来自我的计算机的未知https呼叫
我从Fiddler那里截获了奇怪的通话记录 电话反复出现 我用几个关键词搜索了一下,但没有任何线索 有人知道这件事吗 CNT CON 216 上下文:公元前67年 最后消息Id:0来自我的计算机的未知https呼叫,http,https,fiddler,Http,Https,Fiddler,我从Fiddler那里截获了奇怪的通话记录 电话反复出现 我用几个关键词搜索了一下,但没有任何线索 有人知道这件事吗 CNT CON 216 上下文:公元前67年 最后消息Id:0 ------------------------------------------------------------------ CNT https://1 CON 231 Context: 6402 Last-Msg-Id: 159d428c446a5b3e --------------------
------------------------------------------------------------------
CNT https://1 CON 231
Context: 6402
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 61ce
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 5dc2
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 5be6
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 581c
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 5642
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 52bd
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 5156
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 4da3
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 4cce
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 4912
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 48c3
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 4510
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 44f3
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 4171
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 4164
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 3e64
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 3e5e
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 3bee
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 3bee
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 39e7
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
CNT https://1 CON 216
Context: 39e7
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 216
Context: 39dd
Last-Msg-Id: 0
------------------------------------------------------------------
CNT https://1 CON 231
Context: 39dd
Last-Msg-Id: 159d428c446a5b3e
------------------------------------------------------------------
是的,我以前见过这个,来自Windows资源管理器进程。这是无害的,但基本上是客户端试图通过HTTPS代理隧道发送非HTTP流量,因为这不是合法的HTTPS流量,所以会出现奇怪的解析错误,如屏幕截图所示
遗憾的是,我不记得我的发现是什么特定的Windows功能导致了这种情况。请参阅中的
wnpconnmanager.cpp
备注,可能这是来自Windows通知服务?捕获此奇怪的HTTP请求时,哪个应用程序/进程正在运行?@ELaRoche the weired是图片中的红色调用。@shaochuancs我不知道Fiddler提供了进程信息。我确认电话来自OneDrive应用程序。谢谢大家:)我会用Wireshark挖得更深一点。我已经使用Fiddler多年了,没有遇到过您的场景。