Hi, Check this out: http://www.google.com/safebrowsing/diagnostic?site=scnforum.org Google is saying that there is a LINK to a badware site on mine, therefore shows it as unsafe. Reference here: http://oliverfisher.blogspot.com/2009/01/cross-site-warnings.html Now the question is how do I find that link and remove it when the site is huge? Google shows it as being only on 1 page, so which one? Please help, Venetsian
This is your index page or any other file that loads together with index. For example one of this two: <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="lib.js"></script> ------------------------- Your site is infected! Please check http://www.malwareurl.com/search.php?s=74.125.45.100 Protocol Ip address Reverse lookup Country http 99.198.109.130 srv.maia3.com United States http 74.125.45.100 yx-in-f100.1e100.net United States http 74.125.77.104 ew-in-f104.1e100.net United States http 74.125.77.99 ew-in-f99.1e100.net United States -------------------------
Hi NikB, The link you pointed our shows the site as not listed and the IP as clean. I'll check if those java scripts are the cause. We'll try to disable them and re-request check from google. It would be interesting the they were the cause. Thanks, Venetsian
No. Malwareurl is not a infected web-sites database, this is database of hosts where malware is hosted on. When somebody visits your site, web-browser make connections with these ip addresses: http 99.198.109.130 srv.maia3.com United States http 74.125.45.100 yx-in-f100.1e100.net United States http 74.125.77.104 ew-in-f104.1e100.net United States http 74.125.77.99 ew-in-f99.1e100.net United States One of these ip is listed as malware distributor and this is 74.125.45.100 You have something like iframe inside your index page that loads another scripts from 74.125.45.100
Is there a way to find what exactly is causing it? I do not see any IFRAME or something like that. Is there some sort of scanner script that can tell me which/where this link is? Venetsian
Now is clean. I see only this http 99.198.109.130 srv.maia3.com United States That was a good idea to delete jquery.js. Try to find original one. May be this below. http://forum.zzcalliance.nl/jquery.js