States that I have malicious snips in my HTML which isn’t in my project; these are from which was injected because of Cloudflare (i.e: “Security check Pages”);
I was thinking the same thing, just seems scary cause someone else previously linked it then it shows there’s .gen files… That’s legit Trojan and I use a shared host of 16 year. Definitely not them.
When I load the domain direct URL to the specific file; http://REDACTED_FOR_PRIVACY/d361b2a5a1b74957d7a8dcfe5511a70c
My Certificate disappears and it results a “404.shtml”; that’s not a supported format in-house.
I see one of them link to haxx.se, which claims to be a “group of fathers” who write boot loaders and other malicious scripts?
Okay,
Makes me feel better. Thank you. I thought I was just acting crazy.
My Host is running a .cgi/XCSS CORS Attack Diagnostics for me now. Just got to wait for their Devs to let me know if it’s a legitimate claim. I also linked this notice which is linked in via the code snippets they displayed:
Results are in: Quttera.com throws False Positives for Financial Gain;
They simulate an impersonation of Cloudflare snippits which seem to be dynamically based off my Shared-Host IP Address.
1.2.3.4/infectedfileString
Deems all infectedfileString is a pre-judgement based off of an IP’s Reputation of a precursor.
The /infectedfileString (d361b2a5a1b74957d7a8dcfe5511a70c), other .gen files it claimed existed; do not exist in my root / nor does it have any lawfully-injected snippets relating to the warning Screenshot above.
If you encounter this issue, just understand your infrastructure is fine, these morons just generate Trojan Spoofs to scare us into paying for their crappy services.
