3

Please, sargent2, break that live link you have presented to us.

Yes confirmed suspicious script detected:

Suspect - please check list for unknown includes

Suspicious Script *:
htxps://iosgods dot com/public/||||js/ipb.js?ipbv=57d7b90ef25fe8a2f3dfc152e5cf1c0c&load||||=quickpm,hovercard,board
document.write(“”); }, boot: function() { $a( document.getelementsbytagna


Google Browser Diff.: Not identical

Google: 197135 bytes Firefox: 189221 bytes
Diff: 7914 bytes

First difference:

dex.php?s=google=05b1d1ea36caabccf53c9808c79a6bef_session&'; ipb.vars[‘board_url’] = ‘htxps://iosgods dot com’; ipb.vars[‘img_url’] = "htxps://iosgods dot com/public/style_im…

Check links: lease check this list for unknown links on your website:

-http://armconverter.com/ → ‘arm converter’
-http://armconverter.com/ → ‘arm converter’
-http://www.tomchristian.co.uk → ‘ipb3 skin by tom christian’
-http://www.invisionpower.com/apps/board/ → ‘community forum software by ip’

polonus (volunteer website security analyst and website error-hunter)

P.S. Seen this marked out before, re: https://forum.avast.com/index.php?topic=186662.msg1314318#msg1314318

Damian