Suspicious network activity

[izahn]

When running selenium on arch linux I see a lot of network activity, and it looks like selenium is connecting to gambling and other websites. Any idea what is going on here? How concerned should I be?

Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true -Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel
13:13:36.882 INFO - Launching a standalone Selenium Server
13:13:36.925 INFO - Java: Oracle Corporation 24.79-b02
13:13:36.926 INFO - OS: Linux 4.0.7-2-ARCH amd64
13:13:36.944 INFO - v2.46.0, with Core v2.46.0. Built from revision 87c69e2
13:13:37.034 INFO - Driver provider org.openqa.selenium.ie.InternetExplorerDriver registration is skipped:
registration capabilities Capabilities [{platform=WINDOWS, ensureCleanSession=true, browserName=internet explorer, version=}] does not match the current platform LINUX
13:13:37.034 INFO - Driver class not found: com.opera.core.systems.OperaDriver
13:13:37.034 INFO - Driver provider com.opera.core.systems.OperaDriver is not registered
13:13:37.128 INFO - RemoteWebDriver instances should connect to: http://127.0.0.1:4444/wd/hub
13:13:37.128 INFO - Selenium Server is up and running
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
13:13:53.002 WARN - CONNECT passport.yandex.ru:443 HTTP/1.1 HttpException(400,Bad Request,null)
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
13:13:54.764 WARN - GET https://wap.unibet.com/live_event_wap.t?id=1002741220&ts=1436462033802 HTTP/1.1
java.lang.IllegalArgumentException: Malformed URI 'https://wap.unibet.com:443https://wap.unibet.com/live_event_wap.t?id=1002741220&ts=1436462033802' : java.lang.NumberFormatException: 443https:
        at org.openqa.jetty.util.URI.setURI(URI.java:247)
        at org.openqa.jetty.util.URI.<init>(URI.java:86)
        at org.openqa.selenium.server.ProxyHandler$SslRelay.customizeRequest(ProxyHandler.java:769)
        at org.openqa.jetty.http.SocketListener.customizeRequest(SocketListener.java:275)
        at org.openqa.jetty.http.HttpConnection.handleNext(HttpConnection.java:922)
        at org.openqa.jetty.http.HttpConnection.handle(HttpConnection.java:837)
        at org.openqa.jetty.http.SocketListener.handleConnection(SocketListener.java:243)
        at org.openqa.jetty.util.ThreadedServer.handle(ThreadedServer.java:358)
        at org.openqa.jetty.util.ThreadPool$PoolThread.run(ThreadPool.java:537)
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
13:14:15.143 WARN - GET https://m.tipico.com/ajax/sports/event/136425910 HTTP/1.1
java.lang.IllegalArgumentException: Malformed URI 'https://m.tipico.com:443https://m.tipico.com/ajax/sports/event/136425910' : java.lang.NumberFormatException: 443https:
        at org.openqa.jetty.util.URI.setURI(URI.java:247)
        at org.openqa.jetty.util.URI.<init>(URI.java:86)
        at org.openqa.selenium.server.ProxyHandler$SslRelay.customizeRequest(ProxyHandler.java:769)
        at org.openqa.jetty.http.SocketListener.customizeRequest(SocketListener.java:275)
        at org.openqa.jetty.http.HttpConnection.handleNext(HttpConnection.java:922)
        at org.openqa.jetty.http.HttpConnection.handle(HttpConnection.java:837)
        at org.openqa.jetty.http.SocketListener.handleConnection(SocketListener.java:243)
        at org.openqa.jetty.util.ThreadedServer.handle(ThreadedServer.java:358)
        at org.openqa.jetty.util.ThreadPool$PoolThread.run(ThreadPool.java:537)
13:14:20.065 WARN - GET https://m.tipico.com/ajax/sports/event/136526710 HTTP/1.1
java.lang.IllegalArgumentException: Malformed URI 'https://m.tipico.com:443https://m.tipico.com/ajax/sports/event/136526710' : java.lang.NumberFormatException: 443https:
        at org.openqa.jetty.util.URI.setURI(URI.java:247)
        at org.openqa.jetty.util.URI.<init>(URI.java:86)
        at org.openqa.selenium.server.ProxyHandler$SslRelay.customizeRequest(ProxyHandler.java:769)
        at org.openqa.jetty.http.SocketListener.customizeRequest(SocketListener.java:275)
        at org.openqa.jetty.http.HttpConnection.handleNext(HttpConnection.java:922)
        at org.openqa.jetty.http.HttpConnection.handle(HttpConnection.java:837)
        at org.openqa.jetty.http.SocketListener.handleConnection(SocketListener.java:243)
        at org.openqa.jetty.util.ThreadedServer.handle(ThreadedServer.java:358)
        at org.openqa.jetty.util.ThreadPool$PoolThread.run(ThreadPool.java:537)
jar:file:/usr/share/selenium-server/selenium-server-standalone.jar!/sslSupport
13:14:21.490 WARN - GET https://www.stoiximan.gr/match-odds/Sligo-Rovers-v-Longford-Town-437219 HTTP/1.1
java.lang.IllegalArgumentException: Malformed URI 'https://www.stoiximan.gr:443https://www.stoiximan.gr/match-odds/Sligo-Rovers-v-Longford-Town-437219' : java.lang.NumberFormatException: 443https:
        at org.openqa.jetty.util.URI.setURI(URI.java:247)
        at org.openqa.jetty.util.URI.<init>(URI.java:86)
        at org.openqa.selenium.server.ProxyHandler$SslRelay.customizeRequest(ProxyHandler.java:769)
        at org.openqa.jetty.http.SocketListener.customizeRequest(SocketListener.java:275)
        at org.openqa.jetty.http.HttpConnection.handleNext(HttpConnection.java:922)
        at org.openqa.jetty.http.HttpConnection.handle(HttpConnection.java:837)
        at org.openqa.jetty.http.SocketListener.handleConnection(SocketListener.java:243)
        at org.openqa.jetty.util.ThreadedServer.handle(ThreadedServer.java:358)
        at org.openqa.jetty.util.ThreadPool$PoolThread.run(ThreadPool.java:537)

[romovs]

Selenium grid isn't supposed to be publicly exposed. Most likely your instance got caught by one of those automatic proxy crawlers (many of them identify it as an HTTPS proxy) and now getting blasted with connection requests. Just configure iptables to allow only localhost/lan connections to 4444.

[AutomatedTester]

This, as the previous comment says, is due to your ports being open. The requests you are seeing in the log are incoming requests.

Closing as this is not an issue