See: http://urlquery.net/report.php?id=3836692
Detected: Detected malicious iframe injection
Detected SutraTDS URL pattern
avast immediately detects this as JS:Decode-AMX[Trj]
Js1 src = ‘src’, ‘htxp://csvert.in/in.cgi?default’ → http://ninjafirewall.com/malware/index.php?threat=2012-08-01.01 & http://labs.sucuri.net/?details=csvert.in
& http://wepawet.iseclab.org/view.php?type=js&hash=b3fc2d794131ca93b95a18ff40067752&t=1335276046
Js2 src = src’, ‘htxp://novikkoll.in/in.cgi?default’ → benign? http://wepawet.iseclab.org/view.php?hash=85a7f5e0961eb119f63008650882d4dd&t=1361182610&type=js
flagged 5 times: https://www.virustotal.com/en/url/bf5917c0d4d0f136db3287df4f72b7e0291232c97bf2de7799a9bd5651af000e/analysis/1368098397/
But given as unreachable: http://www.mywot.com/en/scorecard/novikkoll.in → 11004 [11004] Valid name, no data record (check DNS setup)
pol