Author Topic: URL:MAL (Read 2739 times)

REDACTED · « **on:** February 03, 2018, 03:43:52 PM »

Think this is a false positive but not sure.
I created a new account on one of my servers and when I connect to it from Firefox, Edge, or chrome, Avast is telling me that URL:Mal is detected and wont open the connection.

I have run a scan with Avast and nothing was found.
Ran Malwarebytes and nothing was found.

Checked the blacklists for the server ip and all ok.

If I connect from my phone it opens, and others can connect to it.

So what else should I check?

Asyn · « **Reply #1 on:** February 03, 2018, 03:46:48 PM »

Any link..!?

REDACTED · « **Reply #2 on:** February 03, 2018, 03:49:05 PM »

Code: [Select]

earthworksservicesllc.com Should just be a coming soon page

REDACTED · « **Reply #3 on:** February 03, 2018, 03:53:57 PM »

Logs attached

Asyn · « **Reply #4 on:** February 03, 2018, 04:01:03 PM »

-> https://sitecheck.sucuri.net/results/earthworksservicesllc.com

REDACTED · « **Reply #5 on:** February 03, 2018, 04:10:30 PM »

None of my other sites on this SHARED IP have the same result!?

Let me ask this:
Could this be happening because I had the customer redirect the DNS settings from his original site to my servers and the original site was the issue??

REDACTED · « **Reply #6 on:** February 03, 2018, 04:12:45 PM »

https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3aearthworksservicesllc.com&run=toolpage

Zero results on blacklist....

Asyn · « **Reply #7 on:** February 03, 2018, 04:15:17 PM »

You can wait for Polonus, he's usually willing to dig deeper.

polonus · « **Reply #8 on:** February 03, 2018, 06:13:06 PM »

This is being detected: At least 1 third party tracker know you are on this webpage.

-earthworksservicesllc.com -earthworksservicesllc.com

This produces a 404 not found: -images/icon.ico HTTP/1.1 see: https://urlquery.net/report/005679ca-0ffa-4428-8c90-aacf4dbcdc02
as is this: -[img] -earthworksservicesllc.com/images/logo.png

Consider: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=earthworksservicesllc.com&ref_sel=GSP2&ua_sel=ff&fs=1
and https://www.virustotal.com/#/url/697badd358b744d0733dc4456c822e66f75f679fe7eb15cc0b31eefd3bfa5725/details

F-grade status and recommendations: https://observatory.mozilla.org/analyze.html?host=earthworksservicesllc.com

See: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=earthworksservicesllc.com%2Fimages%2Flogo.png&ref_sel=GSP2&ua_sel=ff&fs=1
also given as clean: https://www.virustotal.com/#/url/d2a7b1426f0e5c89c209acadb0cde722b120ca4a8f555b98a1b264502ac0d95c/detection

So wait for an avast team member to give the final verdict, as we have relevant knowledge here,
but only avast team members can come and unblock, also in case of a general IP block of sorts.

polonus (volunteer website security analyst and website error-hunter)

REDACTED · « **Reply #9 on:** February 03, 2018, 06:35:59 PM »

OK so all those are saying it is clean also.
So this is a false positive basically? And AVAST team member needs to fix it?

Asyn · « **Reply #10 on:** February 03, 2018, 06:37:53 PM »

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

REDACTED · « **Reply #11 on:** February 03, 2018, 06:46:24 PM »

Reported for now. We will see what happens. Thanks!!

Asyn · « **Reply #12 on:** February 03, 2018, 06:48:57 PM »

You're welcome.

Author Topic: URL:MAL (Read 2739 times)

REDACTED

URL:MAL

Asyn

Re: URL:MAL

REDACTED

Re: URL:MAL

REDACTED

Re: URL:MAL

Asyn

Re: URL:MAL

REDACTED

Re: URL:MAL

REDACTED

Re: URL:MAL

Asyn

Re: URL:MAL

polonus

Re: URL:MAL

REDACTED

Re: URL:MAL

Asyn

Re: URL:MAL

REDACTED

Re: URL:MAL

Asyn

Re: URL:MAL