Hello!
I am don’t know why AVAST blocked my site and showing Infection " URL:MAL".
I am checking not found anything now:
https://www.virustotal.com/en/url/b4de05ba85f89cd43fca656bc1467ef4056b6f71af3bc9727b59c1f3058cbf82/analysis/
https://sitecheck.sucuri.net/results/myhyips.net/
http://scanurl.net/?u=http%3A%2F%2Fmyhyips.net%2F&uesb=Check+This+URL#results
Please help me solve this problem.
Thank you.
URL:Mal mean blackliste URL or IP
IP history >> https://www.virustotal.com/en/ip-address/107.180.27.226/information/
Click more button under list(s) for more info. You may need to click sevral times to see all
How can i solve this problem ?
Please check your Headers if possible:
https://securityheaders.io/?q=http%3A%2F%2Fmyhyips.net%2F
https://securityheaders.io/?q=https%3A%2F%2Fmyhyips.net%2F
Update Apache (newest 2.4.20) and PHP (7.0.7 or 5.6.22)
Tons of vulnerable stuff here:
http://retire.insecurity.today/#!/scan/86f9547e154299f323f8226336b05461d56c38a73aeaf80445c85c5a543cdd4d
Somone from avast team will tell you. Only they know why they block it
There are multiple domains on that IP and many are blacklisted … could be related
Showing: http://prntscr.com/bgaonk is block ip or website ?
And if IP only i just change new ip right ?
Thank you
Suspicious scripts and links to (possibly) blacklisted websites :
http://www.web-malware-removal.com/website-malware-virus-scanner/?url=myhyips.net
Suspicious scripts and links to (possibly) blacklisted websites :
http://www.web-malware-removal.com/website-malware-virus-scanner/?url=myhyips.net
Showing: http://prntscr.com/bgaonk is block ip or website ?
And if IP only i just change new ip right ?
Thank you
Could only be that IP that is blocked as you share it with other “naughty” domains.
But I think that it is more likely, because of issues like alleged spam, scam, potentiall illegality, suspicious of ponzi-scheme, fraudulent ads.
Again only an Avast Team Member could answer that question, as I am just a volunteer analyst with relevant knowledge and insight!
To begin with and apart from other issues already mentioned by the other forum users,
there are spammy looking links: Spammy looking linksare detected.
Any links with funky anchor text? Yes there are. As we see:
Skimming over the code with Redleg’s File Viewer, we stumble upon an external link,
that comes being blocked by both WOT and Bitdefender’s TrafficLight:
https://www.mywot.com/en/scorecard/business-angels-inc.com?utm_source=addon&utm_content=popup
Potentially illegal scammer!
And we have a bad web rep here too: https://www.mywot.com/en/scorecard/allhyipmonitors.com?utm_source=addon&utm_content=popup for scam, ads and privacy risks. Many reports.
And another questionable link that comes WOT alerted: https://www.mywot.com/en/scorecard/allhyipmonitors.com?utm_source=addon&utm_content=popup
And this link comes also WOT blocked: https://www.mywot.com/scorecard/allmonitors.net?utm_source=addon&utm_content=popup
It is all there and reported by many a WOT user and many from Mother Russia.
Now also consider this: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fmyhyips.net%2Fthemes%2Fmyhyips%2Fjs%2Fjquery.mCustomScrollbar.concat.min.js
Apart from the detected sources and sinks, we have this detected for the javascript in that code:
found JavaScript
error: undefined variable jQuery
error: undefined variable a.event
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var a.event = 1;
error: line:1: ....^
Do not add event as global (event php error)
polonus (volunteer website security analyst and website error-hunter)
107.180.27[.]226 is indeed very suspicious. We usually see many malicious domains on it. I noticed there is actually a couple of clean domains, so we decided to unblock the IP, but please change it as soon as possible, because it might be blocked again in the future (and my bet is that it will).
My advise :
1]
Step away from that host and get one that care about security.
2]
Ofcourse get a new IP at the new host
3]
Solve the vulnerable librarie problems.
4]
Remove all links to other sites and only add a link after thoroughly having checked the site
5]
Fix the JavaScript problems (even better, don’t use JavaScript at all)