Solved Why does Win7 frequently try to access Akamai servers through svchost?

VeganCaramel

New member
Local time
11:29 PM
Messages
12
Win 7 frequently tries to access Akamai servers through svchost.
Win XP never tries to do this.
Anyone know what M$ added to Win 7 that's trying to access these servers?

Notes:
- Win 7 does this even after a fresh install with no other software installed.
- Don't need any guesses. I have a whole list of guesses from googling. I'm wondering if anyone knows what Windows is actually doing.
- I'm using Win 7 Ultimate x64, super lean; no bells & whistles active; all non-mandatory services disabled, including Windows Update.

SOLVED:
Two Windows services, CryptSvc and NlaSvc, were trying to contact Akamai servers via svchost.
After monitoring their traffic, it appears CryptSvc may have been engaging in CRL activities and NlaSvc may have been engaging in NCSI activities. Much of the traffic was, understandably, not easily decipherable so I can't pass judgement on whether or not the communications were entirely innocent/harmless. Elsewhere in this thread, I've posted the results of the monitoring if you want to have a look.
Disabling CRL checking and Active Probing put an end to the Akamai server contact attempts. I posted more details and instructions elsewhere in this thread.
 
Last edited:

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Thanks for the links.
I had never come across DnsEye. I'm sure I'll find it quite useful.
I have the Windows Update service completely disabled so I certainly hope Win 7 isn't still attempting to contact update servers.
Here are some of the Akamai IP's svchost has tried to connect to.
Code:
184.25.56.98
104.99.238.11
23.62.239.25
173.223.52.193
23.216.10.201
63.217.21.26
2.16.4.178
184.51.0.250
184.28.188.193
23.209.179.27
104.93.82.19
104.93.82.11
This is all I got when attempting a tracert on one of them:
 

Attachments

  • tracert.png
    tracert.png
    33.6 KB · Views: 40

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
Tracert is run via Elevated Command Propmt - not DNS Eye. Your DNS Eye screenshot shows reverse DNS lookups for those two ip addresses.

RE: "Here are some of the Akamai IP's svchost has tried to connect to"

On my machine ii only tries to connect to one Local Akami server when Windows Updates checks/ downloads are running.

Maybe you have MS Office Suite or other additinal MS Products installed that check for updates? I don't have any additional MS software on my machine so cannot say for sure if this is the case.

Check services running under svchost.

Svchost Process Analyzer - a svchost.exe file checker
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Tracert is run via Elevated Command Propmt - not DNS Eye
.
Yeah, that screen cap is of what DnsEye displayed when I ran the Tracert on one of the above-listed Akamai IP's via elevated command prompt.

Maybe you have MS Office Suite or other additinal MS Products installed that check for updates?
No, but thanks for reminding me about SvchostAnalyzer.
I had planned to use it a while back for this very purpose but completely forgot about it. Nothing unexpected running right now but I'll be sure to fire it up the next time svchost tries to connect to an Akamai server.
 

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
You could try setting windows updates settings to "never check for updates" for a couple of days and if you don't get any connections then you can rule out anything else.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
It's considered as malware it's a p2p program which is used for streaming getting the file from lots of places problem is it keeps using your bandwidth to feed other people remove it from the system it's not part of Windows
 

My Computer My Computer

At a glance

win 8 32 bit
Computer type
PC/Desktop
OS
win 8 32 bit
You could try setting windows updates settings to "never check for updates"
That's what it's always set to, plus the service is disabled via services.msc
I only allow it to be enabled for a short period after I install the OS then it stays disabled.
 

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
You can try netstat logging. I use EssentialNetTools with logging enabled. Anyway I've just seen the same thing on my machine:

PID 980
Essential NetTools.jpg

Connects to Akamai Server but only briefly
IPNetInfo.jpg

Something running under one of these services is responsible
Svchost Process Analyzer.jpg

That's as far as I get at the moment.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Okay solved on my machine at least. Split those services into own process. Ran CrowdInspect to show full path of process.

C:\Program Files (x86)\** *******\*******.exe|2388|--|OK|??|??|TCP|Established|192.168.1.64|1089|23.204.149.152|80|a23-204-149-152.deploy.static.akamaitechnologies.com


Program with obscured name (due to forum rules) is connecting. Nothing to do with Microsoft. Some softwares use Akamai servers to distribute load rather than using their own servers.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Might that just be some other program which happens to connect Akamai servers?
I know I have at least one other program (Firefox) that attemps to connect to an Akamai server.

Anyway, I have four services listed for the svchost instance that's accessing Akamai servers (see attached image).
I tried splitting the services out into their own processes using the following commands:

Code:
SC Config CryptSvc Type= own
SC Config Dnscache Type= own
SC Config LanmanWorkstation Type= own
SC Config NlaSvc Type= own
CrowdInspect still showed that it was svchost trying to connect to an Akamai server (for the full path it just showed the usual path to svchost.exe).
Did you use a different method to split them into their own processes?
 

Attachments

  • svchostanalyzer.png
    svchostanalyzer.png
    12.5 KB · Views: 2

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
No I used the same method. About the only difference i can see is that on my machine DNS Client Service is actually disabled due to the use of a large HOSTS file.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Thanks Callender for the excellent tool recommendations. They're going to be very useful in future troubleshooting.
It looks like your idea to split the services out into their own processes may have been the final key to tracking down the culprit.
After splitting the services out, CrowdInspect wasn't able to give me the info I needed (that I could see), but it looks like ProcessExplorer was.
ProcessExplorer appears to be showing that CryptSvc is what's trying to access the Akamai servers via svchost.
So, for now, I'll move onto researching and monitoring CryptSvc. I'll post any interesting findings.
 

Attachments

  • NetTools.png
    NetTools.png
    19 KB · Views: 4
  • ProcessExplorer.png
    ProcessExplorer.png
    7 KB · Views: 14

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
Let me know if you track it down please!
 

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware

My Computer My Computer

At a glance

Microsoft Windows 7 Home Premium 64-bit 7601 ...AMD C-60 APU with Radeon(tm) HD Graphics4.00 GBAMD Radeon HD 6290 Graphics
Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
I see your screenshot shows the port used. See if OpView displays the process using the port (other than svchost)
It just shows svchost

Some FAQ's about port numbers and types of traffic here: End-User FAQ | Customer Support | Akamai
The connection is TCP IPv6 from a dynamic local port (always in the 40000 & 50000 range so far) to port 80 on the Akamai server.
 

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
There were apparently two different services frequently attempting to contact Akamai servers via svchost.
Cryptographic Service (CryptSvc) and the Network Location Awareness Service (NlaSvc).

It appears CryptSvc was doing so as part of Certificate Revocation List (CRL) checking activities.
More info on CRL here and here.

And it appears NlaSvc was doing so as part of Network Connection Status Indicator (NCSI) activities.
More info on NCSI here.

I monitored the Akamai contact attempts of both services using Microsoft Message Analyzer.
Below I'll post the results of that monitoring.

To put an end to the attempts, I disabled the CRL checking of CryptSvc and the Active Probing of NlaSvc.
You may or may not experience issues from disabling these things. You can simply re-enable them if you do. Personally, I've experience no issues.

To disable CRL checking:
1. Control Panel > Internet Options > Advanced
2. scroll down to the security section and uncheck "Check for publisher's certificate revocation"
note: I also unchecked "Check for server certificate revocation" and "Check for signatures on downloaded programs" but that may not be necessary
3. restart the computer

To disable Active Probing:
1. open regedit
2. HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > NlaSvc > Parameters > Internet
3. change the value of EnableActiveProbing to 0
4. restart the computer
 

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
Results of Microsoft Message Analyzer monitoring CryptSvc attempting to contact Akamai servers via svchost
Code:
MessageNumber          Timestamp			    TimeElapsed 	 Source 				    Destination 			       Module   		Summary 																		   ProcessId          Message

74      	       2017-01-24T18:07:17.1650888          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       TCP      		Flags: ......S., SrcPort: 50660, DstPort: HTTP(80), Length: 0, Seq Range: 1434632888 - 1434632889, Ack: 0, Win: 8192(negotiating scale factor: 2)          1512 	      Åä.PU.¸...... .ÉQ.....´........
74      	       2017-01-24T18:07:17.1650888          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       IPv4     		Next Protocol: TCP, Packet ID: 19090, Total Length: 52  												   1512 	      E..4J.@.....À¨.¸...»Åä.PU.¸...... .ÉQ.....´........
74      	       2017-01-24T18:07:17.1650888          --  		 AB-CD-EF-12-34-56 (my NIC MAC) 	    12-34-56-AB-CD-EF (my router MAC)          Ethernet 		Type: Internet IP (IPv4)																   1512 	      T*PÚ À.0gvê3..E..4J.@.....À¨.¸...»Åä.PU.¸...... .ÉQ.....´........
74      	       2017-01-24T18:07:17.1650888          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 66    												   1512 	      ........B...T*PÚ À.0gvê3..E..4J.@.....À¨.¸...»Åä.PU.¸...... .ÉQ.....´........
74      	       2017-01-24T18:07:17.1650888          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 1512, ThreadID: 3916, Size: 158       						   1512 	      .... ...L...è...H©µÀ¯vÒ..[è...|F.Gí0.·vÃé..........À..................................N.........B...T*PÚ À.0gvê3..E..4J.@.....À¨.¸...»Åä.PU.¸...... .ÉQ.....´........

77      	       2017-01-24T18:07:17.3608429          0.2012986   	 192.168.0.123  			    crl.microsoft.com   		       HTTP     		Operation, Status: Not Modified (304), GET /pki/crl/products/microsoftrootcert.crl, Version: HTTP/1.1   						   1512 	      --
77      	       2017-01-24T18:07:17.3608429          0.1988145   	 192.168.0.123  			    crl.microsoft.com   		       HTTP     		Request, GET /pki/crl/products/microsoftrootcert.crl, Version: HTTP/1.1 										   1512 	      GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
77      	       2017-01-24T18:07:17.3608429          0.0000093   	 192.168.0.123  			    a1363.dscg.akamai.net       	       TCP      		Flags: ...AP..., SrcPort: 50660, DstPort: HTTP(80), Length: 271, Seq Range: 1434632889 - 1434633160, Ack: 3671030482, Win: 66248(scale factor: 2)          1512 	      Åä.PU.¹ÚÏzÒP.@²ÊT..GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
77      	       2017-01-24T18:07:17.3608429          0.0000093   	 192.168.0.123  			    a1363.dscg.akamai.net       	       IPv4     		Next Protocol: TCP, Packet ID: 19092, Total Length: 311 												   1512 	      E..7J.@.....À¨.¸...»Åä.PU.¹ÚÏzÒP.@²ÊT..GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
77      	       2017-01-24T18:07:17.3608429          0.0000093   	 AB-CD-EF-12-34-56 (my NIC MAC) 	    12-34-56-AB-CD-EF (my router MAC)          Ethernet 		Type: Internet IP (IPv4)																   1512 	      T*PÚ À.0gvê3..E..7J.@.....À¨.¸...»Åä.PU.¹ÚÏzÒP.@²ÊT..GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
77      	       2017-01-24T18:07:17.3608429          0.0000093   	 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 325   												   1512 	      ........E...T*PÚ À.0gvê3..E..7J.@.....À¨.¸...»Åä.PU.¹ÚÏzÒP.@²ÊT..GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
77      	       2017-01-24T18:07:17.3608429          0.0000093   	 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 1512, ThreadID: 1236, Size: 361       						   1512 	      ditto
77      	       2017-01-24T18:07:17.3608429          --  		 --     				    --  				       EtwEvent 		EventId: 1001, GroupId: 2712398040, Length: 12  													   1512 	      é.Øè«¡............E...
77      	       2017-01-24T18:07:17.3608429          --  		 --     				    --  				       Etw      		[Fragment: Start] {9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 2000, ProcessID: 1512, ThreadID: 1236, Size: 102     				   1512 	      f... ...Ô...è...í.ÓÀ¯vÒ..[è...|F.Gí0.·vÃÐ..........@....................................é.Øè«¡............E...
78      	       2017-01-24T18:07:17.3608473          --  		 --     				    --  				       EtwEvent 		EventId: 1001, GroupId: 2712398040, Length: 54  													   1512 	      é.Øè«¡6...T*PÚ À.0gvê3..E..7J.@.....À¨.¸...»Åä.PU.¹ÚÏzÒP.@²ÊT..
78      	       2017-01-24T18:07:17.3608473          --  		 --     				    --  				       Etw      		[Fragment: Middle] {9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 2000, ProcessID: 1512, ThreadID: 1236, Size: 144    				   1512 	      .... ...Ô...è.....ÓÀ¯vÒ..[è...|F.Gí0.·vÃÐ.............................................@.é.Øè«¡6...T*PÚ À.0gvê3..E..7J.@.....À¨.¸...»Åä.PU.¹ÚÏzÒP.@²ÊT..
79      	       2017-01-24T18:07:17.3608522          --  		 --     				    --  				       EtwEvent 		EventId: 1001, GroupId: 2712398040, Length: 271 													   1512 	      é.Øè«¡....GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
79      	       2017-01-24T18:07:17.3608522          --  		 --     				    --  				       Etw      		[Fragment: End] {9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 2000, ProcessID: 1512, ThreadID: 1236, Size: 361       				   1512 	      i... ...Ô...è...J.ÓÀ¯vÒ..[è...|F.Gí0.·vÃÐ...............................................é.Øè«¡....GET /pki/crl/products/microsoftrootcert.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 21 Nov 2016 06:01:26 GMT..If-None-Match: "ea9ee7b1bc43d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....

82      	       2017-01-24T18:07:17.5596574          --  		 a1363.dscg.akamai.net  		    192.168.0.123       		       TCP      		Flags: ...A...., SrcPort: HTTP(80), DstPort: 50660, Length: 0, Seq Range: 3671030482 - 3671030482, Ack: 1434633160, Win: 30272(scale factor: 5) 	   0    	      .PÅäÚÏzÒU.ÃÈP..²*Õ..
82      	       2017-01-24T18:07:17.5596574          --  		 a1363.dscg.akamai.net  		    192.168.0.123       		       IPv4     		Next Protocol: TCP, Packet ID: 17868, Total Length: 40  												   0    	      E..(EÌ@.:.1Ù...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²*Õ.....Êö[
82      	       2017-01-24T18:07:17.5596574          --  		 12-34-56-AB-CD-EF (my router MAC)          AB-CD-EF-12-34-56 (my NIC MAC)             Ethernet 		Type: Internet IP (IPv4)																   0    	      .0gvê3T*PÚ À..E..(EÌ@.:.1Ù...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²*Õ.....Êö[
82      	       2017-01-24T18:07:17.5596574          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 60    												   0    	      ........<....0gvê3T*PÚ À..E..(EÌ@.:.1Ù...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²*Õ.....Êö[
82      	       2017-01-24T18:07:17.5596574          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 0, ThreadID: 0, Size: 152     							   0    	      .... ............ÞñÀ¯vÒ..[è...|F.Gí0.·vÃé..........À....*.............................H.........<....0gvê3T*PÚ À..E..(EÌ@.:.1Ù...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²*Õ.....Êö[

83      	       2017-01-24T18:07:17.5621415          0.1992838   	 crl.microsoft.com      		    192.168.0.123       		       HTTP     		Response, Status: Not Modified (304), Version: HTTP/1.1 												   0    	      HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 21 Nov 2016 06:01:26 GMT..ETag: "ea9ee7b1bc43d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:07:19 GMT..Connection: keep-alive....
83      	       2017-01-24T18:07:17.5621415          --  		 a1363.dscg.akamai.net  		    192.168.0.123       		       TCP      		Flags: ...AP..., SrcPort: HTTP(80), DstPort: 50660, Length: 227, Seq Range: 3671030482 - 3671030709, Ack: 1434633160, Win: 30272(scale factor: 5)          0    	      .PÅäÚÏzÒU.ÃÈP..²,...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 21 Nov 2016 06:01:26 GMT..ETag: "ea9ee7b1bc43d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:07:19 GMT..Connection: keep-alive....
83      	       2017-01-24T18:07:17.5621415          --  		 a1363.dscg.akamai.net  		    192.168.0.123       		       IPv4     		Next Protocol: TCP, Packet ID: 17869, Total Length: 267 												   0    	      E...EÍ@.:.0õ...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²,...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 21 Nov 2016 06:01:26 GMT..ETag: "ea9ee7b1bc43d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:07:19 GMT..Connection: keep-alive....
83      	       2017-01-24T18:07:17.5621415          --  		 12-34-56-AB-CD-EF (my router MAC)          AB-CD-EF-12-34-56 (my NIC MAC)             Ethernet 		Type: Internet IP (IPv4)																   0    	      .0gvê3T*PÚ À..E...EÍ@.:.0õ...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²,...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 21 Nov 2016 06:01:26 GMT..ETag: "ea9ee7b1bc43d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:07:19 GMT..Connection: keep-alive....
83      	       2017-01-24T18:07:17.5621415          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 281   												   0    	      .............0gvê3T*PÚ À..E...EÍ@.:.0õ...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²,...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 21 Nov 2016 06:01:26 GMT..ETag: "ea9ee7b1bc43d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:07:19 GMT..Connection: keep-alive....
83      	       2017-01-24T18:07:17.5621415          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 0, ThreadID: 0, Size: 373     							   0    	      u... ...........'?òÀ¯vÒ..[è...|F.Gí0.·vÃé..........À....*.............................%..............0gvê3T*PÚ À..E...EÍ@.:.0õ...»À¨.¸.PÅäÚÏzÒU.ÃÈP..²,...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 21 Nov 2016 06:01:26 GMT..ETag: "ea9ee7b1bc43d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:07:19 GMT..Connection: keep-alive....

84      	       2017-01-24T18:07:17.7614253          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       TCP      		Flags: ...A...., SrcPort: 50660, DstPort: HTTP(80), Length: 0, Seq Range: 1434633160 - 1434633160, Ack: 3671030709, Win: 66020(scale factor: 2) 	   3520 	      Åä.PU.ÃÈÚÏ{µP.@yÉE..
84      	       2017-01-24T18:07:17.7614253          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       IPv4     		Next Protocol: TCP, Packet ID: 19094, Total Length: 40  												   3520 	      E..(J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÉE..
84      	       2017-01-24T18:07:17.7614253          --  		 AB-CD-EF-12-34-56 (my NIC MAC) 	    12-34-56-AB-CD-EF (my router MAC)          Ethernet 		Type: Internet IP (IPv4)																   3520 	      T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÉE..
84      	       2017-01-24T18:07:17.7614253          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 5     												   3520 	      ........6...T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÉE..
84      	       2017-01-24T18:07:17.7614253          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 3520, ThreadID: 1788, Size: 146       						   3520 	      .... ...ü...À...*§.Á¯vÒ..[è...|F.Gí0.·vÃé..........À....H...I.........................B.........6...T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÉE..

87      	       2017-01-24T18:07:59.6190330          0.1944199   	 192.168.0.123  			    crl.microsoft.com   		       HTTP     		Operation, Status: Not Modified (304), GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl, Version: HTTP/1.1     					   1512 	      --
87      	       2017-01-24T18:07:59.6190330          0.0000063   	 192.168.0.123  			    crl.microsoft.com   		       HTTP     		Request, GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl, Version: HTTP/1.1   									   1512 	      GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
87      	       2017-01-24T18:07:59.6190330          0.0000063   	 192.168.0.123  			    a1363.dscg.akamai.net       	       TCP      		Flags: ...AP..., SrcPort: 50660, DstPort: HTTP(80), Length: 276, Seq Range: 1434633160 - 1434633436, Ack: 3671030709, Win: 66020(scale factor: 2)          1512 	      Åä.PU.ÃÈÚÏ{µP.@yÊY..GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
87      	       2017-01-24T18:07:59.6190330          0.0000063   	 192.168.0.123  			    a1363.dscg.akamai.net       	       IPv4     		Next Protocol: TCP, Packet ID: 19095, Total Length: 316 												   1512 	      E..<J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÊY..GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
87      	       2017-01-24T18:07:59.6190330          0.0000063   	 AB-CD-EF-12-34-56 (my NIC MAC) 	    12-34-56-AB-CD-EF (my router MAC)          Ethernet 		Type: Internet IP (IPv4)																   1512 	      T*PÚ À.0gvê3..E..<J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÊY..GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
87      	       2017-01-24T18:07:59.6190330          0.0000063   	 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 330   												   1512 	      ........J...T*PÚ À.0gvê3..E..<J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÊY..GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
87      	       2017-01-24T18:07:59.6190330          0.0000063   	 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 1512, ThreadID: 4012, Size: 366       						   1512 	      ditto
87      	       2017-01-24T18:07:59.6190330          --  		 --     				    --  				       EtwEvent 		EventId: 1001, GroupId: 2712912640, Length: 12  													   1512 	      é..ó¡............J...
87      	       2017-01-24T18:07:59.6190330          --  		 --     				    --  				       Etw      		[Fragment: Start] {9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 2000, ProcessID: 1512, ThreadID: 4012, Size: 102     				   1512 	      f... ...¬...è...z..Ú¯vÒ..[è...|F.Gí0.·vÃÐ..........@....................................é..ó¡............J...
88      	       2017-01-24T18:07:59.6190364          --  		 --     				    --  				       EtwEvent 		EventId: 1001, GroupId: 2712912640, Length: 54  													   1512 	      é..ó¡6...T*PÚ À.0gvê3..E..<J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÊY..
88      	       2017-01-24T18:07:59.6190364          --  		 --     				    --  				       Etw      		[Fragment: Middle] {9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 2000, ProcessID: 1512, ThreadID: 4012, Size: 144    				   1512 	      .... ...¬...è......Ú¯vÒ..[è...|F.Gí0.·vÃÐ.............................................@.é..ó¡6...T*PÚ À.0gvê3..E..<J.@.....À¨.¸...»Åä.PU.ÃÈÚÏ{µP.@yÊY..
89      	       2017-01-24T18:07:59.6190393          --  		 --     				    --  				       EtwEvent 		EventId: 1001, GroupId: 2712912640, Length: 276 													   1512 	      é..ó¡....GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....
89      	       2017-01-24T18:07:59.6190393          --  		 --     				    --  				       Etw      		[Fragment: End] {9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 2000, ProcessID: 1512, ThreadID: 4012, Size: 366       				   1512 	      n... ...¬...è...¹..Ú¯vÒ..[è...|F.Gí0.·vÃÐ...............................................é..ó¡....GET /pki/crl/products/MicCodSigPCA_08-31-2010.crl HTTP/1.1..Cache-Control: max-age = 900..Connection: Keep-Alive..Accept: */*..If-Modified-Since: Mon, 12 Dec 2016 06:00:18 GMT..If-None-Match: "7254ef33d54d21:0"..User-Agent: Microsoft-CryptoAPI/6.1..Host: crl.microsoft.com....

90      	       2017-01-24T18:07:59.8134529          0.1994188   	 crl.microsoft.com      		    192.168.0.123       		       HTTP     		Response, Status: Not Modified (304), Version: HTTP/1.1 												   0    	      HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 12 Dec 2016 06:00:18 GMT..ETag: "7254ef33d54d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:08:01 GMT..Connection: keep-alive....
90      	       2017-01-24T18:07:59.8134529          --  		 a1363.dscg.akamai.net  		    192.168.0.123       		       TCP      		Flags: ...AP..., SrcPort: HTTP(80), DstPort: 50660, Length: 226, Seq Range: 3671030709 - 3671030935, Ack: 1434633436, Win: 31360(scale factor: 5)          0    	      .PÅäÚÏ{µU.ÄÜP..ÔC...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 12 Dec 2016 06:00:18 GMT..ETag: "7254ef33d54d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:08:01 GMT..Connection: keep-alive....
90      	       2017-01-24T18:07:59.8134529          --  		 a1363.dscg.akamai.net  		    192.168.0.123       		       IPv4     		Next Protocol: TCP, Packet ID: 17870, Total Length: 266 												   0    	      E...EÎ@.:.0õ...»À¨.¸.PÅäÚÏ{µU.ÄÜP..ÔC...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 12 Dec 2016 06:00:18 GMT..ETag: "7254ef33d54d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:08:01 GMT..Connection: keep-alive....
90      	       2017-01-24T18:07:59.8134529          --  		 12-34-56-AB-CD-EF (my router MAC)          AB-CD-EF-12-34-56 (my NIC MAC)             Ethernet 		Type: Internet IP (IPv4)																   0    	      .0gvê3T*PÚ À..E...EÎ@.:.0õ...»À¨.¸.PÅäÚÏ{µU.ÄÜP..ÔC...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 12 Dec 2016 06:00:18 GMT..ETag: "7254ef33d54d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:08:01 GMT..Connection: keep-alive....
90      	       2017-01-24T18:07:59.8134529          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 280   												   0    	      .............0gvê3T*PÚ À..E...EÎ@.:.0õ...»À¨.¸.PÅäÚÏ{µU.ÄÜP..ÔC...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 12 Dec 2016 06:00:18 GMT..ETag: "7254ef33d54d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:08:01 GMT..Connection: keep-alive....
90      	       2017-01-24T18:07:59.8134529          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 0, ThreadID: 0, Size: 372     							   0    	      t... ............I!Ú¯vÒ..[è...|F.Gí0.·vÃé..........À....Õ'............................$..............0gvê3T*PÚ À..E...EÎ@.:.0õ...»À¨.¸.PÅäÚÏ{µU.ÄÜP..ÔC...HTTP/1.1 304 Not Modified..Content-Type: application/pkix-crl..Last-Modified: Mon, 12 Dec 2016 06:00:18 GMT..ETag: "7254ef33d54d21:0"..Cache-Control: max-age=900..Date: Wed, 25 Jan 2017 02:08:01 GMT..Connection: keep-alive....

91      	       2017-01-24T18:08:00.0128717          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       TCP      		Flags: ...A...., SrcPort: 50660, DstPort: HTTP(80), Length: 0, Seq Range: 1434633436 - 1434633436, Ack: 3671030935, Win: 65792(scale factor: 2) 	   0    	      Åä.PU.ÄÜÚÏ|.P.@@ÉE..
91      	       2017-01-24T18:08:00.0128717          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       IPv4     		Next Protocol: TCP, Packet ID: 19096, Total Length: 40  												   0    	      E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P.@@ÉE..
91      	       2017-01-24T18:08:00.0128717          --  		 AB-CD-EF-12-34-56 (my NIC MAC) 	    12-34-56-AB-CD-EF (my router MAC)          Ethernet 		Type: Internet IP (IPv4)																   0    	      T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P.@@ÉE..
91      	       2017-01-24T18:08:00.0128717          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 54    												   0    	      ........6...T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P.@@ÉE..
91      	       2017-01-24T18:08:00.0128717          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 0, ThreadID: 0, Size: 146     							   0    	      .... ...........Ͷ?Ú¯vÒ..[è...|F.Gí0.·vÃé..........À....ìm............................B.........6...T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P.@@ÉE..

104     	       2017-01-24T18:08:59.8145000          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       TCP      		Flags: ...A.R.., SrcPort: 50660, DstPort: HTTP(80), Length: 0, Seq Range: 1434633436 - 1434633436, Ack: 3671030935, Win: 0(scale factor: 2)     	   1512 	      Åä.PU.ÄÜÚÏ|.P...ÉE..
104     	       2017-01-24T18:08:59.8145000          --  		 192.168.0.123  			    a1363.dscg.akamai.net       	       IPv4     		Next Protocol: TCP, Packet ID: 19097, Total Length: 40  												   1512 	      E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P...ÉE..
104     	       2017-01-24T18:08:59.8145000          --  		 AB-CD-EF-12-34-56 (my NIC MAC) 	    12-34-56-AB-CD-EF (my router MAC)          Ethernet 		Type: Internet IP (IPv4)																   1512 	      T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P...ÉE..
104     	       2017-01-24T18:08:59.8145000          --  		 --     				    --  				       PefNdisProvider  	MiniportIfIndex: 11, LowerIfIndex: 25, FrameSize: 54    												   1512 	      ........6...T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P...ÉE..
104     	       2017-01-24T18:08:59.8145000          --  		 --     				    --  				       Etw      		{9de85b12-1202-467c-8047-ed308fb776c3}, EventID: 1001, ProcessID: 1512, ThreadID: 1596, Size: 146       						   1512 	      .... ...<...è...è·äý¯vÒ..[è...|F.Gí0.·vÃé..........À..................................B.........6...T*PÚ À.0gvê3..E..(J.@.....À¨.¸...»Åä.PU.ÄÜÚÏ|.P...ÉE..
 

My Computer My Computer

At a glance

Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubu...
Computer type
PC/Desktop
OS
Quad boot: XP-32-Pro, 7-32-Ult, 7-64-Ult, Ubuntu-64
Back
Top