What to do with weird links pointing to my site?

Hey guys,

I started noticing this already 3 weeks ago - there were days that 10+ links were added to my site and at first, I thought it’s a coincidence.

But then this happened again a week ago and then yesterday once again.

At first, someone was adding links to the comments they made - which was pretty clever cause they get those comments indexed.

Here’s an example: https://www.google.com/search?q=site%3Apaybis.com%2Fblog%2Fbitcoin-price-prediction%2F&oq=site%3Apaybis.com%2Fblog%2Fbitcoin-price-prediction%2F&aqs=chrome..69i57j69i59l2j69i58.11081j0j1&sourceid=chrome&ie=UTF-8

But now someone is adding weird links to my home-page - just in one day there were 10 new links added and all are pointing the main page - https://paybis.com/

Those links are super weird and makes no sense:

  • 'lkfoto.ie/index.php/2012/01/26/pantomime-4/
  • 'mulroycollege.ie/2018/05/18/senior-prizegiving-in-mulroy-college/
    **All the URLs are hidden in the comment section

So, I wanted to ask if anyone have experience with dealing with such links and what can you suggest about getting them removed?

I performed a scan with Broken Link Checker,

You have 2000 links of which 112 URLs failed.
Remarkable:
Status URL Source link text
403 Forbidden -https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/СС+to+BTC/DE/Step+4.2.PNG img/src
403 Forbidden -https://s3.amazonaws.com/media.paybis.com/images/Step-by-step/CC/СС+to+BTC/DE/Step+4.3.PNG img/src
and loads and loads more from -https://s3.amazonaws.com/media.paybis.com etc. etc.
404 Not Found -https://vars.hotjar.com/ link/href
404 Not Found -https://script.hotjar.com/ link/href
400 Bad Request -https://hexagon-analytics.com/ link/href
400 Bad Request -https://www.googletagmanager.com/ link/href
503 Service Unavailable -http://bestexchangers.ru/
404 Not Found -http://wt-change.com/
-1 Not found: The host name in the certificate is invalid or does not match -https://discover.ledger.com/hackstimeline/ a total loss of your funds.
999 Non-standard -https://www.linkedin.com/company/paybis-com/

Then 517 recommendations towards improvement → https://webhint.io/scanner/b69148c5-05c5-45a1-8f50-23cfb522ab39

See about soundcloud tracker detected and blocked for many browsers:
https://webcookies.org/cookies/paybis.com/28662878?881894

No root certificate found for this link: https://webcookies.org/cookies/2-vbus-eu.ladesk.com/28662977

Linked site checked by Google Safebrowsing:
Linked Sites
Google Safe Browse checks have been performed on each of the linked sites. Links with poor reputation could be a threat to users of the site. Hosting and location are also included in the results.

Externally Linked Host Hosting Provider Country
-uk.trustpilot.com Amazon.com. United States
-www.trustpilot.com Amazon.com. United States
-shop.trezor.io Cloudflare. United States
-www.ledgerwallet.com Cloudflare. United States
-support.paybis.com Quality Unit, s.r.o. Germany
-www.facebook.com Facebook. Ireland
-plus.google.com Google LLC United States
-twitter.com Twitter Inc. United States

See detections here, as Sucuri finds nothing: https://www.virustotal.com/gui/ip-address/104.20.16.254/relations
which were of May last this year.
PHISHING was detected 6 moths ago: https://www.virustotal.com/gui/url/8bc2dc053c849ff3a991ee7bdb94b4a0fef299ca8181f18b058adda990bf3675/detection
and two still flag website now: https://www.virustotal.com/gui/url/8bc2dc053c849ff3a991ee7bdb94b4a0fef299ca8181f18b058adda990bf3675/detection
Given clean here: https://checkphish.ai/insights/url/1574265915254/dfe92560b9430f792c3f61bdc891201e57b62e52e773249d740416bc7569b50e

Wait for an avast team member to give a final verdict.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)