Avatar for Username

Mozilla Support में खोजें

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

MacOS plugin container trying to connect to blacklisted/proxy IP address

  • 1 प्रत्युत्तर दें
  • 1 यह समस्या है
  • 1 view
  • के द्वारा अंतिम प्रतियुतर TyDraniu

06hawser-cooking
06hawser-cooking
more options

Hi Running FF 99.0.1 on MacOS Big Sur (11.6.4) and my Lulu outbound network monitoring app (https://objective-see.com/products/lulu.html) is flagging an attempt by the FF MacOS plugin container trying to access a high risk site (93/100) according to https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/104.16.248.249.

=======The lulu popup notification shows: Message : plugin-container.app is trying to connect to 104.16.248.249 Process ID: 44441 Process args: -parentBuildID 20220411174855 -prefsLen 6210 -prefMapSize 255244 -sbStartup -sbAppPath /Applications/Firefox.app -appDir /Applications/Firefox.app/Contents/Resources/browser -profile /Users/xxxxx/Library/Application Support/Firefox/Profiles/dps0ori7.default-release 44428 gecko-crash-server-pipe.44428 org.mozilla.machname.1552309677 socket Process Path: /Applications/Firefox.app/Contents/MacOS/plugin-container.app

IP address: 104.16.248.249 port & protocol: 443 (TCP) reverse DNS name: unknown

==

https://www.abuseipdb.com/whois/104.16.248.249 shows a hostname of aofeisheng.com.

Cannot really tell if this is a false positive or something I should block permanently. Not sure why my plugin container is reaching out when the browser was just updated.

Thanks

Hi Running FF 99.0.1 on MacOS Big Sur (11.6.4) and my Lulu outbound network monitoring app (https://objective-see.com/products/lulu.html) is flagging an attempt by the FF MacOS plugin container trying to access a high risk site (93/100) according to https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/104.16.248.249. =======The lulu popup notification shows: Message : plugin-container.app is trying to connect to 104.16.248.249 Process ID: 44441 Process args: -parentBuildID 20220411174855 -prefsLen 6210 -prefMapSize 255244 -sbStartup -sbAppPath /Applications/Firefox.app -appDir /Applications/Firefox.app/Contents/Resources/browser -profile /Users/xxxxx/Library/Application Support/Firefox/Profiles/dps0ori7.default-release 44428 gecko-crash-server-pipe.44428 org.mozilla.machname.1552309677 socket Process Path: /Applications/Firefox.app/Contents/MacOS/plugin-container.app IP address: 104.16.248.249 port & protocol: 443 (TCP) reverse DNS name: unknown ====== https://www.abuseipdb.com/whois/104.16.248.249 shows a hostname of aofeisheng.com. Cannot really tell if this is a false positive or something I should block permanently. Not sure why my plugin container is reaching out when the browser was just updated. Thanks
संलग्न स्क्रीनशॉट

All Replies (1)

TyDraniu
TyDraniu
  • Top 25 Contributor
more options

It's a Cloudflare server. We sometimes use Cloudflare, for instance as a DoH server.