Secureserver dot net info stealing website? Avast only one to detect....

-http://www.nycfragrance.com/cPanel_magic_revision_1418275968/unprotected/custom/assets/js/bootstrap.min.js
404 Not Found
Content-Length: 1699
Content-Type: text/html
clean
-http://www.nycfragrance.com/test404page.js
404 Not Found
Content-Length: 1699
Content-Type: text/html
clean
-http://www.nycfragrance.com/cPanel_magic_revision_1418275968/unprotected/custom/assets/js/scripts.js
404 Not Found
Content-Length: 1699
Content-Type: text/html
clean Blacklisted. ID-Theft, Info-stealing etc. We tested this link and found it might send your personal information to people online who can use it to access your financial information, or steal your identity.
We tested this link and found it might send your personal information to people online who can use it to access your financial information, or steal your identity.

Consider: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.nycfragrance.com
links are found on defaced, hacked websites. Sucuri is the only one to flag as is McAfee:
https://sitecheck.sucuri.net/results/www.nycfragrance.com GoDaddy cpanel abuse…
https://www.virustotal.com/nl/ip-address/23.229.239.165/information/

Avast detects this on IP: HTML:Bankfraud-CGQ [Trj]

pol

Update This scheme like mentioned above is still going on with several hacks and defacements: http://killmalware.com/informationdivision.com/#
GoDaddy abuse seems at the culprit of this: http://toolbar.netcraft.com/site_report?url=http://www.nycfragrance.com
host -ip-23-229-239-165.ip.secureserver.net seems down.

polonus