Malicious URL

[FirstDuc-1098]

everytime I navigate to NESR homepage my Trend Micro blocks a malicious url. http://http.cdnlayer.com/drivingrevenue/DR_v4.js

just started today

[FirstDuc-1098]

actually blocks it on every nav to any page of nesr

[FirstDuc-1098]

and with the blocking, web pages generate errors

Webpage error details

User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)
Timestamp: Sat, 2 Apr 2011 15:22:29 UTC


Message: Syntax error
Line: 1
Char: 1
Code: 0
URI: http://http.cdnlayer.com/drivingrevenue/DR_v4.js

[The Snowman]

Try flushing your DNS cache to see if that makes a difference.

Windows command line:

ipconfig /flushdns

Mac OS Command line:

dscacheutil -flushcache

[FirstDuc-1098]

same
and nesr is the only place I see this

[Frankenstein]

We do use Driving Revenue code on this site, it just appends an affiliate code to any qualifying outbound links. It's been on the site for over a year and it's been the same code all along so I think it's just a false positive.

[Frankenstein]

DrivingRevenue/VigLink just released new code and NESR has been updated. Here's an excerpt of the email explaining the issue:

Yesterday we detected that TrendMicro labeled content hosted on one of the shared hosting domains we use as malicious. The content was unrelated to VigLink, but as a result, sites whose VigLink code references the shared domain are showing a warning when visitors load the page.

[FirstDuc-1098]

yep, that fixed it. thanks Josh

[Frankenstein]