I keep getting a message from Malwarebytes that says “Website blocked due to compromised.” The IP address is 122.228.19.79 and it is coming in on port 30772 trying to connect to Plex Media Server.exe. Is it safe to block that port or would that prevent legitimate users from connecting?
| IP Address | 122.228.19.79 |
|---|---|
| Country | China [CN] |
| Region | Zhejiang |
| City | Wenzhou |
| Coordinates of City | 27.999420, 120.666820 (27°59’58"N 120°40’1"E) |
| ISP | Hangzhouzhiyukejico. Ltd |
| Local Time | 30 Jun, 2020 05:22 AM (UTC +08:00) |
| Domain | chinatelecom.com.cn |
| Net Speed | (COMP) Company/T1 |
| IDD & Area Code | (86) 0577 |
| ZIP Code | 325003 |
| Weather Station | Wenzhou (CHXX0462) |
Saw this on on another thread. It is gathering some metadata from archive.org. Not to worry, just allow it through.
I am also getting a malwarebytes notification for ia902800.us.archive but when I check the ip address provided a few engines report it as a phising site https://www.virustotal.com/gui/url/d66aae0e51978bb342d67e1652647c610492cbc4171aec1628623909ec308c23/detection
Archive.org is hosting music album covers for musicbrainz.org
Which is why Plex is accessing it.
All those malware scanners are categorizing archive.org in general as malicious because a few years ago some miscreants were misusing it to host malware.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
