304816
HEAD
200
https://download.visualstudio.microsoft.com/download/pr/9acd2157-dc1e-41fc-9f4d-35d56fc49f6b/c84b7777456bf0dc89c15571ffdb8e49/netfx_full_x64.msi
REQUEST
RESPONSE
BODY
HEAD /download/pr/9acd2157-dc1e-41fc-9f4d-35d56fc49f6b/c84b7777456bf0dc89c15571ffdb8e49/netfx_full_x64.msi HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 60276
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=netfx_full_x64.msi; filename*=UTF-8''netfx_full_x64.msi
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:57 GMT
Etag: "0x8DF3ED1CF956C42E552B61AEE60D0B5BC2D60ACCDB85DD2B57D9930945805A6D"
Last-Modified: Wed, 21 Apr 2021 01:13:55 GMT
Server: ECAcc (tkb/73AA)
X-Azure-Ref: 0XYQWZAAAAABHNWYfM5TVTKTk9oAM741+SEtCRURHRTA5MTUAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: 070286B0CD004D089EE2DCDBDBF43290 Ref B: SG2EDGE2511 Ref C: 2023-04-10T05:37:06Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: FB9A40172E8C4982A4BAA305515F81F8 Ref B: HKBEDGE0612 Ref C: 2023-04-10T05:37:06Z
Content-Length: 1806336
GET
200
https://download.visualstudio.microsoft.com/download/pr/9acd2157-dc1e-41fc-9f4d-35d56fc49f6b/c84b7777456bf0dc89c15571ffdb8e49/netfx_full_x64.msi
REQUEST
RESPONSE
BODY
GET /download/pr/9acd2157-dc1e-41fc-9f4d-35d56fc49f6b/c84b7777456bf0dc89c15571ffdb8e49/netfx_full_x64.msi HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 21 Apr 2021 01:13:55 GMT
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 60276
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=netfx_full_x64.msi; filename*=UTF-8''netfx_full_x64.msi
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:57 GMT
Etag: "0x8DF3ED1CF956C42E552B61AEE60D0B5BC2D60ACCDB85DD2B57D9930945805A6D"
Last-Modified: Wed, 21 Apr 2021 01:13:55 GMT
Server: ECAcc (tkb/73AA)
X-Azure-Ref: 0XYQWZAAAAABHNWYfM5TVTKTk9oAM741+SEtCRURHRTA5MTUAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: 070286B0CD004D089EE2DCDBDBF43290 Ref B: SG2EDGE2511 Ref C: 2023-04-10T05:37:06Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: FB9A40172E8C4982A4BAA305515F81F8 Ref B: HKBEDGE0612 Ref C: 2023-04-10T05:37:06Z
Content-Length: 1806336
HEAD
200
https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/55e5b1321b16ab92f5e8fd2ea9169147/netfx_patch_x64.msp
REQUEST
RESPONSE
BODY
HEAD /download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/55e5b1321b16ab92f5e8fd2ea9169147/netfx_patch_x64.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 60273
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=netfx_patch_x64.msp; filename*=UTF-8''netfx_patch_x64.msp
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:57 GMT
Etag: "0xD8B6EAE4C2DC857FA2DDFF1537705401E8E2913A7120391AE9FCAFE7AF8DF23B"
Last-Modified: Tue, 04 May 2021 22:41:31 GMT
Server: ECAcc (tkb/73F4)
X-Azure-Ref: 0EuQVZAAAAAB+2N75lk4uQ7W/9iz2+IISSEtCRURHRTA5MTcAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: 23A82475CAA44862AF17F202BA14788C Ref B: SG2EDGE2410 Ref C: 2023-04-10T14:23:30Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: B8902B42EA4840BFAD9713869B912884 Ref B: HKBEDGE0606 Ref C: 2023-04-10T14:23:30Z
Content-Length: 35827712
GET
200
https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/55e5b1321b16ab92f5e8fd2ea9169147/netfx_patch_x64.msp
REQUEST
RESPONSE
BODY
GET /download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/55e5b1321b16ab92f5e8fd2ea9169147/netfx_patch_x64.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 04 May 2021 22:41:31 GMT
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 60273
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=netfx_patch_x64.msp; filename*=UTF-8''netfx_patch_x64.msp
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:57 GMT
Etag: "0xD8B6EAE4C2DC857FA2DDFF1537705401E8E2913A7120391AE9FCAFE7AF8DF23B"
Last-Modified: Tue, 04 May 2021 22:41:31 GMT
Server: ECAcc (tkb/73F4)
X-Azure-Ref: 0EuQVZAAAAAB+2N75lk4uQ7W/9iz2+IISSEtCRURHRTA5MTcAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: 23A82475CAA44862AF17F202BA14788C Ref B: SG2EDGE2410 Ref C: 2023-04-10T14:23:30Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: B8902B42EA4840BFAD9713869B912884 Ref B: HKBEDGE0606 Ref C: 2023-04-10T14:23:30Z
Content-Length: 35827712
HEAD
200
https://download.visualstudio.microsoft.com/download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab
REQUEST
RESPONSE
BODY
HEAD /download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 213542
ApiVersion: Distribute 1.1
Cache-Control: public, max-age=259200
Content-Disposition: attachment; filename=windows6.1-kb4019990-x64.cab; filename*=UTF-8''windows6.1-kb4019990-x64.cab
Content-Type: application/octet-stream
Date: Wed, 05 Jul 2023 05:31:59 GMT
Etag: "0x692FA6CD68CC1D49F537FBE978D69545004F94A39234AB47F5E57524463360DD"
Last-Modified: Wed, 21 Apr 2021 02:18:59 GMT
Server: ECAcc (tkb/73B8)
X-Azure-Ref: 0yWsWZAAAAABRwRxZilidTL4ycsaKtVvTSEtCRURHRTA3MTcAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
X-Azure-Ref-OriginShield: Ref A: FD9ABCFF01C54F15A7A094956C5F10DE Ref B: SG2EDGE2415 Ref C: 2023-04-10T14:25:34Z
X-Cache: HIT
X-CCC: HK
X-CID: 7
X-MSEdge-Ref: Ref A: BECE8C2C241E454AA76DB40D8CD391A9 Ref B: HKBEDGE0621 Ref C: 2023-04-10T14:25:34Z
Content-Length: 2697733
GET
0
https://download.visualstudio.microsoft.com/download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab
REQUEST
RESPONSE
BODY
GET /download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 21 Apr 2021 02:18:59 GMT
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HEAD
0
https://download.visualstudio.microsoft.com/download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi
REQUEST
RESPONSE
BODY
HEAD /download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
GET
0
https://download.visualstudio.microsoft.com/download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi
REQUEST
RESPONSE
BODY
GET /download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 21 Apr 2021 02:55:54 GMT
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
HEAD
0
https://download.visualstudio.microsoft.com/download/pr/c2ad65ab-bab3-4d24-ada4-aaf2ff0c1266/2a3f786c480c1122ff3696ba1ad9564b/ndp48-x86-x64-allos-kor.exe
REQUEST
RESPONSE
BODY
HEAD /download/pr/c2ad65ab-bab3-4d24-ada4-aaf2ff0c1266/2a3f786c480c1122ff3696ba1ad9564b/ndp48-x86-x64-allos-kor.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
GET
0
https://download.visualstudio.microsoft.com/download/pr/c2ad65ab-bab3-4d24-ada4-aaf2ff0c1266/2a3f786c480c1122ff3696ba1ad9564b/ndp48-x86-x64-allos-kor.exe
REQUEST
RESPONSE
BODY
GET /download/pr/c2ad65ab-bab3-4d24-ada4-aaf2ff0c1266/2a3f786c480c1122ff3696ba1ad9564b/ndp48-x86-x64-allos-kor.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Thu, 06 May 2021 05:48:53 GMT
User-Agent: Microsoft BITS/7.5
Host: download.visualstudio.microsoft.com
GET
200
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
REQUEST
RESPONSE
BODY
GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
HTTP/1.1 200 OK
Content-Length: 1141
Content-Type: application/octet-stream
Content-MD5: XmHGW1A5TszhwkGKwtKi6w==
Last-Modified: Wed, 21 Jun 2023 05:31:18 GMT
ETag: 0x8DB7218BD800A4C
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12c3c383-801e-0025-6703-a4eecc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 05 Jul 2023 05:31:45 GMT
Connection: keep-alive
GET
200
http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
REQUEST
RESPONSE
BODY
GET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.microsoft.com
HTTP/1.1 200 OK
Content-Length: 1078
Content-Type: application/octet-stream
Content-MD5: DGcVncuvRacsqqBlfsWEfw==
Last-Modified: Thu, 25 May 2023 23:59:43 GMT
ETag: 0x8DB5D7C1C3C08E3
x-ms-request-id: 729f79e3-701e-007c-0416-91694f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 05 Jul 2023 05:31:45 GMT
Connection: keep-alive
TLS_version: UNKNOWN
ms-cv: CASMicrosoftCV859877bd.0
ms-cv-esi: CASMicrosoftCV859877bd.0
X-RTag: RT
GET
200
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl
REQUEST
RESPONSE
BODY
GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Fri, 05 Jun 2020 05:01:05 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
HTTP/1.1 200 OK
Content-Length: 767
Content-Type: application/pkix-crl
Content-MD5: aHL66CiNs0IH2efuNQFX9A==
Last-Modified: Fri, 07 May 2021 05:00:53 GMT
ETag: 0x8D91115179E37D7
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7bbc895b-c01e-00a4-733e-947d94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 05 Jul 2023 05:31:45 GMT
Connection: keep-alive
GET
200
http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl
REQUEST
RESPONSE
BODY
GET /pki/crl/products/MicrosoftTimeStampPCA.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Sun, 17 May 2020 05:00:57 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
HTTP/1.1 200 OK
Content-Length: 519
Content-Type: application/octet-stream
Content-MD5: 6Vr5sDUT1ynSj9iQz/Tr6Q==
Last-Modified: Tue, 30 Mar 2021 15:18:44 GMT
ETag: 0x8D8F38F1BA23B59
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44db1260-b01e-00c6-5e3e-943a4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Unused62: 8096267
Date: Wed, 05 Jul 2023 05:31:45 GMT
Connection: keep-alive
HEAD
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full.mzz
REQUEST
RESPONSE
BODY
HEAD /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full.mzz HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/7afca223-55d2-470a-8edc-6a1739ae3252/f3ce41d8623e237d717257d9ae4cec5f/netfx_full_cab.exe
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:46 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full.mzz
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full.mzz HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Fri, 05 Apr 2019 21:58:44 GMT
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/7afca223-55d2-470a-8edc-6a1739ae3252/f3ce41d8623e237d717257d9ae4cec5f/netfx_full_cab.exe
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:47 GMT
Connection: keep-alive
GET
200
http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl
REQUEST
RESPONSE
BODY
GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Fri, 15 May 2020 05:01:08 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
HTTP/1.1 200 OK
Content-Length: 564
Content-Type: application/octet-stream
Content-MD5: 4HF4kBpOqsKBa7I47DqA2w==
Last-Modified: Tue, 11 Aug 2020 21:46:56 GMT
ETag: 0x8D83E4011579DF4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44db0cdd-b01e-00c6-6a3e-943a4c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Unused62: 8096267
Date: Wed, 05 Jul 2023 05:31:48 GMT
Connection: keep-alive
HEAD
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full_x64.msi
REQUEST
RESPONSE
BODY
HEAD /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full_x64.msi HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/9acd2157-dc1e-41fc-9f4d-35d56fc49f6b/c84b7777456bf0dc89c15571ffdb8e49/netfx_full_x64.msi
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:57 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full_x64.msi
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=03761.00&sar=amd64&o1=netfx_Full_x64.msi HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 21 Apr 2021 01:13:55 GMT
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/9acd2157-dc1e-41fc-9f4d-35d56fc49f6b/c84b7777456bf0dc89c15571ffdb8e49/netfx_full_x64.msi
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:57 GMT
Connection: keep-alive
GET
200
http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl
REQUEST
RESPONSE
BODY
GET /pki/crl/products/MicRooCerAut_2010-06-23.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
HTTP/1.1 200 OK
Content-Length: 824
Content-Type: application/octet-stream
Content-MD5: 2J2/u84nJJgs8hkpiwsMZQ==
Last-Modified: Fri, 05 May 2023 22:27:19 GMT
ETag: 0x8DB4DB7E39B2D94
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6434b30d-001e-0004-32a4-7fcab7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 05 Jul 2023 05:31:57 GMT
Connection: keep-alive
GET
200
http://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl
REQUEST
RESPONSE
BODY
GET /pki/crl/products/MicTimStaPCA_2010-07-01.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
HTTP/1.1 200 OK
Content-Length: 555
Content-Type: application/octet-stream
Content-MD5: DlIC+jhZB6lkMOx/V+efHw==
Last-Modified: Mon, 24 Apr 2023 21:03:12 GMT
ETag: 0x8DB4507509519DF
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1c021863-201e-0013-42f9-7663bc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 05 Jul 2023 05:31:57 GMT
Connection: keep-alive
HEAD
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=04115.00&sar=amd64&o1=netfx_Patch_x64.msp
REQUEST
RESPONSE
BODY
HEAD /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=04115.00&sar=amd64&o1=netfx_Patch_x64.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/55e5b1321b16ab92f5e8fd2ea9169147/netfx_patch_x64.msp
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:57 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=04115.00&sar=amd64&o1=netfx_Patch_x64.msp
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x409&ar=04115.00&sar=amd64&o1=netfx_Patch_x64.msp HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 04 May 2021 22:41:31 GMT
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/55e5b1321b16ab92f5e8fd2ea9169147/netfx_patch_x64.msp
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:57 GMT
Connection: keep-alive
HEAD
302
http://go.microsoft.com/fwlink/?LinkId=862008
REQUEST
RESPONSE
BODY
HEAD /fwlink/?LinkId=862008 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Content-Length: 0
Expires: Wed, 05 Jul 2023 05:31:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:59 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?LinkId=862008
REQUEST
RESPONSE
BODY
GET /fwlink/?LinkId=862008 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 21 Apr 2021 02:18:59 GMT
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/887938c3-2a46-4069-a0b1-207035f1dd82/f0771dabc43ba46cfe9e3481840a7944/windows6.1-kb4019990-x64.cab
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:31:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:31:59 GMT
Connection: keep-alive
HEAD
302
http://go.microsoft.com/fwlink/?LinkId=249120&clcid=0x409
REQUEST
RESPONSE
BODY
HEAD /fwlink/?LinkId=249120&clcid=0x409 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Content-Length: 0
Expires: Wed, 05 Jul 2023 05:32:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:32:00 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?LinkId=249120&clcid=0x409
REQUEST
RESPONSE
BODY
GET /fwlink/?LinkId=249120&clcid=0x409 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 21 Apr 2021 02:55:54 GMT
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/375f6a02-34bc-4b7d-ad8b-957789cf81e8/e4abafc291524af6e2b478f5d4857f0a/netfx_full_x64.msi
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:32:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:32:00 GMT
Connection: keep-alive
HEAD
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x412&ar=03761.00&sar=amd64&o1=NDP48-x86-x64-AllOS-KOR.exe
REQUEST
RESPONSE
BODY
HEAD /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x412&ar=03761.00&sar=amd64&o1=NDP48-x86-x64-AllOS-KOR.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/c2ad65ab-bab3-4d24-ada4-aaf2ff0c1266/2a3f786c480c1122ff3696ba1ad9564b/ndp48-x86-x64-allos-kor.exe
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Content-Length: 0
Expires: Wed, 05 Jul 2023 05:32:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:32:01 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x412&ar=03761.00&sar=amd64&o1=NDP48-x86-x64-AllOS-KOR.exe
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=netfx&sbp=Net48Rel1&plcid=0x409&clcid=0x412&ar=03761.00&sar=amd64&o1=NDP48-x86-x64-AllOS-KOR.exe HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Thu, 06 May 2021 05:48:53 GMT
User-Agent: Microsoft BITS/7.5
Host: go.microsoft.com
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://download.visualstudio.microsoft.com/download/pr/c2ad65ab-bab3-4d24-ada4-aaf2ff0c1266/2a3f786c480c1122ff3696ba1ad9564b/ndp48-x86-x64-allos-kor.exe
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Expires: Wed, 05 Jul 2023 05:32:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 05 Jul 2023 05:32:01 GMT
Connection: keep-alive
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 192.168.56.101:49177 -> 192.229.232.200:443 | 906200054 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
| Flow | Issuer | Subject | Fingerprint |
|---|---|---|---|
|
TLSv1 192.168.56.101:49177 192.229.232.200:443 |
C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA | C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=*.vo.msecnd.net | 0e:7d:a8:cd:fe:61:1e:46:97:a3:57:99:70:da:e0:59:1d:34:04:80 |
Snort Alerts
No Snort Alerts