This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Huge traffic from 213.158.175.65

0

I have found lately that I reach my internet use limit very fast while I'm sure we are not using that much that fast. So, I installed WireShark and left it on for a while with "Statistics-> Endpoints" open to track usage throughout all devices over the network. I was expecting the traffic to be huge from my Xbox but to my surprise I found that in the course of a couple hours there was more than 0.5 GB of data between my laptop and this IP: 213.158.175.65

I tracerouted this IP and found that it was hosted on hetzner.de That's all I could find. I have no idea what is happening. On my laptop I only have my browser open with a few tabs of facebook pages, my email, a university web page and a few google search results. There is no way these pages are consuming all that much. I have to note that during the two hours of sniffing I was not using my laptop at all. These pages were just open without any interaction from me.

The only connection I could make is that the university page I was opening is from Amsterdam university which might be hosted in the German servers.

Can someone shed some light on the weird behavior please? Cause overnight my network has consumed 18 GB of data with no reason at all. That's why I started the sniffing.

asked 21 Jan '17, 16:52

Ahmedn1's gravatar image

Ahmedn1
6112
accept rate: 0%

3

Are you sure about that host you tracerouted?

(22 Jan '17, 04:27) Jaap ♦
1

Hmmm. I have just checked that IP address from my end (Europe) and found a hostname in the domain tedata.net.

This matches the definition from the Hurricane Electric Looking Glass, which associates the IP address with the Egyptian provier te.net: http://bgp.he.net/AS8452#_prefixes

Please remember that many e-mail clients constantly poll the mail servers and many web sites refresh their content with advertisements or news.

(22 Jan '17, 06:56) packethunter

Yes tedata is my ISP. But still I cannot explain the enormous bandwidth usage.

(23 Jan '17, 20:43) Ahmedn1