See: http://urlquery.net/report.php?id=79829
Request redirected : htxp://60963.buildyourbankaccount.com/url?sa=N&source=web&cd=41&ved=0mkvY08NR&url=hxtp://bullywatch.org/&ei=2ZUge6zG5au3pY2JzFc585a1pw==&usg=rXpMM9PuoZqkAlXLyBdcno&sig2=M9QxZxcNj-OYKYRrdlbEux
See: http://sitecheck.sucuri.net/results/bullywatch.org/
Two threats given here: http://safeweb.norton.com/report/show?url=bullywatch.org
See: http://minotauranalysis.com/search.aspx?q=da6945fb529a5b879c3c98bf21f148d7 avast detects JS:Iframe-FG [Trj]

polonus

Same Exploit Here: http://forum.avast.com/index.php?topic=99777.msg796205#msg796205

Here we see the couchtarts page in action over 10 days later, confirming the maliciousness of this site.

Hi !Donovan,

Thanx, my friend, for your contribution here and finding that link that explains a lot.
Good we have the added snort IDS at urlquery.net scans now to come up with these specific alerts.
Scanning suspicious URLs with this scanner will become only more rewarding now.
But still we have to go over that malcode personally.

polonus