Site blocked

I received it as well using FF:

Safe Browsing
Diagnostic page for Yamaha FZ6 Forum Community

What is the current listing status for Yamaha FZ6 Forum Community

This site is not currently listed as suspicious.

What happened when Google visited this site?

Of the 218 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-02-07, and suspicious content was never found on this site within the past 90 days.​

Google Safe Browsing diagnostic page for 600riders.com
 
I've had some pop-ups asking to type in words (picture-graph bot blockers). Other than that - no issues.

Using Opera - the under dog of browsers!
 
More info now. Malicious or hacked advertiser?


What is the current listing status for 600riders.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 279 pages we tested on the site over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-02-08, and the last time suspicious content was found on this site was on 2014-02-08.

Malicious software is hosted on 1 domain(s), including deore-medias.org/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including madadsmedia.com/, burstnet.com/.

This site was hosted on 1 network(s) including AS13335 (CLOUDFLARENET).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, 600riders.com appeared to function as an intermediary for the infection of 4 site(s) including 25stang.com/, bikersites.com/, fz1-forum.com/.
 
darius said:
More info now. Malicious or hacked advertiser?


What is the current listing status for 600riders.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 279 pages we tested on the site over the past 90 days, 16 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-02-08, and the last time suspicious content was found on this site was on 2014-02-08.

Malicious software is hosted on 1 domain(s), including deore-medias.org/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including madadsmedia.com/, burstnet.com/.

This site was hosted on 1 network(s) including AS13335 (CLOUDFLARENET).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, 600riders.com appeared to function as an intermediary for the infection of 4 site(s) including 25stang.com/, bikersites.com/, fz1-forum.com/.
Click to expand...


I do believe you are spot on. I seldom go to off beat sites and my system (Win 7, 64 bit, AVG, Opera Browser) when in the forum has been "RE-DIRECTED" to other sites. This is NOT Normal.

Let me update and scan. PS - I reject most certificates from AD sites.
 
FinalImpact said:
I do believe you are spot on. I seldom go to off beat sites and my system (Win 7, 64 bit, AVG, Opera Browser) when in the forum has been "RE-DIRECTED" to other sites. This is NOT Normal.

Let me update and scan. PS - I reject most certificates from AD sites.
Click to expand...

Sounds like malicious scripts are being executed by your browser altering the behavior of the site. I simply run "noscript" FF addon.

You may want to add deore-medias.org to your hosts file as 127.0.0.1 or block that domain at your router to put a stop to it.



hmmm.. the malware hosting domain registered just yesterday with "billionaire" contact in Russia.

deore-medias.org
Results for Target: deore-medias.org
WHOIS Snapshots
Created Date : 2014-02-07T21:35:51Z
Updated Date : 2014-02-07T21:41:05Z
WHOIS Server: whois.pir.org

Registrant
NNM
Moscow
Moskovskaya oblast
RU

Administrative Contact
Moscow
Moskovskaya oblast
RU
+475.5555589

Technical Contact
billionaire
Moscow
Moskovskaya oblast
RU
 
Ive been having trouble opening photos, for the last 2 - 3 weeks all other sites are fine. Im just using explorer 11
 
I am on it.. The threat has been removed.. I will take a little while for google to list us as save again..

It was one of our advertising vendors. Their server was hacked and injecting malicious code into a few of the ads...


Here is the email I received after contacting them:

This message is regarding the recent malware notifications that some of our publishers may have experienced. Just before noon today, our engineers discovered that one of our ad serving locations had been hacked.
Since this attack was discovered, our engineering team worked diligently until 3:45pm EST to ensure that the appropriate action was taken to secure our ad server. Unfortunately during that time, this attack effected 7.8% of our publishers' domains. If you are one of these publishers, you can have Google remove the notification by following these steps: https://support.google.com/webmasters/answer/168328?hl=en
This warning typically takes only a few hours to be removed. We realize the seriousness of this matter and apologize for any inconvenience this may have caused our effected publishers. Our support team is available to answer any questions you may have.
 
Admin said:
I am on it.. The threat has been removed.. I will take a little while for google to list us as save again..

It was one of our advertising vendors. Their server was hacked and injecting malicious code into a few of the ads...


Here is the email I received after contacting them:

This message is regarding the recent malware notifications that some of our publishers may have experienced. Just before noon today, our engineers discovered that one of our ad serving locations had been hacked.
Since this attack was discovered, our engineering team worked diligently until 3:45pm EST to ensure that the appropriate action was taken to secure our ad server. Unfortunately during that time, this attack effected 7.8% of our publishers' domains. If you are one of these publishers, you can have Google remove the notification by following these steps: https://support.google.com/webmasters/answer/168328?hl=en
This warning typically takes only a few hours to be removed. We realize the seriousness of this matter and apologize for any inconvenience this may have caused our effected publishers. Our support team is available to answer any questions you may have.
Click to expand...

Great work!

I wanted to help so I called up the listed deore-medias.org admin contact in Moscow @ +475.5555589.

Real nice guy, Nikolai and funny although he may have been drinking. Anyway he's making it up by offering free AV software to anyone affected. If you call, say you have a bride already as you're getting through. It's faster.
 
I use G.Chrome and it says the sits has sort of malwares but im glad it's back online
 
You must log in or register to reply here.

Similar threads

G
Intros
Replies
1
Views
243
Motogiro
Motogiro
MrMogensen
Sold the FZ6… Thank you so much <3
Replies
2
Views
92
Gary in NJ
Gary in NJ
K
Loose water pump joint
Replies
9
Views
155
TownsendsFJR1300
TownsendsFJR1300
J
FS: Power Commander 5
Replies
0
Views
101
Justin.barnes
J
B
Thanks Gary
Replies
2
Views
483
Gary in NJ
Gary in NJ
Back
Top