duckjesus Posted October 5, 2020 ID:1411896 Share Posted October 5, 2020 (edited) please fix this is urgent I have a big premiere coming up. false positive thank you Edited October 5, 2020 by AdvancedSetup email address removed to prevent harvesting Link to post Share on other sites More sharing options...
Porthos Posted October 5, 2020 ID:1411905 Share Posted October 5, 2020 3 hours ago, duckjesus said: please fix this is urgent Could you give us the website link please. Link to post Share on other sites More sharing options...
duckjesus Posted October 5, 2020 Author ID:1412055 Share Posted October 5, 2020 duh! sorry. ryancamarda.com Link to post Share on other sites More sharing options...
Staff Solution Dashke Posted October 6, 2020 Staff Solution ID:1412123 Share Posted October 6, 2020 Please clean up your website first - http://files.ryancamarda.com/uploads/1/3/0/7/130775921/7e8eca1ae9f530d.pdf 1 Link to post Share on other sites More sharing options...
duckjesus Posted October 6, 2020 Author ID:1412168 Share Posted October 6, 2020 what's wrong with uploading my pdf resume? Link to post Share on other sites More sharing options...
Staff Dashke Posted October 6, 2020 Staff ID:1412169 Share Posted October 6, 2020 5 minutes ago, duckjesus said: what's wrong with uploading my pdf resume? Have you checked the actual file? Link to post Share on other sites More sharing options...
duckjesus Posted October 6, 2020 Author ID:1412175 Share Posted October 6, 2020 yes, i just checked it now, it's a normal pdf. i uploaded it myself, it's a pdf of my resume for my resume website. I don't understand what is wrong with it? Link to post Share on other sites More sharing options...
duckjesus Posted October 6, 2020 Author ID:1412176 Share Posted October 6, 2020 I just deleted the pdf from my resume. Though i really would like to understand what the issue was so that i can avoid it if i upload an updated resume, please. Link to post Share on other sites More sharing options...
duckjesus Posted October 6, 2020 Author ID:1412251 Share Posted October 6, 2020 I deleted it, but my website is still being blocked please fix! Link to post Share on other sites More sharing options...
Staff Dashke Posted October 6, 2020 Staff ID:1412275 Share Posted October 6, 2020 8 hours ago, Dashke said: Please clean up your website first - http://files.ryancamarda.com/uploads/1/3/0/7/130775921/7e8eca1ae9f530d.pdf File hasn't been removed. Link to post Share on other sites More sharing options...
duckjesus Posted October 6, 2020 Author ID:1412279 Share Posted October 6, 2020 https://drive.google.com/file/d/1KYfwe26AJWtBJCCtJaPmIqQ65F2voyC1/view?usp=sharing see above or below for evidence. It is gone. I can give you my weebly account login info if you don't believe me. the pdf has been deleted. hell the page that the pdf was on has been deleted too. I cannot delete it more than it has been deleted. and you still have not told me what was wrong with having a pdf on my website? please advise what you would have me do. Link to post Share on other sites More sharing options...
Staff Dashke Posted October 7, 2020 Staff ID:1412396 Share Posted October 7, 2020 Please contact Weebly support and ask them for an assistance in removing the infected pdf which is hosted here - http://files.ryancamarda.com/uploads/1/3/0/7/130775921/7e8eca1ae9f530d.pdf You should inspect your 'uploads' folder and remove all files that are not known to you. Also I would recommend you to change your account password. The PDF file is redirecting users to malvertising networks and PUPs. Link to post Share on other sites More sharing options...
duckjesus Posted October 7, 2020 Author ID:1412462 Share Posted October 7, 2020 I contacted weebly and they have no idea. I'm contacting my domain host cosmotown. see pdf for the support chat with weebly. Maybe you have a better idea on what the problem might be and a way to fix it? thank you. also good to know my resume wasn't the problem, but to know that something far more wrong seems to be, but i have no clue how to fix thank you for your help weebly support.pdf Link to post Share on other sites More sharing options...
Porthos Posted October 7, 2020 ID:1412470 Share Posted October 7, 2020 When you go to above link bad link it comes to the page in the screenshot and if you use the captcha, it goes to the following site as a redirect. ttraff.ru Then that site goes to the following and I stopped there. roboverify.vip Link to post Share on other sites More sharing options...
duckjesus Posted October 7, 2020 Author ID:1412471 Share Posted October 7, 2020 Any idea, given what you read in the pdf i attached from weebly support. What to do? Link to post Share on other sites More sharing options...
Porthos Posted October 7, 2020 ID:1412472 Share Posted October 7, 2020 Just now, duckjesus said: Any idea, given what you read in the pdf i attached from weebly support. What to do? I did not look. I just visited the exact link that the staff pointed out. Link to post Share on other sites More sharing options...
duckjesus Posted October 7, 2020 Author ID:1412473 Share Posted October 7, 2020 I'll just copy past it here: Wednesday, October 7, 2020 Square Support, 10:48 AM ? Please type your question below and we will get you in contact with one of our Customer Success Advocates. We are experiencing unusually high volume, so your wait time may be longer than usual. 10:48 AM from malwarebytes: Please contact Weebly support and ask them for an assistance in removing the infected pdf which is hosted here - http:// files.ryancamarda.com/uploads/1/3/0/7/130775921/7e8eca1ae9f530d .pdf (the spacing is mine because apparently that link sends you to the infected site, but that is not on my site in the website builder) You should inspect your 'uploads' folder and remove all files that are not known to you. Also I would recommend you to change your account password. The PDF file is redirecting users to malvertising networks and PUPs. Square Support, 10:48 AM Thanks for reaching out! We've received your message and are waiting for our next available Customer Success Advocate. Thank you for your patience. Renee, 10:59 AM Hi there, I can take a look. What is the email address you use to login to the account? 11:03 AM ryancamarda@gmail.com 11:04 AM hi renee Renee, 11:07 AM I am looking for the file. I am checking a few things. 11:07 AM ok, it must be hidden, I cannot find anything like that in my account website interface 11:08 AM i deleted the only pdf i had on the site, and deleted the page, but apparently that was not it Renee, 11:09 AM I did a search for 7e8eca1ae9f530d.pdf as thats the file name and its not coming up. Might be that you removed it but its still pending clearing the cache 11:11 AM i deleted it yesterday morning at 9 11:12 AM when i clicked the link above it takes me to something i definitly did not upload whatever that is Renee, 11:12 AM I am checking give me one moment. 11:16 AM well I deleted MY pdf yesterday which was just my resume I have no idea what that link is above, never seen that before, and can't find that anywhere on my site Renee, 11:19 AM ok its coming from a files.ryancmarda.com which is not on weebly. Our files are under domain/uploads. 11:21 AM ok, sooooooo what do we do? Renee, 11:21 AM you will need to find where files.ryancmarda.com is hosted. 11:22 AM i have no second site i only have weebly Renee, 11:23 AM your domain isn't registered here so I can't check the DNS where you have the subdomain 11:24 AM Host Points to TTL Actions ryancamarda.com 199.34.228.59 21600 Delete *.ryancamarda.com 199.34.228.59 21600 Delete www.ryancamarda.com 199.34.228.59 21600 Delete 11:25 AM that's all that's in my dns Renee, 11:25 AM I checked with my Tier 2 and that file is not coming from Weebly. I can't see where that is coming from. Do you have any external file organizations set up? 11:26 AM no Renee, 11:27 AM I would get more information from who is reporting it. That file is not coming from weebly. 11:28 AM how do i get rid of it? Renee, 11:29 AM I honestly am not sure, We are unable to find that source. 11:30 AM have my weebly account been compromised? 11:31 AM *has Renee, 11:31 AM No because the files.ryancamarda.com isn't a weebly site. check with your domain provider where that is pointed. Renee, 11:31 AM No because the files.ryancamarda.com isn't a weebly site. check with your domain provider where that is pointed. 11:32 AM ok, i'll contact their support, thank you Link to post Share on other sites More sharing options...
Porthos Posted October 7, 2020 ID:1412478 Share Posted October 7, 2020 8 minutes ago, duckjesus said: have my weebly account been compromised? 11:31 AM *has Renee, 11:31 AM No because the files.ryancamarda.com isn't a weebly site. check with your domain provider where that is pointed. Renee, 11:31 AM No because the files.ryancamarda.com isn't a weebly site. check with your domain provider where that is pointed. 11:32 AM ok, i'll contact their support, thank you That just says where you should be looking. Link to post Share on other sites More sharing options...
duckjesus Posted October 20, 2020 Author ID:1415268 Share Posted October 20, 2020 So that was weebly support, here is cosmotown's response. "Hello Brian King, Thank you for your response. We have checked with the developers and they noticed that the file was uploaded to files.ryancamarda.com. This domain is NOT registered with Cosmotown. Only ryancamarda.com is registered with Cosmotown, so we do not have any access to this domain. As you can see in your Cosmotown DNS panel, the only records that exist are the records you input and saved. There is no URL forwarding set up and there is currently no option for any file to be uploaded on to Cosmotown as we only provide domain names. We would advise that you contact Weebly again for more assistance. Thank you. Best regards, Cosmotown Support" Are you sure you're not conflating two totally separate websites? Link to post Share on other sites More sharing options...
Porthos Posted October 20, 2020 ID:1415270 Share Posted October 20, 2020 The file is gone now and the only block is a Browser Guard block and I will tag the right staff member so you post can be moved to the correct section of the forum. The main program does not block it anymore. @gonzo 1 Link to post Share on other sites More sharing options...
Staff Dashke Posted October 20, 2020 Staff ID:1415297 Share Posted October 20, 2020 Hello, Since it seems clean now, the block will be removed. If you need additional help, please let us know. Thanks! Link to post Share on other sites More sharing options...
gonzo Posted October 20, 2020 ID:1415365 Share Posted October 20, 2020 files.ryancamarda.com did have a reputation block on it in Browser Guard. I have removed it. Please allow 15-30 minutes for final changes to take effect. Link to post Share on other sites More sharing options...
Recommended Posts