Networking utilities
TCPView
“TCPView is a Windows program that will show
detailed listings of all TCP and UDP endpoints on your system, including
the local and remote addresses and state of TCP connections. On Windows Server 2008, Vista, and XP, TCPView also
reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently
presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon
, a
command-line version with the same functionality.” (official definition)
Windows has a built-in utility that provides the same functionality. This tool is called Resource Monitor. There
are many ways to open this tool. From the command line use resmon
.
Question
Using WHOIS tools, what is the ISP/Organization for the remote address in the screenshot?
With Listen unselected in the Connection States from the States Filter and UDP v4 and UDP v6 turned off from the top toolbar. |
whois 52.154.170.73
...
NetRange: 52.145.0.0 - 52.191.255.255
CIDR: 52.148.0.0/14, 52.160.0.0/11, 52.152.0.0/13, 52.146.0.0/15, 52.145.0.0/16
NetName: MSFT
NetHandle: NET-52-145-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-11-24
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/52.145.0.0
...
Answer: Microsoft Corporation