Redirect when attempting to access our website

Welcome to Sky Soaring Forums Restricted content Redirect when attempting to access our website

Viewing 9 reply threads
  • Author
    Posts
    • Saturday, January 2nd, 2021 at 10:12 am #9775
      Rich WalendaRich Walenda
      Participant

      Hello:

      Today when attempting to log into our website via:

      https://www.google.com/search?q=sky+soaring&rlz=1C1CHBF_enUS721US721&oq=&aqs=chrome.0.69i59i450l8.2027922931j0j7&sourceid=chrome&ie=UTF-8

      I clicked on website.

      I was redirected to a site deemed malicious:

      https://fastsolvecaptcha.com/robot37/index.html?c=0ac7a4f2-398c-4b57-8621-7bd07caa80b4&a=l74625

      Trend Micro defines it as a scam site. This redirect has happened a few times (only when trying to access Sky Soaring’s web site). Perhaps our web host has a security vulnerability that is being exploited. Most times the site comes up without problem but occasionally the redirect occurs.

      Has anyone else encountered this problem?

      Regards,

      Rich

    • Saturday, January 2nd, 2021 at 10:31 am #9777
      Rich WalendaRich Walenda
      Participant

      Further information on that redirect site:
      <table class=”table table-custom table-striped”>
      <tbody>
      <tr>
      <td width=”260″><span class=”font-bold”>Website Address</span></td>
      <td>Fastsolvecaptcha.com</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Last Analysis</span></td>
      <td>9 days ago  |  <i class=”fa fa-refresh” aria-hidden=”true”></i> Rescan</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Blacklist Status</span></td>
      <td><span class=”label label-success”>0/35</span></td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Domain Registration</span></td>
      <td>2020-12-18 | <span class=”label label-warning”>16 days ago</span></td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Domain Information</span></td>
      <td><i class=”fa fa-user-secret” aria-hidden=”true”></i> WHOIS Lookup | DNS Records | Ping</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>IP Address</span></td>
      <td>5.8.34.205   Find Websites  |  IPVoid  |  Whois</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Reverse DNS</span></td>
      <td>Unknown</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>ASN</span></td>
      <td>AS209813 Fast Content Delivery LTD</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Server Location</span></td>
      <td> (NL) Netherlands</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Latitude\Longitude</span></td>
      <td>52.3891 / 4.6563   <i class=”fa fa-map-marker” aria-hidden=”true”></i> Google Map</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>City</span></td>
      <td>Haarlem</td>
      </tr>
      <tr>
      <td><span class=”font-bold”>Region</span></td>
      <td>North Holland</td>
      </tr>
      </tbody>
      </table>

    • Sunday, January 3rd, 2021 at 8:54 am #9783
      Don GrilloDon Grillo
      Keymaster

      Rich, I have been unable to duplicate that. Can you send a screen shot to my email address of the google search page and the link you clicked on.

      Don

    • Sunday, January 3rd, 2021 at 9:33 am #9784
      Don GrilloDon Grillo
      Keymaster

      Also, I would suggest that you clear your cache. In Chrome, in the upper right hand corner click on the 3 dots then Settings, Privacy and Security. Clear Browsing Data

      Don

    • Sunday, January 3rd, 2021 at 10:00 am #9785
      Rich WalendaRich Walenda
      Participant

      Hello:I have cleared the cache, we routinely do that.  I will do some more investigation on the redirect.  I see that our site is an http site, not secure as https.  That may have allowed the server host to become compromised.  The preliminary info that I was able to trace is that the redirect goes to the Netherlands and the site is only a few weeks old.  Regards,Rich

    • Sunday, January 3rd, 2021 at 10:14 am #9786
      John PhelanJohn Phelan
      Participant

      I went to our site from my phone and it went to one of those “Congratulations!  You’re the one billionth search on Google” sites.  I shut down Chrome, reopened it and it went to the SSI site without ant redirect.

      John F. Phelan
      (S20 Mobile)

    • Sunday, January 3rd, 2021 at 10:21 am #9787
      Rich WalendaRich Walenda
      Participant

      Hello:

      If things are working right you should not get those pop ups or be redirected. I have logged on a few times today seeking the redirect and can not find it.  If it happens again I will try to capture as much information as possible. I do have the first redirect address but will need to open it on a virtual computer to shield from any possible malware.  Regards,

    • Sunday, January 3rd, 2021 at 10:26 am #9788
      Don GrilloDon Grillo
      Keymaster
      John – I get those “you’ve won a prize” pop-ups occasionally. They come from having marketing malware on your device. One solution is to download an app called ccleaner or another app called malewarebytes. They, theoretically, delete uninvited advertising crap.  

    • Sunday, January 3rd, 2021 at 10:26 am #9789
      Don GrilloDon Grillo
      Keymaster
      John – I get those “you’ve won a prize” pop-ups occasionally. They come from having marketing malware on your device. One solution is to download an app called ccleaner or another app called malewarebytes. They, theoretically, delete uninvited advertising crap.  

    • Sunday, January 3rd, 2021 at 11:02 am #9790
      John PhelanJohn Phelan
      Participant

      Thanks, Mike.  I have Malwarebytes on my laptop & desktop.  I’ll add it to my phone.

      Happy New Year.

      John F. Phelan
      (S20 Mobile)

  • Author
    Posts
Viewing 9 reply threads
  • The forum ‘Restricted content’ is closed to new topics and replies.