What generic detection here? PHISH

See: https://www.virustotal.com/en/url/24ed2ead3a46c8223123430c54741de21daa3c7ff79e4b13e413463aacf5a423/analysis/1427559087/
Missed here: http://quttera.com/detailed_report/192.185.109.23
and here:
http://sitecheck.sucuri.net/results/192.185.109.23
See where it is redirecting: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2F192.185.109.23%2F~quala%2FIDMSWebAuth%2Faf1139274f266b22b68c2a3e7ad932c%2Fauth%2F%3F3139322e3138352e3130392e3233"&useragent=Fetch+useragent&accept_encoding=

At code
and what it should look like: https://code.google.com/p/html-encrypter/source/browse/trunk/hea2.js?r=49
Probably benign.

PHISHING detected here: https://urlquery.net/report.php?id=1427559801904

Read about the backgrounds here: http://www.scam.cz/search/label/Phishing?updated-max=2014-10-28T02:53:00-07:00&max-results=20&start=20&by-date=false

polonus