I hosted my domain to point to the hosting here. It worked well for a few days, now, when anyone visits my website, it goes to a malicious website leostop
Then the user goes back and the website works fine.
Can anyone suggest what’s happening?
Rule of thumb, no clear information results with nothing.
It is fine for me. Try clearing your cache. Some adverts redirect to suspicious sites, so remove any disreputable advertisers.
I just tried from a different laptop
typed website name
first it said it is going to a “non trusted” site, do you want to continue
when i click “Continue” it goes to myosys.us homepage them immediately goes to
It then says “the site has been reported unsafe”
the same behavior was also reported by someone else whom I asked to visit the website
Try from a different network, such as a cellular network. Then does it work?
I’m pretty sure it’s not our hosting. A quick Google search for that domain doesn’t redirect a lot of results, but it does show a few sites which are not hosted with us.
So my money is on something like malicious code on your website (this can happen with outdated or pirated software), a virus on your computer or an malicious party in your network intercepting and redirecting traffic.
Thank you for your confirmation and inputs.
By this it turns out that your jquery is infected
It is easily possible that someone pushed the obfuscated code inside or otherwise hid it
URL: Account Suspended
Error/Status Code: 301
Initiated By: http://www.myosys.us/js/jquery-3.4.1.min.js line 1 column 82241
Request Start: 1.576 s
DNS Lookup: 70 ms
Initial Connection: 75 ms
Time to First Byte: 122 ms
Bytes In (downloaded): 0.0 KB
Bytes Out (uploaded): 0.9 KB
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 PTST/211207.195343
Accept-Encoding: gzip, deflate
HTTP/1.1 301 Moved Permanently
Date: Mon, 17 Jan 2022 22:05:58 GMT
Expires: Mon, 17 Jan 2022 23:05:58 GMT
Location: Account Suspended
alt-svc: h3=“:443”; ma=86400, h3-29=“:443”; ma=86400
Or you use some demo or unpurchased software (pirated)
so the author checks if the host is valid (for which someone bought some software), and if not, then throw out the error and make a redirection.
And you should definitely do a jQuery script update if possible and if everything works
You are not the only one who has this problem
Thank you so much for this info
I am new for jquery. Can you please guie me if
I shall I just re-upload my files? or shall i remove those references in jquery file?
are there any resolutions steps somewhere ?
You are better off using up-to-date CDN hosted jQuery.
I use JsDelivr CDN. Here’s how to include their jQuery:
<script src="https://cdn.jsdelivr.net/npm/[email protected]/src/core.min.js" crossorigin="anonymous"></script>
It depends on how the malware came to be there in the first place. So no, we have no step by step way to fix this, because there are a lot of variables to account for.
For starters, you should take a good look at the software you’re using:
- Is the software being actively developed and maintained, and are you running the latest, or at least supported, version?
- Is the software being developed by a reliable party? A well known company is a safer source than some random person on a forum.
- Did you get the software from a reliable source? So a distribution channel linked to by the software author, not some random file sharing sites you found through Google.
If the software is outdated, built by someone with either bad intentions or someone who just isn’t good at writing safe code, or retrieved from an unreliable third party source, your best bet is to wipe the entire site and start over. And go for software which is safe if you do.
Replacing the infected jQuery can help, but not if it’s just one symptom of unsafe, malware infected software.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.