Site blocked

[Don't Panic]

Just a heads up admins, Chrome, for whatever reason, is blocking the forum.

 

[oaks]

Seeing it via Firefox, too. Just posted here:

http://www.600riders.com/forum/site...7-server-s-down-what-happened.html#post571601

 

[darius]

I received it as well using FF:

Safe Browsing
Diagnostic page for Yamaha FZ6 Forum Community

What is the current listing status for Yamaha FZ6 Forum Community

This site is not currently listed as suspicious.

What happened when Google visited this site?

Of the 218 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-02-07, and suspicious content was never found on this site within the past 90 days.​

Google Safe Browsing diagnostic page for 600riders.com

 

[bigdog9191999]

Good on tapatalk

Good on mobile chrome too.

Sent from my DROID RAZR HD using Tapatalk

 

[FinalImpact]

I've had some pop-ups asking to type in words (picture-graph bot blockers). Other than that - no issues.

Using Opera - the under dog of browsers!

 

[Cloggy]

Just a heads up admins, Chrome, for whatever reason, is blocking the forum.

I got something similar searching on google (using IE) , so I just typed in the address.

 

[darius]

More info now. Malicious or hacked advertiser?

What is the current listing status for 600riders.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 279 pages we tested on the site over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-02-08, and the last time suspicious content was found on this site was on 2014-02-08.

Malicious software is hosted on 1 domain(s), including deore-medias.org/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including madadsmedia.com/, burstnet.com/.

This site was hosted on 1 network(s) including AS13335 (CLOUDFLARENET).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, 600riders.com appeared to function as an intermediary for the infection of 4 site(s) including 25stang.com/, bikersites.com/, fz1-forum.com/.​

 

[FinalImpact]

More info now. Malicious or hacked advertiser?

What is the current listing status for 600riders.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 279 pages we tested on the site over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-02-08, and the last time suspicious content was found on this site was on 2014-02-08.

Malicious software is hosted on 1 domain(s), including deore-medias.org/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including madadsmedia.com/, burstnet.com/.

This site was hosted on 1 network(s) including AS13335 (CLOUDFLARENET).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, 600riders.com appeared to function as an intermediary for the infection of 4 site(s) including 25stang.com/, bikersites.com/, fz1-forum.com/.​

I do believe you are spot on. I seldom go to off beat sites and my system (Win 7, 64 bit, AVG, Opera Browser) when in the forum has been "RE-DIRECTED" to other sites. This is NOT Normal.

Let me update and scan. PS - I reject most certificates from AD sites.

 

[darius]

I do believe you are spot on. I seldom go to off beat sites and my system (Win 7, 64 bit, AVG, Opera Browser) when in the forum has been "RE-DIRECTED" to other sites. This is NOT Normal.

Let me update and scan. PS - I reject most certificates from AD sites.

Sounds like malicious scripts are being executed by your browser altering the behavior of the site. I simply run "noscript" FF addon.

You may want to add deore-medias.org to your hosts file as 127.0.0.1 or block that domain at your router to put a stop to it.



hmmm.. the malware hosting domain registered just yesterday with "billionaire" contact in Russia.

deore-medias.org
Results for Target: deore-medias.org
WHOIS Snapshots
Created Date : 2014-02-07T21:35:51Z
Updated Date : 2014-02-07T21:41:05Z
WHOIS Server: whois.pir.org

Registrant
NNM
Moscow
Moskovskaya oblast
RU

Administrative Contact
Moscow
Moskovskaya oblast
RU
+475.5555589

Technical Contact
billionaire
Moscow
Moskovskaya oblast
RU

 

[aussiejules]

Ive been having trouble opening photos, for the last 2 - 3 weeks all other sites are fine. Im just using explorer 11

 

[Admin]

I am on it.. The threat has been removed.. I will take a little while for google to list us as save again..

It was one of our advertising vendors. Their server was hacked and injecting malicious code into a few of the ads...


Here is the email I received after contacting them:

This message is regarding the recent malware notifications that some of our publishers may have experienced. Just before noon today, our engineers discovered that one of our ad serving locations had been hacked.
Since this attack was discovered, our engineering team worked diligently until 3:45pm EST to ensure that the appropriate action was taken to secure our ad server. Unfortunately during that time, this attack effected 7.8% of our publishers' domains. If you are one of these publishers, you can have Google remove the notification by following these steps: https://support.google.com/webmasters/answer/168328?hl=en
This warning typically takes only a few hours to be removed. We realize the seriousness of this matter and apologize for any inconvenience this may have caused our effected publishers. Our support team is available to answer any questions you may have.

 

[darius]

I am on it.. The threat has been removed.. I will take a little while for google to list us as save again..

It was one of our advertising vendors. Their server was hacked and injecting malicious code into a few of the ads...


Here is the email I received after contacting them:

This message is regarding the recent malware notifications that some of our publishers may have experienced. Just before noon today, our engineers discovered that one of our ad serving locations had been hacked.
Since this attack was discovered, our engineering team worked diligently until 3:45pm EST to ensure that the appropriate action was taken to secure our ad server. Unfortunately during that time, this attack effected 7.8% of our publishers' domains. If you are one of these publishers, you can have Google remove the notification by following these steps: https://support.google.com/webmasters/answer/168328?hl=en
This warning typically takes only a few hours to be removed. We realize the seriousness of this matter and apologize for any inconvenience this may have caused our effected publishers. Our support team is available to answer any questions you may have.

Great work!

I wanted to help so I called up the listed deore-medias.org admin contact in Moscow @ +475.5555589.

Real nice guy, Nikolai and funny although he may have been drinking. Anyway he's making it up by offering free AV software to anyone affected. If you call, say you have a bride already as you're getting through. It's faster.

 

[LeeFZ]

I use G.Chrome and it says the sits has sort of malwares but im glad it's back online

 

[Don't Panic]

Everything seems to be fine now, no problems accessing from Chrome.