Please help me to remove my ip from blacklisting

Post your questions about DNS based blacklists, what they are, listing status, and removal help.
Locked
dshgoyl987
New Member
Posts: 1
Joined: Thu Dec 14, 2017 8:34 am

Please help me to remove my ip from blacklisting

Post by dshgoyl987 »

My IP address is 103.19.129.6
I am not able to open many websites and it seems that my IP address is blacklisted to many databases. I am not able to find the reason behind it.

Please guide me what can be done to rectify the issue. Thanks.
User avatar
Chrispcritters
Forum Administrator
Posts: 2578
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: Please help me to remove my ip from blacklisting

Post by Chrispcritters »

CBL indicates the followng:
This IP address was detected and listed 225 times in the past 28 days, and 23 times in the past 24 hours. The most recent detection was at Fri Dec 15 17:15:00 2017 UTC +/- 5 minutes

This IP address is infected with, or is NATting for a machine infected with a botnet, usually associated with the Avalanche malware network. This infection will probably be of the Dofoil or Gamarue malware (or one of the other Anti-Virus vendor aliases, such as: Andromeda, Smoke Loader, Win3/Dofoil, W32/Zurgop.BK!tr.dldr, Gamarue and many others

Andromeda is a very large scale malware delivery platform, using Gamarue (and other downloaders) to download malicious software to infected machines. At it's peak (Nov/Dec 2017) had more than 5 million infected machines.

Avalanche is a large-scale content and management platform also designed for the delivery of bullet-proof botnets, and used Andromeda to bootstrap. Avalanche's scale and scope spanned victims from 180 countries, over 800,000 domains in 60+ top-level domains (TLD), more than one million phishing and spam e-mails, 500,000 infected machines worldwide, and 130TB of captured and analyzed data.

There was a coordinated effort from international law enforcement agencies that included Germany's Public Prosecutor's Office Verden and the Lüneburg Police, the U.S. Attorney Office for the Western District of Pennsylvania, Department of Justice and the Federal Bureau of Investigation (FBI), Europol, and Eurojust as well as partners in ShadowServer, resulted in one of the most successful anti-cybercrime operations in recent years (late 2016).
Basically one or more machines at that IP address are infected with a malware botnet that is also being used to send massive amounts of spam.

You need to check and disinfect every machine that has access to your network, don't forget about laptops connecting via WiFi.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.
Locked