Windows 10 will reach EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Pesquisar no apoio

Evite burlas no apoio. Nunca iremos solicitar que telefone ou envie uma mensagem de texto para um número de telefone ou que partilhe informações pessoais. Por favor, reporte atividades suspeitas utilizando a opção "Reportar abuso".

Saber mais

Esta discussão foi arquivada. Se precisar de ajuda, por favor, coloque uma nova questão.

Firefox attempting to connect to outside IP even with auto updates turned off

  • 7 respostas
  • 1 tem este problema
  • 48 visualizações
  • Última resposta por cor-el

patnreb
patnreb
more options

I have an isolated network that I use Firefox in internally. In the past two days I've noticed a significant uptick in denied outbound traffic at my firewall and have traced this back to Firefox running on one of my servers. I only see this traffic when Firefox is open, no other browsers show the same behavior and there is no traffic when Firefox is shutdown. There are no extensions/addons installed.

I'd really like to pinpoint what these IPs are and why Firefox is trying to reach them. All resolve to Amazon blocks. IPs are:

13-225-146-21 13-225-146-108 13-225-146-121

I have an isolated network that I use Firefox in internally. In the past two days I've noticed a significant uptick in denied outbound traffic at my firewall and have traced this back to Firefox running on one of my servers. I only see this traffic when Firefox is open, no other browsers show the same behavior and there is no traffic when Firefox is shutdown. There are no extensions/addons installed. I'd really like to pinpoint what these IPs are and why Firefox is trying to reach them. All resolve to Amazon blocks. IPs are: 13-225-146-21 13-225-146-108 13-225-146-121

Todas as respostas (7)

philipp
philipp
  • Moderator
more options

hi, in the network section of the browser console you'll see all urls that firefox is connecting to: https://developer.mozilla.org/en-US/docs/Tools/Browser_Console this will provide more information as to what functionality might be causing it than mere ip addresses that are part of aws...

cor-el
cor-el
  • Moderator
more options

See also the about:networking page and this support article.

patnreb
patnreb Proprietário da pergunta
more options

philipp - thank you for this...didn't know the browser console existed. Using it I see that the browser is trying to connect to https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=tippytop&bucket=main

Do you know where this is triggered from?

cor-el : Thank you for the article link but I had already followed the instructions there, hence my concern when I started seeing connections again. I will go through it once more to make sure I didn't miss something.

patnreb
patnreb Proprietário da pergunta
more options

Just saw this attempt as well:

https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=66.0&pver=2.2

philipp
philipp
  • Moderator
more options

i think the first request (https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/records?collection=tippytop&bucket=main) would download a collection of thumbnails for popular domains to be displayed in the top sites section of the new tab page.

the second request will download lists for domains to blocklist which are used by the various components of firefox tracking protection: https://wiki.mozilla.org/Security/Tracking_protection

patnreb
patnreb Proprietário da pergunta
more options

Thank you Philipp! Gives me something to start looking at.

cor-el
cor-el
  • Moderator
more options

See also this builtin file:

  • resource://activity-stream/data/content/tippytop/top_sites.json