Jump to content

My Site(s) Where Blocked


Recommended Posts

Your post has been removed due to the presence of profanity.

Please feel free to re-post, but leave out any and all profanity, as it is against our forum rules.

First off, can;t you edit posts? Anyways, so there is no way for my sites to be unblocked? This kinda sucks, because it will take me a load of time to transfer all of my domains to another host.

Link to post
Share on other sites

I've contacted our data centre over this and had the following back:

Hello George,

I apologize that your IP address has been blocked from MBAM. As you know we do not control the content hosted by your clients and have no affect on what malwarebytes considers a threat. You receive these notifications through our automated system. Our automated system scans all e-mails for Domain/IP Addresses then forwards them to the appropriate client. That is how you receive these notifications. I have looked through our Automated System application to search for any notifications on IP the domains in question, and the only domain in offense I found was for id-runescape.com( which you have already suspended. I have read the forum post and I quote " AS starts responding and suspends the host responsible." I do not see that you are in violation George. Perhaps one of your clients but I have not a shred of evidence to hold you against it. They did not exactly say malicious content was coming from those domains, rather the IP address. I woul

d ask if they could clarify where this malicious content is still coming from and resolve it from there. If they are unwilling to provide evidence then I would assume it is a false positive.

Please let me know if I can be of any further assistance,



Chris N.

Abuse Management Specialist

PhoenixNAP Abuse Department


Can you clarify if the content is still around please?

Link to post
Share on other sites

My apologies for the delay. I've not forgotten about this, the investigation is still ongoing and is only one of hundreds I am currently dealing with.

As much as I'd like it to be, this isn't a quick process, as everything needs re-checked, on every IP, including for example, verification that content appearing to have been removed etc, has actually been, and hasn't just been moved to a new location. My apologies for not making this clear.

As an aside, I did notice, a domain involved in exploits/malware etc since its inception, moved from you today;


Link to post
Share on other sites

As another aside, rather curiously, quite a few domains involved in malware, phishing, bot C&C's etc, and part of the investigation, are now suddenly showing as dead/suspended/moved (very curious given the length of time they were with you, and the fact they were very much present 24 hours ago).

another one, has switched from a drive-by, to a dDOS service;


Less serious issues, include splogs and splorums, but these aren't the cause of the block. However, the following still need dealt with and suspended;









I did also notice a domain used for drive-by's since its inception, inclusive of since its move to a new "owner" (img196-imageshack.us) has been mysteriously suspended as of the past 24 hours.

Link to post
Share on other sites

fjtech.us is unsuspended since I worked with the owner on this issue and the content has been removed.


I understand the fact that you want to keep your servers clean to better serve your clients, but here in my case, my account was suspended because of file names which I think is not a really efficient thing to be based on.

Pccontrol folder and command.php belong to a script I was developing which lets people control and share files from their computers to their mobile phones, the project was abandoned more than 8months ago due to technical problems.

As for crypter.php, it is an offset and base 64 alphabet crypter which I used to crypt love messages and send them to my girlfriend, and then I challenged her to decrypt it.

You can verify the code source of all these files to see that they don't have anything to do with DDOS or any illegal or harmful thing.

Also I'm using my fjtech.us/localedu in google apps challenge 2012 and I could make it to the semi finals with my application hosted there. Now I can't access it anymore which will affect my ranking and standing.

Thanks for understanding.

Best Regards,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.