For the last four days, my anti-virus software has been blocking a possible virus when I visit some popular news sites. The URL flagged as a virus is a subdomain of that has a long string of random characters and looks highly suspicious. A report on VirusTotal indicates two anti-virus providers are blacklisting that domain as a malware site.

The latest site where I encountered this virus alert was a story on Stars and Stripes. I'm not embedding a link for obvious reasons, but it has the headline "Veteran, one of 4,200 mistakenly declared dead by VA, feels 'resurrected.'"

In the Google Chrome developer console, I can see that when the story is read, the URL is being loaded in an XmlHttpRequest by this JavaScript code on the news page:

<script src=""></script>
if (!navigator.userAgent.match(/StripesApp/i)) {
  var pp = { client: { config: { 'zone':"-jmtl7NTsKXjcoZnYuS2qB", 'mode':"universal", 'debug':0, 'precheck': function(){ return 1; } } } };

This code is provided by Press Plus, a company that manages newspaper subscription paywalls. I think the purpose of the script is to superimpose a box above the story that urges a reader to subscribe to the site.

The script does not have any reference to, so I don't know why it is attempting to make a connection to one of its subdomains.

I've encountered this 24 times on different news sites. I'd like to figure out why it's happening. I post a lot of links to news stories on the Drudge Retort and I can't link to a site I believe might have been compromised by a virus.

-- Rogers Cadenhead


Happens to me too. , a site with sensationalist news/media that my 10yr old has visited is hosting frame content from


I'm getting the same behavior when I visit I'm using Eset NOD32. If I try to visit their sports page,, I get a popup telling me I've used up my free visits.


Hello Roger!

You should activate moderation or spam check on your blog cause it seems that spammers are getting through.

Best regards,
a reader.


Maintain the excellent work and delivering in the crowd!


Good Webpage, Maintain the wonderful job. Thanks for your time!|


Basically want to state Now i am ecstatic I stumbled in your site!|


I love the details on your website. Thanks a ton!


Hey, good online site you have got going here.
fotballdrakter barn


Especially educational looking forward to coming back again.


Hi-ya, tidy web page you have there.
maglie calcio a poco prezzo


Thanks, this site is very practical.


I like this site - its so usefull and helpfull.
fotballdrakter barn


Wow because this is excellent work! Congrats and keep it up.


Incredible....such a beneficial online site.
billige fotballdrakter


Truly, such a useful websites.
maglie calcio poco prezzo


The tips is incredibly interesting.


You have probably the greatest web-sites.
fotbollstr?jor barn


Thanks regarding supplying these kinds of fantastic data.


Particularly educational looking forth to coming back again.


Add a Comment

These HTML tags are permitted: p, b, i, a, and blockquote. A comment may not include more than three links. Participants in this discussion should note the site's moderation policy.