Network Analysis
Name | Response | Post-Analysis Lookup |
---|---|---|
learn.microsoft.com | 23.210.37.172 |
- TCP Requests
-
-
192.168.56.101:49234 117.18.232.200:80
-
192.168.56.101:49186 184.26.114.120:80
-
192.168.56.101:49209 184.26.114.120:80
-
184.26.114.120:80 192.168.56.101:49221
-
192.168.56.101:49222 184.26.114.120:80
-
192.168.56.101:49188 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49189 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49190 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49191 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49192 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49193 23.40.45.69:443learn.microsoft.com
-
23.40.45.69:443 192.168.56.101:49194
-
192.168.56.101:49211 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49212 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49213 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49214 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49215 23.40.45.69:443learn.microsoft.com
-
23.40.45.69:443 192.168.56.101:49216
-
192.168.56.101:49223 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49224 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49225 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49226 23.40.45.69:443learn.microsoft.com
-
192.168.56.101:49227 23.40.45.69:443learn.microsoft.com
-
23.40.45.69:443 192.168.56.101:49228
-
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: go.microsoft.com
Connection: Keep-Alive
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0
Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
X-Response-Cache-Status: True
Expires: Tue, 23 Jul 2024 22:40:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 23 Jul 2024 22:40:43 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: go.microsoft.com
Connection: Keep-Alive
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0
Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
X-Response-Cache-Status: True
Expires: Tue, 23 Jul 2024 22:40:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 23 Jul 2024 22:40:51 GMT
Connection: keep-alive
GET
302
http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0
REQUEST
RESPONSE
BODY
GET /fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: go.microsoft.com
Connection: Keep-Alive
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Server: Kestrel
Location: https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=svchost.exe&platform=0009&osver=5&isServer=0
Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
X-Response-Cache-Status: True
Expires: Tue, 23 Jul 2024 22:41:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 23 Jul 2024 22:41:00 GMT
Connection: keep-alive
GET
200
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
REQUEST
RESPONSE
BODY
GET /IE9CompatViewList.xml HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: ie9cvlist.ie.microsoft.com
If-Modified-Since: Thu, 21 Nov 2019 19:37:08 GMT
If-None-Match: 0x8D76EBA32AF0BC3
Connection: Keep-Alive
HTTP/1.1 200 OK
Content-Encoding: gzip
Age: 12231
Cache-Control: max-age=21600
Content-MD5: p9g4jsuZO6TaLMVAI9ujVg==
Content-Type: text/xml
Date: Tue, 23 Jul 2024 22:41:42 GMT
Etag: 0x8D9521D2D2DF1EC
Last-Modified: Wed, 28 Jul 2021 23:12:31 GMT
Server: ECAcc (tka/897A)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5081dc44-201e-006c-6135-dd8397000000
x-ms-version: 2009-09-19
Content-Length: 13702
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts