Malicious URL Alert

system · August 16, 2012, 5:23pm

The network shield is blocking a URL and I wanted to try to figure out if it is a false alarm.

URL Visited:

http://rpgkickstarters.tumblr.com/

URL Blocked:

http://www.professionalwebcounter.com/5774577-D22D783554A390F7A4B96A88D9124BE6/counter.img?theme

mikaelrask · August 17, 2012, 6:39am

welcome to the forum. you could upload it to virustotal.com and post the result here.

Pondus · August 17, 2012, 6:50am

suspicious inline script found
http://www.unmaskparasites.com/security-report/

not able to copy an paste the scan link from ipad, so you have to do it to see the result
click the link above, then enter the first url you posted

mikaelrask · August 17, 2012, 3:07pm

hey pondus thanks for dropping in on the thread.

Donovan · August 17, 2012, 9:39pm

The IP 213.108.252.185 is known malicious.

Looks like valid detection.

gladtobegrey · October 22, 2012, 8:29am

I’ve had a similar warning for

www.professionalwebcounter.com/1664345-02E57F16876C932B5864D978B51E1CAD/counter.img?theme

on my kid’s school website.

www.e-fensive.com lists it as a known malware pest, but scanning it with virustotal.com came up with nothing. I’ve reported it to the school’s IT team for further investigation.

polonus · October 22, 2012, 1:13pm

Yes a malware site with a MALWARE-CNC Win.Trojan.Zeroaccess variant outbound communication IDS alert,’
Bitdefender’s TrafficLight also flags this also, click image…
see general malware description: http://labs-werew01f.blogspot.nl/2009/11/counter-malware-analysis.html (link Wolf Labs)

polonus

Malicious URL Alert

Announcements