See: http://urlquery.net/report.php?id=7540791
IDS alerts: ET TROJAN FakeAV Landing Page severity 1 -
T CURRENT_EVENTS Ponmocup Redirection from infected Website to Trojan-Downloader - severity 1
WordPress version outdated: Upgrade required.
1467 sites on one and the same IP certainly does not help security: http://sameid.net/ip/184.106.55.78/
Malicious redirects and 22 websites infested: http://evuln.com/tools/malware-scanner/floridadeluxevillas.com/rescan/
going to htxp://sslabssys.com/cgi-bin/r.cgi?p=10003&i=cd6c94c0&j=314&m=77a3172cabc41ef9c902f17d0eb3a05e&h=floridadeluxevillas.com&u=/&q=&t=20131109082933
See: https://www.virustotal.com/en/url/17c84a21308a97280db9a051e5cdbdea3a117416da336b9a16fe9fae329f69d4/analysis/
Harmless file? https://www.virustotal.com/en/file/dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f/analysis/1372654036/
Site benign? http://zulu.zscaler.com/submission/show/435f60b214a632b44b3130f5bf0158bb-1384007306
Google browser difference:
Not identical
Google: 40089 bytes Firefox: 938 bytes
Diff: 39151 bytes
First difference:
us"> florida deluxe villas â�� <meta name=“robots”…
Meta data profilesQuote info Paul Tomblin on StackOverflow.
The profile attribute of the HEAD specifies the location of a meta data profile. The value of the profile attribute is a URI. User agents may use this URI in two ways: As a globally unique name. User agents may be able to recognize the name (without actually retrieving the profile) and perform some activity based on known conventions for that profile. For instance, search engines could provide an interface for searching through catalogs of HTML documents, where these documents all use the same profile for representing catalog entries. As a link. User agents may dereference the URI and perform some activity based on the actual definitions within the profile (e.g., authorize the usage of the profile within the current HTML document). This specification does not define formats for profiles.
polonus