Skynet Which service or process is trying to connect to 87.240.139.194?

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Khadanja

Senior Member
I see this in skynet logs from time to timer randomly, no pattern. It is the same laptop every time and I have checked my browsing history at the time, websites I visited at the time are not related to this IP or domain vk.com in any way. How can I check which process, service or software or browser is trying to connect to this IP.
Code:
10 Most Recent Blocks From 192.168.1.21;
Oct  4 13:56:40 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56003 DF PROTO=TCP SPT=51564 DPT=443 SEQ=20521
Oct  4 13:56:40 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56004 DF PROTO=TCP SPT=57902 DPT=443 SEQ=11325
Oct  4 13:56:41 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56005 DF PROTO=TCP SPT=51564 DPT=443 SEQ=20521
Oct  4 13:56:41 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56006 DF PROTO=TCP SPT=57902 DPT=443 SEQ=11325
Oct  4 13:56:43 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56007 DF PROTO=TCP SPT=51564 DPT=443 SEQ=20521
Oct  4 13:56:43 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56008 DF PROTO=TCP SPT=57902 DPT=443 SEQ=11325
Oct  4 13:56:47 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56009 DF PROTO=TCP SPT=51564 DPT=443 SEQ=20521
Oct  4 13:56:47 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56010 DF PROTO=TCP SPT=57902 DPT=443 SEQ=11325
Oct  4 13:56:55 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56011 DF PROTO=TCP SPT=51564 DPT=443 SEQ=20521
Oct  4 13:56:55 RT-AC68U-20E0 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=192.168.1.21 DST=87.240.139.194 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=56012 DF PROTO=TCP SPT=57902 DPT=443 SEQ=11325
 

AndreiV

Very Senior Member
That is probably social media connect buttons on websites you visit.

I see logs for Pinterest, YouTube , Twitter and many others that I have never used , all of them are social connect icons on web pages calling home.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top