Problem blocking my site because of HTML: Iframe-inf
https://elkooora.com/
https://yallashoot-live.today/
http://dawsha-tv.com/
The problem only appears inside the articles
Please help me to solve this problem
Problem blocking my site because of HTML: Iframe-inf
https://elkooora.com/
https://yallashoot-live.today/
http://dawsha-tv.com/
The problem only appears inside the articles
Please help me to solve this problem
3 suspicious inline scripts found. >> https://unmask.sucuri.net/security-report/?page=elkooora.com
Sucuri site check >> https://sitecheck.sucuri.net/results/https/ar.elkooora.com
Sucuri >> https://sucuri.net/
I get a 301 Moved Permanently now → https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=e2xrXV1dfXwuXl1tYA%3D%3D~enc
Then URLs that redirect found in: -https://ar.elkooora.com/
1: -http://view.vzaar.com/ → -https://www.dacast.com/?from=vzaar
DOM-XSS scan results: Results from scanning URL: -http://view.vzaar.com/
Number of sources found: 40
Number of sinks found: 442
&
Results from scanning URL: -https://www.dacast.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Number of sources found: 41
Number of sinks found: 17
Another domain on that same IP address is unavailable because of legal restrictions:
-https://studenti.win/tema/arte/ Access from your country is restricted, please try again later.
Shared query link: https://websniffer.cc/?url=https://ar.elkooora.com/
I do not see that particular site uri blocked by avast’s.
Consider: https://sitereport.netcraft.com/?url=https://ar.elkooora.com
SRC scan: HTML
-ar.elkooora.com/
45,195 bytes, 743 nodes
Javascript 7 (external 3, inline 4)
INLINE: (function() { let alreadyInsertedMetaTag = false function __insertDappDete
1,238 bytes
INLINE: (function(s,u,z,p){s.src=u,s.setAttribute(‘data-zone’,z),p.appendChild(s);})(doc
193 bytes
-iclickcdn.com/tag.min.js
INLINE: /*! jQuery v2.1.1 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license
226,453 bytes
-ar.elkooora.com/g4z4lagmnbj
INLINE: (function(d,z,x,s,e,o){s.src=‘//’+d+‘/tag.min.js’;x.open(‘GET’,‘//’+d+'/apu.php?
427 bytes
-graizoah.com/tag.min.js
CSS 6 (external 4, inline 2)
-ptoushoa.com/styles.css?aHR0cHM6Ly92aWF0ZXBpZ2FuLmNvbS9hcHUucGhwP3pvbmVpZD0zMzM2Njc5
INJECTED
-ptoushoa.com/bootstrap.css?aHR0cHM6Ly92aWF0ZXBpZ2FuLmNvbS9hcHUucGhwP3pvbmVpZD0zMzM2Njc5
INJECTED
INLINE: @media print {#ghostery-purple-box {display:none !important}}
61 bytes INJECTED
-ar.elkooora.com/wp-content/themes/Final/style.css
INJECTED
-kit-pro.fontawesome.com/releases/v5.12.0/css/pro.min.css
INJECTED
INLINE: :root #AdsDiv {display:none !important;}
40 bytes INJECTED → compare: -https://pastebin.com/59SsDvva
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
@ elkooora
Please break active links for all links to suspect sites to avoid accidental exposure, only post the domain-name or change the https to hXXps to break the link (as I have in the above quote.
Failure to do so may result in the posts being removed.
Nothing detected here: https://quttera.com/detailed_report/shoot-yallaa.live
Nor here: https://www.virustotal.com/gui/url/561b04bae606df6a565008b5a735c7dec6bf7dd5c4a6be8adecfcca552320fdf
Not flagged by Avast’s either.
But this needs attention of website maintenance: Retire.js
moment.js 2.22.2 Found in -https://shoot-yallaa.live/wp-content/themes/AlbaYallaShoot/js/AlbaSport.js?ver=7.0 _____Vulnerability info:
high This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. CVE-2022-24785 GHSA-8hfj-j24r-96c4 1
high Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4 CVE-2022-31129 GHSA-wc69-rhjr-hc9g
A 403-error was met at https://sitecheck.sucuri.net/results/https/shoot-yallaa.live (scan failed). Could be CloudFlare’s doing.
Also this was found - Buy Sleeping Pills Online UK | Effective Insomnia & Anxiety Medication
HTTP/1.1 200 OK
Date: Wed, 11 Sep 2024 16:59:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
link: https://webpharmacy.co.in/wp-json/; rel=“https://api.w.org/”
link: ← https://webpharmacy.co.in/wp-json/wp/v2/pages/2>; rel=“alternate”; title=“JSON”; type=“application/json”
link: htxps://webpharmacy.co.in/; rel=shortlink
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {“endpoints”:[{“url”:“-https://a.nel.cloudflare.com/report/v4?s=9ZBQtFEWsMvDQI6Thj6e9KS389wdY%2BDKogw7fEzpsgg8MCS35ohz2UG6%2FfhjceBMTV1Qit5BLBeBSxpjGfKCOicdFNUU0PYF3U%2BZRI88N0%2B3dV0myW8sUfDAML9D3n31d2GY%2Bw%3D%3D”}],“group”:“cf-nel”,“max_age”:604800}
NEL: {“success_fraction”:0,“report_to”:“cf-nel”,“max_age”:604800}
Server: cloudflare
CF-RAY: 8c19352b4920533d-LAX
alt-svc: h3=“:443”; ma=86400
polonus