------------------------------------------------------------------------- Smartscreen Telemetrie aktiviert sich während der Nutzung von Mozilla Firefox Kontaktierte Ipv4: 20.67.219.150 URI: https://nf.smartscreen.microsoft.com/network/filter/telemetry ------------------------------------------------------------------------- POST /network/filter/telemetry HTTP/1.1 Connection: Keep-Alive Content-Type: application/json Authorization: SmartScreenHash eyJhdXRoSWQiOiIyQUQwNEI2RS0yQjI1LTRGMUMtOEFGNi1CMDU2QkRCNDYwOUYiLCJoYXNoIjoiNkNlMFJuNlhkaGs9Iiwia2V5IjoiMkxNQ09haVhjVlRZa0xPcVZTSE85UT09In0= User-Agent: SmartScreen/1125977354534918 Host: nf.smartscreen.microsoft.com Content-Length: 3091 { "configuration" : { "disableAuthConnect" : true, "disableCustomSupportedUris" : false, "disableDatagramProcessing" : false, "disableDnsInspection" : false, "disableForceServiceDetermination" : false, "disableFtpInspection" : false, "disableHttpInspection" : false, "disableInspectResourceAssignment" : false, "disablePerformanceTelemetry" : false, "disableRdpInspection" : false, "disableReputationChecks" : false, "disableSinkholeDomains" : false, "disableSshInspection" : false, "disableSupportedConnections" : false, "disableTcpDnsInspection" : false, "disableTlsInspection" : false, "disableTransparentInspection" : true, "enforcementLevel" : 1, "forceServiceDetermination" : 0, "forceServiceDeterminationHttp" : false, "inspectInbound" : true, "isBeta" : 0, "maxVolumeEvents" : "10", "mpCampRing" : 4294967295, "usingLegacyLookup" : false, "usingProxyPacUri" : false, "usingProxyServer" : false, "volumeEventFrequency" : 30, "volumeTelemetryTimeout" : 60 }, "correlationId" : "C843C45E-4F74-4CB6-BDD7-1F269568B61B", "events" : [ { "$type" : "scenario", "name" : "uriLookup" }, { "$type" : "dns", "nameserver" : null, "server" : "fec0:0:0:ffff::1" }, { "$type" : "is_process_trusted", "flag" : false }, { "$type" : "supported", "uri" : "r3.o.lencr.org" }, { "$type" : "cacheHit", "telemetry" : "1;253e61a2-6644-40d4-b7ef-1d37f23a4275;HOTS:100;1" }, { "$type" : "checkReputation", "connectionType" : "http", "direction" : "Out", "executionTime" : "708", "filteredProcessName" : "firefox.exe", "ip" : "23.55.163.70:80", "port" : 80, "protocol" : "tcp", "uri" : "r3.o.lencr.org/" }, { "$type" : "connectionVolume", "inboundBytes" : 888, "outboundBytes" : 411 } ], "executionTime" : "283", "identity" : { "caller" : { "locale" : "de-DE", "name" : "wdnissvc", "process" : { "application" : { "$type" : "win32", "path" : "C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.2110.6-0\\NisSrv.exe" }, "creationTime" : "16390613802227237", "id" : 9456 }, "version" : "4.18.2110.6" }, "client" : { "data" : { "customDncList" : "0", "customSettings" : "3FA91A37E06EB3DAD5B57925CFD0BDB0", "customSupportedUris" : "0", "networkProtectionSettings" : "2.0-08d5bd358fe6464c7f8149ad3267bf318f2e033c443acede382136bf4c93b976", "supportedConnections" : "637747020005700377", "supportedUris" : "637746986441217087", "topTraffic" : "637744606387471204" }, "version" : "1125977354534918" }, "device" : { "architecture" : 9, "browser" : { "internetExplorer" : "9.11.22000.0" }, "cloudSku" : false, "customId" : null, "enterprise" : null, "family" : 3, "id" : null, "locale" : "de-DE", "netJoinStatus" : 2, "onlineIdTicket" : "t=GwAWAd9tBAAUCqvYdtHJRIwInP+r5YPm2nbkkcAOZgAAEBAKZWk0Xza28QPLn0fz66rgAAvmHfSZpZpdXbBcoVqizjy7iNrBpUDOa0SgsRX+Er7ofaHynX8AqeLyd/HDc5t8K9Pk7IynDVTc3L3se6Rp7y66wlpIGV4eJw6UJt14zQkzPFvLgsbDAXU3Z+HXiTyeQRR3pzOYgcbETkfWLHEon7b/uGZtESHIVupDaRmKTbQjs6uSiktG5FuJ4GDS4s2xoMqoNij0dLisAV5cEp4nmg1n0UYdv/KC0zL8geW+eV+J7Uv2wQ/xScJCfnYvzlEU0K6DncQ5oHjE/SXP+jqewVMJz1apLkesNS6G7jlRxhl2HQE=&p=", "osVersion" : "10.0.22000.348.co_release" }, "user" : { "locale" : "de-DE" } }, "random" : 0.2769755744967902, "samplingRates" : { "cacheHit" : 1, "firefox.exe" : 0.00010, "none" : 6.999999999999999e-05 }, "systemSettings" : { "battery" : null, "network" : null } } Response: HTTP/1.1 200 OK Cache-Control: max-age=0, private Server: Microsoft-HTTPAPI/2.0 X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert Date: Fri, 10 Dec 2021 03:32:17 GMT Connection: close Content-Length: 0 ------------------------------------------------------------------------- Smartscreen Telemetrie aktiviert sich während der Steaminitialisierung ------------------------------------------------------------------------- { "configuration" : { "disableAuthConnect" : true, "disableCustomSupportedUris" : false, "disableDatagramProcessing" : false, "disableDnsInspection" : false, "disableForceServiceDetermination" : false, "disableFtpInspection" : false, "disableHttpInspection" : false, "disableInspectResourceAssignment" : false, "disablePerformanceTelemetry" : false, "disableRdpInspection" : false, "disableReputationChecks" : false, "disableSinkholeDomains" : false, "disableSshInspection" : false, "disableSupportedConnections" : false, "disableTcpDnsInspection" : false, "disableTlsInspection" : false, "disableTransparentInspection" : true, "enforcementLevel" : 1, "forceServiceDetermination" : 0, "forceServiceDeterminationHttp" : false, "inspectInbound" : true, "isBeta" : 0, "maxVolumeEvents" : "10", "mpCampRing" : 4294967295, "usingLegacyLookup" : false, "usingProxyPacUri" : false, "usingProxyServer" : false, "volumeEventFrequency" : 30, "volumeTelemetryTimeout" : 60 }, "correlationId" : "B325CD65-86E8-4ACA-A543-8B76B90093EA", "events" : [ { "$type" : "scenario", "name" : "uriLookup" }, { "$type" : "dns", "nameserver" : null, "server" : "fec0:0:0:ffff::1" }, { "$type" : "is_process_trusted", "flag" : false }, { "$type" : "unknownUri" }, { "$type" : "unsupported" }, { "$type" : "checkReputation", "connectionType" : "http", "direction" : "Out", "executionTime" : "542", "filteredProcessName" : "steam.exe", "ip" : "23.32.238.240:80", "port" : 80, "protocol" : "tcp", "uri" : "clientconfig.akamai.steamstatic.com/appinfo/502140/sha/50146a42a7905b29033560079a0c4df41c6c5082.txt.gz" } ], "executionTime" : "247", "identity" : { "caller" : { "locale" : "de-DE", "name" : "wdnissvc", "process" : { "application" : { "$type" : "win32", "path" : "C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.2110.6-0\\NisSrv.exe" }, "creationTime" : "16392207282868234", "id" : 8684 }, "version" : "4.18.2110.6" }, "client" : { "data" : { "customDncList" : "0", "customSettings" : "3FA91A37E06EB3DAD5B57925CFD0BDB0", "customSupportedUris" : "0", "networkProtectionSettings" : "2.0-08d5bd358fe6464c7f8149ad3267bf318f2e033c443acede382136bf4c93b976", "supportedConnections" : "637748280033626892", "supportedUris" : "637748279650935712", "topTraffic" : "637744606387471204" }, "version" : "1125977354534918" }, "device" : { "architecture" : 9, "browser" : { "internetExplorer" : "9.11.22000.0" }, "cloudSku" : false, "customId" : null, "enterprise" : null, "family" : 3, "id" : null, "locale" : "de-DE", "netJoinStatus" : 2, "onlineIdTicket" : "t=GwAWAd9tBAAUCqvYdtHJRIwInP+r5YPm2nbkkcAOZgAAEOzTFuCIuJWfAfymCpIjv6LgAKt12FMiZ8o2Ru9+TLV4OhcBKTuhREkgRrMPiple+7c1vRPsySl/Z8MudhCCNgPAN9/MFMzgSwx4aN89+U0ZUMm2r5rPJJNtBIbE033nIZjwNkNi9lHxIEXi+QvvSZuB32B0xj1NW7niBM4121Nwc/bBCnSWadxZZulsTL/oyAdAe9P5yZT1J59kKk3k+2Cj9HNmfmnvGl4azsDjgZF7YXGi91JC9b9TVs0hFsZI1E/ScGGNbhevcsMtjEfA3aW7AkvsAofF8gFhSKCaeNJNnkxu6J/JuWHLun7d6Ve1tVMyHQE=&p=", "osVersion" : "10.0.22000.348.co_release" }, "user" : { "locale" : "de-DE" } }, "random" : 0.0001707548132400696, "samplingRates" : { "none" : 6.999999999999999e-05, "unknownUri" : 0.0010, "unsupported" : 0.00070 }, "systemSettings" : { "battery" : null, "network" : null } } Response: HTTP/1.1 200 OK Cache-Control: max-age=0, private Server: Microsoft-HTTPAPI/2.0 X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert Date: Sat, 11 Dec 2021 14:26:16 GMT Connection: close Content-Length: 0