JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link 1f174dda49bcc854e2488354d184265b0da332e0 (Received 2012-12-30 10:59:04, http://freshscent.net46.net/?page_id=146 )

URLStatus
freshscent.net46.net/?id=146 saved 17599 bytes 5faad5bff2f07e89b8345fcd34d2ea058d6ff583

stats.hosting24.com/count.php status: (referer=freshscent.net46.net/?id=146)

All Malicious or Suspicious Elements of Submission

None
ulock.it/nojs benign
[nothing detected] (metarefresh) ulock.it/nojs
     status: (referer=freshscent.net46.net/?id=146)saved 1175 bytes 4930b3c0b5e5aa30fe8291157b6183b5c287d9d6
     info: [0] no JavaScript
     file: 4930b3c0b5e5aa30fe8291157b6183b5c287d9d6: 1175 bytes

Decoded Files
4930/b3c0b5e5aa30fe8291157b6183b5c287d9d6 from ulock.it/nojs (1175 bytes, 32 hidden) download


freshscent.net46.net/wp-includes/js/comment-reply.js?ver=3.4.1 benign
[nothing detected] (script) freshscent.net46.net/wp-includes/js/comment-reply.js?ver=3.4.1
     status: (referer=freshscent.net46.net/?id=146)saved 786 bytes 6185b986af821a054a3019dc326fc42420b63009
     info: [decodingLevel=0] found JavaScript
     file: 6185b986af821a054a3019dc326fc42420b63009: 786 bytes

Decoded Files
6185/b986af821a054a3019dc326fc42420b63009 from freshscent.net46.net/wp-includes/js/comment-reply.js?ver=3.4.1 (786 bytes) download


www.google-analytics.com/ga.js benign
[nothing detected] (script) www.google-analytics.com/ga.js
     status: (referer=freshscent.net46.net/wp-includes/js/jquery/undefined)saved 37362 bytes 142a9875c4bd7e15ce6ac8b5bb181fb29ed08ba5
     info: [decodingLevel=0] found JavaScript
     file: 142a9875c4bd7e15ce6ac8b5bb181fb29ed08ba5: 37362 bytes

Decoded Files
142a/9875c4bd7e15ce6ac8b5bb181fb29ed08ba5 from www.google-analytics.com/ga.js (37362 bytes) download


freshscent.net46.net/wp-includes/js/jquery/undefined benign
[nothing detected] (element) freshscent.net46.net/wp-includes/js/jquery/undefined
     status: (referer=freshscent.net46.net/wp-includes/js/jquery/jquery.js?ver=1.7.2)saved 17196 bytes 8d2dc6081eb5e2db4cc52bcfad71cc35d87217a5
     info: [img] freshscent.net46.net/images/locale/EN/header.gif
     info: [img] freshscent.net46.net/images/icons/menu1.gif
     info: [img] freshscent.net46.net/images/icons/main1.gif
     info: [img] freshscent.net46.net/images/icons/main5.gif
     info: [img] freshscent.net46.net/images/icons/small.gif
     info: [img] freshscent.net46.net/images/icons/small.gif
     info: [img] freshscent.net46.net/images/icons/menu11.jpg
     info: [img] freshscent.net46.net/images/icons/menu13.gif
     info: [img] freshscent.net46.net/images/locale/EN/signup.gif
     info: [img] freshscent.net46.net/images/icons/upgrade.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/uncheck.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/check.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/ordernow1.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/icons/main1.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/icons/main2.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/icons/main3.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/icons/main4.gif
     info: [img] freshscent.net46.net/wp-includes/js/jquery/images/icons/main5.gif
     info: [img] freshscent.net46.net/images/l6.jpg
     info: [decodingLevel=0] found JavaScript
     info: [var gaJsHost] URL=www.
     info: [var newurl] URL=www.
     info: [script] www.google-analytics.com/ga.js
     info: [decodingLevel=1] found JavaScript
     file: 8d2dc6081eb5e2db4cc52bcfad71cc35d87217a5: 17196 bytes
     file: b240dfcd5be575459a1fe6cdb8d7d441337ac0c3: 192 bytes

Decoded Files
8d2d/c6081eb5e2db4cc52bcfad71cc35d87217a5 from freshscent.net46.net/wp-includes/js/jquery/undefined (17196 bytes, 2229 hidden) download

b240/dfcd5be575459a1fe6cdb8d7d441337ac0c3 from freshscent.net46.net/wp-includes/js/jquery/undefined (192 bytes) download


freshscent.net46.net/?id=146 benign
[nothing detected] freshscent.net46.net/?id=146
     status: (referer=http:/www.ask.com/web?q=puppies)saved 17599 bytes 5faad5bff2f07e89b8345fcd34d2ea058d6ff583
     info: [meta refresh] URL=ulock.it/nojs
     info: [script] freshscent.net46.net/wp-includes/js/jquery/jquery.js?ver=1.7.2
     info: [script] freshscent.net46.net/wp-includes/js/comment-reply.js?ver=3.4.1
     info: [img] www.filecrop.com/images/image.gif
     info: [img] 1.gravatar.com/avatar/14efccd7b043faeb26ee248e914a6b38?s=32&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] 0.gravatar.com/avatar/4c8e5130de3b0fca6540e206943214af?s=32&d=http%3A%2F%2F0.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] 1.gravatar.com/avatar/359297c23f972ce92310be585d23c3d9?s=32&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] 0.gravatar.com/avatar/a82e3f004a7c2d01bcd82fd55e1cd66e?s=32&d=http%3A%2F%2F0.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] 0.gravatar.com/avatar/666570ad4581e5f5e1c4d25ed4bb6189?s=32&d=http%3A%2F%2F0.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] 0.gravatar.com/avatar/c1d9989f6b645a3a518687c30585eafa?s=32&d=http%3A%2F%2F0.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] 0.gravatar.com/avatar/2c070f0e070d8fc8b695dd231d59f741?s=32&d=http%3A%2F%2F0.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D32&r=G
     info: [img] freshscent.net46.net/wp-content/themes/target/images/sidebar-top.png
     info: [img] freshscent.net46.net/wp-content/themes/target/images/sidebar-bottom.png
     info: [img] freshscent.net46.net/wp-content/themes/target/images/youtube.png
     info: [img] freshscent.net46.net/wp-content/themes/target/images/Twitter.png
     info: [img] freshscent.net46.net/wp-content/themes/target/images/facebook.png
     info: [img] freshscent.net46.net/wp-content/uploads/2012/08/9698-1-miscellaneous-digital-art-blue1.jpg
     info: [script] stats.hosting24.com/count.php
     info: [decodingLevel=0] found JavaScript
     error: line:69: SyntaxError: missing ; before statement:
          error: line:69: if (ulockld == false) { window.location = "http:/ulock.it/adblock/"pWWlp2k/ZJicZqc }
          error: line:69: ..........................................^
     error: line:3: SyntaxError: missing = in XML attribute:
          error: line:3: <!DOCTYPE html PUBLIC "-/W3C/DTD XHTML 1.0 Transitional/EN" "http:/www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
          error: line:3: ...............^
     file: 5faad5bff2f07e89b8345fcd34d2ea058d6ff583: 17599 bytes

Decoded Files
5faa/d5bff2f07e89b8345fcd34d2ea058d6ff583 from freshscent.net46.net/?id=146 (17599 bytes, 1218 hidden) download


freshscent.net46.net/wp-includes/js/jquery/jquery.js?ver=1.7.2 benign
[nothing detected] (script) freshscent.net46.net/wp-includes/js/jquery/jquery.js?ver=1.7.2
     status: (referer=freshscent.net46.net/?id=146)saved 94861 bytes 3ba6e35885d3a796a5b5579a51065d7d70d75296
     info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
     info: [decodingLevel=0] found JavaScript
     error: undefined function p.getElementsByTagName
     error: undefined variable p
     info: [element] URL=freshscent.net46.net/wp-includes/js/jquery/undefined
     info: [1] no JavaScript
     file: 3ba6e35885d3a796a5b5579a51065d7d70d75296: 94861 bytes
     file: d5dba94a76a67a54f2b98b16227da20414542fd9: 72 bytes

Decoded Files
3ba6/e35885d3a796a5b5579a51065d7d70d75296 from freshscent.net46.net/wp-includes/js/jquery/jquery.js?ver=1.7.2 (94861 bytes) download

d5db/a94a76a67a54f2b98b16227da20414542fd9 from freshscent.net46.net/wp-includes/js/jquery/jquery.js?ver=1.7.2 (72 bytes) download