Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
2/14/2020 9:17:11 PM,High,An intrusion attempt by pesthole5.online was blocked.,Blocked,No Action Required,Web Attack: Fake Tech Support Website 263,No Action Required,No Action Required,"pesthole5.online (85.17.31.152, 80)","pesthole5.online/ln/bFQ3D8axeWStBZVLEe2sLYWRF8WFUQwnIu.6Pl49WI9.GXsjj2XGcV9AX_AWhsP3rRLbKTAdUvzRLsy0qicJiYxVAB0J3afR9W4pcuWYh6Jh.T2renPvsG3H.AVSIZsDfZ5yP5kDGv0wXs7UxVodJimAYWBd3rJJmPVm2cllco3N9zJHCdt0eTVKefR53qeEXiXm2Ah.igVBiii0Yr0nr6HlNfAHNVYHiqdWvr731Eml5URJb0HEeVXzVkqNmtTgFzGs_c8op8zieivX2e8DLSDrnUOTEys6iaA3kR0RTFrQhTbtThoOEsNK_FjxU7JTiKgnuszOaSQ9JAuFbLQ_fTPudWekdj7j1OU7sNHDE49uZL0a2UewwuxyeAtN692xD4wwBbVDAlT1dHULdy_ciX0FZEK3KSfuAHv6NDc8xXsqq.qq","AL-KIDDER (10.1.1.168, 63643)",pesthole5.online (85.17.31.152),"TCP, www-http"
Network traffic from <b>pesthole5.online/ln/bFQ3D8axeWStBZVLEe2sLYWRF8WFUQwnIu.6Pl49WI9.GXsjj2XGcV9AX_AWhsP3rRLbKTAdUvzRLsy0qicJiYxVAB0J3afR9W4pcuWYh6Jh.T2renPvsG3H.AVSIZsDfZ5yP5kDGv0wXs7UxVodJimAYWBd3rJJmPVm2cllco3N9zJHCdt0eTVKefR53qeEXiXm2Ah.igVBiii0Yr0nr6HlNfAHNVYHiqdWvr731Eml5URJb0HEeVXzVkqNmtTgFzGs_c8op8zieivX2e8DLSDrnUOTEys6iaA3kR0RTFrQhTbtThoOEsNK_FjxU7JTiKgnuszOaSQ9JAuFbLQ_fTPudWekdj7j1OU7sNHDE49uZL0a2UewwuxyeAtN692xD4wwBbVDAlT1dHULdy_ciX0FZEK3KSfuAHv6NDc8xXsqq.qq</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\WINDOWS\SYSTEM32\MICROSOFTEDGECP.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.
On this site, yesterday and today, I keep getting redirected away while playing. Norton pops up on the screen to tell me it has blocked a malicious tech support site.
Only happening on this site, so anybody else seeing it?