Hi arconreef, ardvark and Pondus,
Pondus, you are so right, because the site is suspicious, because of 1 suspicious inline script found,
see atttached gif image..
What has been found on that site is reported here:
http://www.google.com/safebrowsing/diagnostic?site=downthemall.netReported as suspicious also here:
http://wepawet.iseclab.org/view.php?hash=b015b380e12e4e866cab972801cec898&t=1278010699&type=jsApparently the malcode comes from twitter,see:
http://pastebin.com/mZ1JGhYFbut it is a Joomla malware script:
http://www.google.com/support/forum/p/Webmasters/thread?tid=256902d9865b7cbd&hl=enJoomla there was maliciously injected, my good anti-malware friends,
There is another suspicious hidden link there: pfgjmeepoxk.com/ld/goldmn suspicious:
and the last time suspicious content was found on this site by google was on 2010-07-01.
Malicious software includes 397 scripting exploits, 212 exploits, 26 trojans.
This site was hosted on 66 networks including AS3269 (TELECOM), AS7132 (SBIS), AS7725 (COMCAST).
Has this site acted as an intermediary resulting in further distribution of malware?
Has this site hosted malware? See:
http://amada.abuse.ch/?search=pfgjmeepoxk.com Yes, this site has hosted malicious software and it infected 13 domains, including lambdastreaming.com/, elbukanero.com/, trueblood-online.com/.
polonus