The only thing i know for sure that is safe is noscript. The other ones i am not so sure about. Im pretty sure it is prefbar doing it, im assuming its a toolbar and most toolbars do crazy things. Uninstall that tool bar and then see how it goes. Or you can have CFP block all connections to that IP. Or try blocking it at the host file level.
NoScript and Adblock (Plus) are safe, no strange connections. Only connections made on Firefox startup are to my DNS.
And yes, 18.104.22.168 is http://mozdev.org. Try writing it in your adress bar, and your DNS will resolve 22.214.171.124 as http://mozdev.org.
Thanks for your replies, but the riddle has been solved now.
New prefbar 4.1 adds an autocheck for updates function. (I think there should be a switch to turn this off, but, unfortunately, this is not the case).
For that reason it tries to connect to that site every few seconds… not a lovely thing, am I right?
Returning to 4.0 (which does it’s job equally fine) stopped those “home phoning” (even if they were, hopefully, not of the malicious kind) attempts.
Quote from their site:
PrefBar 4.1 contains a simple update notifier which will tell you about future PrefBar updates and asks you if you like to visit the PrefBar homepage
“For that reason it tries to connect to that site every few seconds… not a lovely thing, am I right?”
I totally agree with you. If you’re a fan of that add on, you might suggest they get rid of that feature. If you get enough people to notice it and complain about it, they’re lean more towards considering changing it.