You should avoid clicking on links in direct messages that you receive on Twitter today. “what on earth do you think you are doing in our video clip?” – is the current direct message.
Twitter direct message (if Facebook link is clicked) redirects to a Facebook app that redirects to hXXp://126.96.36.199/rem.php? [hosted on Victoria, Mahe, Seychelles Ideal Solution Ltd, inetnum: 188.8.131.52 – 184.108.40.206].
Spamhaus (SBL) initially listed IP:220.127.116.11 as a DDoS botnet controller on March 5, 2012 and IP:18.104.22.168 as a money mule database used by ZeuS/SpyEye botnet masters on May 25, 2011.
VirusTotal is reporting this as a clean site (though still unrated by Sophos and Websense).