webevil Posted October 9, 2012 ID:605519 Share Posted October 9, 2012 Hello,I'm posting in regards to the fact that my IP 64.237.46.147 is blocked by MalwareBytes' Anti-Malware. I have few sites on same IP / server but all of them does not server any maleware.I already tested my sites with some other web scanners and none of them reported any suspicious activity so please check this and unblock my IP.Thanks!Milosprotection-log-2012-10-09.rar Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605702 Share Posted October 10, 2012 Any update on this? Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605723 Share Posted October 10, 2012 Sorry for missing your post.This isn't an F/P. The IP was blocked due to 2 domains involved in malicious activities;porntubese.netsexxxtape.net Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605728 Share Posted October 10, 2012 Can you tell me which malicious activities??? Yes those are also my sites and I know that none of them is involved in any suspicious activity. Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605734 Share Posted October 10, 2012 Both were found containing images identified as CP, and leading to (and as of a few seconds ago, still leading to) infections via exploits such as those on;rakohshangeurden.sytes.net / UaYOTy?uPiSp=33 (DO NOT LOAD THIS URL IN A BROWSER) Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605757 Share Posted October 10, 2012 I searched my sites / server few times and I still cannot find any image identified as CP and leading to infections via exploits ... Maybe your software see something which I cannot find or maybe this is some bug or something ... So can you please give me url of those images or help me to find this exploits? Please understand that I'm strongly against CP or anything illegal. Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605765 Share Posted October 10, 2012 I can't give you the URLs to the CP, no.As far as the exploit, all I had to do was click a couple of random images, and up it popped. There is no specific page on the site that causes it, which leads me to believe it's one of the sites your rotations point to (already ruled out the ad servers being responsible in this case) Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605766 Share Posted October 10, 2012 Ok, can you help me on some other way? Is it picture on my site or i have link to website with cp or something else ... I really cannot find anything suspicious. Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605767 Share Posted October 10, 2012 The CP is displayed directly on your site (note, this has already been reported to both LE and the IWF, due to the nature of it). Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605768 Share Posted October 10, 2012 Once again, I really cannot find anything illegal ... Because you cannot give me url directly can maybe your software show me suspicious image? Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605770 Share Posted October 10, 2012 The software had nothing to do with it, I checked your site manually, as I do with every site/IP checked.The reason I cannot give you the offending URL, is due to UK law preventing my doing so. Providing URLs known to contain or suspected to contain CP to anyone other than LE an the IWF, is classed as distribution and thus, illegal. Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605775 Share Posted October 10, 2012 And how you checked that? How you decide that some URL contain CP?I will get my lawyer involved into this because you have some very serious charges against me and my websites, but I'm sure that my sites don't contain anything illegal. Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605777 Share Posted October 10, 2012 And how you checked that? How you decide that some URL contain CP?I loaded the site, and saw an image containing CP, nothing more to it than that. Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605785 Share Posted October 10, 2012 I loaded the site, and saw an image containing CP, nothing more to it than that.I trough that you are serious company ... But I was definitely wrong.That is NOT way to check and prove that some site contain cp. You like person is NOT qualified to decide that some image containing cp or not. If you see anything suspected to contain cp you need to inform organizations that fight against it.So you by yourself decided that my sites contain cp and blocked my sites and only because of that I will get my lawyer involved into this because you have some VERY SERIOUS CHARGES against me without ANY PROOF!And just to know that I have proof (18 USC § 2257 Compliance Statement) for ALL images on my site and other persons who appear in any visual depiction of sexually explicit conduct appearing or otherwise contained in or at this site were over the age of eighteen years at the time of the creation of such depictions. Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605786 Share Posted October 10, 2012 I'm aware of that, which is why the first thing I do with any image containing or suspected to contain CP, is reported to both my LE contact, and the IWF. Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605788 Share Posted October 10, 2012 Yes, and this is what you should do BUT you should NOT block my sites and mark them as cp sites by yourself, until you get confirmation from LE contact, and the IWFThis is the main problem here. Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605791 Share Posted October 10, 2012 There seems to be a misunderstanding here. The CP wasn't the original cause of the block - it wasn't there when I first came across it, only the leads to exploits were, The offending images are the reason I can not remove the block, along with the existing content still leading to exploits such as the one I referenced (as already mentioned, there isn't a specific URL on your site that leads to it, otherwise I'd have provided it - and is the reason that led me to conclude it's one of those in your rotation that is responsible - but it's originating from your site) Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605794 Share Posted October 10, 2012 Ok, lets put cp on side for now because I'm sure that my sites are clean of that and I have proofs for my images.Let's back on that exploit which I cannot see / find. Can you tell me where are you clicking so I will try to get also this url leading to exploit. And can you tell me one more time which url I should get?Thanks! Link to post Share on other sites More sharing options...
webevil Posted October 10, 2012 Author ID:605797 Share Posted October 10, 2012 Also I checked my site with many online tools and all of them reported my site as clean.Here are results:http://www.unmaskparasites.com/security-report/?page=www.sexxxtape.nethttp://sitecheck.sucuri.net/results/www.sexxxtape.nethttps://www.virustotal.com/url/5e11aa88c5292b65c9360114dc330850af21d80101a39ece4323dfacb62ad304/analysis/http://safeweb.norton.com/report/show?url=www.sexxxtape.nethttp://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=64.237.46.147 Link to post Share on other sites More sharing options...
MysteryFCM Posted October 10, 2012 ID:605799 Share Posted October 10, 2012 I've PM'd you the URLs that led to the exploit (again, not always on the first click, which led me to believe it was in the rotation) Link to post Share on other sites More sharing options...
Staff nosirrah Posted October 11, 2012 Staff ID:605885 Share Posted October 11, 2012 I had no trouble finding exploits on these sites. In under 30 seconds of clicking I had 2 infections attempting to enter through java. Link to post Share on other sites More sharing options...
webevil Posted October 11, 2012 Author ID:605887 Share Posted October 11, 2012 Can you please tell me where you clicked so I can find them and fix it ... Or suggest some other way how I can find them.Thanks! Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now