Jump to content
pondus

66.40.52.74 - Blocking Bleeping Computer?

Recommended Posts

I can't confirm that. Have you checked your HOSTS file to make sure that you are not being redirected?

Share this post


Link to post
Share on other sites
I can't confirm that. Have you checked your HOSTS file to make sure that you are not being redirected?

And how would i do that? is this something you can see in a Hijack this log?

Share this post


Link to post
Share on other sites
Can you please tell me the exact error message you are getting?

No error message, it is just MalwareBytes IP popup down by the computer clock " infection blocked IP 66.40.52.74 "

It is not always, happens now and then when i surf here BleepingComputer.com > Security > Breaking Virus & Security News

Share this post


Link to post
Share on other sites

Just checked the site and we are not displaying anything from that ip range. Maybe one of the devs can chime in and let you know what that ip is blocked for.

Share this post


Link to post
Share on other sites
Maybe one of the devs can chime in and let you know what that ip is blocked for.

Meaning?

Share this post


Link to post
Share on other sites

This IP is on a Peer 1 IP range, and is blocked due to phishing, exploits, RFI's and malware. If you are seeing this IP (or any IP within the 66.40.52.* range), I STRONGLY recommend you get your machine checked for malware, especially due to the presence of domains known for banking phishing scams.

If possible, to help track down the domain being accessed, please run Fiddler whilst reproducing this for us (I can't reproduce this myself unfortunately);

www.fiddlertool.com

Once reproduced, you can save the log by either Edit > Select All, then Edit > Copy (and then pasting it to Notepad or some such), or File > Save > All Sessions.

Share this post


Link to post
Share on other sites
This IP is on a Peer 1 IP range, and is blocked due to phishing, exploits, RFI's and malware. If you are seeing this IP (or any IP within the 66.40.52.* range), I STRONGLY recommend you get your machine checked for malware, especially due to the presence of domains known for banking phishing scams.

If possible, to help track down the domain being accessed, please run Fiddler whilst reproducing this for us (I can't reproduce this myself unfortunately);

www.fiddlertool.com

Once reproduced, you can save the log by either Edit > Select All, then Edit > Copy (and then pasting it to Notepad or some such), or File > Save > All Sessions.

Fiddler log

Share this post


Link to post
Share on other sites

This is the culprit;

502	HTTP	amazingandrew.freehostia.com	/x.gif	515		text/html	iexplore:5560

Share this post


Link to post
Share on other sites
This is the culprit;

502	HTTP	amazingandrew.freehostia.com	/x.gif	515		text/html	iexplore:5560

Meaning? noting wrong in my computer and Malwarebytes is working correct?

Share this post


Link to post
Share on other sites

That is correct, yes. You can ignore this, I've got contacts over at Freehostia, so will get this resolved.

Share this post


Link to post
Share on other sites
That is correct, yes. You can ignore this, I've got contacts over at Freehostia, so will get this resolved.

supert, by the way, did full scan with

CCleaner

Panda Antivirus pro 2010

MBAM pro

SAS free

A-Squared free

nothing, not even a tracking cookie :lol:

Share this post


Link to post
Share on other sites

Good to hear :lol: (though I don't recommend Panda :lol: .... I'd recommend Kaspersky or NOD32 instead)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.