@webjuice

Does Avast provide details on what it’s picking up?

I’ve seen some instances where software that’s supposed to “protect” you from visiting harmful sites report false-positives such as when making an HTTPS request on a domain that doesn’t have a valid, working SSL certificate installed.

If you’ve not installed an SSL certificate on cPanel to cover your hostname and links, that may be one flag since, IIRC, cPanel enforces SSL, whether you have a valid certificate or not.

You can do a lookup on your Droplet IP also to see if it’s potentially in one of the well-known lists that many pieces of software use. Simply enter your Droplet IP in the input box on the page below, click submit and let it run.

https://www.whatismyip.com/blacklist-check/

this is my droplet ip: 37.139.25.243 and domains where the SSL is enabled through directadmin.

https://webjuice.ie/
https://webjuice.sk/

there is no anything blacklisted https://www.whatismyip.com/blacklist-check/

Seems like that IP-address had/has issues:
https://virustotal.com/en/url/a3476cfb14225e8767f6967c8d43a6fe8d05e9034616a997b8050fe7f39c4945/analysis/
I’ve send a request to Kaspersky to re-scan the url: https://virusdesk.kaspersky.com/

still not answer from kaspersky. Can you please help what to do? thanks

Can you please somebody help. Kaspersky still showing as virus http://37.139.25.243