Hello. Scan my websites with quttera and I get Heur.HTML.SpamSEO.gen

Example result

Severity: Malicious
Threat: Heur.HTML.SpamSEO.gen
Reason: SEO/Spam detected
Details: Detected malicious SPAM/SEO content
Line: 92
Offset: 3
Threat dump: [View code]

Example Code

  1. [[ <input type=“hidden” name=“md” value="3wt8guT2ZkVXkzfT0jxkZwjtOPHf1iELgJRKFuCQUlY-1640772680-0-AZpd5OLBmdpdSg8BoeSiMDYU29XgUDaLwnZ2rX8-SyRply6pd_dluyNhRt4trnVqRD-rNdRfJy5IiUCbBUE54MtT5GdjH_46Xs7SLGQhn0pxUBY_zwcge1S-iyGCB0GiTMG9qTdQzY-HnV3kl5YVq9zrkxXQoTkXUUS_CjNVy2eMl-N8A7yaI7dzfnQlMfAlQj33O99gmXL5iVNRqX1UokXfI_udhnIafn6zqHzobJsB57VG9841KXeKPpx-ccS2a_M8R6X_ynG8rF67sRDUnqDGG-4PwkPvcNpN2sEE2uRjQ24hAlS_B-k0QtaEfhDs1mAJgkhQNGG6jck-KYf7MZG29SUWEPDWD_bfxo03_2K2EOV-HwHiW0g0sJL3e-jjutmNv0Uu61A1q0ik3GD8otqAURVPlZzKDalvY9T0CRyocXxxSKDrjnZB61wlKrlwhBm12Dt-lX70sdI6j8Tg2jTn4SJPSUbBg8xg-Gktkg7NpNr-hG_mfAek7R46GPl6v-0LZ0hLMaba8K84Dvk3zAGl-wdPgA

Help Me

I am afraid that’s coming straight from your server and needs to be fixed there. You best discuss this with your web developer, Cloudflare won’t be involved here.

Thanks for your answer Sandro.

Interestingly I disable Cloudflare and scan again and my sites appear clean.

I enable Cloudflare and they reappear with malicious files …

Cloudflare does not add such content :wink:. Did you already clear the cache on Cloudflare?

What’s the domain?

My site is preguntando.club

it only happens with quttera


working with cloudflare activated!


Thanks for you help.

the code that marks me among others is

  1. [[]]

Domain is Cloudflare?

Registrar Info


Cloudflare, Inc.

Whois Server


Referral URL


clienttransferprohibited EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN

Important Dates

Expires On


Registered On


Updated On


Name Servers



Sorry code “maliciosus” is

I just scanned with cloudflare enabled.

And it keeps popping up.

All right, after double checking it would seem it’s the same issue as I see weird link in Cloudflare's browser check page

These links are not part of your site but are included in Cloudflare challenges and are part of Cloudflare’s challenge concept in this case.


Yes and it happens to me with all my sites that have cloudflare activated.

Is there any way to correct it?

Disabling some function or something similar?

You can set your security level to the lowest setting, but that would also disable security.

Can it also be some firewall rule that I append?

I’ll remove all of them to see what happens!

Firewall rules most certainly can fire challenges. You can check your firewall event log.

it’s fine.
Then I’ll do what you suggest.

Thank you for all your help.

So it is a false positive.

Should Cloudflare report it with quttera