Background connections that should be blocked?

  1. http://toolbar.netcraft.com/site_report?url=http://tlb.hwcdn.net
    and been reported 19 times: https://www.abuseipdb.com/check/69.16.175.10
    malicious host: https://otx.alienvault.com/indicator/ip/69.16.175.10/
    on IP: https://www.herdprotect.com/ip-address-69.16.175.10.aspx
    and https://www.threatminer.org/host.php?q=69.16.175.10
    adware mainly and tracking: http://www.malwareurl.com/ns_listing.php?as=AS20446
    https://www.threatcrowd.org/ip.php?ip=69.16.175.10

  2. Not blacklisted? IP Address: -94.31.29.55
    [ IP Lookup ]
    Hostname: -94.31.29.55.IPYX-077437-ZYO.above.net
    IP Location: - United Kingdom (GB)
    ISP: Zayo Group EU Limited
    Organization: netDNA

but malware reported on that IP: https://cymon.io/94.31.29.168

polonus

That malware tracker is still active: -94.31.29.55.IPYX-077437-ZYO dot above dot net
Re: https://www.abuseipdb.com/whois/94.31.29.55
and http://toolbar.netcraft.com/site_report?url=94.31.29.55.IPYX-077437-ZYO.above.net
https://cymon.io/94.31.29.55 Lu Lan Shanghai’s disrupting ongoing spam abuse for ye all.
Read: https://groups.google.com/forum/#!topic/news.admin.net-abuse.email/N-5exO_i2fI

polonus (volunteer wbsite security analyst and website error-hunter)