Suddenly I found some repeatable lines in the log of my forum:
Job exception: SSL_connect returned=1 errno=0 peeraddr=126.96.36.199:443 state=error: dh key too small
I searched meta for similar topics by dh key too small and cannot find relatives because forum is similar to be fine after rebuild this week (emails and auth work).
I’m sure that I don’t use any connections to 188.8.131.52 because this is MIT address located in MA (my forum in Russia). I suspect this address may be hardcoded in some plugin.
Could someone share their experience on how to investigate such incidents? I tried to grep that IP in app directory with no results.