Something evil on 192.95.1.190

It looks like there is some sort of exploit kit on 192.95.1.190 (OVH, Canada) [example] spreading through injection attacks although at the moment I can't reproduce the issue. In any case, I would recommend blocking that IP plus these domains that are in use to spread nastiness:

digitalra.biz
drcoupon.biz
eurosync.biz
expertsurvey.biz
flypanda.biz
funelectronics.biz
interfx.biz
interloanz.biz
learinatlas.biz
mapmchawalit.biz
mapsport.biz
metartri.biz
moreycrm.biz
mrhiuts.biz
perfectcore.biz
safemeta.biz
searchcars.biz
sharpice.biz
softanimal.biz

Some of the subdomains in use are listed here.