See: http://urlquery.net/report.php?id=979217
See: https://www.virustotal.com/file/8c9b1021f3cf7472948c74ba9575664460b4255033d71458a44e9b13b1ecbecd/analysis/1354465692/
Detected twice: http://www.urlvoid.com/scan/mkvrpknidkurcrftiqsfjqdxbn.com/
but malware from that domain and IP now all seem dead: http://support.clean-mx.de/clean-mx/viruses.php?ip=50.62.12.103&sort=firstseen%20desc
response end Apache X-Sinkhole: malware-sinkhole
On sinkhole and take-down of domains read from Alex Kirk Adventures in Domain Takedowns:
http://labs.snort.org/files/DomainTakedowns.pdf&sa=U&ei=mhMZUcv5FqTSigKFx4HADw&ved=0CBgQFjAA&usg=AFQjCNELZFSscGI-H1PyhTfW54Q6_Q3TUw
All compromised with Zero-Access: http://www.malwaresigs.com/2013/01/12/zeroaccess-c2-mkvrpknidkurcrftiqsfjqdxbn/
which is neatly being detected by avast: https://www.virustotal.com/file/ab763d7232ab5784856ab3d0e7611ae58eda3d132a83fea3c663aecbcad1debe/analysis/
also see: http://www.ipvoid.com/scan/50.62.12.103 and then → http://www.mywot.com/en/scorecard/50.62.12.103

polonus