he i was reading a high regarded computer forum (via WOT and bitdefender traffic light) (notebookreview.com)
but when i refreshed the page is got a message that:
avast blocked:
ocatell.womenpjs.com.jpg
has been blacked, i refreshed again and the same message
what is this? is the site hosting this advertisment?
here is the report log
Thanks @mikaelrask
hey @mchain
i have a script blocker (well i have spywareblaster)
but i was wondering why it came up as i have used that site many times(i read it page by page everyday) and all of a sudden it has redirects , which made me thing something else was at work here
can you recommend another script blocker for chrome? or the one i have is good enough?
i dont visit bad site as i have world of trust (WOT) and bitdefender traffic light (though i want to submit a false positive to bitdefender but the forum would not let me sign up)
i would like to congrats avast for doing a good job of blocking it ( as its new and other places have it as ok but avast still blocked it (reliable )
any more advice? (i already did avast, malwarebytes and superantispyware scan)
Even well-known and reputable sites can get hacked with unwanted and malicious links that redirect to sites outside of the webpage you are currently viewing. That fact alone is why polonus will take the time to chase and track down where the malware originates from; this sort of malware linking is beyond a user’s control as the website owner needs to be notified of the issue. Doing so will make the site safer and help protect other visitors from any malware attacks as well as protect the reputation of the website.
You’ll note that the malicious link started with a .jpeg and ended with a redirect to SoftLayer Technologies. AdBlock Plus will take care of that by blocking the .jpeg from even downloading to the page you are viewing and you should not even be affected. The add-on does work in Chrome: http://adblockplus.org/en/chrome but you should know Google is now actively discouraging its use and possibly blocking install of it. I already have it installed, so…
As an aside, unless a website requires https://, do not use secure http: unless the site requires it. Online banking sites require this. Avast! WebShield cannot scan https:// for malware, just so you know. Forcing sites not designed for https:// to run as htttps:// will not result in increased security, but less, as WebShield cannot monitor the secure connection.
Looking at it with Redleg’s FileViewer, I get a redirect to: Location: htxp://waihuizhifu.com/images/124.gif
which on it it’s turn give this redirect: The location line in the header above has redirected the request to: htxp://mbm999.info/1.gif (see attached)
Same IP had this IDS alert on domain: ET POLICY Maxmind geoip check to /app/geoip.js
which is a Fraudulent IP abuse IDS detection…