mortenoc 0 Posted August 5, 2023 Share Posted August 5, 2023 The firewall are frequently showing a message about blocking access to www.i0rp1i2j.com. I have tried googling the website, but fund no real reliable answers. Perhaps it has something to do with the Crome browser. Is it safe to allow access to the website? Best regards Link to comment Share on other sites More sharing options...
itman 1,790 Posted August 5, 2023 Share Posted August 5, 2023 57 minutes ago, mortenoc said: The firewall are frequently showing a message about blocking access to www.i0rp1i2j.com I can't access this URL in Firefox. It states it can't find this domain. Link to comment Share on other sites More sharing options...
mortenoc 0 Posted August 5, 2023 Author Share Posted August 5, 2023 1 minute ago, itman said: I can't access this URL in Firefox. It states it can't find this domain. So what is trying to access a website, that doesn't exist? Some redundant function in some application or remains of a trojan? Should I allow access? Link to comment Share on other sites More sharing options...
itman 1,790 Posted August 5, 2023 Share Posted August 5, 2023 Post a screen shot of the Eset firewall alert you are receiving. Link to comment Share on other sites More sharing options...
mortenoc 0 Posted August 6, 2023 Author Share Posted August 6, 2023 12 hours ago, itman said: Post a screen shot of the Eset firewall alert you are receiving. Ok. Here it comes. Its in Danish, but suppose that doesn't matter. Link to comment Share on other sites More sharing options...
itman 1,790 Posted August 6, 2023 Share Posted August 6, 2023 (edited) The alert shown is originating from Eset's Web Access protection. It is an IP address blacklist detection as confirmed by VirusTotal detection; If you only receive the Eset alert when you manually access some web site, do not continue to access this web site. Otherwise, my best guess at this point is you have a malicious extension installed in Chrome and it is trying to connect to this IP address. The extension must be removed to stop this Eset alert. Your PC is protected since Eset blocked access to the malicious remote connection. -EDIT- If this Eset alert appears w/o any browser open, have you recently installed a free or cracked game download? A number of these contain malware in the installer which will download additional malware from a compromised Google cloud store server. Open Eset "Filtered websites" log and search for entries related to this 104.155.138.21 blocked IP address. Open one of those entries and it will show what application was the source of the IP address traffic. Edited August 6, 2023 by itman micasayyo 1 Link to comment Share on other sites More sharing options...
Recommended Posts