Dear all,
Is now more than one month I'm trying to submit a new Google Ads campaign on this website/page: https://business.niiprogetti.it/abbonamenti/#free
Before everything worked perfectly (Google Ads on sites containing ).
We have recently upgraded from Rel 4.x to latest release Revive Ad Server 5.2.0 on Centos.
The above page, contains a link in the header and footer (probably followed by the Google Ads bot) to this other web site: https://www.niiprogetti.it/ that contains Revive scripts to show some banners:
So far so good?
Now Google Ads and all the people supporting it that are saying our server contains "Malicious software", more specificalli this page: https://www.niiprogetti.it/biglietto-omaggio/ , which I promptly deleted, from everywhere on the server.
some facts:
this page https://www.niiprogetti.it/biglietto-omaggio/ now gives 404 error (previously after a period of 404 I added a redirection 301 to the home page), but a side of the 404 in the header and in the right column side space I have some banners:
header: https://ads.myadv.org/www/delivery/cl.php?bannerid=472&zoneid=58&sig=a3f287903f5c70db5db512042e45fad6db697787af81ad485b189e35ef762c56&oadest=https%3A%2F%2Fatiproject.com%2Fappalti%2F
right side: https://ads.myadv.org/www/delivery/cl.php?bannerid=638&zoneid=59&sig=0b51a5f54270c9f81040434c871f248562cd67f86713670ca436d72d3da2caad&oadest=https%3A%2F%2Fwww.saiebari.it%2Fit%2Fcontatti%2F%3Futm_source%3Dmedia_partner%26utm_medium%3Dbanner%26utm_campaign%3Deditriceindustriale
We have scanned the site, the scripts, the images, the database, with several tools and there is no sign of any known malware effecting Revive Server: I've found in the past database injections malicious php and backdoor as reported in this article: https://forum.revive-adserver.com/topic/5836-backdoor-left-by-hackers-after-previous-4x-install-has-been-highjacked/ which is been carefully cleaned up, any cache (on WP sites and Revive has been cleaned), we have cleaned the Google search console and we succede to have the page removed from google cache, and there is no warnign of compromised site in any of the tools of google console.
I've changed the scripts from Asynchronous to synchronous. there is a note somewhere in Google Developers saying they do not like Async scripts (and please note all their Analytics scripts are synchronous).
But Google Ads and Support, is still telling me they see "Malware software"....... after a clean up after a db check, after a file system check, after any php, js....etc file that correspond 100% in terms of size, dates, content to the original release.... still they say "Malicious Software", more specifically (that's the crazy format they sent me to check out the links they find):
https://ads.myadv.org/www/delivery/asyncjs.php, https://ads.myadv.org/www/delivery/asyncspc.php?zones=60%7C58&prefix=revive-0-&loc=https%3A%2F%2Fwww.niiprogetti.it%2Fbiglietto-omaggio%2F&referer=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3D%26esrc%3Ds%26source%3Dweb%26cd%3D1%26ved%3D0CEwQFjAG%26url%3Dhttps%253A%252F%252Fwww.niiprogetti.it%252Fbiglietto-omaggio%252F%26ei%3DR8KbYI7rNP2i5AP8dA%26usg%3DAFQjCNGeGukLEGxxJNMZyAJsw3kia4kztQ, https://ads.myadv.org/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=60&loc=https%3A%2F%2Fwww.niiprogetti.it%2Fbiglietto-omaggio%2F&referer=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3D%26esrc%3Ds%26source%3Dweb%26cd%3D1%26ved%3D0CEwQFjAG%26url%3Dhttps%253A%252F%252Fwww.niiprogetti.it%252Fbiglietto-omaggio%252F%26ei%3DR8KbYI7rNP2i5AP8dA%26usg%3DAFQjCNGeGukLEGxxJNMZyAJsw3kia4kztQ&cb=8c6d90f20f, https://ads.myadv.org/www/delivery/lg.php?bannerid=472&campaignid=433&zoneid=58&loc=https%3A%2F%2Fwww.niiprogetti.it%2Fbiglietto-omaggio%2F&referer=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3D%26esrc%3Ds%26source%3Dweb%26cd%3D1%26ved%3D0CEwQFjAG%26url%3Dhttps%253A%252F%252Fwww.niiprogetti.it%252Fbiglietto-omaggio%252F%26ei%3DR8KbYI7rNP2i5AP8dA%26usg%3DAFQjCNGeGukLEGxxJNMZyAJsw3kia4kztQ&cb=2ab103c16f, https://ads.myadv.org/www/images/71df6c3029c7a2d1d767118128362c0f.png
Today yet another support agent simply said: on this page https://www.niiprogetti.it/biglietto-omaggio/ the link to remove is: https://ads.myadv.org
Pls note that the above is my on premises Revive Download edition https://ads.myadv.org
I'm going bananas guys.... anyone that had same or similar experience?
Cheers,
RIC