the site is:
is it false?
Wlcome to Avast! forum.
Copy/paste VT report to see.
What does it say Avast! alert ? Cold you attach Avast! alert ?
Also write the whole address, but make it inactive. Like this; hXXp:// because I could not find that web site.
Ok. Scuri SiteCheck throws a couple of warnings for that site:
http://sitecheck.sucuri.net/results/http://www.couponso.net/
It is not a F/P from Avast!
Wait until tomorrow for Pondus and Polonus to investigate deeper.
Thanks, it was fast response.
I would like to know if it is dangerous for us, afaik that site is affiliate marketing website.
URLVoid HTML scan on - couponso.net
http://vscan.novirusthanks.org/analysis/6bb61e3b7bce0931da574d19d1d82c88/aW5kZXg=/
As I check with urlQuery, it states that there are no JavaScript writes or anything an ordinary site would do.
What is your relationship with the service? How does the service support your site?
Why does it have to be in a hidden iframe?
I do not see anything in the de-obfuscated javascript code there.
Also not by analyzing what is flagged by Sucuri’s: hxtp://clients.bluecava.com/data?p=D440F31E-EDE7-4BB2-B328-
The only scan that gives a possible issue on this shopping site is BrightCloud Reputation Analysis, with a rep index of yellow 50: Moderate Risk
There is some probability that the user will be exposed to malicious links or payload. Avast blocks it through the Network Shield as URL:Mal when trying to go there via malzilla. But the IP is in the Offensive IP Database: htxp://www.bizimbal.com/odb/details.html?id=1145442 but since 2012-03-12 13:34:38 most of the malware response for that IP has been either closed or is dead. There are 49 Blacklisted URLs on that Autonomous System and what is/has been out there?
Hosts…
…malicious URLs? Yes
…badware? Yes
…botnet C&C servers? Yes
…Current Events? Yes
polonus