From Newsgroup: comp.os.linux.misc


Completely blank firefox - no sites loaded

netstat -an | grep tcp | grep 443

tcp 0 0 192.168.0.7:51446 34.107.243.93:443
ESTABLISHED
tcp 0 0 192.168.0.7:55090 199.232.57.91:443
ESTABLISHED
tcp 0 0 192.168.0.7:51442 34.120.208.123:443
ESTABLISHED
tcp 0 0 192.168.0.7:48282 142.250.129.95:443
TIME_WAIT

All google apart from Fastly inc.

Later on more google connections show up.

netstat -an | grep tcp | grep 443
tcp 0 0 192.168.0.7:59228 142.250.117.95:443
ESTABLISHED
tcp 0 0 192.168.0.7:39762 142.251.29.138:443
ESTABLISHED
tcp 0 0 192.168.0.7:51446 34.107.243.93:443
ESTABLISHED
tcp 0 0 192.168.0.7:39770 142.250.140.95:443
ESTABLISHED
tcp 0 0 192.168.0.7:45788 142.250.117.105:443
ESTABLISHED
tcp 0 0 192.168.0.7:51442 34.120.208.123:443
TIME_WAIT
--
"And if the blind lead the blind, both shall fall into the ditch".

Gospel of St. Mathew 15:14

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

On Sat, 1 Nov 2025 19:47:12 +0000, The Natural Philosopher wrote:

netstat -an | grep tcp | grep 443

You’ve got “-a”, which means include all local ports, followed by “-n”,
which means only show connected ports. Plus all the chucking away of
output you didn’t even want in the first place.

Try this:

ss -nt 'dport = 443 || sport = 443'

or even

ss -t state connected 'dport = 443 || sport = 443'
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

On Sat, 1 Nov 2025 20:35:51 -0000 (UTC), I wrote:

You’ve got “-a”, which means include all local ports, followed by “-n”,
which means only show connected ports. Plus all the chucking away of
output you didn’t even want in the first place.

Oops, sorry, forgot that “-n” actually means “display numeric port numbers, not service names”.

The rest of it still works, though.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

The Natural Philosopher <tnp@invalid.invalid> wrote:

Completely blank firefox - no sites loaded

netstat -an | grep tcp | grep 443

tcp 0 0 192.168.0.7:51446 34.107.243.93:443
ESTABLISHED

I get (Firefox 140.4.0esr):
tcp 0 0 192.168.1.100:51410 151.101.81.91:443 ESTABLISHED
tcp 0 0 192.168.1.100:59912 34.160.144.191:443 ESTABLISHED
tcp 0 0 192.168.1.100:51390 151.101.81.91:443 ESTABLISHED

The "about:networking" page lists
"content-signature-2.cdn.mozilla.net" which resolves to
34.160.144.191. Also "firefox.settings.services.mozilla.com" and "firefox-settings-attachments.cdn.mozilla.net" which are
151.101.81.91:

$ dig content-signature-2.cdn.mozilla.net

; <<>> DiG 9.18.25 <<>> content-signature-2.cdn.mozilla.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10399
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;content-signature-2.cdn.mozilla.net. IN A

;; ANSWER SECTION:
content-signature-2.cdn.mozilla.net. 483 IN CNAME content-signature-chains.prod.autograph.services.mozaws.net.
content-signature-chains.prod.autograph.services.mozaws.net. 186 IN A 34.160.144.191

$ dig firefox.settings.services.mozilla.com

; <<>> DiG 9.18.25 <<>> firefox.settings.services.mozilla.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46401
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;firefox.settings.services.mozilla.com. IN A

;; ANSWER SECTION:
firefox.settings.services.mozilla.com. 28 IN CNAME mozilla.map.fastly.net. mozilla.map.fastly.net. 31 IN A 151.101.81.91

$ dig firefox-settings-attachments.cdn.mozilla.net

; <<>> DiG 9.18.25 <<>> firefox-settings-attachments.cdn.mozilla.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7059
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;firefox-settings-attachments.cdn.mozilla.net. IN A

;; ANSWER SECTION:
firefox-settings-attachments.cdn.mozilla.net. 42 IN CNAME mozilla.map.fastly.net.
mozilla.map.fastly.net. 54 IN A 151.101.81.91


So Mozilla's using Google and Fastly as hosts for services Firefox
is connecting to automatically. However in the past I've tried to
block these mystery services from connecting, so thanks for the
tip. Also a connection to a government website that I haven't even
visited for weeks! I really which I could ditch FF and just use
Dillo.
--
__ __
#_ < |\| |< _#
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

The Natural Philosopher <tnp@invalid.invalid> writes:

Completely blank firefox - no sites loaded

netstat -an | grep tcp | grep 443

tcp 0 0 192.168.0.7:51446 34.107.243.93:443
ESTABLISHED
tcp 0 0 192.168.0.7:55090 199.232.57.91:443
ESTABLISHED
tcp 0 0 192.168.0.7:51442 34.120.208.123:443
ESTABLISHED
tcp 0 0 192.168.0.7:48282 142.250.129.95:443
TIME_WAIT

https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
--
https://www.greenend.org.uk/rjk/
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

Richard Kettlewell <invalid@invalid.invalid> wrote:

The Natural Philosopher <tnp@invalid.invalid> writes:

Completely blank firefox - no sites loaded

netstat -an | grep tcp | grep 443

tcp 0 0 192.168.0.7:51446 34.107.243.93:443
ESTABLISHED
tcp 0 0 192.168.0.7:55090 199.232.57.91:443
ESTABLISHED
tcp 0 0 192.168.0.7:51442 34.120.208.123:443
ESTABLISHED
tcp 0 0 192.168.0.7:48282 142.250.129.95:443
TIME_WAIT

https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections

So this claims to explain the
"firefox.settings.services.mozilla.com" connection I get:

"Login breach information
Firefox Monitor warns you if your online accounts were involved in
a known data breach. For more information, see Firefox Password
Manager - Alerts for breached websites.
To get the latest login breach information and more, Firefox
connects to firefox.settings.services.mozilla.com"

And it links to this page which describes disabling it:

"Turn off website breach alerts
Disabling the feature also prevents Firefox from checking to see if
you've reused these potentially vulnerable passwords on any of your
other saved logins.
1. In the Menu bar at the top of the screen, click Firefox and
select Settings (select Preferences on older macOS versions).Click
the menu button and select Settings.
2. Select the Privacy & Security panel on the left and scroll down
to the Logins and PasswordsPasswords section.
3. Deselect the checkbox for Show alerts about passwords for
breached websites."

But the "Show alerts about passwords for breached web sites"
checkbox was already unselected. Yet the connection was still
made at start-up!
--
__ __
#_ < |\| |< _#
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

The Natural Philosopher wrote:

Completely blank firefox - no sites loaded

netstat -an | grep tcp | grep 443

in a command window with admin rights, try netstat -nob

in most cases it shows the process name, so you can tell if it's
something other than firefox, downside is that it's multiple row
output, so grepping for :443 doesn't play nice.

if you have too many connections to see the wood for the trees, and need filtering, switch to powershell with get-netTCPconnection


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

not@telling.you.invalid (Computer Nerd Kev) writes:

"Login breach information
Firefox Monitor warns you if your online accounts were involved in
a known data breach. For more information, see Firefox Password
Manager - Alerts for breached websites.
To get the latest login breach information and more, Firefox

^^^^^^^^

connects to firefox.settings.services.mozilla.com"

[...]

But the "Show alerts about passwords for breached web sites" checkbox
was already unselected. Yet the connection was still made at
start-up!

Presumably it’s the ‘and more’ in the description.
--
https://www.greenend.org.uk/rjk/
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.os.linux.misc

On 01/11/2025 22:04, Computer Nerd Kev wrote:

So Mozilla's using Google and Fastly as hosts for services Firefox
is connecting to automatically. However in the past I've tried to
block these mystery services from connecting, so thanks for the
tip. Also a connection to a government website that I haven't even
visited for weeks! I really which I could ditch FF and just use
Dillo.

Yes. I looked further and these sites are supposed to be for downloading
lists of 'bad sites' etc.

I noticed a grotty network performance when using a pirate website to
watch Scotland make fools of the USA in the Rugby match and wondered why.

The pirate site was crawling with blocked adware.

Having closed that down there was still a lot of stuff hitting the net
even with no bowser windows open
--
"Nature does not give up the winter because people dislike the cold."

― Confucius

--- Synchronet 3.21a-Linux NewsLink 1.2