Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 2393 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unusual Domains in Web Usage Report, e.g. 96.443

asc
Hi,

today I stumbled over some quite unusual domain names in the web usage reports of UTM 9.105-9.

I see domains like the following in my report:

96.443
94.443
137.443

It looks like the firewall cuts the first byte of the destination IP address, adds a dot and concatenates the destination port to that string. Does anybody else experience that, too, or is some funky stuff going on in my network?

Regards
Alex


This thread was automatically locked due to age.
Parents
  • 0
    443 also happens to be the port used when doing https.

    I suggest that you look at the underlying logs.

    Go to logging and reporting, View Log Files, Search log files, Web Filtering.

    Search for the odd domain names and see if the full url explains what is going on.  If not, post a sample of the logs.
Reply
  • 0
    443 also happens to be the port used when doing https.

    I suggest that you look at the underlying logs.

    Go to logging and reporting, View Log Files, Search log files, Web Filtering.

    Search for the odd domain names and see if the full url explains what is going on.  If not, post a sample of the logs.
Children
No Data