avast! Webshield detects JS:Iframe-DOI[Trj] on site.

polonus · December 12, 2013, 12:45pm

Where detected: Up(nil): unknown_html ARIN US abuse at bluehost dot com 74.220.207.85 to 74.220.207.85 2yourplace dot com htxp://mightyautopro.2yourplace.com/index.html
No detection here: http://urlquery.net/report.php?id=8345020
Flagged 6 x: https://www.virustotal.com/nl/url/b8cdaf7a8acb66bce1306113b1654309c1ad890a0048c9b7f7c30341aa1dd6ac/analysis/1386851578/
Suspicious on the iFrame check:
htxp://mightyautopro.2yourplace.com/fotopholder2_51/_cache/pictures/wall3.swf’
htxp://hotlineelectric.com/counter.php’
Suspicious on Injection check: text after HTML

Pondus · December 12, 2013, 1:31pm

there is also one previous detected redkit exploit kit / Malicious iframe on same IP urlquery.net/report.php?id=2892259

polonus · December 12, 2013, 1:35pm

Hi Pondus,

Break that link please, because users with avast! Web Shield active get a block for a JS:Iframe-DRH[Trj] detection,

polonus

Announcements