I runned a malware scan of my website with Quttera scanner and I got 6 warnings about 6 files. Those warnings do not appear when Cloudflare is disabled.
Especially, it shows two types of files as threat:
The Cloudflare’s browser checking page is being recognized as malware (Heur.HTML.SpamSEO.gen)
And this one:
Here there is a really weird link in an anchor tag
And this clearly seems the Cloudflare’s browser checking page but it’s being listed as malicious threat.
Is it possibile to have any clarification?
It’s likely just a honeypot link - you’d never see it if you’re not a bot that’s parsing the returned HTML.
As far as I’m aware, that URL is standard and is part of the JS/Captcha challenges. I doubt they will go into many details about how it works behind the scenes due to obvious reasons.
The malware flag is likely due to the site being presented as a challenge page.
Since this page is obfuscated and has references to further obfuscated files, this generates an abnormal file entropy flagged as malware.
There is nothing that people can do about it. The whole internet relies in one way or another …
Ok got it, so the results were just some false positives. Thank you very much for replying!
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.