Jump to content

False positive?


knicks_fan
 Share

Recommended Posts

While surfing WTOP.com, a legitimate website for an all news station located in Washington, DC, ESET is

complainng about a blocked address from time to time when the page reloads.  The log records are all the

same, a sample follows:

 

9/25/2013 6:33:01 AM hxxp://delivery.globalcdnnode.com/7f01baa99716452bda5bba0572c58be9/afr-zone.php Blocked by internal blacklist C:\Program Files\Internet Explorer\iexplore.exe <company>\<userid>

 

I have had no luck contacting the webmasters of WTOP.com.  Can someone at ESET doublecheck and see

what is so offensive at the website listed in the log record above?

Link to comment
Share on other sites

https://www.virustotal.com/en/url/38b4c272d4aa4b278ee832b75cc5429e3cc61346c2206b5a8713809c7e915a96/analysis/

 

knicks , it seems the host of the domain is the trigger, not the website itself.

 

The host was subjected to threat Mal/HTMLGen-A at some point or another, which is possibly a short term for malicious html coding virus/trojan.

One company mentions Phishing.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...