I'm observing network traffic directed towards a suspicious domain . While I can't see the data being transmitted or identify the originating program, I've temporarily blocked it using the hosts file. Antivirus scans haven't revealed any malware.
Are there advanced methods to determine the type of data being sent and the program responsible for these connections?
The requests are post method and looks like this"http://msdeq.com/api/v1/BFD198B962AB68555B8D480A47FC1942713C454276F4526BBFB1086DBA300436"