See: https://www.virustotal.com/nl/url/b3107ad10bc5a03d6b7f8aafcbfffdccdbac550b104eb31ee8d700c1dabacb7f/analysis/1384866469/
and https://www.virustotal.com/nl/file/61545512135381d189721d60240a5ac4cf6325c73204a11be7ad8ffa1a7086d9/analysis/
according to: http://support.clean-mx.de/clean-mx/viruses?id=17173697
see: http://urlquery.net/report.php?id=7815008
nfo: [script] wXw.sz1390.com/themes/default/templets/szzr/images/jquery.jcarousel.js
info: [decodingLevel=0] found JavaScript
suspicious: maxruntime exceeded 10 seconds
Custom errors fail → https://asafaweb.com/Scan?Url=568.blwpm.com (also excessive headers * and clickjacking warning)
- Re: http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/exploit-proliferation-additional-threat-groups-acquire-cve-2013-3906.html
9link article author = Nart Villeneuve)
See: http://www.rexswain.com/cgi-bin/httpview.cgi?url=http://www.568.blwpm.com/&uag=MSIE+8.0+Trident&ref=http://www.google.com&aen=&req=GET&ver=1.1&fmt=AUTO
Also consider also IDS alert for FILE-IMAGE Directshow GIF logical height overflow attempt here: http://urlquery.net/report.php?id=7813598
polonus