See: https://www.virustotal.com/nl/url/fec579df545825022dde3c00a394804571baf5331ef7bb1782f9d6d15f685409/analysis/#additional-info
Detected: http://killmalware.com/avrolancasterfm104.com/
Sucuri has it: Web site defaced. Details: http://sucuri.net/malware/entry/MW:DEFACED:01?v7
DrWeb has it as suspected: Checking: -http://avrolancasterfm104.com
Engine version: 7.0.23.8290
Total virus-finding records: 7592607
File size: 35.28 KB
File MD5: 056ff4d68f7e9c7caa33834ca2f77135
-http://avrolancasterfm104.com probably infected with SCRIPT.Virus
-http://avrolancasterfm104.com - archive JS-HTML
-http://avrolancasterfm104.com/JSTAG_1[f6][8c22] probably infected with SCRIPT.Virus
-http://avrolancasterfm104.com/JSTag_2[12e][8bea] probably infected with SCRIPT.Virus
Quttera also has it: https://quttera.com/detailed_report/avrolancasterfm104.com
Detected encoded JavaScript code commonly used to hide malicious behaviour.
but AOS does not flag, as Web Shield might alert.
Defacement alert - webpage side-broad alert, javascript alert
Suspicious 404 Page:
document.write(unescape followed by a row of obfuscated code…
polonus