MysteryFCM

Moderators
  • Content count

    6,472
  • Joined

  • Last visited

About MysteryFCM

  • Rank
    Forum Deity

Contact Methods

  • Website URL
    http://it-mate.co.uk

Profile Information

  • Location
    Tyneside, UK

Recent Profile Visitors

59,507 profile views
  1. Unfortunately, I don't currently have that functionality available to me.
  2. There's still malicious files on that site (e.g. hxxps://www.macupdate.com/app/mac/20526/7zx) /edit I've added the missing entry to hpHosts (not sure why it wasn't in there) /edit 2 Related: https://blog.malwarebytes.com/cybercrime/2015/11/has-macupdate-fallen-to-the-adware-plague/
  3. We weren't actually blocking 9anime.to. The block on teracreative.com is however, being removed.
  4. The block was due to the domain' housing a Dropbox phish. As it currently shows as suspended, I can't verify the site has been cleaned. In saying that, as it's suspended, the block will be removed and when live again, will be re-checked, if it has indeed been unblocked, we will not put the block back again.
  5. Prior to the 3rd (today), every site on the IP, including directly on the IP itself (hxxp://107.180.1.246/~ppdtml/a/excel/index.php), was housing malicious content. Thus far, there's still been no response from GoDaddy. However, both the site and all affected domains now appear to have been cleaned up, as such, the block will be removed.
  6. This is not an F/P. There is a multitude of phishes on this IP across a variety of domains (including quite a few new ones identified today). The host has been notified.
  7. It's not an F/P, no. Their site is being abused by fraudsters. However, the block is being temporarily removed for now.
  8. To be clear, this is nothing to do with issuu.com' tech support, but with fraudulent tech support companies abusing their site to mislead victims into calling and/or going to the fraudsters sites. Never the less, the block is being temporarily removed in order to find a better method of dealing with this specific case.
  9. The block is in place because of a plethora (over 630 pages so far) of malicious content and no response from the sites owner/AS. You can add an exception for the domain if you wish (Settings -> Web Exclusions, and add the domain name you wish to unblock). If you are having issues with doing this, please contact support.
  10. Unfortunately, the site is still housing malicious content (there's been over 630 pages identified thus far). Until these are removed, the block will not be removed.
  11. This is indeed an F/P (the block was inadvertently put on the parent instead of offending hostname (associated with the Locky Ransomware)). The block will be corrected on the next update.
  12. The block is being removed on the next update.
  13. These aren't zero-day, nor are they targeted toward you by anyone. The hostname is blocked because it is involved in malvertising (malicious advertising). The JS attacks aren't attacks either, they're benign tracking etc files, used by the majority of sites and ad networks.
  14. It's blocked because TP-Link do not own the domain anymore (they let it expire a few months ago, along with a few others). When and if they register it again, it'll be unblocked.
  15. To add to Andres' post, the block was temporarily removed a day or two ago, whilst further investigation is done.