04-06-2011 08:09 PM
hey guys, I'm having trouble accessing a website www.chandon.com to buy wine. I get the message IPS Detection Statistical Submission and An intrusion attempt by 22.214.171.124 was blocked with risk name HTTP Malicious Cookie Activity. I don't know what the signature name for this is so I can unblock it so I can buy some wine... any help or know how I can identify the signature name?
04-06-2011 08:24 PM
It is warning you that there is malicious script on the web page. It should not be ignored. The website owner needs to clean his website.
04-06-2011 08:30 PM
If Norton is actually blocking the threat and alerting you, then it is an actual threat. The Malicious Cookie Activity signature means that when you attempt to visit chandon.com you are being redirected to a site that is using a toolkit to look for vulnerabilites in the software on your system that can be used to install malware. This is exactly the sort of thing you buy Norton to protect you from. Don't try to get around the protection.
04-06-2011 08:33 PM
04-06-2011 08:37 PM
It could well be thaqt your smartphone does not have the protections against malware that Norton is providing. It does not mean that it is not there because a different device does not recognize it.
04-06-2011 08:42 PM - edited 04-06-2011 08:42 PM
Just inform them that the site is compromised and that malware is attempting to install on visitor's computers when trying to access the site. It may be an advertisement on the page, or their site may have been hacked.
04-06-2011 08:54 PM
NoScript blanks out the whole page. Unknown Iframes and a number of fls.doubleclick cookies. Chandon has been rated poorly for reliability and privacy on WOT. McAfee Site adviser gives it an okay. Use the phone rather than the computer if possible. The phone will have a different operating system.
04-08-2011 05:04 PM
I emailed them pretty much exactly what you sent me... and this was their reply:
Thank you for your email. We appreciate you alerting us to an intrusion into our website. We have reported the problem to our IT department, who is working on a permanent resolution. If you have any questions, please let us know. Sincerely,