Tag Archives: make money online fake

More Malicious Links Spammed to Twitter Users

Leave a reply

Another malicious link received by an user via Twitter:

hxxp:// profitscoaching .info /index.php?eVTv=1336686044437

Whois details:

Domain Name: profitscoaching .info
Registrar: GoDaddy.com LLC (R171-LRMS)
Status: CLIENT DELETE PROHIBITED, CLIENT RENEW PROHIBITED, CLIENT TRANSFER PROHIBITED, CLIENT UPDATE PROHIBITED
Expiration Date: 2013-03-07 14:59:08
Creation Date: 2012-03-07 14:59:08
Last Update Date: 2012-05-06 20:39:46
Name Servers:
ns61.domaincontrol.com
ns62.domaincontrol.com
 
Registrant Contact Information:
Name: Registration Private
Organization: Domains By Proxy, LLC
Address 1: DomainsByProxy.com
Address 2: 15111 N. Hayden Rd., Ste 160, PMB 353
City: Scottsdale
State: Arizona
Zip: 85260
Country: US
Phone: +1.4806242599
Fax: +1.4806242598

Hosting details:

The website profitscoaching .info is hosted at WholeSale Internet and its current IP address is 173.208.196.245 (-). The server machine is located in United States (US) and in the same server there are hosted other 0 websites. The domain is registered with the suffix INFO and the keyword of the domain is profitscoaching. The organization is Gold VIP Club.

The malicious link redirects users to another malicious link:

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.6.32
Date: Fri, 11 May 2012 22:55:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.2.6-1+lenny16
Set-Cookie: PHPSESSID=1bff1c2b505aa2004bda6028bb28ad0a; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: hxxp:// aooale .info /ytb/redirect.php

Extracted malicious link:

hxxp:// aooale .info /ytb/redirect.php

Whois details:

Domain Name: aooale .info
Registrar: GoDaddy.com LLC (R171-LRMS)
Status: CLIENT DELETE PROHIBITED, CLIENT RENEW PROHIBITED, CLIENT TRANSFER PROHIBITED, CLIENT UPDATE PROHIBITED
Expiration Date: 2012-09-21 13:41:55
Creation Date: 2011-09-21 13:41:55
Last Update Date: 2011-11-20 20:41:26
Name Servers:
ns49.domaincontrol.com
ns50.domaincontrol.com
 
Registrant Contact Information:
Name: Registration Private
Organization: Domains By Proxy, LLC
Address 1: DomainsByProxy.com
Address 2: 15111 N. Hayden Rd., Ste 160, PMB 353
City: Scottsdale
State: Arizona
Zip: 85260
Country: US
Phone: +1.4806242599
Fax: +1.4806242598

Hosting details:

The website aooale.info is hosted at DirectSpace Networks, LLC. and its current IP address is 174.140.169.101 (-). The server machine is located in United States (US) and in the same server there are hosted other 0 websites. The domain is registered with the suffix INFO and the keyword of the domain is aooale. The organization is DirectSpace Networks, LLC.

URLVoid scan reports:

http://urlvoid.com/scan/aooale .info
http://urlvoid.com/scan/profitscoaching .info

Other malicious links:

hxxp:// ioi8 .info /gps
hxxp:// bp9 .info /mobi/redirect.php
hxxp:// iso8 .info /lg
hxxp:// jay8 .info /b2d
hxxp:// saov .info /mobilemoneymachines/

The malicious links where users are generally being redirected seem scam pages:

Fake Make Money Sites

The scam pages show fake images of people that take in hand a check and promote the “Work at home mum makes