Hello,
Could you right click on the same and "back trace" it and then click on "who is".. that would provide you the required info.
216.10.195.167 is a symantec server.
https://216.10.195.167 = https://stnd-avpg.crsi.symantec.com
Check this article:
Required exclusions for proxy servers to allow Symantec Endpoint Protection to connect to Symantec reputation and licensing servers
http://www.symantec.com/docs/TECH162286
It states :
The following URLs should be exclusions in the proxy server configuration to allow the traffic described below to the Symantec servers:
Ping submissions: These submissions are per definition type (AV for example.) and allow Symantec to judge the effectiveness of a set of definitions that are not yet taking any action (Beta detections.) based on the number of "Pings" each detection/definition creates. For example, if a detection creates a storm of ping replies to Symantec, this detection may be a false positive detection and will be investigated for effectiveness.
This system and related URLs are part of Symantec's false positive avoidance system.
- https://stnd-avpg.crsi.symantec.com
Hope that helps!!!