Jump to content

I keep getting this pop up


EffieFrag

Recommended Posts

Ever since I turned on my computer today i've been repeatedly getting this pop up about "Address has been blocked"

It's at 1,000 messages and it's freaking me out 😅

I'm using Firefox as a browser and I do have some add ons but nothing i've added recently
I also did a computer scan but it's clean.

 

Should I be concerned? How can I get rid of it? Please help 😭

ZXaxL07.png

Link to comment
Share on other sites

  • Administrators

It's strange that the IP address is localhost as the hostname normally resolves to 103.247.11.166.

Do you have any application or extension installed that might access the website in question?

image.png

Link to comment
Share on other sites

14 minutes ago, Marcos said:

It's strange that the IP address is localhost as the hostname normally resolves to 103.247.11.166.

Do you have any application or extension installed that might access the website in question?

image.png

Not as far as I know. No apps or extensions, I definitely have some academic journals downloaded but i've never visited that website before.

Link to comment
Share on other sites

A couple of possibilities here for this activity;

1. Something has modified your Win hosts file.

2. Something has set up a hidden localhost proxy server on your device.

Pertaining to 1)., open this file, C:\Windows\System32\drivers\etc\host, using Notepad. On Win 10, the only entries that should exist in the file are shown below;

Eset_Hosts.png.4f4dc21562eec7de92869ce2a91bb5e5.png

If anything else exists in the your hosts file, post a screen shot of what is contained in the file.

Link to comment
Share on other sites

Also, open a command prompt window.

1. Enter this command, nslookup journal.stikosa-aws.ac.id

Take a screen shot of the output.

2. Enter this command, nslookup google.com

Take a screen shot of the output.

Post both screen shots.

Link to comment
Share on other sites

It seems to have stopped on it's own, I don't know if that's good or bad.

 

19 hours ago, itman said:

A couple of possibilities here for this activity;

1. Something has modified your Win hosts file.

2. Something has set up a hidden localhost proxy server on your device.

Pertaining to 1)., open this file, C:\Windows\System32\drivers\etc\host, using Notepad. On Win 10, the only entries that should exist in the file are shown below;

Eset_Hosts.png.4f4dc21562eec7de92869ce2a91bb5e5.png

If anything else exists in the your hosts file, post a screen shot of what is contained in the file.

It looks exactly the same as your screenshot
 

 

16 hours ago, itman said:

Also, open a command prompt window.

1. Enter this command, nslookup journal.stikosa-aws.ac.id

Take a screen shot of the output.

2. Enter this command, nslookup google.com

Take a screen shot of the output.

Post both screen shots.

here you go

52sN0Sm.png

11PlSzZ.png

Link to comment
Share on other sites

I believe I know what happened but don't know why it occurred.

It appears you, your ISP, or whomever configured you local network has set the default gateway IP address on your local network to fe80::1 which is unusual;

Quote

One method to make things easier is to manually assign the link-local address to the upstream router’s interfaces.  If you assign the link-local address FE80::1 on each of its interfaces and if that link-local address is unique on each of those LAN segments, then this becomes the default gateway for the hosts on those LANs.

https://blogs.infoblox.com/ipv6-coe/fe80-1-is-a-perfectly-valid-ipv6-default-gateway-address/

Additionally, fe80::1 works for IPv4 gateway assignment;

Quote

What's neat is that it's also a perfectly valid IPv4 gateway address now. (Because, as the post mentions, it's only used to discover the MAC address.)

ip route add 0.0.0.0/0 via inet6 fe80::1 dev eth0

https://www.reddit.com/r/ipv6/comments/ne7w8c/fe801_is_a_perfectly_valid_ipv6_default_gateway/

Something happened on your PC local network that caused the default gateway address to be set to 127.0.0.1 which is the IPv4 localhost default address which caused Eset to go bonkers.

One possibility this is occurring is when Eset firewall processing set up your network connection, it had trouble identifying your network parameters such as assigned router IPv4/IPv6 gateway addresses and defaulted to using network adapter MAC address. This would explain the fe80::1 usage. 

Edited by itman
Link to comment
Share on other sites

I would say at this point that your router/gateway is screwed up. It is either malfunctioning or has been hacked. Perform a hard reset of the router/gateway and hopefully, that will straighten things out.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...