MacOS plugin container trying to connect to blacklisted/proxy IP address
Hi Running FF 99.0.1 on MacOS Big Sur (11.6.4) and my Lulu outbound network monitoring app (https://objective-see.com/products/lulu.html) is flagging an attempt by the FF MacOS plugin container trying to access a high risk site (93/100) according to https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/104.16.248.249.
=======The lulu popup notification shows: Message : plugin-container.app is trying to connect to 104.16.248.249 Process ID: 44441 Process args: -parentBuildID 20220411174855 -prefsLen 6210 -prefMapSize 255244 -sbStartup -sbAppPath /Applications/Firefox.app -appDir /Applications/Firefox.app/Contents/Resources/browser -profile /Users/xxxxx/Library/Application Support/Firefox/Profiles/dps0ori7.default-release 44428 gecko-crash-server-pipe.44428 org.mozilla.machname.1552309677 socket Process Path: /Applications/Firefox.app/Contents/MacOS/plugin-container.app
IP address: 104.16.248.249 port & protocol: 443 (TCP) reverse DNS name: unknown
==
https://www.abuseipdb.com/whois/104.16.248.249 shows a hostname of aofeisheng.com.
Cannot really tell if this is a false positive or something I should block permanently. Not sure why my plugin container is reaching out when the browser was just updated.
Thanks
Tất cả các câu trả lời (1)
It's a Cloudflare server. We sometimes use Cloudflare, for instance as a DoH server.