unSpawn |
02-04-2013 08:27 AM |
Quote:
Originally Posted by DrLove73
(Post 4884089)
It seams that openx.org, d1.rumbaypelo.com, and/or aboelaraby.com are culprits. So not the LQ directly but third-party links.
|
And that indeed is the problem. It's not the first time ad networks served malware or PUA but openx.{org,net} reputation is especially bad.
*Just for fun this is a diff of checking Google itself:
Code:
This site is not currently listed as suspicious.
- Part of this site was listed for suspicious activity 28 time(s) over the past 90 days.
+ Part of this site was listed for suspicious activity 29 time(s) over the past 90 days.
What happened when Google visited this site?
- Of the 670408 pages we tested on the site over the past 90 days, 109 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-02-03, and the last time suspicious content was found on this site was on 2013-02-03.
+ Of the 664546 pages we tested on the site over the past 90 days, 121 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-02-04, and the last time suspicious content was found on this site was on 2013-02-03.
- Malicious software includes 140 trojan(s), 10 virus, 8 scripting exploit(s). Successful infection resulted in an average of 4 new process(es) on the target machine.
+ Malicious software includes 134 trojan(s), 10 virus, 7 scripting exploit(s). Successful infection resulted in an average of 4 new process(es) on the target machine.
- Malicious software is hosted on 53 domain(s), including adsbyisocket.com/, imaginginsider.com/, dgsdfhsdfh.osa.pl/.
+ Malicious software is hosted on 55 domain(s), including adsbyisocket.com/, ads.zitaholdings.com/, imaginginsider.com/.
- 34 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including googleusercontent.com/, zegreenweb.com/, feedsportal.com/.
+ 42 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including googleusercontent.com/, zegreenweb.com/, feedsportal.com/.
This site was hosted on 145 network(s) including AS15169 (Google Internet Backbone), AS8359 (MTS), AS36040 (Bandaid XT+).
Has this site acted as an intermediary resulting in further distribution of malware?
- Over the past 90 days, google.com appeared to function as an intermediary for the infection of 23 site(s) including stroupecondoblog.com/, ow.ly/, www.jazaan.com.googlepages.com/.
+ Over the past 90 days, google.com appeared to function as an intermediary for the infection of 28 site(s) including stroupecondoblog.com/, ow.ly/, www.jazaan.com.googlepages.com/.
Has this site hosted malware?
- Yes, this site has hosted malicious software over the past 90 days. It infected 2 domain(s), including hahait.com/, tedaltenberg.com/.
+ Yes, this site has hosted malicious software over the past 90 days. It infected 1 domain(s), including tedaltenberg.com/.
As you can see it considers itself "not suspicious" even though it listed itself as suspect for about 30 out of 90 past days ;-p
|