To make things easier for yourself, rather than typing everything out manually (like I did at the start - ), you can right click on the IP/Domain in the "Source" column of NetMon and select Copy 'Source'. This will then spit out the IP address associated with that domain, which you can then check Netify for. If you get a domain in your traffic data like the one I listed at the top of this post, you can go to WhatIsMyIP, then add Https:// to the front of the domain. These are normally attached to CDN's (Content Delivery Networks) and can be used for multiple things, so blocking it is probably not a good idea as you could break other things like, EpicGames download servers etc. Do bear in mind that sometimes an IP address may be "shared". " IP addresses I've checked are Microsoft IP addresses. This will also allow you to see patterns in your traffic data. We can see that Vungle is clearly listed as an Advertiser as that's their main/sole business. The category is what we're looking for here. If you get a hit, it will tell you the company (or "application" as they refer to it) that IP address is associated with, as well as whether it's cloud hosted, etc. If you get a "No page found", you're in the clear. Once you have your IP addresses that you're suspicious of, or any IP addresses, just alter the IP at the end of that link above. I'd then go through the last minute or so of results and using a handy website called Netify, I was able to find things like this: Then I'd quickly swap to NetMon and stop the capture. So I'd limit the traffic to solitaire.exe, start a capture, then spam games until I got an ad.
It will capture all the network traffic on your computer but will allow you to specify a program/process to hone in on to reduce the huge amount of data to sift through. So Microsoft has a network sniffer (that has since been deprecated but still works) called NetMon.
0 kommentar(er)
