IQ123 Posted April 8 ID:1628572 Share Posted April 8 Hello, I was searching the web for some information on cyber security and came across an article from https://www.stationx.net. Resp didn't get it because Malwarebytes blocked the site as a malwer. However just to be sure I checked the url on ssltrust etc and there it came up clean. So is it a scam or not? (I'm quite interested in the article, but I certainly won't put it in the exceptions) Malwarebytes www.malwarebytes.com -Details of the log file- Protection Event Date: 08.04.24 Protection event time: 18:29 Log file: 35015c4e-f5c5-11ee-9ea7-c01850d080ff.json -Software Information- Version: 4.6.12.323 Component Version: 1.0.2309 Update component package version: 1.0.83195 License: Premium -System Information-. OS: Windows 11 (Build 22631.3296) CPU: x64 File System: NTFS User: System -Blocked site details- Malicious site: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Site Information- Category. Domain: www.stationx.net IP Address: 104.16.151.108 Port: 80 Type. File: C:\Program Files\Mozilla Firefox\firefox.exe Translated with DeepL.com (free version) Link to post Share on other sites More sharing options...
Staff TeMerc Posted April 8 Staff ID:1628585 Share Posted April 8 1 hour ago, IQ123 said: Hello, I was searching the web for some information on cyber security and came across an article from https://www.stationx.net. Resp didn't get it because Malwarebytes blocked the site as a malwer. However just to be sure I checked the url on ssltrust etc and there it came up clean. So is it a scam or not? (I'm quite interested in the article, but I certainly won't put it in the exceptions) Malwarebytes www.malwarebytes.com -Details of the log file- Protection Event Date: 08.04.24 Protection event time: 18:29 Log file: 35015c4e-f5c5-11ee-9ea7-c01850d080ff.json -Software Information- Version: 4.6.12.323 Component Version: 1.0.2309 Update component package version: 1.0.83195 License: Premium -System Information-. OS: Windows 11 (Build 22631.3296) CPU: x64 File System: NTFS User: System -Blocked site details- Malicious site: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Site Information- Category. Domain: www.stationx.net IP Address: 104.16.151.108 Port: 80 Type. File: C:\Program Files\Mozilla Firefox\firefox.exe Translated with DeepL.com (free version) Hello- We do not show either the domain nor the IP which the domain resides on in our database, was this perhaps a Browser Guard block only? Link to post Share on other sites More sharing options...
IQ123 Posted April 8 Author ID:1628587 Share Posted April 8 Hello, it's directly malwarebytes premium, see photo and log. I tried a full system scan (either malwarebytes or bitdefender) just to be sure and everything is ok, without any findings. It only does this with this site. Just to be sure, I tried again now, log: Malwarebytes www.malwarebytes.com -Details of the log file- Protection event date: 08.04.24 Protection event time: 20:42 Log file: c782df36-f5d7-11ee-85e7-c01850d080ff.json -Software Information- Version: 4.6.12.323 Component Version: 1.0.2309 Update component package version: 1.0.83195 License: Premium -System Information-. OS: Windows 11 (Build 22631.3296) CPU: x64 File System: NTFS User: System -Blocked site details- Malicious site: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Site Information- Category. Malware Domain: www.stationx.net IP Address: 104.16.151.108 Port: 443 Type. File: C:\Program Files\Mozilla Firefox\firefox.exe Translated with DeepL.com (free version) Link to post Share on other sites More sharing options...
IQ123 Posted April 8 Author ID:1628590 Share Posted April 8 I'll add "Type:Outbound" somehow it fell out of the log. I am lazy to translate the log manually and deepl somehow missed it...otherwise it is translated correctly... Link to post Share on other sites More sharing options...
Porthos Posted April 9 ID:1628635 Share Posted April 9 @TeMerc also getting this block Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/8/2024 Protection Event Time: 7:53 PM Log File: 9debee90-f60b-11ee-aa81-001a7dda7102.json -Software Information- Version: 5.1.2.109 Components Version: 1.0.1207 Update Package Version: 1.0.83207 License: Premium -System Information- OS: Windows 10 (Build 19045.4170) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: nh7dl3q4oc.onrocket.site IP Address: 104.16.150.108 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (end) Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted April 9 Root Admin ID:1628637 Share Posted April 9 I subscribe to the newsletter and I get a block too -Software Information- Version: 5.1.2.109 Components Version: 1.0.1207 Update Package Version: 1.0.83195 License: Premium -System Information- OS: Windows 11 (Build 22631.3374) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: www.stationx.net IP Address: 104.16.150.108 Port: 443 Type: Outbound File: C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (end) Link to post Share on other sites More sharing options...
Staff JPopovic Posted April 9 Staff ID:1628679 Share Posted April 9 The block will be removed. Thank you! 1 Link to post Share on other sites More sharing options...
Recommended Posts