1

Firewall Security Alert

During the last weeks, loading Allmusic.com pages on my local macs causes an Alert in firewall logs (CheckPoint Quantum Spark 1550, last firmware) about Bot activities:

Scanning locally for malware has no results and the alert only appears when accessing allmusic.com ! As i could not explain that Google DNS is asked for a malware site url it seems appropriate to report that.


kind regards,

--
Guenther Albrecht

5 replies

GA

No, it did not trigger the alert - but i did try other Allmusic pages and the issue did not re-occur yesterday ! It could well be that this false positive URL filtering result has been resolved/taken from blacklist by CheckPoint or removed by Google.kind regards,

--
Guenther Albrecht
CCSE CCTE CCSM SMB Specialist
Arrow ECS GmbH A-1100 Wien, Wienerbergstrasse 11

One more question if you have the time: Do you ever receive the warning if you visit this particular page:
https://www.allmusic.com/style/bop-ma0000002457 

GA

Breitmaul (10.0.0.2) is my local Mac that browses your site.

kind regards,

--
Guenther Albrecht

Can I ask a question about your findings?

The top of the screenshot indicates "Breitmaul (10.0.0.2) is infected..." can you tell us what Breitmaul refers to? It isn't a page on AllMusic, and we can't seem to identify what that refers to.

The 8.8.8.8 referenced is Google DNS and we are running Google ads on our site (a new partnership that launched a few weeks ago), so that may be related.

We'll take a look.

Thanks for the detailed information.