Hi malware fighters,
Users better not go and click here: htxp://bible-verses-for-mothers-day.dikol.ok.pe/
It is an HTTP Fake Antivirus Webpage Request
Malicious software includes 261 exploits, 141 scripting exploits, 67 trojans. Successful infection resulted in an average of 6 new processes on the target machine…
http://www.mywot.com/en/scorecard/ok.pe
http://www.google.com/safebrowsing/diagnostic?site=http%3A//ollo.perl.sh/1.php suspicious
Status Code: 404. Page not found.
Malicious software is hosted on 1 domain(s), including allaperlXsh/.
accordingly found: htXp://91.188.59.187/main.php?land=20&affid=18500
Over the past, ollo.perlsh appeared to function as an intermediary for the infection of 9 site(s) including kato.okpe/, majua.oke/, kmms.ok*pe/,
polonus
http://www.mywot.com/en/scorecard/bible-verses-for-mothers.dikol.ok.pe
Web of Trust™ also flags this ;D
The source domain is ok[dot]pe - also marked as malicious
Users: AVOID THIS SITE!
http://www.UnmaskParasites.com/security-report/?page=bible-verses-for-mothers-day.dikol.ok.pe
GeneralTitle: DNSEver-powered Free Sub-Domain
URL: hxxp://bible-verses-for-mothers-day.dikol.ok.pe
Redirects: 301 -> hxxp://ollo.perl.sh/1.php suspicious ↗
Google: listed as suspicious↗* how to resolve?
Status Code: 404. Page not found.
Last checked: 0 minutes ago (results are cached for 1 hour)
http://www.google.com/safebrowsing/diagnostic?site=bible-verses-for-mothers-day.dikol.ok.pe
What happened when Google visited this site?
Of the 5 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-05-13, and the last time suspicious content was found on this site was on 2010-05-13.
Malicious software is hosted on 1 domain(s), including alla.perl.sh/.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including ollo.perl.sh/.
This site was hosted on 1 network(s) including AS28753 (NETDIRECT).
In the first quote please replace those http-s with hxxp to make them unclickable!!!
Hi malware fighters,
Another one redirecting to fake-AV.
While google gives this site as green: http://www.unmaskparasites.com/web-page-options/?url=http%3A//www.syracom.fr/blog , but notifies us of a redirect.
It is flagged by http://www.browserdefender.com/site/syracom.fr/
3 Browser exploits, also found here: http://safeweb.norton.com/report/show?name=syracom.fr\\
Threat Name: HTTP Fake AV Redirect Request
Location: htxp://www.syracom.fr/blog/brian+ching.html
Threat Name: HTTP Fake AV Redirect Request
Location: htxp://www.syracom.fr/blog/beth+lyrics.html
Threat Name: HTTP Fake AV Redirect Request
Location: htxp://www.syracom.fr/blog/rico+butler.html
polonus