SE visitors redirects detected?

See: http://killmalware.com/payawebshomal.com/#
https://www.virustotal.com/nl/url/16de1695167d2708288ab9e49d87fd74a583ad3eda4eb58e8f7a7f93b3249e32/analysis/1450819077/
index
Severity: Suspicious
Reason: Detected suspicious redirection to external web resources at HTTP level.
Details: Detected HTTP redirection to -http://www.serverjump.com/jump.aspx?jumpid=0sichm.
Furthermore embedded webresource script issue…/WebResource.axd?d= etc. etc.
Two fails and two warnings here: https://asafaweb.com/Scan?Url=payawebshomal.com
On one of the particular fails: Requested URL: -http://payawebshomal.com/ (POST 1,001 params) | Response URL: http://payawebshomal.com/ | Page title: -www.PayaWebShomal.com :: شرکت پایا وب شمال :: صفحه اصلی | HTTP status code: 200 (OK) | Response size: 9,090 bytes (gzip’d) | Duration: 397 ms
Overview
The hash table denial of service vulnerability (hash DoS) allows an attacker to make a POST request with a very large number of parameters constructed to cause hash collisions when parsed by ASP.NET. These collisions are very computationally expensive and could subsequently cause the CPU utilisation to spike thus disallowing it to process legitimate requests. Microsoft patched the risk in security update MS11-100 then resolved it permanently with the release of .NET 4.5.

Important: This scan is intended for ASP.NET websites. Results for sites of other technologies do not mean they are either vulnerable nor protected from the hash DoS exploit. Look at the request made by ASafaWeb, understand what the response means and draw your own conclusions as to the risk.

Result
It looks like security update MS11-100 has not been installed. A POST request with 1,001 form parameters named “0” through to “1000” is returning the same response body as a legitimate request so the app appears to be accepting excessive parameters. The website is also running an earlier version of the framework than .NET 4.5 so there is also no native framework defence You should work with your server administrator to have the patch installed as a matter of priority. Also ensure the appropriate patch version has been installed for the version of .NET the website is running under.

Note: This scan will fail if the aspnet:MaxHttpCollectionKeys app setting has been increased beyond the default of 1,000 even if the hash DoS patch has been installed.

More reading
Has the hash DoS patch been installed on your site? Check it right now with ASafaWeb!

On that particular detected redirect read here: https://productforums.google.com/forum/#!msg/webmasters/CvNZiPhKuco/-Xn1Wm2TBwAJ (website more than likely hacked through rogue code installed in the .htacess file.

Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.acaboots.com%2F%3F1
landing here should be blocked: - http://js.users.51.la/18705852.js

polonus (volunteer website security analyst and website error-hunter)

P.S. Has this been patched by the hoster? Re: http://serverfault.com/questions/52199/security-risk-microsoft-httpapi-2-0
http://toolbar.netcraft.com/site_report?url=https://www.pouyasazan.org
iFramely report:
Title پویاسازان | ثبت دامین-هاست-سرور مجازی
Canonical -https://www.pouyasazan.org/
Description پویاسازان یکی از 10 شرکت برتر هاست، ثبت دامین، سرور مجازی، گواهی SSL و لایسنس کنترل پنل ها در ایران با پشتیبانی 24 ساعته از پیشرفته ترین مراکز دیتا در جهان
Author pouyasazan-پویاسازان
Keywords ثبت دامنه,خرید دامین,هاست لینوکس,هاست,خرید دامنه,هاست ایران,هاست ارزان,هاست ویندوز,هاست لینوکس لینوکس معمولی,هاست لینوکس ویژه,هاست ویندوز معمولی,انتقال دامین,انتقال دامنه,تمدید دامنه,تمدید دامین,هست,هست لینوکس,هست ویندوز,هست لینوکس معمولی,هست لینوکس ویژه,هاستینگ,هستینگ,وب هاستینگ,وب هستینگ,ثبت دامین,خرید هاست و دامنه,خرید هاست و دامین,خرید هست و دامنه,خرید هست و دامین, سرور مجازی,سرور مجازی آلمان,سرور مجازی انگلیس, وی پی اس
Icon
-https://www.pouyasazan.org/images/icons/favicon.png

D