Identify why I get a connection to ransomware server

network monitoring malware

I received some waring that my 'PC' might be infected because it supposedly tried to connect to two ransomware server:

http://45.33.9.234/
http://79.170.40.167/

In practice I have a MBP with MacOS 10.12.6 Malwarebytes cannot find anything. I am on a network but to print I need to switch to a different one, and I get these warning only when I switch to the printing network. I am at loss why

  1. I get the warning to start with
  2. I get warnings only when I am on a specific network and not in the other

So, how do I check what is going on? Get little snitch and keep an eye on what is doing what? any other way to scan the system that is better than Malwarebytes? Any log I can look into?


You receive this message when switching to only this network because it is likely your IT dept have a monitoring tool set upon it, which is using an API with this IP blacklisted for ransomware activity

The problem is this IP is shared across thousands of URLs and only a select few may be associated with ransomware

Related

Updating SSD firmware in old Macbooks
Unable to use full resolution of P2416D
Using the iPad dock connector to connect cameras - airplane mode - no WiFi
Bash: Replace all occurrences of a word in the last command
Periodically changing wallpaper under GNOME 3?
Finding the Windows version of a remote machine in the same network
When creating a symbolic link, how do I troubleshoot 'too many levels of symbolic links'?
Will my USB Flash Drive die sooner if I watch movies directly from it?
Dark background in LibreOffice under Windows
how to list all files and directories in given directory with full path but not recursive?
How do you increase the resize border thickness in Xubuntu 12.04?
how to install gui for debian