Jump to content
webevil

False positive: 64.237.46.147

Recommended Posts

Hello,

I'm posting in regards to the fact that my IP 64.237.46.147 is blocked by MalwareBytes' Anti-Malware. I have few sites on same IP / server but all of them does not server any maleware.

I already tested my sites with some other web scanners and none of them reported any suspicious activity so please check this and unblock my IP.

Thanks!

Milos

protection-log-2012-10-09.rar

Share this post


Link to post
Share on other sites

Sorry for missing your post.

This isn't an F/P. The IP was blocked due to 2 domains involved in malicious activities;

porntubese.net

sexxxtape.net

Share this post


Link to post
Share on other sites

Can you tell me which malicious activities??? Yes those are also my sites and I know that none of them is involved in any suspicious activity.

Share this post


Link to post
Share on other sites

Both were found containing images identified as CP, and leading to (and as of a few seconds ago, still leading to) infections via exploits such as those on;

rakohshangeurden.sytes.net / UaYOTy?uPiSp=33 (DO NOT LOAD THIS URL IN A BROWSER)

Share this post


Link to post
Share on other sites

I searched my sites / server few times and I still cannot find any image identified as CP and leading to infections via exploits ... Maybe your software see something which I cannot find or maybe this is some bug or something ... So can you please give me url of those images or help me to find this exploits? Please understand that I'm strongly against CP or anything illegal.

Share this post


Link to post
Share on other sites

I can't give you the URLs to the CP, no.

As far as the exploit, all I had to do was click a couple of random images, and up it popped. There is no specific page on the site that causes it, which leads me to believe it's one of the sites your rotations point to (already ruled out the ad servers being responsible in this case)

Share this post


Link to post
Share on other sites

Ok, can you help me on some other way?

Is it picture on my site or i have link to website with cp or something else ... I really cannot find anything suspicious.

Share this post


Link to post
Share on other sites

The CP is displayed directly on your site (note, this has already been reported to both LE and the IWF, due to the nature of it).

Share this post


Link to post
Share on other sites

Once again, I really cannot find anything illegal ... Because you cannot give me url directly can maybe your software show me suspicious image?

Share this post


Link to post
Share on other sites

The software had nothing to do with it, I checked your site manually, as I do with every site/IP checked.

The reason I cannot give you the offending URL, is due to UK law preventing my doing so. Providing URLs known to contain or suspected to contain CP to anyone other than LE an the IWF, is classed as distribution and thus, illegal.

Share this post


Link to post
Share on other sites

And how you checked that? How you decide that some URL contain CP?

I will get my lawyer involved into this because you have some very serious charges against me and my websites, but I'm sure that my sites don't contain anything illegal.

Share this post


Link to post
Share on other sites

And how you checked that? How you decide that some URL contain CP?

I loaded the site, and saw an image containing CP, nothing more to it than that.

Share this post


Link to post
Share on other sites

I loaded the site, and saw an image containing CP, nothing more to it than that.

I trough that you are serious company ... But I was definitely wrong.

That is NOT way to check and prove that some site contain cp. You like person is NOT qualified to decide that some image containing cp or not. If you see anything suspected to contain cp you need to inform organizations that fight against it.

So you by yourself decided that my sites contain cp and blocked my sites and only because of that I will get my lawyer involved into this because you have some VERY SERIOUS CHARGES against me without ANY PROOF!

And just to know that I have proof (18 USC § 2257 Compliance Statement) for ALL images on my site and other persons who appear in any visual depiction of sexually explicit conduct appearing or otherwise contained in or at this site were over the age of eighteen years at the time of the creation of such depictions.

Share this post


Link to post
Share on other sites

I'm aware of that, which is why the first thing I do with any image containing or suspected to contain CP, is reported to both my LE contact, and the IWF.

Share this post


Link to post
Share on other sites

Yes, and this is what you should do BUT you should NOT block my sites and mark them as cp sites by yourself, until you get confirmation from LE contact, and the IWF

This is the main problem here.

Share this post


Link to post
Share on other sites

There seems to be a misunderstanding here. The CP wasn't the original cause of the block - it wasn't there when I first came across it, only the leads to exploits were, The offending images are the reason I can not remove the block, along with the existing content still leading to exploits such as the one I referenced (as already mentioned, there isn't a specific URL on your site that leads to it, otherwise I'd have provided it - and is the reason that led me to conclude it's one of those in your rotation that is responsible - but it's originating from your site)

Share this post


Link to post
Share on other sites

Ok, lets put cp on side for now because I'm sure that my sites are clean of that and I have proofs for my images.

Let's back on that exploit which I cannot see / find. Can you tell me where are you clicking so I will try to get also this url leading to exploit. And can you tell me one more time which url I should get?

Thanks!

Share this post


Link to post
Share on other sites

I've PM'd you the URLs that led to the exploit (again, not always on the first click, which led me to believe it was in the rotation)

Share this post


Link to post
Share on other sites

I had no trouble finding exploits on these sites. In under 30 seconds of clicking I had 2 infections attempting to enter through java.

Share this post


Link to post
Share on other sites

Can you please tell me where you clicked so I can find them and fix it ... Or suggest some other way how I can find them.

Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.