If using Opensnitch what concerning connections have you seen?

The title. Any concerning connections?

Been running Opensnitch for 2-3 weeks on Fedora Sway.

  1. Initially, I saw that Firefox was making several Google domain connections - not surprising. Librewolf doesn’t seem to do the same.

  2. In the last few days, Opensnitch showed a connection between /usr/libexec/gvfsd-http to media.licdn.com which appears to have once been a Cedexis domain who was acquired by Citrix (who seems to have a terrible privacy policy: collect a lot, retain it as long as is “needed”). This connection may have occurred around the time I was on Invidious. So, maybe this was a connection to a CDN owned by Citrix? Unclear what type of data this connection is collecting. Opensnitch: BLOCKED. I’ll see what the effect is. Disappointing this happened in Fedora but it may be innocent.

Anyone else seeing anything on any distro that is a surprise?

(edit: typos)



DNS Records for media.licdn.com

Hostname Type TTL Priority Content
media.licdn.com SOA 20 flipm.cdxcn.net admin@cedexis.com 1705081753 14400 7200 604800 20
media.licdn.com A 1653
media.licdn.com AAAA 3505 2606:2800:21f:fedd:8b7a:88ab:fc7e:fa3b
media.licdn.com CNAME 174 2-01-2c3e-005c.cdx.cedexis.net

(media.licdn.com DNS information - who.is)


acquired by citrix 2018
Cedexis, a real-time, data-driven service for dynamically optimizing the flow of traffic across public clouds, data centers, CDNs, and ISPs. Cedexis technology intelligently routes traffic across dozens of CDNs, and hundreds of data centers and POPs globally.

products offered:

Radar: Is a product which contains and gathers real-user telemetry from thousands of users worldwide
Sonar: is a live-ness check service that can be used to monitor web-based services for availability.


Raw Whois Data

Domain Name: cdxcn.net
Registry Domain ID: 1915866045_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.corporatedomains.com
Registrar URL: www.cscprotectsbrands.com
Updated Date: 2022-03-29T16:02:05Z
Creation Date: 2015-04-02T12:21:36Z
Registrar Registration Expiration Date: 2027-04-02T16:21:36Z
Sponsoring Registrar IANA ID: 299
Registrar Abuse Contact Email: email@cscglobal.com
Registrar Abuse Contact Phone: +1.8887802723
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Abuse Management
Registrant Organization: Citrix Systems Inc
Registrant Street: 851 West Cypress Creek Road
Registrant City: Fort Lauderdale
Registrant State/Province: FL
Registrant Postal Code: 33309

Firefox connects to google to test hash of downloads against virus list. Recommended by PG to keep enabled. Can be disabled in settings though.

Edit: although it may be through a mozilla proxy… Im not sure…