Jump to content

50.23.124.152 False?

DrDca

By DrDca
in Website Blocking

 Share

Recommended Posts

snafu

snafu

Posted
Posted

I too have perstistant messages regarding that IP address and other IP addresses from Softlayer Technologies. It all started yesterday with a flash update - I think ?

It only appears on Ebay- I ran M.B. pro and my Windows defender but they found nothing. Any clues ? I found reference to Softlayer on this site but it was a thread years ago.

Link to post
Share on other sites
lcostet

lcostet

Posted
Posted

Relieved to read that I am not the only one that has been having this problem. It started last night, and is happening on both computers that have Malwarebytes Pro installed on. When I am on ebay, (I have been a seller for 14 years and spend hours everyday on the site, and this has never happened before) and go to one of my listings or any listing, I keep getting a Malwarebytes bubble notification indicating that it has successfully blocked access to a potential malicious website. Type: outgoing. Process: iexplore.exe. The IP addresses have been 50.97.214.162 and 50.97.218.220, and maybe another one that I didn't write down. I performed a System Restore and used CCleaner to clean out all cookies, etc., but to no avail. I ran a scan with Malwarebytes and Webroot but neither picked up anything.

Needless to say, I would appreciate any help to resolve this issue. Is it possible that ebay is using some banner ads that are causing this problem? Or, are there issues with Softlayer, who appears to be associated with these IP addresses? Or, is this a false positive?

Link to post
Share on other sites
jazzbrew

jazzbrew

Posted
Posted

I am also having problems now with MBAM reporting that it is blocking malicious IPs (outgoing) for several different IP's including 50.23.124.152. I have tried the suggested fix of updating the database and running a quick scan.

This notification came up when accessing a news story at www.reuters.com.

Is Reuters website really infected?

Link to post
Share on other sites
Bigcountry02

Bigcountry02

Posted
Posted

Fix did not work. Still getting it after going to www.cnet.com website. I cleaned the logs and did scans, computers that have Windows 7 64-bit (Home and Pro) and Windows XP (Pro). I have enabled Flash and privacy is running medium; however changed to medium-High. The only defense to this coming up is turning cookies completely off (disabled). From protection log: 2013/04/18 00:23:43 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61362, Process: iexplore.exe)

2013/04/18 00:35:52 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61950, Process: iexplore.exe)

2013/04/18 00:35:53 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61949, Process: iexplore.exe)

2013/04/18 00:35:53 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61951, Process: iexplore.exe)

2013/04/18 00:36:57 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 62063, Process: iexplore.exe)

Link to post
Share on other sites
jazzbrew

jazzbrew

Posted
Posted

Fix did not work. Still getting it after going to www.cnet.com website. I cleaned the logs and did scans, computers that have Windows 7 64-bit (Home and Pro) and Windows XP (Pro). I have enabled Flash and privacy is running medium; however changed to medium-High. The only defense to this coming up is turning cookies completely off (disabled). From protection log: 2013/04/18 00:23:43 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61362, Process: iexplore.exe)

2013/04/18 00:35:52 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61950, Process: iexplore.exe)

2013/04/18 00:35:53 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61949, Process: iexplore.exe)

2013/04/18 00:35:53 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 61951, Process: iexplore.exe)

2013/04/18 00:36:57 -0600 IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 62063, Process: iexplore.exe)

I am also getting notifications on just about every news website as well as cnet.com - but on my computer it is blocking 50.123.124.152. I am having a hard time believing that all of these reputable sites have content or ads that are now being blocked as malicious by Malwarebytes. Since so many people are reporting this all of a sudden - I am thinking that this must be a False Positive.

Can anyone from malwarebytes test cnet.com, reuters.com, to see if they are infected through these IPs?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.