See: https://www.virustotal.com/nl/url/dc8e8636e88242512fb3781d8286f3719d067f8ba48b76025cbf08db0a58cb49/analysis/1384202429/ and http://urlquery.net/report.php?id=7633046 IDS alerts for ET DNS Reply Sinkhole - sinkhole.cert.pl 148.81.111.111 Detected by Sucuri’s http://sitecheck.sucuri.net/results/iwvrv.vuyaw.com/ Excessive Header Info warning, Ckickjacking warning: https://asafaweb.com/Scan?Url=iwvrv.vuyaw.com For the iFrame hack removal: https://www.badwarebusters.org/main/itemview/26099
info: [var files] http:/wXw.hb088.com/users/theme/zblogseo402/style/images/1-130123050f20-l.jpg|http:/wXw.hb088.com/users/theme/zblogseo402/style/images/1-130123050a20-l.jpg|htxp:/w info: [var links] http:/wXw.hb088.com/|http:/wXw.hb088.com/|http:/wXw.hb088.com/|http:/wXw.hb088.com/|http:/wXw.hb088.com/ info: [var newurl] http:/wXw.hb088.com/|http:/wXw.hb088.com/|http:/wXw.hb088.com/|http:/wXw.hb088.com/|http:/wXw.hb088.com/ info: [decodingLevel=1] found JavaScript suspicious: Yandex blacklisting: http://www.yandex.com/infected?url=iwvrv.vuyaw.com&l10n=en
pol