IP Blacklist removal help

Post your questions about DNS based blacklists, what they are, listing status, and removal help.
Post Reply
traber
Junior Member
Posts: 5
Joined: Sun Apr 14, 2024 11:47 am

IP Blacklist removal help

Post by traber »

I've been making changes to my ISP (Xfinity) lately (changing speed, new modem, etc.) When I get a new IP address due to these changes, every time it is blacklisted on two servers:

dnsbl.sorbs.net
dul.dnsbl.sorbs.net

This prevents me from accessing such sites as homedepot.com; ebay; lowe's, united airlines and others.

I don't know why these IPs that Xfinity keeps giving me are blacklisted. I have no servers running and am a light internet user.

After trying to do research, wondering if I should I create an account on sorbs.net and try to get them removed? Please advise.

Thank you.
User avatar
Chrispcritters
Forum Administrator
Posts: 2914
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: IP Blacklist removal help

Post by Chrispcritters »

The SORBS DUL listing (which rolls up into the other) is just an indicator that your IP address is dynamically assigned, which is not suitable for operating your own mail server.

It's not designed to be used to block people from accessing consumer websites.

There is no need to create an account with SORBS.

Can you provide the error message you are seeing when attempting to visit those sites?
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.
traber
Junior Member
Posts: 5
Joined: Sun Apr 14, 2024 11:47 am

Re: IP Blacklist removal help

Post by traber »

I get "Access Denied" messages for the sites I mentioned. For example, from United Airlines:

Access Denied
You don't have permission to access "http://www.united.com/" on this server.
Reference #18.dda86468.1713198432.4f921b9

https://errors.edgesuite.net/18.dda8646 ... 32.4f921b9
User avatar
Chrispcritters
Forum Administrator
Posts: 2914
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: IP Blacklist removal help

Post by Chrispcritters »

That appears to be an error message generated by Akamai, a Content Delivery Network (CDN), that provides a front-end layer of security and performance for many companies.

You can visit https://www.akamai.com/us/en/clientrep-lookup/ from your IP address to see if they'll provide more details as to why your IP address has been blocked.

You can also post your IP address here or send an email to [email protected] (and reference this post) to have someone on our team help you privately so you don't share your IP in the open.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.
traber
Junior Member
Posts: 5
Joined: Sun Apr 14, 2024 11:47 am

Re: IP Blacklist removal help

Post by traber »

I entered my IP address into the Akamai lookup and got this result:

Your IPv4 Address xx.xxx.xx.xxx received a bad risk score.

The IPv4 Address was associated with the following malicious activity:

Web Scraper


So I emailed them to investigate and I guess will wait to see if they respond.

After doing more research, it sounds like something's going on with my firewall? Not sure if it's router-based or what, but I have had the same router for over a year and nothing has changed in the last month or so other than my IP addresses due to Xfinity account changes. Also, I use Webroot, Malwarebytes and HitMan Pro security software.

Thanks for your help. If/when I hear back from Akamai, I will follow up.
User avatar
Chrispcritters
Forum Administrator
Posts: 2914
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: IP Blacklist removal help

Post by Chrispcritters »

There are a couple of possibilities:

1) The IP address currently assigned to your modem was recently assigned to someone else that had a compromised device on their network. Turning the modem and router off for at least 8 hours usually results in the ISP assigning a new IP address.

2) Assume you weren't doing scraping yourself... One or more devices on your network may be compromised by malware, this could include phones, laptops, desktops, printers, or even the router itself. If you get a new IP address and the issue does not return, this is probably not the case. If you get a new IP address, it's good for a short period of time (days), and then the issues comes back, this it sounds like a compromised device.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.
traber
Junior Member
Posts: 5
Joined: Sun Apr 14, 2024 11:47 am

Re: IP Blacklist removal help

Post by traber »

I did get a new IP address and within minutes I got "Access Denied" from homedepot.com, united.com, and others. The new IP address still just has the same two blacklists marked as in my original post (dnsbl.sorbs.net and dul.dnsbl.sorbs.net).

I have checked and rechecked all my devices for malware (but would it be blacklisted that fast if it were on my end??) I guess I just don't understand this whole system of blacklisting and I'm in over my head in trying to research. I can usual solve most of my own tech issues. Very frustrating. This just started happening to me in the last month, even before I made several changes to my Xfinity Internet account which resulted in new IP addresses being issued, all having the same problem. But the problem started a week or two before that out of the blue.

If anyone has any additional insight, please advise!
User avatar
Chrispcritters
Forum Administrator
Posts: 2914
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: IP Blacklist removal help

Post by Chrispcritters »

The DUL list says it looks like a dynamically assigned IP address, which is normal for home internet, and wouldn't be the cause of your problem.

Out of an abundance of caution, you may want to perform a factory reset on the modem/router and then make sure it's fully updated.

You could try turning off again for another 8 hours and see if the same thing happens with another newly assigned IP address.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.
traber
Junior Member
Posts: 5
Joined: Sun Apr 14, 2024 11:47 am

Re: IP Blacklist removal help

Post by traber »

Just wanted to report back that resetting my router seems to have done the trick. After 3 days, I no longer get the "access denied" messages for the various websites reported above.

Thanks for that advice. Not sure what happened with my router, must have been infected with malware of some sort. I will need to familiarize myself with how to lock it down better and how it can be checked for malware in the future.
User avatar
Chrispcritters
Forum Administrator
Posts: 2914
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: IP Blacklist removal help

Post by Chrispcritters »

I'm glad it's working without issues now.

I would ensure the firmware is current, the router's admin password is different than the WiFi password, remote admin is disabled, and uPNP (Universal Plug and Play) is also disabled. The setting may not exist for the last two, so only if it's an option.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.
Post Reply