EffieFrag 0 Posted September 15, 2023 Share Posted September 15, 2023 Ever since I turned on my computer today i've been repeatedly getting this pop up about "Address has been blocked" It's at 1,000 messages and it's freaking me out 😅 I'm using Firefox as a browser and I do have some add ons but nothing i've added recently I also did a computer scan but it's clean.  Should I be concerned? How can I get rid of it? Please help 😠Link to comment Share on other sites More sharing options...
Administrators Marcos 5,234 Posted September 15, 2023 Administrators Share Posted September 15, 2023 It's strange that the IP address is localhost as the hostname normally resolves to 103.247.11.166. Do you have any application or extension installed that might access the website in question? Link to comment Share on other sites More sharing options...
EffieFrag 0 Posted September 15, 2023 Author Share Posted September 15, 2023 14 minutes ago, Marcos said: It's strange that the IP address is localhost as the hostname normally resolves to 103.247.11.166. Do you have any application or extension installed that might access the website in question? Not as far as I know. No apps or extensions, I definitely have some academic journals downloaded but i've never visited that website before. Link to comment Share on other sites More sharing options...
itman 1,741 Posted September 15, 2023 Share Posted September 15, 2023 A couple of possibilities here for this activity; 1. Something has modified your Win hosts file. 2. Something has set up a hidden localhost proxy server on your device. Pertaining to 1)., open this file, C:\Windows\System32\drivers\etc\host, using Notepad. On Win 10, the only entries that should exist in the file are shown below; If anything else exists in the your hosts file, post a screen shot of what is contained in the file. Link to comment Share on other sites More sharing options...
itman 1,741 Posted September 15, 2023 Share Posted September 15, 2023 Also, open a command prompt window. 1. Enter this command, nslookup journal.stikosa-aws.ac.id Take a screen shot of the output. 2. Enter this command, nslookup google.com Take a screen shot of the output. Post both screen shots. Link to comment Share on other sites More sharing options...
EffieFrag 0 Posted September 16, 2023 Author Share Posted September 16, 2023 It seems to have stopped on it's own, I don't know if that's good or bad.  19 hours ago, itman said: A couple of possibilities here for this activity; 1. Something has modified your Win hosts file. 2. Something has set up a hidden localhost proxy server on your device. Pertaining to 1)., open this file, C:\Windows\System32\drivers\etc\host, using Notepad. On Win 10, the only entries that should exist in the file are shown below; If anything else exists in the your hosts file, post a screen shot of what is contained in the file. It looks exactly the same as your screenshot   16 hours ago, itman said: Also, open a command prompt window. 1. Enter this command, nslookup journal.stikosa-aws.ac.id Take a screen shot of the output. 2. Enter this command, nslookup google.com Take a screen shot of the output. Post both screen shots. here you go Link to comment Share on other sites More sharing options...
itman 1,741 Posted September 16, 2023 Share Posted September 16, 2023 (edited) I believe I know what happened but don't know why it occurred. It appears you, your ISP, or whomever configured you local network has set the default gateway IP address on your local network to fe80::1 which is unusual; Quote One method to make things easier is to manually assign the link-local address to the upstream router’s interfaces. If you assign the link-local address FE80::1 on each of its interfaces and if that link-local address is unique on each of those LAN segments, then this becomes the default gateway for the hosts on those LANs. https://blogs.infoblox.com/ipv6-coe/fe80-1-is-a-perfectly-valid-ipv6-default-gateway-address/ Additionally, fe80::1 works for IPv4 gateway assignment; Quote What's neat is that it's also a perfectly valid IPv4 gateway address now. (Because, as the post mentions, it's only used to discover the MAC address.) ip route add 0.0.0.0/0 via inet6 fe80::1 dev eth0 https://www.reddit.com/r/ipv6/comments/ne7w8c/fe801_is_a_perfectly_valid_ipv6_default_gateway/ Something happened on your PC local network that caused the default gateway address to be set to 127.0.0.1 which is the IPv4 localhost default address which caused Eset to go bonkers. One possibility this is occurring is when Eset firewall processing set up your network connection, it had trouble identifying your network parameters such as assigned router IPv4/IPv6 gateway addresses and defaulted to using network adapter MAC address. This would explain the fe80::1 usage. Edited September 16, 2023 by itman Link to comment Share on other sites More sharing options...
EffieFrag 0 Posted September 16, 2023 Author Share Posted September 16, 2023 I see I'll be honest, I didn't understand a lot of what you said but i appreciate you spending time to help me out. So does that mean there's nothing to worry about? Link to comment Share on other sites More sharing options...
itman 1,741 Posted September 16, 2023 Share Posted September 16, 2023 I would say at this point that your router/gateway is screwed up. It is either malfunctioning or has been hacked. Perform a hard reset of the router/gateway and hopefully, that will straighten things out. Link to comment Share on other sites More sharing options...
EffieFrag 0 Posted September 16, 2023 Author Share Posted September 16, 2023 Thank you for your help Link to comment Share on other sites More sharing options...
Recommended Posts