I have noticed as of late some pretty slow internet tmes. I set up netflow and i can see device pairs and bandwidth usage. So for example i am seeing a184-85-240-74.deploy.akamaitechnologies.com that is connecting with anywhere from 1 to 100 of my pc's at any given time. I know what akamaitechnologies.com is but dont know who or what is using it to connect to me.
I do know it is not windows updates because we use internal WSUS.
I do know it is not my A/V updateing because again we use internal Kaspersky server and i did call them and they said it is not them.
I do know it is using port 80 tcp
My first thought is to install wireshark and see if that helps. My problem is that i am not a wireshark person so not sure if it is right tool.
Any ideas? I can by all means block the XXX.deploy.akamaitechnologies.com but that is a bandaid, i want to know what is going on.