Author Topic: reconsider website  (Read 7163 times)

0 Members and 1 Guest are viewing this topic.

Offline mosacr

  • Beta Tester
  • Newbie
  • *
  • Posts: 1
reconsider website
« on: July 19, 2012, 01:54:30 PM »
Dear receive a greeting my name is Randall Mora García am the general manager MOSACR a company based in Costa Rica our phone numbers are (506) 40300349 / (506) 70258750, we have been developing web projects, a few days ago the owners of the page thehorsetailor.com contacted us because he had problems with your site because different antivirus is blocking the avast each and see it as an unsafe website, we studied the same and detected with online services that actually had problems with exe file or exploit that detectava for more than we do not locate, for this reason the decision was made to purchase a new service and transfer the domain hostin action that has already been done and the page already and the new hosting, which even pay a security certificate that can be seen in the url hxtps://www.thehorsetailor.com/ but under the urls hxtp://www.thehorsetailor.com or hxtp://thehorsetailor.com customers tell us that the site continues to block access avast and others but if you guys are the responsibility is to avast thank them if they can help with this problem and we did as far as we can now depend on you.
Thanks for your help in advance.
« Last Edit: July 24, 2012, 10:19:54 AM by Milos »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83775
  • No support PMs thanks
Re: reconsider website
« Reply #1 on: July 19, 2012, 02:30:24 PM »
Avast isn't the only one considering it suspect:
http://www.mywot.com/en/scorecard/thehorsetailor.com
http://sitecheck.sucuri.net/results/www.thehorsetailor.com/
http://urlquery.net/report.php?id=96383
http://www.urlvoid.com/scan/thehorsetailor.com/

http://zulu.zscaler.com/submission/show/8a69e32310744dacdd21833f4dbb63c7-1342700186

So there is a possibility that this site has been hacked.

There is also an association to another domain in the ASN: AS10297 information - hXXp://money-fortune.org seen in link 3 above.
Also there are associations to other domains with that IP in link 4 above and 4 of those domains are infected. So there is a possibility it is also being blocked by IP and not just domain name.

This really should have been in the Viruses and Worms sub-forum, I only looked at this out of curiosity.

Please 'modify' your post change the URL from http to hXXp & www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.598) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: reconsider website
« Reply #2 on: July 19, 2012, 03:39:25 PM »
Domain has hosted various malware in the past.

<256 hours> https://www.virustotal.com/file/1067fab843499eb626f27f2adf3c0771d0b80ebf422edc3fcbcca3909cd59dfa/analysis/
<525 hours> https://www.virustotal.com/file/d7b82c76ab6f2f9e834874730ddeb8651d15ee6c0e6f438abd07957e66c5a205/analysis/
<96   hours> https://www.virustotal.com/file/2dab8685ae3ce8988f12e548e28dff8631590ca4a910f96aa6bca138917764ab/analysis/

All are 2012 incidents. This is the cause of why your site is blacklisted so highly. Did you notice that malware was on your site that long? More so it came back?
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32690
  • malware fighter
Re: reconsider website
« Reply #3 on: July 19, 2012, 06:48:15 PM »
Site has potential security risks, malicious obfuscated content found: http://zulu.zscaler.com/submission/show/705764099f33180a86cf2fe10d8df8d0-1334547776


polonus
« Last Edit: July 19, 2012, 10:51:14 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!