| infradeploy.s3.us-east-2.amazonaws.com/ServerOnboarding.ps1 | 16.12.64.106 | | 243 B |
URL infradeploy.s3.us-east-2.amazonaws.com/ServerOnboarding.ps1 IP16.12.64.106:0
File typeXML 1.0 document, ASCII text Hash9c8d8fa36f4fca7b1aa45483b53140c9 021e4dc7e9736d506f7d76c44b04f089ff01c0ad 593446e76269767a1178254ef65025e8265f894ddd6356c2250068e9afdccf97
NIDS | Severity | Alert | suricata | medium | ET INFO PS1 Powershell File Request |
GET /ServerOnboarding.ps1 HTTP/1.1
Host: infradeploy.s3.us-east-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-request-id: MZWC87XB4658DBGZ
x-amz-id-2: TECEoLB16C8YqLJCQZui52LgSvwUaze8cLanZAl5cYwhGkpg1t/fRN1TUqeZw/1rJwbYctErVJQ=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 18 Apr 2024 18:26:03 GMT
Server: AmazonS3
|
| infradeploy.s3.us-east-2.amazonaws.com/ServerOnboarding.ps1 | 52.219.105.218 | | 243 B |
URL infradeploy.s3.us-east-2.amazonaws.com/ServerOnboarding.ps1 IP52.219.105.218:0
File typeXML 1.0 document, ASCII text Hash54110e72a6249317f961fce421de2360 340743234c7971ce83110d4f28fe228aa2ad84d7 fb8c78fe8e4c57a18d855674bb85c279f435b83996ec1d5a515ece272fae0855
NIDS | Severity | Alert | suricata | medium | ET INFO PS1 Powershell File Request |
GET /ServerOnboarding.ps1 HTTP/1.1
Host: infradeploy.s3.us-east-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-request-id: VBKZRYCCYDZRRXDJ
x-amz-id-2: SabQWBNYaNHRSHJA7hGxloU1uvgnPEE+9LB4FnBLd6Db1C2lw7z/lqhWwFP6C9wGZDyYs6dd3Uc=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 18 Apr 2024 18:26:03 GMT
Server: AmazonS3
|
| infradeploy.s3.us-east-2.amazonaws.com/favicon.ico | 52.219.105.218 | | 243 B |
URL infradeploy.s3.us-east-2.amazonaws.com/favicon.ico IP52.219.105.218:0
File typeXML 1.0 document, ASCII text Hashfacd384d8d5e495152305735594887c2 e754143fb3ba1b58d520da932e3f04229fb37204 80a5bc7a676bf155f1f2072bad8faa83dd2f101babccbed7247c98f5fa75a148
GET /favicon.ico HTTP/1.1
Host: infradeploy.s3.us-east-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://infradeploy.s3.us-east-2.amazonaws.com/ServerOnboarding.ps1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
x-amz-request-id: VBKH5BDXH7YDD97Q
x-amz-id-2: /Dfgpc24Odz6S+J3kfFmzSdvuGDsK1DPZlUQfX9Xp8nL7+AO3m5UJbLphdrIr9UjOCGj3J4BBi4=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 18 Apr 2024 18:26:03 GMT
Server: AmazonS3
|