See: https://www.virustotal.com/nl/url/513632451829efec982960563c0ef99dbd17979d682a64f60addb67691f471e9/analysis/1445088143/
Flagged here: http://urlquery.net/report.php?id=1445088267609

<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="keywords" content="" /> <meta name="description" content="" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>тарифы</title> </head> <body> <div style="clear: both;"></div> <center> <p> данная страница находиться на реконструкции </p> <p> </p> <p> </P>  <p> <a href="index.html">Назад на главную</a></li></p>    </div> </center> </body>  </html>

I see a reference to -http://www.1gb.ua → http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.1gb.ua

Detected 4 malicious files: /index.html
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain -www.ex.ua So Quttera’s detects.

polonus