The site: hxxp://www.1227.com
why are you asking? Okay I just tried on different online link scanners and none of them gave it as malicious. It should be safe…(next time you post a link that you don’t trust for any reason, please break the link to make it un-clickable from the forums >>> hxxp://www.site.com
It caused browser crach.
Look analisis in VirusTotal:
What are the online link scanners ?
Thanks !
Can you send the site and virustotal to avast! ? So they can verify it and add to our detection. So next time you or a user click on it then he could be safe.
I did this a week ago but so far avast nothing.
Hi Henrique - RJ
It is a Browser exploit: JOKE/BrowserMessage
the endless alert popup …
AV Scan Status: Virus: Virus: Joke.NoClose.JS.A
APH Scan Status : not phishing
JS Scan Status : not malicious
It’s strongly recommended that you navigate away,
polonus
the page layout and messages looked obviously suspicious, I had NS on so nothing happened, and all the virus scanners I tried gave nothing (Trend, Google Safe Browsing, Norton, Online link scan…). How did you find out about the exploit, I mean with which AV? also, I’d still like to know why the OP posted about this site ???
Ok Ok, but why avast don’t detect ?
???
It should be the browser that prevents the captive loop really- Opera does, but Firefox still doesn’t.
Hi FwF,
Fx with NoScript installed does, and RequestPolicy also blocks it, also says about this site: “This web site does not supply identity information.” We also find a blackholed nameserver there,
WepaWet report:
http://wepawet.iseclab.org/view.php?hash=9eec0cbd21581f98434d63c45e052627&t=1269738396&type=js
pol
Hi and thanks for that link (Wepawet) … and yes, as said in my previous post here, NS blocked the damned thing
Hopefully people that don’t use NoScript take a look at this thread and
realize about the benefits of using it.
Bo