PDA

View Full Version : can anyone see ip address


edbr
05-11-2006, 01:29 AM
can anyone see the ip addres of this page
http://www.archipelagodive.com . I know I have mentioned this before but I am getting naf all hel from people involved
The site should be a dive site but index comes up with the offensive page! I have deleted and remade the index page, no difference. I am wondering if it is being redirected in come way, hence the IP check request. i downloaded and extenson for mozilla but it is not working.
my friends domain is registered with network solutions and hosted with intertunes. We are getting no response from them at all. Any ideas would be very welcome

Creative Insanity
05-11-2006, 04:04 AM
209.75.26.33 will take you to the hoster that owns that IP and I would report it to them.
Personally I think it is pretty slack of the hoster to not have security up good enough to stop a simple script kiddy bomb.

and here is a trace

1 * * * Request timed out.
2 29 ms 29 ms 29 ms 222-152-88-1.jetstream.xtra.co.nz [222.152.88.1]

3 28 ms 28 ms 27 ms 210.55.205.123
4 48 ms 122 ms 53 ms fid-int.tkbr4.global-gateway.net.nz [202.50.245.
198]
5 36 ms 43 ms 37 ms vlan-283.tkbr4.global-gateway.net.nz [202.50.245
.197]
6 37 ms 35 ms 37 ms pc1-30.tkbr3.global-gateway.net.nz [210.55.202.6
5]
7 36 ms 40 ms 37 ms so-3-0-0.akbr3.global-gateway.net.nz [203.96.120
.193]
8 216 ms 218 ms 218 ms p1-1.sjbr1.global-gateway.net.nz [202.50.232.22]

9 219 ms 219 ms 218 ms so2-1-0.pabr3.global-gateway.net.nz [203.96.120.
214]
10 223 ms 222 ms 224 ms ge-7-0-0.r00.plalca01.us.bb.verio.net [129.250.1
0.73]
11 223 ms 223 ms 224 ms p16-0-1-1.r21.plalca01.us.bb.verio.net [129.250.
3.84]
12 225 ms 223 ms 222 ms p64-0-0-0.r21.mlpsca01.us.bb.verio.net [129.250.
5.49]
13 223 ms 223 ms 222 ms p16-7-0-0.r04.mlpsca01.us.bb.verio.net [129.250.
3.26]
14 199 ms 199 ms 202 ms p4-1-2-0.r00.sndgca01.us.bb.verio.net [129.250.2
.159]
15 199 ms 199 ms 199 ms ge-1-1.a03.sndgca01.us.da.verio.net [129.250.27.
84]
16 200 ms 199 ms 199 ms 130.94.121.228
17 200 ms 199 ms 200 ms w2.intertune.com [209.75.26.33]

I would be looking at the 130.x.x.x IP since there is no URL attached to it.

edbr
05-11-2006, 09:20 AM
Thanks . Have sent yet another complaint. How do they do this, not
to mention why. Its hard enough to stay in business here as it is.

domedia
05-11-2006, 01:26 PM
edbr,
most likely the actual hosting account has been compromised, and as CI said your host need to fix the security flaw.
The offending page however, is most likely in your web directory. Take a close look at all your files there (especially files that starts with index. and home.) and also open your .htaccess file if you have one to make sure no redirects has been put in there. Yourhost should also be of assistance in this, if not it's time to change host, I can't believe they let this page be up for this long..

edbr
05-12-2006, 02:40 AM
i have checked all files and can find nothing remotely sardine flavoured. however, I nade a copy of index called it home.html, but no trace can be found of it on the web so I am sure there is a redirect somewhere.
Interestingly ( i think) http://www.archipelagodive.com/liveaboards.html and other pages can be seen from links on the page to home page though gets the pirate page.
there is htaccess but no redirect.

domedia
05-12-2006, 04:19 AM
Did you get your host to fix it? If you have already contacted them, I would move to another asap.

edbr
05-12-2006, 05:08 AM
No action from them yet.
The whole situation is a farce. The people who designed and managed the site have ridden off into the sunset and the owner , my friend, has no info as to passwords etc,. i have sent fax to Network solutions to change contact details to owner and self so i can get password to the domain server and point it somewhere else.!!!!! Also SFA response from them either. I am only trying to help as I find the whole thing incredible, but the frustration is making me insane.

edbr
05-15-2006, 06:01 AM
Happily I finally got an answer from Network solutons, who once i moved the domain to my server sent a stream of e mails, just to show what fine upstanding guys they are!!! when i up loaded the pages IE saw it without problem, however mozilla returned a warning message about certificates being out of date that someone may be trying to redirect me. The certificate verisign??? when i temporarily accepted the cert I was taken to an iincomplete site
it has now stopped doing this, and all appeatrs as it should be. Is there any further action I should take?
Anyway thanks for your help and suggestions.

Creative Insanity
05-15-2006, 07:35 AM
Yeah I would be downloading all my files and grabing any databases and pissing off somewhere else. I recon once biten twice shy and I get the impression that your hosters security ain't too shit hot.