Jump to content

Recommended Posts

IP-BLOCK 88.85.69.135

Should be innocent.

It hosts webcamcash.ru , webcamclub.ru , wccbanking.com and few other sites related to russian chats which are clean.

I googled the Ip and I could not find any alien domain hosted in it, it seems just those which I swear it is all ok.

The issue of course it is we are losing reputation as site blocked as malicious. I think it may be a range from nearby ip's or previous ip holder, or if there is something still malicious can you please write where so it can be cleaned.

There, also they give bad rating:

http://www.malwaregroup.com/domains/details/webcamcash.ru

You copied the rating simply from the above list? How I can see if the ip is blacklisted by other softwares too?

Investigation on this ip would be appreciated in hope for cleaning as false positive for next update.

Thanks.

Link to post
Share on other sites

I am currently looking into this and will reply in due course (though Webazilla has been a constant source of malicious content for quite some time now, with little to no action from them to put a stop to it, which is why the block is in place).

Link to post
Share on other sites

Webazilla hosts thousands customers, most are adult sites, I believe many bad ones, but they can't be all bad, just statistically. Check by ip. It is a popular host in russia and not all the russians are malicious hackers (unlike popular belief - would be a disaster if true as they're millions hehe).

By the way I got another russian site blocked, it is 83.133.111.101 (very-soft.com , hosted somewhre in germany), they do shareware that I use, maybe their software connects to the site to check the license? The soft I use, webcamsplitter have no issues that I know of, but they sell other stuff too. I wonder if I can know why they're blocked?

One thing, to identify what was blocked I check the logs, but these are filled of torrent blocks if I have it on. I wonder if you can in a future implement separate logs by process, as now it is all together dividedby day.

Let's assume I wished to see separately what's torrent and what's browser block, these may be separately logged instead of together:

17:10:26 Usern1 IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52635, Process: utorrent.exe)

17:11:06 Usern1 IP-BLOCK 62.213.100.26 (Type: outgoing, Port: 52681, Process: iexplore.exe)

Or - also good solution - is there a way to do not log or have no notification for blocks of specific process, for example the torrent ones are very often (but not relevant to know) and distracts with balloon notification and fill the logs; instead the ones from explorer or firefox I would care to see separately and all the times as it is relevant to know.

If I could disable notification and logging of Process: utorrent.exe , then I would have only what I care which is the browsing warns - and figure if a site is down from internet or simply malwarebytes not liked it.

Link to post
Share on other sites

You can't selectively enable/disable the balloons at present, but may wish to suggest this in the appropriate forums.

I'm aware of who Webazilla are and where they are, and am fully aware that not all Russians are criminals (indeed, it's a relatively small group in comparison), and as far as the block, and still looking into this.

Link to post
Share on other sites

You can't selectively enable/disable the balloons at present, but may wish to suggest this in the appropriate forums.

Also I see if computer was in screensaver status for hours, then wake up, there are the collection of balloons for whole night to appear one after another (windows 7 here). I am unsure where to post this thing of selective balloons, as you are part of staff you may forwrd this to who develops as a note.

Link to post
Share on other sites

  • 11 months later...

You can't selectively enable/disable the balloons at present, but may wish to suggest this in the appropriate forums.

I'm aware of who Webazilla are and where they are, and am fully aware that not all Russians are criminals (indeed, it's a relatively small group in comparison), and as far as the block, and still looking into this.

I am here writing again about IP 88.85.69.135 after 1 year (365 days) you are "still looking into this".

I posted the false positive report in 11 September 2011 , now it is 7 September 2012 and still it is blocked.

Not impressed.

Link to post
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.