See: https://www.virustotal.com/nl/url/f9fe1d0ed3bf0731301945dcb1701e68c0008da9ef585cf2b604117e973a9a18/analysis/1440766797/
See: https://www.virustotal.com/nl/file/0fb970b60dd16fe93b59e5d7eed7aa8c4d7f9f7c85b8755bf79e640249e999e6/analysis/1440079261/
Flagged is HTML_PHISH.XTSG, but not by Avast!
Caja Playground gives an eval result! → -http://www.domxssscanner.com/scan?url=http%3A%2F%2Fgoogle-drive.performe.com.au%2Fa3ee73b920d318f0a9f80d0aba56964d%2F
Detected here: http://urlquery.net/report.php?id=1440766991272
Risk status 10 red out of 10: http://toolbar.netcraft.com/site_report?url=http://google-drive.performe.com.au
Long OVERDUE and live PHISHING from tat specific IP: http://support.clean-mx.com/clean-mx/phishing.php?ip=69.28.199.120&sort=id%20DESC

polonus

Ironically for that phishing IP to see this message from the hoster, Host Papa (see: http://hostpapasupport.com/kb/how-to-protect-yourself-against-fraud-and-phishing-attacks/ ;D
This in relation to http://toolbar.netcraft.com/site_report?url=http://google-drive.performe.com.au

polonus