Jump to content

Firewall blocking access to www.i0rp1i2j.com


Recommended Posts

The firewall are frequently showing a message about blocking access to www.i0rp1i2j.com. I have tried googling the website, but fund no real reliable answers. Perhaps it has something to do with the Crome browser. Is it safe to allow access to the website?

Best regards

Link to comment
Share on other sites

57 minutes ago, mortenoc said:

The firewall are frequently showing a message about blocking access to www.i0rp1i2j.com

I can't access this URL in Firefox. It states it can't find this domain.

Link to comment
Share on other sites

1 minute ago, itman said:

I can't access this URL in Firefox. It states it can't find this domain.

So what is trying to access a website, that doesn't exist? Some redundant function in some application or remains of a trojan? Should I allow access?

Link to comment
Share on other sites

12 hours ago, itman said:

Post a screen shot of the Eset firewall alert you are receiving.

Ok. Here it comes. Its in Danish, but suppose that doesn't matter.

Eset.jpg

Link to comment
Share on other sites

The alert shown is originating from Eset's Web Access protection. It is an IP address blacklist detection as confirmed by VirusTotal detection;

Eset_Google.thumb.png.5b2a4a9f78ba3f9ba41bea681f907b81.png

If you only receive the Eset alert when you manually access some web site, do not continue to access this web site.

Otherwise, my best guess at this point is you have a malicious extension installed in Chrome and it is trying to connect to this IP address. The extension must be removed to stop this Eset alert.

Your PC is protected since Eset blocked access to the malicious remote connection.

-EDIT-

If this Eset alert appears w/o any browser open, have you recently installed a free or cracked game download? A number of these contain malware in the installer which will download additional malware from a compromised Google cloud store server. Open Eset "Filtered websites" log and search for entries related to this 104.155.138.21 blocked IP address. Open one of those entries and it will show what application was the source of the IP address traffic.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...