Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Message 1 of 17

SiteAdvisor - Why is My Site Blacklisted?

My site is crystalexchange(dot)com .  I'm not sure why, but for several weeks now, SiteAdvisor is indicating my site is "Dangerous" to visit.

My site is safe according to our hosting provider, Google, and a number of other websites I have used to check for safety.

We've been on the internet over 15 years without issues.

We are on a server with a very small # of sites hosted on it. (Virtual Dedicated?)

I have filled out forms 2 different times for a new evaluation, but apparently, the evaluations continue to keep us on the blacklist.

Can you provide assistance so that I know what needs changing on the site or let me know where else to look for problem pages.

Thank you!


website owner

16 Replies
Message 2 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?

Have you emailed support@siteadvisor.com and asked then there to review and say the site is fine and please review as a matter of urgency?

Hayton 1 of the other mods is more SA experienced and I have asked him to comment.

Former Member
Message 3 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?


Thank you very much for the suggestion.  I have sent the email you recommended.  I am appreciative of your efforts and look forward to a positive resolution on the problem.


Reliable Contributor
Reliable Contributor
Message 4 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?

I investigated but can't see any strong reason for the rating. Both SiteAdvisor and TrustedSource say the Red rating is because of Malicious Downloads, which may mean something a bit different from what it seems to be saying. Downloads could be the result of malicious javascript in an iframe, for example.



Most checkers give the site and the IP address the all-clear, although I note that TrustedSource thinks the site is hosted on host.crystalexchange.com, with the IP address (whereas every other check returns a different IP address entirely). TrustedSource also finds the site on the correct IP address, so perhaps there's a duplicate (wrong, or outdated) entry in there somewhere.

Sucuri says the site has no problems but shows two items that caught my eye - one a javascript file (swfobject.js) and the other an iframe (for widget.stagram.com). Neither is obviously a problem, but "swfobject" is Shockwave Flash (a frequent means of malware infection) and iframes are inherently suspect. I checked the page source code and can't see anything amiss.

However the Quettera scan listed a total of 5 iframes, and one of them is a 1x1-pixel object - too small to see. You might want to double-check what it does.

<iframe src='javascript:false%3B' x30=1 style='z-index:-1%3Bposition:absolute%3Bfloat:left%3Bborder-style:none%3Bwidth:1px%3Bheight:1px%3Bfilter:progid:DXImageTransform.Microsoft.Alpha(Opacity=0)%3B' frameborder='0'>

The only hint from anyone else that there is or might have been a problem with the site comes from VirusTotal, which notes that

- BitDefender has flagged an unknown problem at some unknown time

The URL domain/host was seen to host badware at some point in time

- Antiy-AVL (not a vendor I know anything about) says this is a Malware Site

- Clean-MX marks the site as Suspicious. (In fact it this is a closed loop : Clean-MX is picking up the results from VirusTotal, it shows no real problem.)

UrlQuery shows nothing wrong with the site : if there was unusual network traffic this would have been noted in the results.

As a postscript :

While I was checking the page source code for iframes I noticed that there is a DOM Security Error on the Home page which you might want to correct.

crystalexchange DCOM error.JPG

Message was edited by: Hayton - substitute DOM for DCOM, fix typos on 19/08/13 19:21:01 IST
Former Member
Message 5 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?


Thank you for the thorough review.

(Sadly,) I have removed the flash presentation from the index page.

I have replaced the instagram iframe with their new instagram badge.

This code: <iframe src='javascript:false%3B' x30=1 style='z-index:-1%3Bposition:absolute%3Bfloat:left%3Bborder-style:none%3Bwidth: 1px%3Bheight:1px%3Bfilter:progid:DXImageTransform.Microsoft.Alpha(Opacity=0)%3B' frameborder='0'>

allows our navigation menus to properly display.  I purchased it about 5 years ago. I doubt I can modify the code, yet keep the menus properly displaying and working.

Re BitDefender.....there was an issue in early May this year where a small number files were hacked.  However, the problem was quickly found and corrected (less than 18 hours overall I believe), so I was really thinking that was "nothing" given the overall time on the www (15+ years)

I don't understand the DCOM Security Error.  Since I don't know if that is a server issue or html issue, I have fwded this thread to my hosting company for them to look at.  If it is an html/source code issue, I have no idea where to look.....I did a search in the source code for our website and found no hits on the search term *cloud*.  Can you please elaborate if this is a source code issue?

Thank you very much for your assistance.   I remain hopeful that you help me get this straightened out and reviewed for a rating correction.


web site owner

Reliable Contributor
Reliable Contributor
Message 6 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?

I suspect the site rating is caused by one of two things. Either TrustedSource is aware of the BitDefender rating (possible) caused by your earlier temporary problem, or there was a recent temporary problem not now evident (also possible).

I don't think the site has been properly tested by SiteAdvisor, at least not since the recent SA upgrade. I would advise that you submit it to be (re-)tested so we can see what the downloads are and how they're rated. Right now there's no information on the SA ratings page.

Regarding the "DCOM" error : apologies for misleading you (and me). That's actually a DOM error and there are various discussions on the Chrome developer forums about it. Some of the discussions are product-specific and/or highly technical, but here's a pretty simple explanation of it :


Of the more cryptic and frus­trat­ing Chrome errors are the SecurityErrors. These bad boys show up at inop­por­tune times and ruin your day with an “Uncaught Error” and a big red excep­tion killing your code in its tracks.

So you’re play­ing around with HTML5 Canvas when all of a sud­den you’re get­ting aUncaught Error: SecurityError: DOM Exception 18 in the con­sole. What’s it mean?

DOM Exception 18

This excep­tion is thrown when your code is try­ing to access some­thing it shouldn’t, includ­ing cross-domain resources or stuff on your local filesystem.

Once you hit this one you will either need to loosen your browser secur­ity set­tings which is never optimal, or find out how to work around it.

So my Chrome browser settings may be to blame, but the page code should be flexible enough not to throw the error.

See also https://parse.com/questions/dom-exception-18

I did some research on this: apparently some Chrome extensions cause this problem

That may be true but I haven't seen the error before in Chrome. Several people say this is not an error that you would see in Firefox so it's browser-specific.

The "Cloud" reference is actually "CloudFlare", and is coming from one of the links on the page to third-party content. This is the HTTP connections graph from urlQuery -

CrystalExchange network activity.JPG

Message was edited by: Hayton on 19/08/13 19:50:32 IST
Reliable Contributor
Reliable Contributor
Message 7 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?

I just checked the console errors again and something's changed. This is what now appears for the Home page.

crystalexchange Chrome errors.png

So unless you've changed the page the COM error is intermittent or non-reproducable.

Former Member
Message 8 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?


Yes, I deleted the flash slideshow and the instagram iframe.

Removing the instagram iframe would have removed any reference to clouldflare per your earlier diagram.

What is the reference to "/undefined" on the web site?  I do not understand that.

Again, I have requested recans of the site.  I have done that twice in August (not counting today).  My hosting provide has requested a rescan.  And I believe our email filtering company has requested a rescan.  We use McAfee for email spam filtering and we are wondering if there may be a connection to our signing up for that service and the timing of the blacklisting.

Thanks for your continued assistance.


Reliable Contributor
Reliable Contributor
Message 9 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?

"Undefined" is shown in the list of images, so it can't download some image or other. That's all I know.

The error is being generated by line 72 in 'ocscript.js' and that single line is immensely long as can be seen by the block of javascript below, which is what you get if you break it up into lines that more or less fit on the screen.

Something in that script is trying to create or locate an image or an icon, at a guess.

//[IM Code]

// ---- Add-On [3.5 KB]: Animated Pointer Icons ----

ulm_last_pointer=null;;function imenus_add_pointer_image(obj,dto,level)


if(level>0)x4="sub";var c_horizontal=true;if(level==0)


var a=obj.parentNode.getElementsByTagName("UL")[0];

var id=a.id.substring(a.id.indexOf("_")+1);














else {x3.setAttribute("fxoff",x25(x27_pointer(x4+"_pointer_image_offx",dto,id)));






else obj.removeAttribute("noimage");

var dexist=false;var dobj=obj.childNodes;

for(var d=0;d<dobj.length;d++){if(dobj.getAttribute&&dobj.getAttribute("ispointer"))dexist=true;}

if(!dexist){x3.innerHTML='<img src="'+x5+'" '+wht+'>';


var x32=this;if(this.tagName=="DIV")x32=this.getElementsByTagName("UL")[0];


im_kille(e);return false;}var lc=this.lastChild;

var bid;if(!lc.getAttribute("ispointer")){bid=this.getElementsByTagName("UL")[0].id;lc=document.getElementById("pi"+bid);}


offxy=eval("new Array("+lc.getAttribute("offxy")+")");


scxy=eval("new Array("+lc.getAttribute("scxy")+")");



else {npos=e.clientY-offxy[1]+sloff+scxy[1];



var a;if(a=window.imenus_event_mc_onmousemove)a();im_kille(e);return false;};};

function imenus_pointer_move(id,npos,type){var md=document.getElementById(id);

if(type=="h")md.style.left=npos+"px";else md.style.top=npos+"px";


function x25(val){if(val==null)return 0;return val;};

function imenus_hide_pointer(check)



function imenus_initialize_pointer(obj,lc){imenus_hide_pointer();ulm_last_pointer=lc;var txy=x26(obj);


{if(a=hpi.scrollLeft)txy[0] -=a;if(a=hpi.scrollTop)txy[1] -=a;}lc.setAttribute("offxy",txy);

var pxy=parseInt(lc.getAttribute("fxoff"));

if(lc.getAttribute("ish"))lc.style.top=pxy+"px";else lc.style.left=pxy+"px";pobj=document.body;



function x27_pointer(pname,dto,index){if((rval=dto[pname+index])!=null)return rval;else return dto[pname];}

By the way, the Flash content may be safe to re-instate. The iframe : I don't know whether it should be left off for a while or not. iframes are looked on with some suspicion by SiteAdvisor because it's so easy for an attacker to hijack them so as to slip malicious javascript into a web page, which the browser will innocently run and then ... mayhem. Best leave it to one side for a while, you can always put it back later.

Former Member
Message 10 of 17

Re: SiteAdvisor - Why is My Site Blacklisted?

I have reinstated the flash slide show. 

The instagram Iframe was left out.  It has the new "badge" for instagram instead.

Seeing as I have been using the same menu code for about 5 years, is it reasonable to think that the OCSCRIPT.JS is not likely any cause for alarm?



How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community