Jump to content

cs9.wac.phicdn.net 93.184.220.29


Recommended Posts

Good day,

As soon as I open Mozilla Firefox on any on my 4 PCs I receive 'Potential Threat Blocked. The following website appears malicious (Trojan). Kindly advise if this is a false positive or something I need to worry about.

In anticipation, I thank you for your kind assistance herein

Kind regards

Overblaze

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 02/04/2021
Protection Event Time: 18:05
Log File: 420d6b42-93cd-11eb-a32c-503eaa148936.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1236
Update Package Version: 1.0.39012
Licence: Premium

-System Information-
OS: Windows 10 (Build 19042.868)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: Trojan
Domain: cs9.wac.phicdn.net
IP Address: 93.184.220.29
Port: 80
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

Link to post
Share on other sites

The same happening to me on firefox, haven't tried with other browser, but it happened when opening twitch, linkdln, virustotal and other websites

Edited by Xauma95
correction
Link to post
Share on other sites

False positive confirmed

"Hello, thanks for bringing this to our attention. We've reviewed the IP again and have determined it no longer warrants being blocked so we've removed it from our database. 

Removal should be reflected in the next database update going out in a few hours or so."

Link to post
Share on other sites
2 minutes ago, Overblaze said:

False positive confirmed

"Hello, thanks for bringing this to our attention. We've reviewed the IP again and have determined it no longer warrants being blocked so we've removed it from our database. 

Removal should be reflected in the next database update going out in a few hours or so."

Thanks, I was worried

Link to post
Share on other sites

just opened netflix windows 10 app and recieved the warning too, don't know what it is, read something about being owned by verizon and something about certificate validation process "digicert"

Link to post
Share on other sites
8 minutes ago, Xauma95 said:

i juts updated the database to version 1.0.39014 and still getting the warnings

It takes 2-4 hours for the update to flow out.

  • Like 1
Link to post
Share on other sites
4 minutes ago, Porthos said:

It takes 2-4 hours for the update to flow out.

Do you have any idea what actually is cs9.wac.phicdn.net and why are we getting so many warnings with this?

Link to post
Share on other sites
1 minute ago, Xauma95 said:

Do you have any idea what actually is cs9.wac.phicdn.net and why are we getting so many warnings with this?

This seems to have been an IP block that affected many services and sites.

Link to post
Share on other sites

Same here.

Seeing the following:

Category: Trojan
Domain: cs9.wac.phicdn.net
IP Address: 93.184.220.29
Port: 80
Type: Outbound

File: C:\Program Files\Mozilla Firefox\firefox.exe

and

File: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

 

 

Link to post
Share on other sites
7 minutes ago, Aserioxki said:

Dijiste que es un FP y que habrá una próxima actualización en unas horas, mientras tanto, ¿sigo navegando normalmente? porque he desactivado el wifi y estoy usando mi teléfono rn. 

Just add the detection to exclusions and wait until update.

 

No worries.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.