I use the following URL, which was blocked as Malicious Website by UTM:
de.netlog.com/.../view=advanced
This is a search page within netlog.com.
I believe that UTM is consulting TrustedSource - Internet reputation system for the reputation of that website. So I checked TrustedSource - Customer URL Ticketing System and there seems to be an issue with that URL:
Categorization in URL Filter database version '142555'
URL Status Categorization Reputation
de.netlog.com/.../s ... Categorized URL Malicious Sites High Risk
Interesting. I checked the definition of "Malicious Sites" in the Trustedsource Reference Guide:
Malicious Sites
Web pages that deploy code designed specifically to hijack your computer’s settings or activity.
This category includes self-installing applications (called “drive-by” executable file downloads), Trojan
horses, and viruses that exploit security vulnerabilities in browsers or other applications. A web page can
later lose its malicious status and be moved to another category.
This category does not include spyware/adware because of its intent. Spyware/adware covertly gathers and
sends information to another party. Malicious sites intend to take action on another computer to cause
damage. This category does not include browser exploits and malicious downloads, which are in separate
categories.
Checking the same URL again with McAfee Labs - Threat Intelligence did not show any issue, however. I also tried Wepawet (Wepawet is a service for detecting and analyzing web-based threats) and it does not show anything out of the ordinary too..
So, I wonder what is the real reason that
de.netlog.com/.../view=advancedis blocked?
Are there other tools to analyze and understand?
Again, I just want to understand the mechanisms. I do not really care about netlog :-)
Dan
This thread was automatically locked due to age.
