Turgle Posted March 18, 2021 ID:1445485 Share Posted March 18, 2021 Hi, I recently migrated my server to a new host due to the fire that happened at the OVH datacenter, but the site was blocked for a friend of mine when he tried to visit the site. Below is the output of the log file. C6171A7D91B75403634CA7A48B6E917B25658A08F5C70FC30490E7DFDD7D0D30 { "applicationVersion" : "4.3.0.98", "chromeSyncResetQueryRequested" : false, "chromeSyncResetQueryResult" : false, "clientID" : "", "clientType" : "other", "componentsUpdatePackageVersion" : "1.0.1217", "coreDllFileVersion" : "0.0.0", "cpu" : "x64", "dbSDKUpdatePackageVersion" : "1.0.38309", "detectionDateTime" : "2021-03-17T23:22:50Z", "fileSystem" : "NTFS", "id" : "b0b01c0a-8777-11eb-a21b-180373423531", "isUserAdmin" : true, "licenseState" : "trial", "linkagePhaseComplete" : false, "loggedOnUserName" : "System", "machineID" : "", "os" : "Windows 10 (Build 19041.867)", "schemaVersion" : 17, "sourceDetails" : { "type" : "mwac" }, "threats" : [ { "ddsSigFileVersion" : "", "linkedTraces" : [ ], "mainTrace" : { "archiveMember" : "", "archiveMemberMD5" : "", "cleanAction" : "block", "cleanResult" : "successful", "cleanResultErrorCode" : 0, "cleanTime" : "", "generatedByPostCleanupAction" : false, "id" : "b0b0431a-8777-11eb-88d8-180373423531", "isPEFile" : false, "isPEFileValid" : false, "linkType" : "none", "objectMD5" : "", "objectPath" : "", "objectSha256" : "", "objectSize" : -1, "objectType" : "website", "resolvedPath" : "", "websiteData" : { "blockType" : 15, "ip" : "198.13.51.45", "isInbound" : false, "port" : 443, "processPath" : "C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe", "url" : "whoturgled.com" } }, "ruleID" : -1, "ruleString" : "", "rulesVersion" : "0.0.0", "srcEngineComponent" : "unknown", "srcEngineThreatNames" : [ ], "threatID" : -1, "threatName" : "" } ], "threatsDetected" : 1 } Link to post Share on other sites More sharing options...
Staff TeMerc Posted March 18, 2021 Staff ID:1445511 Share Posted March 18, 2021 1 hour ago, Turgle said: Hi, I recently migrated my server to a new host due to the fire that happened at the OVH datacenter, but the site was blocked for a friend of mine when he tried to visit the site. Below is the output of the log file. C6171A7D91B75403634CA7A48B6E917B25658A08F5C70FC30490E7DFDD7D0D30 { "applicationVersion" : "4.3.0.98", "chromeSyncResetQueryRequested" : false, "chromeSyncResetQueryResult" : false, "clientID" : "", "clientType" : "other", "componentsUpdatePackageVersion" : "1.0.1217", "coreDllFileVersion" : "0.0.0", "cpu" : "x64", "dbSDKUpdatePackageVersion" : "1.0.38309", "detectionDateTime" : "2021-03-17T23:22:50Z", "fileSystem" : "NTFS", "id" : "b0b01c0a-8777-11eb-a21b-180373423531", "isUserAdmin" : true, "licenseState" : "trial", "linkagePhaseComplete" : false, "loggedOnUserName" : "System", "machineID" : "", "os" : "Windows 10 (Build 19041.867)", "schemaVersion" : 17, "sourceDetails" : { "type" : "mwac" }, "threats" : [ { "ddsSigFileVersion" : "", "linkedTraces" : [ ], "mainTrace" : { "archiveMember" : "", "archiveMemberMD5" : "", "cleanAction" : "block", "cleanResult" : "successful", "cleanResultErrorCode" : 0, "cleanTime" : "", "generatedByPostCleanupAction" : false, "id" : "b0b0431a-8777-11eb-88d8-180373423531", "isPEFile" : false, "isPEFileValid" : false, "linkType" : "none", "objectMD5" : "", "objectPath" : "", "objectSha256" : "", "objectSize" : -1, "objectType" : "website", "resolvedPath" : "", "websiteData" : { "blockType" : 15, "ip" : "198.13.51.45", "isInbound" : false, "port" : 443, "processPath" : "C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe", "url" : "whoturgled.com" } }, "ruleID" : -1, "ruleString" : "", "rulesVersion" : "0.0.0", "srcEngineComponent" : "unknown", "srcEngineThreatNames" : [ ], "threatID" : -1, "threatName" : "" } ], "threatsDetected" : 1 } Hello, thanks for bringing this to our attention. We've reviewed the IP range again and have determined it no longer warrants being blocked so we've removed it from our database. Removal should be reflected in the next database update going out in a few hours or so. Link to post Share on other sites More sharing options...
Recommended Posts