When Firefox is running, lots IP addresses show up in the Win7 taskbar resource monitor including 93.184.215.73 - which could be malicious.How do I block it?
I noticed a slowdown sometimes in Firefox - checked the Windows 7 task manager resource monitor and found lots of IP addresses - though only one Firefox window open. So I checked them out - most seemed legit but this one definitely has a bad reputation from computer forums: 93.184.215.73. What I want to know is a) how do I block it in Firefox? It is easy in IE. You just block it under privacy and security tabs. b) why is Firefox even running this? Thanks. M in Oakland
Chosen solution
By the way, anything that promises free video downloading or conversion is potentially suspicious in my book. As another experiment, you might want to disable those extensions for a day and see how that affects your traffic. You can do that on the Add-ons page. Either:
- Ctrl+Shift+a
- "3-bar" menu button (or Tools menu) > Add-ons
In the left column, click Extensions. Then, if in doubt, disable.
Often a link will appear above at least one disabled extension to restart Firefox. You can complete your work on the tab and click one of the links as the last step.
Notice any differences?
Read this answer in context 👍 2All Replies (10)
http://en.wikipedia.org/wiki/EdgeCast_Networks http://www.edgecast.com/customers/
Edgecast provide CDN (Content Delivery Network) services to Mozilla and other content providers.
I understand it provides some services, but am concerned it can be used as a backdoor. I went to the Edgecast website and see it is owned/provided by Verizon. So my concerns are, can it be used as a backdoor? And second, I'm not sure I trust Verizon with any usage data about me. Should I be concerned about this? Thanks, Martha
James said
http://en.wikipedia.org/wiki/EdgeCast_Networks http://www.edgecast.com/customers/ Edgecast provide CDN (Content Delivery Network) services to Mozilla and other content providers.
marthops said
I noticed a slowdown sometimes in Firefox - checked the Windows 7 task manager resource monitor and found lots of IP addresses - though only one Firefox window open. So I checked them out - most seemed legit but this one definitely has a bad reputation from computer forums: 93.184.215.73. What I want to know is a) how do I block it in Firefox? It is easy in IE. You just block it under privacy and security tabs. b) why is Firefox even running this? Thanks. M in Oakland
'
Modified
I found this; http://www.ipvoid.com/scan/93.184.215.73/
93.184.215.73 Scan Report
IP Address Information Analysis Date 3 years ago Blacklist Status BLACKLISTED 2/36 IP Address 93.184.215.73 ( Websites Lookup ) Reverse DNS 93.184.215.73 ASN AS15133 ASN Owner EdgeCast Networks, Inc. ISP EdgeCast Networks Continent North America Country Code Flag (US) United States Latitude / Longitude 38.8951 / -77.0364 City Washington Region District of Columbia IP Blacklist Report
Thanks. I wonder how it could be both - trusted and blacklisted? I blocked it in IE at least.
That was three years ago and it does not list the reason for blacklist at the time. If Mozilla had any concerns with using Edgecast then they would not have used it to start with or have discontinued.
Mozilla used to use a system of mirrors http://www-archive.mozilla.org/mirrors.html for releases.mozilla.org to help host the downloads of everything. Now they use cdn's as an example link is http://download.cdn.mozilla.net/pub/mozilla.org/firefox/
https://blog.mozilla.org/it/2012/08/03/dear-mozilla-mirrors-thank-you/ https://developer.mozilla.org/en-US/docs/Glossary/CDN
Mozilla also uses http://aws.amazon.com/cloudfront/ as needed use on-the-fly.
http://www.ipvoid.com/scan/93.184.215.73
If Fred had clicked on Update Reported it would have shown BLACKLISTED 1/36
Only MyWOT out of 36 sources lists it as blacklisted and I trust Mozilla FAR more than the almost junk MyWOT (Web of Trust).
Modified
Hi Martha, do you mean the "TCP Connections" list in the Resource Monitor? Normally a short time after a request the connection will gray out showing that it is no longer in use. If a connection is kept open, that could be a feature of a site you're visiting, or it could be a feature of Firefox or one of your extensions. It might be a little difficult to figure that out if you have a lot of tabs open.
If you are inclined to experiment, I would suggest creating a new profile and navigating to a blank tab (about:blank page) to try to isolate Firefox from those factors.
Create a new Firefox profile
A new profile will have your system-installed plugins (e.g., Flash) and extensions (e.g., security suite toolbars), but no themes, other extensions, or other customizations. It also should have completely fresh settings databases and a fresh cache folder.
This profile will be distinct from and not affect your regular profile.
Exit Firefox and start up in the Profile Manager using the search box on the Start menu or the Windows "Run" dialog. Type or paste the following into the search box/Run dialog and press Enter to run it:
firefox.exe -P
The Profile Manager should open. Please do not delete anything here.
Any time you want to switch profiles, exit Firefox and return to this dialog.
Click the Create Profile button and assign a name like April30, skip the option to change the folder, and then create your new profile. Then select it and start Firefox in the new profile you created.
To load a blank page, type or paste about:blank in the address bar and press Enter.
Anything interesting in the Resource Monitor?
When returning to the Profile Manager, you might be tempted to use the Delete Profile button. But... it's a bit too easy to accidentally delete your "real" profile, so I recommend resisting the temptation. If you do want to clean up later, I suggest making a backup of all your profiles first in case something were to go wrong.
Chosen Solution
By the way, anything that promises free video downloading or conversion is potentially suspicious in my book. As another experiment, you might want to disable those extensions for a day and see how that affects your traffic. You can do that on the Add-ons page. Either:
- Ctrl+Shift+a
- "3-bar" menu button (or Tools menu) > Add-ons
In the left column, click Extensions. Then, if in doubt, disable.
Often a link will appear above at least one disabled extension to restart Firefox. You can complete your work on the tab and click one of the links as the last step.
Notice any differences?
The current 40a1 Nightly builds show the remote address (IP) of requests in the Net monitor and this web page shows for instance this request:
- https://cdn.optimizely.com/js/245885873.js
- Remote address: 93.184.220.20:443
Blocking content can cause website not to work properly and should always be considered with great care and you should check for blocked content in case of issues.
It wasn't the TCP Connections but it might as well have been - it was in the Network tab in "Overview". Thanks everyone - I'm learning a lot as I trace these things - the ipvoid report is updated to the last hour now - but James is correct, just one source blacklists it. (I still don't trust Verizon) Norton has no information on it.
I should probably disable a downloader add-on I have that doesn't work very well anyway.. I might create a new profile - not sure about that yet. I got a screen shot of what I see on the resource monitor - attached.
Meanwhile, from this discussion I guess it's safe - but be watchful of add-ons. Thanks everyone for checking this out.