What malware resides here?

Viruses and worms
1

See: https://www.virustotal.com/nl/url/40f2f06ac04c442e529f8fffd187eef23db4c0a56bbc0e9bef173a25535ea5a8/analysis/1421677251/
Outdated server software detected: Outdated Web Server Nginx Found Vulnerabilities on nginx nginx/1.2.3

External link exploitable: hxtp://www.toswaptrade.com/filter/ipad/
Dom XSS scan: Results from scanning URL: htxp://hqq1f-fi1ues.selectix.pp.ua/js/base.js
Number of sources found: 38
Number of sinks found: 21

IP badness history: https://www.virustotal.com/nl/ip-address/91.202.63.43/information/
DrWeb detects: JS.Loadpays.2
Also IDS alert for ET MALWARE W32/InstallRex.Adware Initial CnC Beacon

Connecting warnings: http://www.dnsinspect.com/hqq1f-fi1ues.selectix.pp.ua/1421677342

Kleissner’s Virustracker results: hqq1f-fi1ues.selectix.pp dot ua,91.202.63.43,ns1.lp-dns.com,Criminals,
means no more than that there is active malware up!

Blacklisted external link: htxp://sms911.ru/tarifs.php?country_id%3D6&num%3D3060
Scamsite etc. see web rep status: https://www.mywot.com/en/scorecard/sms911.ru?utm_source=addon&utm_content=popup

polonus