Hi,
I recently migrated my server to a new host due to the fire that happened at the OVH datacenter, but the site was blocked for a friend of mine when he tried to visit the site.
Below is the output of the log file.
C6171A7D91B75403634CA7A48B6E917B25658A08F5C70FC30490E7DFDD7D0D30
{
"applicationVersion" : "4.3.0.98",
"chromeSyncResetQueryRequested" : false,
"chromeSyncResetQueryResult" : false,
"clientID" : "",
"clientType" : "other",
"componentsUpdatePackageVersion" : "1.0.1217",
"coreDllFileVersion" : "0.0.0",
"cpu" : "x64",
"dbSDKUpdatePackageVersion" : "1.0.38309",
"detectionDateTime" : "2021-03-17T23:22:50Z",
"fileSystem" : "NTFS",
"id" : "b0b01c0a-8777-11eb-a21b-180373423531",
"isUserAdmin" : true,
"licenseState" : "trial",
"linkagePhaseComplete" : false,
"loggedOnUserName" : "System",
"machineID" : "",
"os" : "Windows 10 (Build 19041.867)",
"schemaVersion" : 17,
"sourceDetails" : {
"type" : "mwac"
},
"threats" : [
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "block",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "b0b0431a-8777-11eb-88d8-180373423531",
"isPEFile" : false,
"isPEFileValid" : false,
"linkType" : "none",
"objectMD5" : "",
"objectPath" : "",
"objectSha256" : "",
"objectSize" : -1,
"objectType" : "website",
"resolvedPath" : "",
"websiteData" : {
"blockType" : 15,
"ip" : "198.13.51.45",
"isInbound" : false,
"port" : 443,
"processPath" : "C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe",
"url" : "whoturgled.com"
}
},
"ruleID" : -1,
"ruleString" : "",
"rulesVersion" : "0.0.0",
"srcEngineComponent" : "unknown",
"srcEngineThreatNames" : [
],
"threatID" : -1,
"threatName" : ""
}
],
"threatsDetected" : 1
}
