Kaspersky Threat Intelligence Portal provides information about network activities that were registered during the file execution.
This tab is available only for registered users.
DNS requests
DNS sessions that were registered during file execution.
DNS requests
Field name |
Description |
|---|---|
Status |
Status of an object in the DNS request. |
Type |
DNS request type. |
Response |
Contents of the DNS response. Each item is clickable, and navigates to investigation results on the Lookup tab. |
HTTP(S) requests
HTTP and HTTPS requests that were registered during the file execution.
HTTP(S) requests
Field name |
Description |
|---|---|
Status |
Status of a web address in the HTTP(S) request. The web address can belong to one of the following zones: Dangerous (there are malicious objects related to the web address). Adware and other (there are objects related to the web address and that can be classified as not-a-virus). Good (the web address is not malicious). Not categorized (no or not enough information about the web address is available to define the category). |
Web address |
Web address to which the request was registered. |
Method |
Method of sending an HTTP(S) request. The HTTP method can be one of the following: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE, or PATCH. |
Scheme |
Web address scheme that identifies the protocol which was used (HTTP or HTTPS). |
Response code |
Response code of the HTTP(S) request. |
Response length |
Size of the response to the HTTP(S) request (in bytes). |
Fields |
Additional fields (Request headers and Response headers) displayed as key:value. Standard header names are based on the RFC2616 Hypertext Transfer Protocol -- HTTP/1.1. Custom headers (for example, x-ms-request-id) are highlighted in blue. |