Jump to content

FP? 209.190.74.76

daledoc1

By daledoc1
in Website Blocking

 Share

Recommended Posts

daledoc1

daledoc1

Posted
Posted

Hello:

MBAM Pro just blocked IP 209.190.74.76.

At the time, I was online (FF 3.6) at Capital One Direct Banking (208.80.48.112) looking at some of their online banking options.

The exact URL was:

http://www.capitalone.com/directbanking/mo...5_R1_04_T_SP25R

(I was not logged in, had not entered any personal information, nor was my browser hijacked or subject to any other apparent redirect.)

Needless to say, before I even consider opening an account, I need to know if this was a FP, a real intrusion attempt from this IP, or a coincidence.

Thanks!

Daledoc1

Link to post
Share on other sites
MysteryFCM

MysteryFCM

Posted
Posted

It's not an F/P, and more curiously, I can't reproduce it.

The IP belongs to exelator.biz/.com. This company is involved in tracking etc, and was recently implicated in malvertisements and click fraud (though this was likely their "customers" fault rather than theirs), for example;

http://www.threatexpert.com/report.aspx?md...83d7c6e4327dd4c

I've seen nothing from them that's malicious, over the past couple of weeks however, so I'll get the IP removed.

The Capital One site itself is perfectly safe. This loading likely came from advertisements on the page.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
  • Author
Posted
It's not an F/P, and more curiously, I can't reproduce it.

The IP belongs to exelator.biz/.com. This company is involved in tracking etc, and was recently implicated in malvertisements and click fraud (though this was likely their "customers" fault rather than theirs), for example;

http://www.threatexpert.com/report.aspx?md...83d7c6e4327dd4c

I've seen nothing from them that's malicious, over the past couple of weeks however, so I'll get the IP removed.

The Capital One site itself is perfectly safe. This loading likely came from advertisements on the page.

WHEW!

That scared the pajamas off me.

FWIW, I tried browsing to the CapitalOneDirect website again, and it happened again (and again).

I did try to notify the "webmaster" (though there was no specific contact info for this) by sending an email to their fraud department, but I don't expect to hear back.

Thanks for letting me know.

(FWIW I just finished a deep MBAM scan, which picked up nothing, and my (worthless) McAfee Security Center (which never detects nothing) did not pick up anything at all (worrisome, as usual).)

Regards,

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.