Author Topic: URL:Mal (avast bocking hiphopisdream.com)  (Read 3395 times)

0 Members and 1 Guest are viewing this topic.

la8989

  • Guest
URL:Mal (avast bocking hiphopisdream.com)
« on: April 14, 2014, 06:42:14 PM »
Please help me to solve the problem, what need to do, that avast stop blocking my blog.  >:(

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2768
  • Volunteer
Re: URL:Mal (avast bocking hiphopisdream.com)
« Reply #1 on: April 14, 2014, 07:31:22 PM »
Emoticons of angry, PO'd faces not needed. Will look into it.
VOLUNTEER

Senior Security Analyst; Sys Admin (Linux); Forensics/Incident Response.

Security is a mindset, not an application. Think BEFORE you click.

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2768
  • Volunteer
Re: URL:Mal (avast bocking hiphopisdream.com)
« Reply #2 on: April 14, 2014, 07:38:26 PM »
Outdated Software: http://sitecheck3.sucuri.net/results/hiphopisdream.com/
0/25 Safety Reputation? http://www.urlvoid.com/scan/hiphopisdream.com/


I'll have Pol take a look.
VOLUNTEER

Senior Security Analyst; Sys Admin (Linux); Forensics/Incident Response.

Security is a mindset, not an application. Think BEFORE you click.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33899
  • malware fighter
Re: URL:Mal (avast bocking hiphopisdream.com)
« Reply #3 on: April 14, 2014, 10:27:22 PM »
Suspicious on Javascript Check is: Suspicious

><br /> <a href="htxp://dfiles.ru/files/z3rtxufwl" target="_blank"><span style="font-weight: bold; font-size: 180%;"><span style="font-family: arial black;">download now!!! [deposi...  link to RBN IDS flagged site, see: http://urlquery.net/report.php?id=1397506225585
ET CURRENT_EVENTS Probably Evil Long Unicode string only string and unescape 2

404 error check: Suspicious

Suspicious 404 Page:
   document.write(unescape("%3cscript src=%27htxp://s10.histats.com/js15.js%27 type=%27text/javascript%27%3e%3c/script%3e")

Check external links for unknown:
htxp://www.addthis.com/bookmark.php?v=250&pubid=ra-4ec7d4ea4  -->  ''
htxp://on.fb.me/160j16c  -->  ' '
htxp://www.albumfiend.com/  -->  'album fiend'
htxp://www.solemp3.com  -->  'youtube mp3 converter'
htxp://www.dstreetz.net  -->  'free mp3s, videos & mixtapes'
htxp://www.hypemixtapes.com  -->  'free mixtapes'
htxp://www.dopehood.com/  -->  'hip hop music'
htxp://www.beats1.com  -->  'buy beats'
htxp://www.dopetv.com/  -->  'hip hop videos'
htxp://worldmusiczone.com/  -->  'worldmusiczone'
htxp://www.download-hot-music.com/  -->  'free music'
htxp://skinnyblunts.com/  -->  'skinnyblunts'
htxp://www.mixtapedia.com/  -->  'free uk mixtape'
htxp://get-music.net/  -->  'download free mp3 music'

CMS outdated: Application: WordPress - http://www.wordpress.org

Web application version:
WordPress version: WordPress
Wordpress version from source: 3.5.1
Wordpress Version 3.5 based on: htxp://hiphopisdream.com//wp-admin/js/common.js
WordPress directory: htxp://hiphopisdream.com/wp-content
WordPress theme: htxp://hiphopisdream.com/wp-content/themes/Magtel/
WordPress version outdated: Upgrade required.

various unknown html malware found on IP: http://lists.clean-mx.com/pipermail/viruswatch/20140106/128861.html
(virus IP migration)

This might be a scam from the link there: http://www.sitejabber.com/reviews/www.beastkicks.com

This link might be suspicious: htxp://widgets.amung.us/small.js  -> http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fwidgets.amung.us%2Fsmall.js&useragent=Fetch+useragent&accept_encoding=
see under script there!  - peak at it here: http://jsfiddle.net/HWxXF/  (flagged at Zulu Zscaler scan)
given as benign here: http://wepawet.iseclab.org/view.php?hash=589c6aef43288fbd378f6d1847823851&t=1393385180&type=js

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: URL:Mal (avast bocking hiphopisdream.com)
« Reply #4 on: April 16, 2014, 10:39:06 PM »
Please help me to solve the problem, what need to do, that avast stop blocking my blog.  >:(

not being blocked by avast
url was  unblocked.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33899
  • malware fighter
Re: URL:Mal (avast bocking hiphopisdream.com)
« Reply #5 on: April 16, 2014, 11:22:19 PM »
Site might have come unblocked, and is free from malware and blacklisting.
but site still with outdated software, which means a risk:
CMS: WordPress version: WordPress
Wordpress version from source: 3.5.1
Wordpress Version 3.5 based on: htxp://hiphopisdream.com//wp-admin/js/common.js
WordPress directory: htxp://hiphopisdream.com/wp-content
WordPress theme: htxp://hiphopisdream.com/wp-content/themes/Magtel/
WordPress version outdated: Upgrade required.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

la8989

  • Guest
Re: URL:Mal (avast bocking hiphopisdream.com)
« Reply #6 on: April 19, 2014, 12:57:14 PM »
ok, i try to update, but every update means troubles with plugins and proper working in general