1. 首页
  2. 问答
  3. 来自我的电脑的未知https呼叫

来自我的电脑的未知https呼叫

2017-03-21 12 views
0

我从Fiddler捕获了奇怪的通话记录。来自我的电脑的未知https呼叫

呼叫重复发生。

我用几个关键字搜索它,但没有线索。

有人知道吗?

enter image description here

CNT https://1 CON 216 语境:67bc 最后-MSG-ID:0

------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 6402 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 61ce 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 5dc2 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 5be6 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 581c 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 5642 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 52bd 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 5156 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 4da3 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 4cce 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 4912 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 48c3 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 4510 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 44f3 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 4171 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 4164 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 3e64 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 3e5e 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 3bee 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 3bee 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 39e7 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 39e7 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 216 
Context: 39dd 
Last-Msg-Id: 0 




------------------------------------------------------------------ 

CNT https://1 CON 231 
Context: 39dd 
Last-Msg-Id: 159d428c446a5b3e 




------------------------------------------------------------------

来源

2017-03-21 Daeyeon Joo

+0

什么是“有线通话”? –

+0

当这个奇怪的HTTP请求被捕获时,哪个应用程序/进程正在运行? – shaochuancs

+0

@ELaRoche weired是图片中的红色电话。 –

回答

0

是啊,我以前见过这个,从Windows Explorer进程的到来。这是无害的,但基本上发生的事情是客户端试图通过HTTPS代理隧道发送非HTTP流量,并且由于它不是合法的HTTPS流量,因此会出现奇怪的分析错误,如截图所示。

不幸的是,我不记得我的调查结果是什么特定的Windows功能引起的。请参阅wnpconnmanager.cpp备注https://github.com/cvandeplas/plaso/blob/master/test_data/skydriveerr.log,这可能来自Windows通知服务?

来源

2017-03-29 16:39:23 EricLaw

相关问题

 相关问题