ebrandt Posted April 24 ID:1632310 Share Posted April 24 (edited) Hi, https://concierge.totalwine.com is being blocked by malwarebytes with a warning about malware. I am helping host the website, so don't have any logs myself for the issue. We don't host any downloads on this site so I am not sure where what would be causing the warning. Any pointers on what the false positive is stemming from would be greatly appreciated. Thanks Elliot Edited April 24 by TeMerc Disabled link Link to post Share on other sites More sharing options...
Porthos Posted April 24 ID:1632311 Share Posted April 24 Log for staff. -Website Data- Category: Malware Domain: concierge.totalwine.com IP Address: 18.160.156.61 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Also, your other domain is also blocked. -Website Data- Category: RiskWare Domain: ultracommerce.co IP Address: 104.196.189.107 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Link to post Share on other sites More sharing options...
ebrandt Posted April 24 Author ID:1632313 Share Posted April 24 Thanks @Porthos for the heads up, we'll be looking into that as well. Link to post Share on other sites More sharing options...
Staff TeMerc Posted April 24 Staff ID:1632325 Share Posted April 24 1 hour ago, Porthos said: Log for staff. -Website Data- Category: Malware Domain: concierge.totalwine.com IP Address: 18.160.156.61 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe Also, your other domain is also blocked. -Website Data- Category: RiskWare Domain: ultracommerce.co IP Address: 104.196.189.107 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe This was the only block I can find on the database and it's appearing to be valid: VirusTotal - Domain - training.ultracommerce.co Link to post Share on other sites More sharing options...
ebrandt Posted April 24 Author ID:1632344 Share Posted April 24 Thanks @TeMerc – I am going to follow up on my side to resolve these, and will reach out here again to request our sites be re-evaluated once these issues are resolved. 1 Link to post Share on other sites More sharing options...
ebrandt Posted April 25 Author ID:1632582 Share Posted April 25 Hi @TeMerc, We have gotten in touch with our WordPress hosting provider and cleared out the bad files that were present on the training.ultracommerce.co site. Issues were previously reported on https://sitecheck.sucuri.net/results/https/training.ultracommerce.co but it is now showing up clean. Moving forward from here, are you able to re-evaluate this URL as well as concierge.totalwine.com? Additionally, am I correct that concierge.totalwine.com is being blocked because it is CNAMEd to totalwineconcierge.uc-prod.ultracommerce.co, and therefore is "related" to training.ultracommerce.co? Thanks Elliot Link to post Share on other sites More sharing options...
Staff TeMerc Posted April 26 Staff ID:1632819 Share Posted April 26 23 hours ago, ebrandt said: Hi @TeMerc, We have gotten in touch with our WordPress hosting provider and cleared out the bad files that were present on the training.ultracommerce.co site. Issues were previously reported on https://sitecheck.sucuri.net/results/https/training.ultracommerce.co but it is now showing up clean. Moving forward from here, are you able to re-evaluate this URL as well as concierge.totalwine.com? Additionally, am I correct that concierge.totalwine.com is being blocked because it is CNAMEd to totalwineconcierge.uc-prod.ultracommerce.co, and therefore is "related" to training.ultracommerce.co? Thanks Elliot Hello, thanks for the updated info. We've reviewed the data from the site again and have determined it no longer warrants being blocked so we've disabled the block in our database. Removal should be reflected in the next database update going out in a few hours or so. 1 Link to post Share on other sites More sharing options...
Recommended Posts