Sites on the Same Shared Hosting Server as You

**HTMLBasicTutor** · 05-23-2012, 02:37 AM

Anyone have a reliable tool to determine who else in on the same shared hosting server as you?

I have tried a half dozen so far and the answers range from 150 up to 8000.

Client has been hacked. Want to see if the whole server/data center has been hacked. This happened before with a different client a long time ago at a different hosting company. After a long fight with the hosting company, it was the data center that had been hacked.

Thanks for the help.

**deepsand** · 05-23-2012, 04:15 AM

Presumably you refer to a reverse IP lookup for a shared IP Address.

While such data are of course constantly in flux, two sources that seem to be reasonably good, providing results that are quite similar to each others, are www.yougetsignal.com/tools/web-sites-on-web-server/ & www.ipneighbour.com/.

Ironically, both of these return far more complete results than does DomainTools, a reputed best-of-breed source which charges for such data.

**HTMLBasicTutor** · 05-23-2012, 04:24 AM

yougetsignal.com/tools/web-sites-on-web-server/ I already found. It says 999 now. They went down 1 since I tried it earlier.

ipneighbour.com/ Didn't find this one before. Crapped out on me just now. Got a popup Ajax error.

DomainTools: 10,410 domains hosted <-- I did try this one earlier.

Thanks

**mjtaylor** · 05-23-2012, 11:12 AM

This might be a silly suggestion, but what about asking the host? Wouldn't they know?

**HTMLBasicTutor** · 05-23-2012, 11:53 AM

The host already said they removed the iframe but they didn't. Well, if they did, it's back. Which makes me wonder if the whole server or data center is infected.

**MrKappa** · 05-23-2012, 01:27 PM

Bing uses a ip: prefix in the search

ip:127.0.0.1

Sort of thing... Another one is blekko.com they've got reasonably good reverse ip as well.

---------- Post added at 12:27 PM ---------- Previous post was at 12:25 PM ----------

Originally Posted by HTMLBasicTutor

The host already said they removed the iframe but they didn't. Well, if they did, it's back. Which makes me wonder if the whole server or data center is infected.

It's probably the Black Hole Virus? I am not too sure... but that's a popular one that is doing alot of damage to people recently so it would seem. TimThumb might be another one. I don't know effect of it. Another one is if you search Google for "You need to pay for this crypt" you will see a whole bunch of websites tagged with malware.

**speed** · 05-23-2012, 01:32 PM

Originally Posted by HTMLBasicTutor

The host already said they removed the iframe but they didn't. Well, if they did, it's back. Which makes me wonder if the whole server or data center is infected.

They might have removed the iframe but not the script or access method through which the iframe was added. I've seen a wordpress site rehacked within 30 minutes because the hack was removed but the backdoor wasn't.

**HTMLBasicTutor** · 05-23-2012, 04:33 PM

Issue resolved.

I couldn't download any of the files myself to fix because the antivirus zapped the files (be damned if I was going to get infected).

After 2 days of messing around with this, suddenly the site is back. Checked via FTP, back the way I had it it would appear. Gee, wonder if they figured out it was their fault.

Thread: Sites on the Same Shared Hosting Server as You

Thread Tools

Display

Sites on the Same Shared Hosting Server as You

Posting Permissions