A PHISH site. Was it terminated?

Given as “suspended”: https://www.virustotal.com/nl/url/ebca9069afdb41a6ed6ff8f5121b4f8a43769c44fa671b216755ceac2a9a67ce/analysis/1420497696/
Quttera has nothing to report: http://quttera.com/detailed_report/luxccessories.com :o
Unable to properly scan site.
IP badness history: https://www.virustotal.com/nl/ip-address/192.185.4.76/information/
Flagged by WOT: https://www.mywot.com/en/scorecard/192.185.4.76?utm_source=addon&utm_content=popup
310 websites on one and the same IP address.
She the host bad karma points: https://www.robtex.com/en/advisory/ip/192/185/4/76/
also see blacklists there. Code with value passed to constructor to make NULL.Out.Exemption. Example code:

Search: add message- if(relplaceAllALinks) relplaceAllALinks(/(\/trf|\.cfm)\?/); var __pp = []; atevt(); 0 

’ → Cufon styles disanled:

 .cufon div h1 

Code coming from, see: https://www.virustotal.com/nl/url/11f71b76c9c7418ebe75db5ea2fa5ca673b4ef8fef49a009a600c9eebf79f79a/analysis/
Akamai site.

polonus

So let us start debugging. folks. and let us see where the redirects will lead us!

The code there


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Contact Support</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body marginwidth="0" marginheight="0" leftmargin="0" topmargin="0">
<iframe width="100%" height="100%" frameborder="0" SCROLLING="auto" marginwidth="0" src="htxp://domainfwding.com/? * dn=referer_detect%26pid=5POL4F2O4"></iframe>
</body>
</html>

polonus