Not only avast flags, as confirmed by CDRF Threat Centre:
The domain name ‘telemutuo.it’ is well known to violate our detection criteria.
Internal ID: 63197888
Detection category: Malicious:URL
Date and hour: about 19 days ago
Advert domain: No
Threats found on the website
https://quttera.com/detailed_report/telemutuo.It gives it all green.
Not much here either. https://radar.cloudflare.com/scan/ac2b4852-77de-42cf-8c1a-ebf66b5994d4/network
Sucuri detects this: warning.html_anomaly
Description: We detected anomaly in HTML code placement.
Description:
We detected anomaly in HTML code placement. Typical anomalies include the placement of scripts
and iframes outside of the … block,
which means that it was not done by someone who is not familiar with
with the web page generation process of this particular site (massive automated infection)
or simply doesn’t have access to the code that generates webpages
(for example, server-level infections that append malware to every server response).
This is a strong signal that a stranger tried to modify web pages.
If you find that HTML code placement or manipulation is being detected on a webpage,
it usually relates to security measures designed to prevent unauthorised changes or exploits.
Here are some steps you can take to address this issue:
- Check permissions:
Ensure you have the necessary permissions to edit the HTML of the webpage.
If it’s a blog or CMS, verify your user role.
2. Review Console Errors:
Open the browser’s developer tools (usually by pressing F12)
and check the console for any errors or messages
that may indicate why the HTML code is being detected or blocked.
3. Use the correct HTML editor:
Make sure you are using the appropriate editor or interface designated for HTML edits.
Some content management systems have built-in editors
that may require specific methods for inserting code, such as blocks or custom HTML modules.
4. Avoid inline scripts:
If you are adding scripts or styles via inline code or to certain elements, they may be restricted.
Instead, consider linking to external files or using the proper tag structures allowed by the website.
5. Sanitise input:
If you are attempting to submit HTML through forms, ensure the input is properly sanitised.
This can help it avoid detection by security filters.
6. Review Content Security Policies (CSP):
Content security policies can prevent certain inline scripts or styles from being executed.
Review the CSP in place and see if your code violates any rules.
7. Contact Support:
If you are a user of a service or platform (like WordPress or Shopify),
reach out to their support for assistance.
They may provide insight into the specific detection mechanisms in place.
8. Use Developer Mode (if applicable):
For local development or testing,
consider using a developer mode where such restrictions are minimised.
9. Check for security plugins:
If you are working within systems like WordPress, check for security plugins
that may be blocking your changes. Adjust their settings if necessary.
10. Analyse server-side restrictions:
If you have access to the server, review the server-side code
(like PHP scripts) that may be imposing restrictions on HTML code execution.
11. Inspect for Framework/Library Issues:
Certain JavaScript frameworks (like React, Angular, etc.) handle HTML rendering differently.
Make sure your code aligns with how those frameworks manage the DOM.
12. Consider Alternative Approaches:
If HTML placement is not working, consider rewriting your approach.
For instance, use JavaScript to dynamically insert HTML after the page loads.
By following these steps, you should be able to troubleshoot
and resolve issues related to HTML code placement on a webpage.
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)