cancel
Showing results for 
Search instead for 
Did you mean: 

Why My site is suspicious?

https://www.siteadvisor.com/sites/muaythaischolar.com

Mcafee is showing my site as suspicious but I dont have any idea why. Please help me to fix it.

11 Replies
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 2 of 12

Re: Why My site is suspicious?

Moved to Web and Email Protection > Site Advisor > Discussions > By Moderator

,

                    Please follow these Guidelines and Instructions. The quickest method being submitting through Trusted Source.

                    

Wishing you all the very BEST


Catdaddy

McAfee Community Moderator

Consumer Products

Cliff
McAfee Volunteer
Highlighted
Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 3 of 12

Re: Why My site is suspicious?

Hi,

your website linkes to a site which is know as a "Spam URLs" categorized site.

1) Test with McAfee Webgateway

Capture1.JPG

When opening your website you are redirected to this site. The site is classified as "Spam URLs".

2) Analyzing this with another tool other vendors are also detecting your site as "Malicious site"

- in my test a file named "tracker.exe" was downloaded.

3) Sandboxing detected the following malicious behavior.

Capture2.JPG

4) Your website redirects to many other websites just when opening it.

Capture3.JPG

Hmmm, any questions??

Hope this helps.

Cheers

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 4 of 12

Re: Why My site is suspicious?

Very elegant. I wish we had those tools.

Quttera turns up a WordPress plugin (/wp-content/plugins/arqam/assets/style.css) as a suspicious file, but that's about it.

The file is a CSS file but contains about 20K of Base64 code. Maybe malicious, maybe not.

http://quttera.com/detailed_report/muaythaischolar.com

And Sucuri notes several cached javascript files (such as the one below) but does not flag them as suspect

hxxp://www.muaythaischolar.com/wp-content/cache/minify/000000/LchhCoAgDEDhC2UjPJHatJVzNhXq9hX048HHs7CfA_We7A_DlNR1nJnKtEB0Ab3IYapLaKoKS0c1mdLWvVzvQabBQCXksWKDqFI6tNC-Hg.js

Re: Why My site is suspicious?

Thanks for your response Hayton. Could it be that the social profiles on the Arqam plugin have fake followers on them? Also, the report shows that I have 100 external links, but I'm pretty sure I don't have that many?

Re: Why My site is suspicious?

Hi, thanks for helping. This is my site, the thread was started by a freelancer that was working for me. I realised that I had some ads on my site which didn't have a "nofollow" tag inserted into the code, so I have either removed the ad or added those tags, but the problem still remains. I can't figure out what the problem is, any suggestions? Thanks again.

Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 7 of 12

Re: Why My site is suspicious?

,

                   While your profile indicates that you may be utilizing Site Advisor Enterprise, have you tried following Colleague Hayton,s  advice? For he is most knowledgeable in all aspects of Site Advisor.

                    Just thought I would add that....

Wishing you all the Best

Catdaddy

McAfee Community Moderator

(Consumer Products)

Cliff
McAfee Volunteer

Re: Why My site is suspicious?

Thanks. I just noticed Hayton mentioned a plugin Arqam, which is my social profiles. Could it mean that there are fake followers on one of them??

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 9 of 12

Re: Why My site is suspicious?

I'll look into it.  There were some suspect external connections which need to be investigated. A re-check may now give a different result from the one we had before.

Re: Why My site is suspicious?

Thank you very much !