reply from Milos

Hello, thanks, for notice. I notified author of detection.

Milos

@ !Donovan,

Thanks for your feedback.
In my post I did not mention anything right-out malicious or suspicious as I was looking for it and could not find it really.

The only issue detected was with some aspects of the Cloudflare code not actually being "best practices"and that “lokhlp” redirect.
These issues has been discussed earlier in various places on the Internet.

With what Quttera’s flags we always have to stress the “potentially” in such a detection.
It just means nothing more or less that towards secure coding, best practices were not performed.
This should not always lead to threats or insecurities.

For reasons of SEO positioning I have experienced lately that a lot of coders (specifically JSQuery coders etc.) try to “curve the bends a little”,
where best security coding practices are concerned, sometimes bordering on being potentially suspicious.
Just analyze the accompanying jsunpack reports for examples.

That of course is far from the cyber-criminal RBN-like blackhat SEO spam fraud practices etc,
but we should alert to these minor code-flaw trends.

Third party redirects should always be checked. It is not malicious or suspicious per-se,
alas some users may feel to block it rather, as they do not like and block third party ads.

The 0-0-0-iFrame was never malicious and suspicious and nowhere I said so.

Still not completely sure as to what apparent threat avast" detection tried to response to?

@ captainman There is nothing harsh in this report, it just tries to be profound.
Do not take the message out on the messenger! ;D.

polonus