I'm running a node.js app on a VPS and my advertising for that app was stopped, because Google Adwords has flagged my site for malicious software.
I've contacted them and they said it was because of an image that was sourced from a malicious site. https://jloog.com/images/medieval-clipart-cup-19.jpg
Now I've put that link there myself, so it was not injected or anything. I just wanted to use that image, which I found through Google Images. So, I didn't even upload it to my server.
The link has now been removed for over two weeks, but after resubmitting my campaigns for approval, my site is still being flagged for the same reason. I searched in the shell with grep in my entire project but that link is nowhere in my code.
So what is causing the problem and how can I resolve this situation?
The problem was that it took Google somehow a long time to rescrape my site > 1 month. I had issued my advertisements again, but that wasn't enough and didn't trigger rescraping. I eventually got an email back from customer service (after about 3 weeks after I told them I already removed the link) that it was finally resolved.