ALERT: Malvertizement at Expedia.com
Expedia have been alerted.
Details here:
http://www.mikeonads.com/2008/11/23/malvertisement-on-expediacom/
It looks identical to the malvert at allrecipes.com discussed here:
http://www.bluetack.co.uk/forums/index.php?s=6152c183e90c1f780588775106ba8be6&showtopic=18064&st=180&p=89945&#
Some of the same domains are used, prolinar.com and clicksoverview.com. The fraudware domain is also the same, antivirusdefense.com.
| prolinar.com | ICANN Registrar: ESTDOMAINS
Created: 18 November 2008
NS57.1AND1.COM
NS58.1AND1.COM
IP: 74.208.131.124 - United States - 1&1 Internet Inc
Registrant: Thomas Schultz (ts8317@googlemail.com) |
| vernariostar.com | ICANN Registrar: NETFIRMS INC
Created: 20 November 2008
NS1.NETFIRMS.COM
NS2.NETFIRMS.COM
IP: 38.113.185.172 - United States - Performance Systems International Inc
Registrant: No WHOIS details <?> |
| triesto.com | ICANN Registrar: ESTDOMAINS INC
Created: 20 November 2008
NS57.1AND1.COM
NS58.1AND1.COM
IP: 74.208.131.124 - United States - 1&1 Internet Inc
Registrant: Andy Borman, Copress (andyborm@googlemail.com) |
| clicksoverview.com | ICANN Registrar: BIZCN.COM, INC
Created: 11November 2008
NS1.FREEFASTDNS.COM
NS2.FREEFASTDNS.COM
IP: 69.10.44.207 - United Kingdom - Innovation It Solutions Corp
Registrant: Arina Zubina (cndomainz@yahoo.com) |
| antivirusdefense.com | ICANN Registrar: BIZCN.COM, INC
Created: 13 November 2008
NS1.FREEYOURDNS.COM
NS2.FREEYOURDNS.COM
IP: 64.20.38.90 - Arizona - Phoenix - Interserver Inc
Registrant: Aleksey Kononov (cndomainsz@yahoo.com) |
| freeyourdns.com | ICANN Registrar: BIZCN.COM, INC
Created: 4 November 2008
NS1.FREEYOURDNS.COM (84.243.196.136) (Netherlands Grafix Internet B.v)
NS2.FREEYOURDNS.COM (64.86.17.44) (Canada Brampton Velcom)
IP: 64.20.38.90 - Arizona - Phoenix - Interserver Inc
Registrant: Evgeny Makarov (cndomainz@yahoo.com) 84.243.196.136:
antivirus-scan-online.com
ns1.freeyourdns.com
privateinfoclick.com
protectionlive-scan.com
quickscanpc.com
totalantivirusscan.com 64.86.17.44:
clickwww2.com
forcedscan.com
ns2.freefastdns.com
ns2.freeyourdns.com |
| freefastdns.com | ICANN Registrar: ONLINENIC, INC
Created: 17 September 2008
NS1.FREEFASTDNS.COM (91.203.92.47) (United Kingdom Isp Uatelecom )
NS2.FREEFASTDNS.COM (64.86.17.44) (Canada Brampton Velcom)
IP: "On Hold"
Registrant: Goroshko Igor (alexvasiliev1987@cocainmail.com) 91.203.92.47:
liveupdateservice.cn
ns1.mysecuritysupport.com
protectiononlineinfo.com
totalantivirusscan.com
travelmaxinside.cn 64.86.17.44:
clickwww2.com
forcedscan.com
ns2.freefastdns.com
ns2.freeyourdns.com |
I also see that a domain 247-realmedia.com is sharing IP address with prolinar.com - it is also sharing Registrant details - could it be that the purpose of the domain is to impersonate the real 247realmedia?
ICANN Registrar: ESTDOMAINS
Created: 18 November 2008
NS57.1AND1.COM
NS58.1AND1.COM
IP: 74.208.131.124 - United States - 1&1 Internet Inc
Registrant: Thomas Schultz (ts8317@googlemail.com)