False subdomain URL links to spam (not 404 page) even though site is clean.

  • Hi there,

    I cleaned up this site (https://www.seydwaysactingstudios.com) a few weeks ago after it was hacked and it has since passed the Google malware health test.

    However, I noticed today that when I type in a subdomain URL for a page that doesn’t exist such as https://www.seydwaysactingstudios.com/acting, instead of going to a 404 page, it goes to a spam page that is obviously not related to the content of my site.

    I have not received any notices that the site has been hacked since I have cleaned it up, so I believe it to still be clean. All internal links work within the site.

    Does anyone know what may be causing this and/or what the solution might be? The 404.php template is also clean.

    Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

  • It’s not a redirect – so it’s either in the DB (and hidden from the page editor) or actually is still there (could be a page template).

    See:

    https://validator.w3.org/check?uri=http%3A%2F%2Fwww.seydwaysactingstudios.com%2Facting&charset=%28detect+automatically%29&doctype=Inline&group=0&ss=1

    Thread Starter MSC.000

    (@msc000)

    Thank you so much for getting back to me so fast! This is really helpful!

    The only missing piece for me is I don’t understand which file I need to alter in order to get rid of the click3.php and /vg2 files. All of my page templates look fine.

    You mention it could be hidden from the page editor; would I be able to see it in the cpanel and if so, do you have any ideas what it might be called? I’ve been digging through it with no luck so far…

    Thank you!

    The ? indicates that the data may be dynamic – that points to a .js file, your DB, or both…

    but I found this related (from a few days ago)

    https://stackoverflow.com/questions/15712922/unknown-website-redirect-could-client-somehow-be-hacked

    Google “click3.php?” (Be very weary visiting any unknown sites/links, stackoverflow is well known)

    BTW, the links are in your menu:

    <ul id="menu">

<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="Home">Home</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="U.S">U.S.</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="WORLD">WORLD</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="BUSINESS">BUSINESS</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="POLITICS">POLITICS</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="ENTERTAINMENT">ENTERTAINMENT</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="LEISURE">LEISURE</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="HEALTH">HEALTH</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="SCITECH">SCITECH</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="OPINION">OPINION</a></li>
<li><a href="/click3.php?S7QysarOtDKyzrQyBGITKG0KpY2t_axrAQ" title="SPORTS">SPORTS</a></li>

    If using a custom menu, dump it.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘False subdomain URL links to spam (not 404 page) even though site is clean.’ is closed to new replies.