72.167.239.239

can anyone have any idea what this ip is for? 72.167.239.239
yesterday when i was watching comodo active connection window
IE and svhost were both trying to connect to a same ip address 72.167.239.239
the ip belong to godaddy webhosting service
I bought the netbook 1 week ago, my ie is clean with only default plugin.
this happen when i browsing http://enscrypted.google.com

I don't think encrypted.google.com and svhost will have anything to do with godaddy and it's ssl verification
that's what make me so suspicious

i know a hacker who lives very close to me, he use godaddy webhost service, that's all that i know, i couldn't ask him did u hack me.

I know hacker usually need upload the victim's ip info to a webserver to keep track of them, in this case a encrypted godaddy webhost. am i right about this

 

Just block it. Go to:

Firewall\Network Security Policy\Block Zones:

Add>New Blocked Address>ipv4 or ipv6 Single Address

or ipv4 or ipv6 Address Range (see the range in Who is image).

and,

Add>New Blocked Address>Host Name

Click OK. Save configuration.

 

http://network-tools.com/

Using trace, info stops at Washington for me. A vague location?

 

It's just Go Daddy OSCP traffic. Block it and your security is reduced because your browser won't automatically verify the revocation status of Go Daddy certificates.

 

just thought similar due GoDaddy has an ip range there.
it may be the checup-up of digital certs.
GoDaddy is a contentious issue here due their latest issues.

 

FWIW, I have never seen any responses from "72 dot" IPs when I perform searches via http:// encrypted.google.com
All my encrypted.google requests are served from IP's in the 74.125.226.* range

 

thanksfor the info, I will return it to bestbuy today and request for an exchange,
I will do a complete backup before connected to the internet, do u think windows 7 default system image backup is completely safe, do it backup the system master boot and system reserve partition. is there any better alternative.
I use the option to return to gateway factory setting, after the restore, the boot menu of comodo time is still there. which makes me think the factory setting can't erase some rootkit from the computer

 

Hi Rocket!

You have come to the right forum for help!

To be candid I'm a bit unclear as to why are returning notepad to bestbuy? is it not working? What model/vendor?

The other worry I have is you may need some expert help in cleaning your system of any viri or parasites if any. Windows 7 is a good o/s so I doubt that is your problem.

What exactly is this issue? You saw some ip's that concerned you right?

Just block them all 72.167.0.0 to 72.167.255.255

Network Name GO-DADDY-SOFTWARE-INC Owner Name GoDaddy.com, Inc. From IP 72.167.0.0 To IP 72.167.255.255


BUT as you have a hacker in the region you need block him at home so to get behind a solid secured router with proper encryption if you can plug in hardwired NOT wireless hacker will be blocked.
Download what you want then disconnect. When you are out of range say 5 miles, he can do zip.

What you really need to do or have done for you is set your router to ONLY allow connections from your MAC addresses on you LAN or a guest if any.

That way the hackers MAC address won't match your router list and he is dead in the water



Backup is critical for key user data.

Good luck

 

windows 7 is safe o/s for most of people, but not for a sophisticated hacker. it's like game of hiding and seek. rookit, code injection, comos. ect, ect,

 

Don't worry. There's nothing wrong with your notebook and it's highly unlikely that the dastardly "hacker" is into your system. The godaddy requests are just certificate revocation checks as Scoobs72 said.