We are seeing this flag being set based on what I suspect is a flagged domain.
I ran an HTML snippet containing an iframe calling playpickle.com through a scan which returned this positive result (HTML:Iframe-inf). However, this is simply a site providing gaming toolbar that has easy removal instructions (hxxp://playpickle.com/deactivate) as well as an ad servering domain which will result in the domain being legitimately loaded within an i-frame.
First please ‘modify’ your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.
There are 5 iframes after a closing DIV tag in the footer and they are all 1x1 effectively invisible and that may be what is triggering this suspicion of an injected iframe (HTML:Iframe-inf). There is also a script tag with a variable to also create a script element.
I don’t initially get an alert on this URL you gave, but I use firefox with NoScript and RequestPolicy add-ons, so scripts aren’t allowed to run unless I selectively allow sites (allowed that one but not the other 10 cross site scripts.