Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
1 edit | reply to Its a Secret
Re: Malware on grandcanyonskywalk.com or FP?
Do you get the alert if you goto the FLASH file directly?
»www.grandcanyonskywalk.com/main.swf |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
 ·RoadRunner Cable
| reply to CajunTek
said by CajunTek  :Interesting stuff here.. Tried at home with KAV and IE 8.. get similar results.. At work with Norton... site opens right up in IE 6.. hmmm With IE8 and NIS I get the ''cannot initialize site'' page.
What Norton are you using with IE6 ?
--
Proud Member of ASAP
DSLR Phishtracker |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31 | reply to Mele20
Noscript does the same thing in Fx.
--
"Facts not FUD!" |
|
NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
Murfreesboro, TN
 ·AT&T Southeast
 ·Vonage
 ·Cingular Wireless
·AT&T CallVantage
1 edit | reply to Its a Secret
said by Its a Secret :I got the same thing: *** Can't find address for server webaliser.net: Server failed Interesting. Why would replying to your post trigger this? Because I posted the iframe url link, and apparently just seeing that code (even though it is only text in the DSLR [code]...[/code] posting) is enough to trigger the Avast! warning alarm (just as it is sufficient to trigger the same alarm on the grandcanyonskywalk.com site even though the webaliser.net is not actually reachable),
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
»portscan.dcs-net.net
»nature-pics.com |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
1 edit | reply to NetFixer
I got the same thing:
*** Can't find address for server webaliser.net: Server failed
Interesting. Why would replying to your post trigger this? |
|
NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
1 edit | reply to GuruGuy
said by GuruGuy :Still getting the av alert after clicking the english flag after the flash page loads..................still an issue. Interesting, I don't see an english flag even after I allow the flash file to load and also allow the webaliser.net iframe code.
Just out of curiosity, what do you get if you do a nslookup webaliser.net?
Oops, nevermind. I just reread all of your posts in this thread, and you were not using the OP's url to get to the site. Clicking on the flag image from your url however, takes you to the OP's page.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
»portscan.dcs-net.net
»nature-pics.com |
|
NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
| reply to Its a Secret
said by Its a Secret :said by NetFixer :Try flushing your browser and/or DNS cache, and see if you still get the alert message. Have done that. Intersting though, I went to reply to you and got the Avast! virus alert! Perhaps Avast! is simply triggering on the webaliser.net iframe link code based on an assumption that anything at webaliser.net is bogus. Just out of curiosity, what do you get if you do a nslookup webaliser.net?
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
»portscan.dcs-net.net
»nature-pics.com |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
·Shaw
1 edit | reply to NetFixer
said by NetFixer :Try flushing your browser and/or DNS cache, and see if you still get the alert message. Have done that. Intersting though, I went to reply to you and got the Avast! virus alert!
--
"In the future, that which is not mandatory will be illegal"
"Nobody knows the age of the human race, but everybody agrees that it is old enough to know better" - Anonymous |
|
GuruGuy
join:2002-12-16
Atlanta, GA
| reply to CajunTek
said by CajunTek :Interesting stuff here.. Tried at home with KAV and IE 8.. get similar results.. At work with Norton... site opens right up in IE 6.. hmmm That's norton for you
--
GuruGuy |
|
GuruGuy
join:2002-12-16
Atlanta, GA
| reply to NetFixer
said by NetFixer :said by Its a Secret :No, it's still there. The code on the grandcanyonskywalk.com web site may still be there, but webaliser.net is no longer to be found (at least with the DNS servers I use/tried).
webhost:/ # nslookup webaliser.net
Server: 192.168.10.1
Address: 192.168.10.1#53
** server can't find webaliser.net: SERVFAIL
webhost:/ # nslookup webaliser.net 68.94.156.1
Server: 68.94.156.1
Address: 68.94.156.1#53
** server can't find webaliser.net: SERVFAIL
webhost:/ # nslookup webaliser.net 208.67.222.222
Server: 208.67.222.222
Address: 208.67.222.222#53
** server can't find webaliser.net: SERVFAIL
webhost:/ # ping webaliser.net
ping: unknown host webaliser.net
Try flushing your browser and/or DNS cache, and see if you still get the alert message. Still getting the av alert after clicking the english flag after the flash page loads..................still an issue.
--
GuruGuy |
|
CajunTek
Insane Cajun
Premium,MVM
join:2003-08-08
Arlington, TX | reply to Grail Knight
Interesting stuff here.. Tried at home with KAV and IE 8.. get similar results.. At work with Norton... site opens right up in IE 6.. hmmm
--
da Cajun Darn I hate Malware |
|
NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
Murfreesboro, TN
·AT&T Southeast
·Vonage
·Cingular Wireless
·AT&T CallVantage
2 edits | reply to Its a Secret
said by Its a Secret :No, it's still there. The code on the grandcanyonskywalk.com web site may still be there, but webaliser.net is no longer to be found (at least with the DNS servers I use/tried).
webhost:/ # nslookup webaliser.net
Server: 192.168.10.1
Address: 192.168.10.1#53
** server can't find webaliser.net: SERVFAIL
webhost:/ # nslookup webaliser.net 68.94.156.1
Server: 68.94.156.1
Address: 68.94.156.1#53
** server can't find webaliser.net: SERVFAIL
webhost:/ # nslookup webaliser.net 208.67.222.222
Server: 208.67.222.222
Address: 208.67.222.222#53
** server can't find webaliser.net: SERVFAIL
webhost:/ # ping webaliser.net
ping: unknown host webaliser.net
Try flushing your browser and/or DNS cache, and see if you still get the alert message.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
»portscan.dcs-net.net
»nature-pics.com |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny | reply to munky99999
No, it's still there. |
|
munky99999
Munky
join:2004-04-10
canada
clubs: | reply to Its a Secret
Has been fixed or something. I cant seem to find any problems. |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny | reply to GuruGuy
Yes, I did fire off an email referencing this thread to them. |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31 | reply to GuruGuy
I see I will check it out later then with the manual input.
Thanks.
--
"Facts not FUD!" |
|
Woody79_00
join:2004-07-08
united state
| reply to GuruGuy
I am also running Avira but
when i loaded that page, the HAVP(Http Antivirus proxy) running ClamAV on my pfsense box(which scans all traffic passing though my pfsense box with clamav) threw up this warning before Avira even got a chance to do anything
"This page was blocked because it contained the following virus: PUA JS.Obfus-2
So I would say its infected... |
|
GuruGuy
join:2002-12-16
Atlanta, GA
| reply to Grail Knight
said by Grail Knight :Fx v3.5.1 says it "Can not initialize." Mine did too at first, then I typed it in as
www.grandcanyonskywalk.com
And it worked. After I clicked the little English button below I got the Avira warning.
--
GuruGuy |
|
Grail Knight
Who Dares Wins
Premium
join:2003-05-31 | reply to Its a Secret
Fx v3.5.1 says it "Can not initialize."
--
"Facts not FUD!" |
|
GuruGuy
join:2002-12-16
Atlanta, GA
1 edit | reply to Its a Secret
I get this from avira:
Requested URL: www.grandcanyonskywalk.com/mainmenu.html
Information Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
--
GuruGuy |
|
