plecterlabs.com

[Drazhar]

www.plecterlabs.com is blocked by MBAM Pro

213.186.33.87 is the IP I see blocked when I try to access.

[MysteryFCM]

This is not an F/P. The IP has been associated with malware and exploits for some time, and indeed, still is as of this month (the latest issues were identified only yesterday)

[vincentp]

greetings, I'm the operator of plecterlabs.com. I have been experiencing quite a lot of issues with my hosting provider, ovh.com and I'm trying to understand what is the source of the problem. As far as I know I don't have any exploit running on the website, nor malware, I don't think I even host ads, just a simple os commerce website.

current problems I know : their DNS updates seems to be really problematic. I got this domain name long ago and I think I'm on mutualized hosting with tons of other websites. Is it possible that the IP associated with my website is sort of "shared" with others that could cause troubles ? The same thing happened when I had my newsletter sent by the website, it was all going thru a shared smtp, that had been associated with spammers and I got black listed.

I suppose I have options with my provider, like moving to a private server or something but I'd like first to :

- find out if I have malwares hosted on my website or not

- knowing if my "records" have been created by the domain name itself plecterlabs OR by an IP address.

- what sort of malware are we talking about

thank you

[MysteryFCM]

It's not your domain that's at issue, no, it's numerous others that have been compromised and are housing redirects to exploits, malware and redirects to other malicious content.

I'd recommend you move provider.

[vincentp]

thank you for your prompt answer. My provider is going to contact malwarebyte to identify the website, as for now, it seems it's the IP that is blacklisted and they don't know which domains are concerned. Redirections are indeed very classic, but none of them are on my website. It is really problematic that it's the IP that is recorded and not the domain name as many hosting companies split an IP over several domains for start offers.

An incident ticket has been opened for that concern and I hope it will help tracking the problematic websites with those redirections. Changing of provider is a fairly useless piece of advice as the real problems are the people who phish websites and hack accounts or exploit websites to install those redirections. Of course the provider must do something but he has to be aware of the situation. At least *I* am doing something.

I'll probably move my website to a dedicated server with a dedicated IP. In the meanwhile I suppose malwarebytes will camp on his position and that there's no way to separate my domain name from that incriminated IP. Maybe the software team will realize that an IP doens't equal a single website for creating the blacklist.

thanks