Open zoon01 opened 7 years ago
Hi,
This IP is matched by these lists:
# echo 92.48.206.226 | iprange - --compare-next *.{ip,net}set | grep -v ",0$"
stdin,firehol_webserver.netset,1,64887,1,34742775,34742775,1
stdin,ransomware_feed.ipset,1,5041,1,5041,5041,1
stdin,hphosts_emd.ipset,1,25980,1,25980,25980,1
In firehol_webserver
is included because it is in hphosts_emd
.
hphosts EMD, is listing malware hostnames. One of the hostnames listed there resolves to this IP.
In general, I never filter ip lists. So, to settle this issue, you have to contact the list maintainers or fix the root cause of this listing.
If this IP is assigned to you by a shared hosting provider, it is probably that the same IP is used by other sites that are infected by malware.
So, the only action I can take, is to exclude hphosts_emd
from firehol_webserver
. However, I don't see why is could be problematic for you. firehol_webserver
is is a list to be used for protecting web servers, so unless you provide an API other web servers are expected to query, the inclusion of this IP in firehol_webserver
should not affect you.
Hi please remove ip address: 92.48.206.226 this is used by NAS4Free nas4free.org and not used for spam.
thanks, zoon01 developer NAS4Free