hxxp://www.serenescreen.com/product/maquarium3/
It isn’t the site you were visiting that is the problem, but a link to another site which is considered malicious, downloads-portal.com, see http://www.mywot.com/en/scorecard/downloads-portal.com. Though there isn’t much more on the downloads-portal.com site.
Also see http://www.urbandata.com/www.downloads-portal.com for general information.
See:
http://hosts-file.net/?s=downloads-portal.com&x=33&y=10
ThePlanet.com hosts lots of malware sites like
www.fbhosting.com
thank you guys!! so Prolific Pubilsher needs to address this?
Hi hayc59,
As DavidR says, this site is packed with malware all sorts:
http://www.google.com/safebrowsing/diagnostic?site=www.downloads-portal.com
Already starts to redirect here:
Level: 0) Url checked:
hxtp://www.downloads-portal.com
Zeroiframes detected on this site: 0
No ad codes identified
(Level: 1) Url checked: (script source)
http://
Blank page / could not connect
No ad codes identified
(Level: 1) Url checked: (script source)
http://
Blank page / could not connect
No ad codes identified
Because of: decodingLevel=0] found JavaScript
error: undefined variable window.plesk_promo
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var window.plesk_promo = 1;
error: line:1: …^ …(code used to create domains - pol)
That is why the avast Network Shields block connection to it…
polonus
That link is not a Prolific link, and has absolutely nothing to do with Prolific or SereneScreen. It is totally safe to visit SereneScreen.com, and download Marine Aquarium 3.
Hi JimSachs,
The above report was for a sublink. I have the screendump of SereneScreen below, so everyone can evaluate…
Report 2010-05-29 09:52:23 (GMT 1)
Website serenescreen.com
Domain Hash faf6b774d60abd28e85e30bd2ff35b4c
IP Address 66.180.197.114
IP Hostname www.prolific.com
IP Country US (United States)
AS Number 11051
AS Name CYBERVERSE - Cyberverse, Inc.
Detections 0 / 18 (0 %)
Status CLEAN
http://scanner.novirusthanks.org/analysis/b6e12c4b59acdb4234263027b75ecd9a/TWFyaW5lQXF1YXJpdW0zLmRtZw==/
The requested URL was analyzed and found legitimate.
polonus
That report appears to show Clean. By “sublink”, are you saying that there’s a link to a link buried in there somewhere?
It absolutely has something to do with the serenescreen.com site, as they are the ones placing the download link to the downloads-portal.com on the /product/maquarium3/ page, see image of the location of that link/image (which because I use firefox with noscript & requestpolicy add-ons doesn’t display).
So they need to be made aware of the downloads-portal.com sites poor rep and remove the download link from their list of download locations.
Hello Jim and thanks for stopping by
and looking into this and resolving it for sure
G
I still don’t see what you are seeing. The link http://www.serenescreen.com/product/maquarium3/ goes to exactly where it should.
the link is fine its what is embedded in that web page
**see image with the arrows directed at the problem
its the link that is on that webpage
hxxp://www.downloads-portal.com/Marine-Aquarium_application-33514.html
What we are seeing is your website is linking to the awards image (jpg format) that is located in downloads-portal.com. This downloads-portal.com do not have a good reputation to link to it.
http://google.com/safebrowsing/diagnostic?site=downloads-portal.com
Users of Avast, hpHOSTS file, WOT and CoU IP Blocklist for Outpost Firewall, Online Armor and Kaspersky Internet Security’s Anti-Banner will be alerted on the said network connection when visiting your website due to downloads-portal.com.
It’s, of course, your choice to keep the said link or image at your site but questions like the above about your site when Avast is use by people will continue to arise.
In addition to the above sample alert screenshot, provided by hayc59… attached is another:
Ah, now I understand. That link should never have been there, and will be removed.
Donna owner of COU and many other cool
sites thanks for explaining it a little better
and making total sence of it!!
@Jim Sachs…PLease follow up and let us know what they do
about this
The offending link has been removed.
http://www.serenescreen.com/product/maquarium3/
(If you’ve ever visited the page before, you may have to Refresh it to clear your cache.)
Download blocked from www(dot)downloadroute.com by hpHosts file:
http://hosts-file.net/?s=www.downloadroute.com&x=31&y=9
Should look like this: