http://60.210.11.231/
The Web Shield deems it harmful, do you know what it is?
http://myip.ms/view/ip_addresses/1020398336/60.210.11.0_60.210.11.255
http://cnc-noc.net/mail/login.action
Not sure
IP is blacklisted by dev.null.dk and spamsources.fabel.dk
seems to be an empty site now…click picture. http://www.urlquery.net/report.php?id=1398514275777
http://60.210.11.231/lvs/banner_1.jpg quoted from the Web Shield report
Perhaps this file exists.
it does…pic of a nice girl. 
http://www.urlquery.net/report.php?id=1398515062630
But it is not a banner at all!
?
It is an advertisement for express delivery of documents, the words are in Chinese.
Do you think it is false positive?
see my first post… from the IP ban blacklist, it seem it may have to do with spam
What do you think will happen if I visit the URL after disabling the Web Shield?
nada i guess… and the pic file is clean according to VT… 5 month old scan
but dont come back complaining if i am wrong.
See all threats here: http://threatstop.com/checkip → 23 minutes ago threats MODIFIED ITAR, ITAR, CHINA threat level 1.
See: Up(nil): APNIC CN 60.210.11.231 to 60.210.11.231 60.210.11.231
See: http://toolbar.netcraft.com/site_report?url=60.210.11.231%2Flvs%2Fbanner_1.jpg (Risk rate 10 out of 10 RED)
htxp://60.210.11.231/file/MDAwMDAwMDGSJcByiJiZn3rq0LglSSlmpMcl_EJPHghyPvUhjxW-2w…/209c2a443f46eb26807ff78378f7ad8d17d786cd/10958773-vxd-UG& → https://www.virustotal.com/nl/url/486f4c473bf280bd41c5cc62f02f4272e424f7c7211f583249061b3fe93e2668/analysis/1398518686/
url after redirect: htxp://60.210.11.231/lvs/redirect.html?kne=&d=0823C937 (flagged by avast! Webshield as URL:Mal).
→ http://urlquery.net/report.php?id=1398515062630
Trying to redirects to: htxp://www.dbank.com/ping.php?js=all?v=1.26.23"%3B → htxp://www.dbank.com/ping.php?js=base
Emisoft is the only one to flag next to avast! shield.
pol
P.S. Everybody should be aware of the banner abuse by Zeus: http://www.gfi.com/blog/beware-malware-banner/
link article author = Mohammed Ali (actually old info from 2011, then new but now still actual)
D
After disabling “Block malware URLs” I could download and save the banner on http://60.210.11.231/lvs/banner_1.jpg
It read “NO THREAT FOUND” after manual scanning
The URL might have been blacklisted mistakenly.
Hi,
This IP was blocked 21. June 2013, 11:38 because of this file we spotted:
hxxp://60.210.11.231/file/mdawmdawmdhmzntt3gw_6vm8w34pwr1wsbqbat_3thhkqpgcslagnq…/ba97b7fbf4ab948d7ceb62df1626d016fbc97/%e9%97%ae%e9%97%ae%e5%ad%a6%e5%a0%82%e8%87%aa%e5%8a%a8%e7%ad%94%e9%a2%98%e5%99%a8beta%203.85.rar?key=aaabqfhcyxi8vv6i&p=&a=4022865-af11
I hope the infection has been cleared already, so I am unblocking the IP now;-).
Honza
Do you mean avast will block a whole site just because a single file is infected?
I certainly hope so. I know I don’t want to wind up with the infected file on my system. 
I personally can’t think of any site that is so important that I need to visit it if it contains infections of any kind.
Do you mean “wind up the computer with the infected file”?
Hi Matthew_Wai,
One file on a site means an infested site that could then infest users that come to visit that site. Do we want to infest visitors of our site. No, we do not. So we have to cleanse the files first, yes even when there is one infested file, and then the site can become unblocked and visitors can come again to the site.
Is that so hard to imagine? 是這樣的,很難想像?
polonus
Hi polonus,
It is not hard to imagine zero tolerance when it comes to infection.
But I can’t imagine why you could 寫中文字,你是中國人嗎?
Psstt, there are online translators. ;D