TomFace 539 Posted October 16, 2018 Share Posted October 16, 2018 (edited) I was online using my VPN (ExpressVPN) logged out of it and then started getting blocked address messages from ESET (from various IPs). Am scanning now. Does anyone have any information on this issue? I am still getting the messages logging back into ExpressVPN as of now. First time I have had an issue with this. I'm disconnecting now till after the scan is done. Edited October 16, 2018 by TomFace Link to comment Share on other sites More sharing options...
itman 1,755 Posted October 16, 2018 Share Posted October 16, 2018 (edited) Looks like it has been blacklisted for serving up potentially dangerous content. I also ran a scan with Robtex using the IP address, 107.6.159.114, shown in your alert window. The domain name shown in your alert, hxxps://www.lbhydju.net, does not resolve to that IP address. Only shown are the following domain names associated with that IP address: asdjkljfjaowjfq.net bezakef.net fjffpwt.net jovqxxh.net n1ui5fms.net sonwf81nt.net yzdkh.net apis-chi-7.expressvpn.com According to WHOIS IP Address lookup the IP address associated with hxxps://www.lbhydju.net is 198.143.153.42. This does appear to be related to ExpressVPN; i.e. Singlehop LLC. Finally, Eset detected IP address, 173.236.44.10, for my attempted access to the domain. Edited October 16, 2018 by itman Link to comment Share on other sites More sharing options...
TomFace 539 Posted October 17, 2018 Author Share Posted October 17, 2018 I'll submit it to ESET for review. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,290 Posted October 17, 2018 Administrators Share Posted October 17, 2018 It was fixed yesterday a few minutes after you reported it here. Link to comment Share on other sites More sharing options...
TomFace 539 Posted October 17, 2018 Author Share Posted October 17, 2018 7 hours ago, Marcos said: It was fixed yesterday a few minutes after you reported it here. Excellent Marcos....I did submit an e-mail to samples@ESET this morning before I logged in here. Thanks again. Regards, Tom Link to comment Share on other sites More sharing options...
Ajit 0 Posted October 18, 2018 Share Posted October 18, 2018 Dear friends. i am still facing this issue. My antivirus is constantly popping with that website name and has been blocked message. While I am writing this I can see its popping. What should I do? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,290 Posted October 19, 2018 Administrators Share Posted October 19, 2018 15 hours ago, Ajit said: Dear friends. i am still facing this issue. My antivirus is constantly popping with that website name and has been blocked message. While I am writing this I can see its popping. What should I do? Either you are using older ESET modules or it's another domain / IP address which is blocked. Please post the appropriate records (the whole row) from the Filtered websites log. Link to comment Share on other sites More sharing options...
Recommended Posts