I've done some investigation and your sites are coming up clean. Did you clean up the websites at all, or simply adopt the workaround to prevent words and phrases from becoming redirection links to those other sites?
Edit - The question is significant. Either someone installed malware on the server or your network traffic is being intercepted and altered in transit. It may be relevant that urlquery is reporting a number of submissions for testing in the past couple of days for AS29873, the ASN covering CreditCure.mobi. This ASN also includes a website (malwaremustdie.org) which has come under attack and is currently hosting malware. It's a different IP address but very close to yours. The attackers may also have scanned other sites on attacked servers looking for vulnerabilities.
Edit - I checked with Brian Krebs to see if he knew anything about an attack against malwaremustdie.org and he says the report is a false positive. That doesn't necessarily explain the sudden spate of checks on websites having the same AS number but might do so.
Message was edited by: Hayton on 18/02/13 18:02:42 GMT