Third party tool says domain is compromised. How do I check this?

[jonnorris]

Site URL: https://flightpath3d.com/

Our website is hosted on a 3rd-party domain and is connected to Squarespace via the 4 A record IP addresses provided by Squarespace - see https://support.squarespace.com/hc/en-us/articles/360035485391-DNS-records-for-connecting-third-party-domains

IP addresses: 198.185.159.144, 198.185.159.145, 198.49.23.144, 198.49.23.145

All 4 IP Squarespace IP addresses are malware compromised - see https://verdict.valkyrie.comodo.com/url/ip/result?ip=198.49.23.145

What is Squarespace doing to eliminate this malware issue?

This is a very urgent issue for us and will lead to a material impact on our business if not resolved immediately.

Are other Squarespace accounts seeing the same problem?

[captbdel12]

I think the credibility of Squarespace is going down and this another example of totally bad practices on their hosting server side. Technically I doubt SQ support have real core knowledge and seriously lack key talents.

What another fine mess Squarespace has got itself into. 

[jonnorris]

Still no adequate response from Squarespace. This issue affects everyone who has a Squarespace site linked to a third-party domain. All of those sites are susceptible to the malware that Squarespace is hosting on these 4 IP addresses ...

Squarespace, please provide a phone number that I can contact in real-time to get an answer.

 

[davemillman]

@jonnorris, any resolution on this issue?

[derricksrandomviews]

First off your domain, not your website is hosted with a third party. An ip address itself cannot contain malware, the site the ip is connected to can. But if it did it would not matter if the domain was hosted by the website hoster or a third party, all who have a site there would have malware, all Brine users like yourself would have a problem. I don't and I have two sites on the same template and my malware protection does not see any problem. In other words it seems to me  you are getting a "false alarm" from the software you have posted a screen shot of. 

[glorea]

Has anyone found a solution to this? I think I'm having the same problem.

[derricksrandomviews]

On 4/14/2022 at 6:28 AM, glorea said:

Has anyone found a solution to this? I think I'm having the same problem.

Note my post above yours. 

Edited April 21, 2022 by derricksrandomviews

[creedon]

Folks. The other thing to keep in mind is what is the credibility of the tool you are using that is giving you this information. Please be aware that there are many tools that make all kinds of claims. Are they trying to sell you some product or service to protect you? Perhaps they are not legit and trying to get your info to scam you in some other manner. Be a cautious and informed consumer.

Even some of the more "reputable" tools out there use FUD ( fear, uncertainty, and doubt ) tactics to get you to buy more expensive versions of their tools that you may not need.

To be clear there are real threats out there but reacting to one report is premature. You need to build up some credible evidence.

Edited April 21, 2022 by creedon