See: https://www.virustotal.com/nl/url/c2a699ce82cae73ad8fefdf467918f0221379aceeb476a0f4d9f6749eddb4cea/analysis/1426198524/
70 malicious files detected with detected reference to malicious blacklisted domain utenti.lycos.it
2 instances of /counter.js
Severity: Suspicious
Reason: Detected URL that was generated during page execution.
Details: Procedure [eval] has been called with a string containing hidden URL ‘-utenti_4e.bizzhold.com’
See: http://jsunpack.jeek.org/?report=b7688d496368188323701348cbeec91deadd5f0a
Open link inside a browser with NoScript and RequestPolicy extensions active and inside a VM/sandbox.
No detection here: http://zulu.zscaler.com/submission/show/898f5e7482390f9c4f643dc243704e02-1426199013
Tested on tern: https://www.uploady.com/download/_7j78mwcvg2/Z6AA2B3Ak8TYe4_T
Tracker tracker report on found iFrame links: htxp://ad.a-ads.com/14581?size=728x90 (twice)
url scheme host path type query aid cid date patterns objects name affilition
htxp://ad.a-ads.com/14581?size=728x90 htxp ad.a-ads.com /14581 ad size=728x90 1755 2821 2015-03-12 23:29:55 -.a-ads.com htXp://ad.a-ads.com/14581?size=728x90 AnonymousAds
Questionable web rep: https://www.mywot.com/en/scorecard/ad.a-ads.com?utm_source=addon&utm_content=popup
polonus