Help - Search - Members
Full Version: Suspicious URLs
Kaspersky Lab Forum > English User Forum > Protection for Home Users > Kaspersky Internet Security & Anti-Virus for Windows
Howard Kaikow
I am concerned about the suspicious URLs below.

Using tracert, https.edge.ru4.com resolves to http://vspd1.ttn.xpc-mii.net/index.html,

What is *.122.2o7.net?
What is switch.atdmt.com?

Is there a way to make a rule that excludes ALL from doubleclick?

11/23/2006 8:22:00 Server 72.246.183.132 returned invalid certificate. Certificate Name home.americanexpress.com.
11/23/2006 8:24:48 The outgoing enrypted connection to server 72.246.183.132 on port 443 will be checked for viruses by certificate substitution.
11/23/2006 8:25:28 Server 72.246.126.232 returned invalid certificate. Certificate Name secure.americanexpress.com.
11/23/2006 8:26:46 The outgoing enrypted connection to server 72.246.183.132 on port 443 will be checked for viruses by certificate substitution.
11/23/2006 8:27:32 Encrypted connection to server 66.150.208.9 on port 443 failed. Certificate Name *.122.2o7.net.
11/23/2006 8:27:32 Encrypted connection to server 65.206.60.124 on port 443 failed. Certificate Name https.edge.ru4.com.
11/23/2006 8:27:45 Encrypted connection to server 65.206.60.124 on port 443 failed. Certificate Name https.edge.ru4.com.
11/23/2006 8:27:49 Server 216.39.69.71 returned invalid certificate. Certificate Name switch.atdmt.com.
11/23/2006 8:27:50 Encrypted connection to server 65.205.8.183 on port 443 failed. Certificate Name fls.doubleclick.net.
DVi
I think you have opened the page on americanexpress.com server with a lot of banners or scripts from 122.2o7.net, ru4.com, atdmt.com and doubleclick.net servers.
Howard Kaikow
QUOTE(DVi @ 23.11.2006 09:37)
I think you have opened the page on americanexpress.com server with a lot of banners or scripts from 122.2o7.net, ru4.com, atdmt.com and doubleclick.net servers.
*



Me too.

I just spoke to American Express.

I want to exclude those critters.
dawgg
KIS>settings>Anti-Spy>AntiBanner>settings>BlackList...
add the following:
*.122.2o7.net
switch.atdmt.com
https.edge.ru4.com
*.doubleclick.net
http://vspd1.ttn.xpc-mii.net/index.html
If it causes problems browsing other sites, remove them from blacklist again
Howard Kaikow
QUOTE(dawgg @ 23.11.2006 10:42)
KIS>settings>Anti-Spy>AntiBanner>settings>BlackList...
add the following:
*.122.2o7.net
switch.atdmt.com
https.edge.ru4.com
*.doubleclick.net
http://vspd1.ttn.xpc-mii.net/index.html
If it causes problems browsing other sites, remove them from blacklist again
*


I am using KAV.
dawgg
May be able to do it using host files, but i dont know how to make wildcards with them sad.gif ... hopefully someone else can enlighten us with how or any other ideas
Howard Kaikow
QUOTE(dawgg @ 23.11.2006 11:16)
May be able to do it using host files, but i dont know how to make wildcards with them :( ... hopefully someone else can enlighten us with how or any other ideas
*


Host files
Howard Kaikow
Found another bad web site.
With monitorng of encrypted connections enabled, does not let me log-in, apparently because I tell KAV to notaccept certificate from *.hitbox.com.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.