This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cant stop 2 of the mozilla's automatic hidden connections

  • 10 replies
  • 1 has this problem
  • 4 views
  • Paskiausią atsakymą parašė bokbok

more options

I've already done all the things explained in "Disable FF automatic connections" page. I also disabled "Query for certificates" setting (OCSP thing)

But FF connects to some IP's when opened still. It connects to both shavar.prod.mozaws.net(also things like it, versioncheck.prod.mozaws.net) and search.r53-2.services.mozilla.com

Glasswire Screenshot: https://postimg.org/image/705do8onr

I even blocked it at hosts but... I guess it has many different IP's? And how would I get rid of these connections?

Note: I have another privacy question not related to FF, are we allowed to discuss it here?

I've already done all the things explained in "Disable FF automatic connections" page. I also disabled "Query for certificates" setting (OCSP thing) But FF connects to some IP's when opened still. It connects to both shavar.prod.mozaws.net(also things like it, versioncheck.prod.mozaws.net) and search.r53-2.services.mozilla.com Glasswire Screenshot: https://postimg.org/image/705do8onr I even blocked it at hosts but... I guess it has many different IP's? And how would I get rid of these connections? Note: I have another privacy question not related to FF, are we allowed to discuss it here?

All Replies (10)

more options

hi, please press ctrl+shift+j and go to the networking tab of the browser console to see where those connections are going to exactly - that will make it easier for us to give advice here...

How to stop Firefox from making automatic connections

more options

Here's browser console (I don't understand what to do with it): https://s21.postimg.org/ei8rnz1yf/1_browser_console.jpg

Here's Glasswire showing all 4 hidden connections made just by starting FF: https://s13.postimg.org/fktc3lc9j/2_Glasswire_FF.jpg I wrote their IP's on the screenshot.

Extra question: Peerblock blocks EI Du Pont de Nemours and co Inc adresses a lot. It also happened now when I tried to open this post. But those Dupont connections are random, they might appear on any link, not just by coming here. Screenshot: https://s15.postimg.org/tb3t29py3/3_Dupont_on_mozilla_page.jpg

Are those blocked Dupont connections (again, they appear anywhere on the internet sometimes) safe?

more options

hi again, sorry that screenshot of the browser console doesn't really help - please disable and reenable the "net" section and disable the logging of all other sections (css, js,...) to get to the relevant information.

more options

On that last point:

I don't know why your tool associates those addresses with DuPont. That entire range starting with 52.222 is Amazon's and I suspect customers may be assigned different addresses dynamically over time, so I don't think you can reliably know what site it was (or who operated it) retrospectively from the earlier history of use of the IP address.

NetRange: 52.192.0.0 - 52.223.255.255 Organization Name: Amazon Technologies Inc. https://whois.arin.net/rest/net/NET-52-192-0-0-1/pft?s=52.222.157.69

more options

philipp said

hi again, sorry that screenshot of the browser console doesn't really help - please disable and reenable the "net" section and disable the logging of all other sections (css, js,...) to get to the relevant information.

I cleared cookies/cache etc. Started FF. Glasswire again shows a connection to shavar.prod.mozaws.net(52.43.240.174) 3 KB Down, 952 Bytes Up. Opened browser console and just did what you said; Net section has absolutely 0 information there.

more options

you need to disable and reenable the net section once i think before entries show up there. shavar* is used to obtain the blocklists for tracking protection & safebrowsing i think: https://wiki.mozilla.org/Services/TrackingProtection

more options

philipp said

shavar* is used to obtain the blocklists for tracking protection & safebrowsing i think: https://wiki.mozilla.org/Services/TrackingProtection

I had tracking protection off. And I had;

browser.safebrowsing.enabled browser.safebrowsing.downloads.remote.enabled browser.safebrowsing.malware.enabled

All of them disabled. So what do you think?

more options

philipp said

you need to disable and reenable the net section

Hi Philip, it worked, Here's the screenshot: https://s22.postimg.org/5n5ou8d75/shavar_net.jpg

2 GET's there, but only one shavar connection in Glasswire, what to do?

more options

hi, the first connection might be triggered by the https everywhere addon or the tor browser: https://github.com/EFForg/https-everywhere/issues/2719 - off hand i don't know how to prohibit that, so you might want to get in contact with their support...

in regards to the second connection - snippets are the little space beyond the search field where mozilla is running promotions. to prohibit any connections there you might want to try setting the preference browser.aboutHomeSnippets.updateUrl to a blank value or set an empty homepage for firefox.

more options

philipp said

hi, the first connection might be triggered by the https everywhere addon or the tor browser: https://github.com/EFForg/https-everywhere/issues/2719 - off hand i don't know how to prohibit that, so you might want to get in contact with their support... in regards to the second connection - snippets are the little space beyond the search field where mozilla is running promotions. to prohibit any connections there you might want to try setting the preference browser.aboutHomeSnippets.updateUrl to a blank value or set an empty homepage for firefox.

I don't use tor browser, and the https everywhere topic doesnt say how to block it :( for second connection I already had browser.aboutHomeSnippets.updateUrl blank so any other ideas?