Re: http://sameid.net/ip/81.88.57.70/
Sure that is creating some problems, also for this particular domain site: https://www.virustotal.com/en/url/10ce0fad8ba73edb961f58c3748848237642afd6ee445598d7859416358142db/analysis/1417282281/
Blacklisted and potentially suspicious: index.html
Severity: Potentially Suspicious
Reason: Detected unconditional redirection to external web resource.
Details:
Threat dump:
[<meta http-equiv="refresh" content="0;URL='htxp://www.3sentidosdesign.pt/clientes/RotaDaVila/index.html'" />]
See: http://www.site-scan.com/eng/show_headers.php?REQUEST=GET&URL=http://rotadavila.com.pt/&MODIFIED=0
Threat dump MD5: DA5D92C9D88497613AF05BAD1E944601
File size[byte]: 675
File type: HTML
Page/File MD5: 9B70E2417C982B0519963ADA7B256E80
Scan duration[sec]: 0.008000
Nothing in particular here: http://urlfind.org/?site=http%3A%2F%2Frotadavila.com.pt#
Active and up malcode found there, according to VirusTracker: rotadavila dot com.pt,81.88.57.70,ns1.amenworld dot com,Criminals,
found here: http://antispam.imp.ch/05-uribl.php?lng=1
Nothing alerted here: http://urlquery.net/report.php?id=1417283867696
But on IP: “ET CURRENT_EVENTS Malicious Redirect 8x8 script tag” & Detected malicious iframe injection
#9 JavaScript::Script (size: 91818, repeated: 1) - Alert detect on script (Severity: 2) - opwaymocambique dot com/js/jquery-1.6.4.min.js 81.88.57.70 - SHA256: ecb69491577d57befd5f15b5bee0204b682ee5a53e55b380aae990bc3633324a
and here: http://dnscheck.sidn.nl/?time=1417282815&id=1783907&view=basic&test=standard
polonus