See: htxp://zulu.zscaler.com/submission/show/c85a0efc98a99ace48dfd65a833bb1ed-1334677209
detected by 1 source as malcious: htxps://www.virustotal.com/url/4450584fd24f56f0fde3f6539ee95c540fd1f429e1d79c0462f2ed440bc15dd4/analysis/
Obfuscation translated to: document.location=‘htxp://craiginvestigationsinc.com/americanexpress/’; found benign here: htxp://wepawet.iseclab.org/view.php?hash=2669a2f20f280529ffe484c0f8b0dc82&t=1334676716&type=js
polonus