JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link 35c80196904c8ca2e45f17171c90f5e0f1e616fe (Received 2012-11-17 14:07:57, http://mntr.babcdn.com/mntr/apps/babylon/1.3.1/mnu.htm )

URLStatus
mntr.babcdn.com/mntr/apps/babylon/1.3.1/mnu.htm saved 3011 bytes b0e9310a0775a11946423d6ead72b1db3a8559a7

acx.babsrv.com/?f=1&cou= status: (referer=zonealarm.claro-search.com/)

ac.babsrv.com/?f=1&cou= status: (referer=zonealarm.claro-search.com/)

search.yahooapis.com/WebSearchService/V1/relatedSuggestion?appid=YahooDemo&output=json&callback=yahRel&query= status: (referer=zonealarm.claro-search.com/)

aci.babsrv.com/?f=1&&cou= status: (referer=zonealarm.claro-search.com/)

www.googletagservices.com/tag/js/gpt.js status: (referer=zonealarm.claro-search.com/)

acr.babsrv.com/?f=1&cou= status: (referer=zonealarm.claro-search.com/)

acz.babsrv.com/?f=1&cou= status: (referer=zonealarm.claro-search.com/)

act.babsrv.com/?f=1&cou= status: (referer=zonealarm.claro-search.com/)

completr-v2.appspot.com/?q= status: (referer=zonealarm.claro-search.com/)

All Malicious or Suspicious Elements of Submission

None
zonealarm.claro-search.com/ benign
[nothing detected] (jsvar) zonealarm.claro-search.com/
     status: (referer=cnfg.montiera.com/appsCntrl/babylon/bbylnDef131.js)saved 11094 bytes ad87899b6a46b688f9094f759e9cab52adaadb31
     info: [javascript variable] URL=act.babsrv.com/?f=1&cou=
     info: [javascript variable] URL=ac.babsrv.com/?f=1&cou=
     info: [javascript variable] URL=acx.babsrv.com/?f=1&cou=
     info: [javascript variable] URL=acr.babsrv.com/?f=1&cou=
     info: [javascript variable] URL=aci.babsrv.com/?f=1&&cou=
     info: [javascript variable] URL=acy.babsrv.com/?f=1&cou=
     info: [javascript variable] URL=acz.babsrv.com/?f=1&cou=
     info: [javascript variable] URL=completr-v2.appspot.com/?q=
     info: [javascript variable] URL=search.yahooapis.com/WebSearchService/V1/relatedSuggestion?appid=YahooDemo&output=json&callback=yahRel&query=
     info: [img] usw.cdn-services.com/b/images/small9.jpg
     info: [decodingLevel=0] found JavaScript
     error: undefined variable node
     info: [element] URL=www.googletagservices.com/tag/js/gpt.js
     info: [1] no JavaScript
     file: ad87899b6a46b688f9094f759e9cab52adaadb31: 11094 bytes
     file: 8dc44cfcfd5c417ac7d6299f38c84ccc02a30c0a: 112 bytes

Decoded Files
ad87/899b6a46b688f9094f759e9cab52adaadb31 from zonealarm.claro-search.com/ (11094 bytes, 195 hidden) download

8dc4/4cfcfd5c417ac7d6299f38c84ccc02a30c0a from zonealarm.claro-search.com/ (112 bytes) download


cnfg.montiera.com/appsCntrl/babylon/bbylnDef131.js benign
[nothing detected] (script) cnfg.montiera.com/appsCntrl/babylon/bbylnDef131.js
     status: (referer=mntr.babcdn.com/mntr/apps/babylon/1.3.1/mnu.htm)saved 17607 bytes 665677aa0b61fd26ec0b8ea76c3256ba88d4b74d
     info: [javascript variable] URL=zonealarm.claro-search.com
     info: [decodingLevel=0] found JavaScript
     file: 665677aa0b61fd26ec0b8ea76c3256ba88d4b74d: 17607 bytes

Decoded Files
6656/77aa0b61fd26ec0b8ea76c3256ba88d4b74d from cnfg.montiera.com/appsCntrl/babylon/bbylnDef131.js (17607 bytes, 4622 hidden) download


mntr.babcdn.com/mntr/mntr/ benign
[nothing detected] (script) mntr.babcdn.com/mntr/mntr/
     status: (referer=mntr.babcdn.com/mntr/mntr/mtldr.js)saved 571 bytes 47a8d1e900538e3e0ea1e9177d241cd1f98f222c
     info: [0] no JavaScript
     file: 47a8d1e900538e3e0ea1e9177d241cd1f98f222c: 571 bytes

Decoded Files
47a8/d1e900538e3e0ea1e9177d241cd1f98f222c from mntr.babcdn.com/mntr/mntr/ (571 bytes, 13 hidden) download


<