http://dol.{BLOCKED}1.us:8081/update/base64.js

JS_EXPLOIT.MEA loads this site where its component for decoding base64 can be found. This malicious script was inserted onto a legitimate website of the US Department of Labor and downloads a Poison Ivy backdoor.