JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link 537e7cc59ba2428d55c39d06bd2f6e5992737b8b (Received 2017-09-05 03:34:09, script )

URLStatus
cdnjs.cloudflare.com/ajax/libs/push.js/0.0.11/push.min.js status: (referer=PokeHuntr.com/)

PokeHuntr.com/assets/js/language.js?v4 status: (referer=PokeHuntr.com/)

cdnjs.cloudflare.com/ajax/libs/leaflet/1.0.3/leaflet.js status: (referer=PokeHuntr.com/)

/ status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error no host given>

PokeHuntr.com/assets/js/pokehuntr.js?version24452422 status: (referer=PokeHuntr.com/)

www.google-analytics.com/analytics.js status: (referer=PokeHuntr.com/)

PokeHuntr.com/assets/js/cookies.js?v1 status: (referer=PokeHuntr.com/)

All Malicious or Suspicious Elements of Submission

malicious: client download shellcode URL (non-executable) saved (d205cbd6783332a212c5ae92d73c77178c2d2f28)
malicious: client download shellcode URL (non-executable) saved (e354a87e628430956b24e0aba494545e1f44a2e4)
suspicious: shellcode of length 9990/11130
malicious: shellcode URL=https:/server.arcgisonline.com/ArcGIS/rest/services/WSMap/MapServer/tile/
malicious: shellcode URL=https:/
malicious: shellcode URL=PokeHuntr.com
malicious: shellcode URL=https:/api.pokefetch.com/api/
malicious: client download shellcode URL (non-executable) saved (9da1a99bd519bc1fdccd93c877386551dbf75420)
suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
api.pokefetch.com/api/ malicious
[malicious:6] (ipaddr:104.27.72.64) (shellcode) api.pokefetch.com/api/
     status: (referer=http:/www.ask.com/web?q=puppies)saved 9 bytes d205cbd6783332a212c5ae92d73c77178c2d2f28
     malicious: client download shellcode URL (non-executable) saved (d205cbd6783332a212c5ae92d73c77178c2d2f28)
     info: file: saved api.pokefetch.com/api/ to (d205cbd6783332a212c5ae92d73c77178c2d2f28)
     file: d205cbd6783332a212c5ae92d73c77178c2d2f28: 9 bytes

Decoded Files
d205/cbd6783332a212c5ae92d73c77178c2d2f28 from api.pokefetch.com/api/ (9 bytes) download


PokeHuntr.com/ malicious
[malicious:6] (ipaddr:104.25.218.28) (shellcode) PokeHuntr.com/
     status: (referer=http:/www.ask.com/web?q=puppies)saved 12391 bytes 6c0ec0fe50c263212eb02f407bed0d434eb85531
     info: [img] PokeHuntr.com/assets/img/discord.svg?2
     info: [input] www.paypalobjects.com/US/i/btn/donateCC_LG.gif
     info: [img] www.paypalobjects.com/US/i/scr/pixel.gif
     info: [img] PokeHuntr.com/assets/img/logo2.png
     info: [img] PokeHuntr.com/assets/img/discord.svg
     info: [script] pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
     info: [script] cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
     info: [script] maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
     info: [script] cdnjs.cloudflare.com/ajax/libs/leaflet/1.0.3/leaflet.js
     info: [script] cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.0.0/leaflet.markercluster.js
     info: [script] cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.js
     info: [script] cdnjs.cloudflare.com/ajax/libs/push.js/0.0.11/push.min.js
     info: [script] PokeHuntr.com/assets/js/cookies.js?v1
     info: [script] PokeHuntr.com/assets/js/language.js?v4
     info: [script] PokeHuntr.com/assets/js/pokehuntr.js?version24452422
     info: [script] PokeHuntr.com/assets/js/ui.js?version142
     info: [decodingLevel=0] found JavaScript
     error: undefined variable m
     info: [element] URL=www.google-analytics.com/analytics.js
     malicious: client download shellcode URL (non-executable) saved (e354a87e628430956b24e0aba494545e1f44a2e4)
     info: file: saved PokeHuntr.com/ to (6c0ec0fe50c263212eb02f407bed0d434eb85531)
     file: 6c0ec0fe50c263212eb02f407bed0d434eb85531: 12391 bytes
     file: e354a87e628430956b24e0aba494545e1f44a2e4: 111 bytes

Decoded Files
6c0e/c0fe50c263212eb02f407bed0d434eb85531 from PokeHuntr.com/ (12391 bytes, 966 hidden) download

e354/a87e628430956b24e0aba494545e1f44a2e4 from PokeHuntr.com/ (111 bytes) download


script malicious
[malicious:8] script
     info: [decodingLevel=0] found JavaScript
     suspicious: shellcode of length 9990/11130
     malicious: shellcode URL=https:/server.arcgisonline.com/ArcGIS/rest/services/WSMap/MapServer/tile/
     malicious: shellcode URL=https:/
     malicious: shellcode URL=PokeHuntr.com
     malicious: shellcode URL=https:/api.pokefetch.com/api/
     info: [1] no JavaScript
     info: file: saved script to (384388cff350ae28bc1086e04d091184668b1a9e)
     file: 384388cff350ae28bc1086e04d091184668b1a9e: 14403 bytes
     file: b24eda09c633791f9b1e277f166e08d284eb4d5d: 13088 bytes
     file: 00a40266155d6f6413faf19d57b2a21f0894b591: 9990 bytes

Decoded Files
3843/88cff350ae28bc1086e04d091184668b1a9e from script (14403 bytes, 94 hidden) download

b24e/da09c633791f9b1e277f166e08d284eb4d5d from script (13088 bytes) download

00a4/0266155d6f6413faf19d57b2a21f0894b591 from script (9990 bytes, 61 hidden) download


server.arcgisonline.com/ArcGIS/rest/services/WSMap/MapServer/tile/ malicious
[malicious:6] (ipaddr:23.6.185.246) (shellcode) server.arcgisonline.com/ArcGIS/rest/services/WSMap/MapServer/tile/
     status: (referer=http:/www.ask.com/web?q=puppies)saved 251 bytes 9da1a99bd519bc1fdccd93c877386551dbf75420
     malicious: client download shellcode URL (non-executable) saved (9da1a99bd519bc1fdccd93c877386551dbf75420)
     info: file: saved server.arcgisonline.com/ArcGIS/rest/services/WSMap/MapServer/tile/ to (9da1a99bd519bc1fdccd93c877386551dbf75420)
     file: 9da1a99bd519bc1fdccd93c877386551dbf75420: 251 bytes

Decoded Files
9da1/a99bd519bc1fdccd93c877386551dbf75420 from server.arcgisonline.com/ArcGIS/rest/services/WSMap/MapServer/tile/ (251 bytes) download


PokeHuntr.com/assets/js/ui.js?version142 benign
[nothing detected] (script) PokeHuntr.com/assets/js/ui.js?version142
     status: (referer=PokeHuntr.com/)saved 10304 bytes e334d8bd0254f1fc7b0f6b517f930266f49fe7ee
     info: [decodingLevel=0] found JavaScript
     error: undefined variable _0x98b14c
     suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
     file: e334d8bd0254f1fc7b0f6b517f930266f49fe7ee: 10304 bytes
     file: 899e64924e2fac4044cf87434fcb6223c46be62b: 10544 bytes
     file: c703aa52e3838d705dd2f34c97476f325a261d7a: 10753 bytes
     file: e89bf0440e793af859580d4b99fcc3774f27b3eb: 10945 bytes
     file: 1141e420c3322bf14dcbd5a7a5b7f9bce52a955f: 10659 bytes
     file: b9cd7d5590d28862529fad7b70d28066742fc410: 10783 bytes

Decoded Files
e334/d8bd0254f1fc7b0f6b517f930266f49fe7ee from PokeHuntr.com/assets/js/ui.js?version142 (10304 bytes, 28 hidden) download

899e/64924e2fac4044cf87434fcb6223c46be62b from PokeHuntr.com/assets/js/ui.js?version142 (10544 bytes, 28 hidden) download

c703/aa52e3838d705dd2f34c97476f325a261d7a from PokeHuntr.com/assets/js/ui.js?version142 (10753 bytes, 28 hidden) download

e89b/f0440e793af859580d4b99fcc3774f27b3eb from PokeHuntr.com/assets/js/ui.js?version142 (10945 bytes, 28 hidden) download

1141/e420c3322bf14dcbd5a7a5b7f9bce52a955f from PokeHuntr.com/assets/js/ui.js?version142 (10659 bytes, 28 hidden) download

b9cd/7d5590d28862529fad7b70d28066742fc410 from PokeHuntr.com/assets/js/ui.js?version142 (10783 bytes, 28 hidden) download


cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.0.0/leaflet.markercluster.js benign
[nothing detected] (script) cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.0.0/leaflet.markercluster.js
     status: (referer=PokeHuntr.com/)saved 31900 bytes 524ee8769225f47f74b69411b5012f60ae1e5fcd
     info: [decodingLevel=0] found JavaScript
     error: undefined variable L
     error: undefined variable L.FeatureGroup
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var L.FeatureGroup = 1;
          error: line:1: ....^
     file: 524ee8769225f47f74b69411b5012f60ae1e5fcd: 31900 bytes

Decoded Files
524e/e8769225f47f74b69411b5012f60ae1e5fcd from cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/1.0.0/leaflet.markercluster.js (31900 bytes, 5 hidden) download


cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js benign
[nothing detected] (script) cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
     status: (referer=PokeHuntr.com/)saved 85578 bytes 69bb69e25ca7d5ef0935317584e6153f3fd9a88c
     info: [decodingLevel=0] found JavaScript
     error: undefined variable n
     file: 69bb69e25ca7d5ef0935317584e6153f3fd9a88c: 85578 bytes

Decoded Files
69bb/69e25ca7d5ef0935317584e6153f3fd9a88c from cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js (85578 bytes) download


cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.js benign
[nothing detected] (script) cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.js
     status: (referer=PokeHuntr.com/)saved 16977 bytes 20d5cdb9d2002442843baab241f2e883563d1de5
     info: [decodingLevel=0] found JavaScript
     error: undefined function Object.defineProperty
     file: 20d5cdb9d2002442843baab241f2e883563d1de5: 16977 bytes

Decoded Files
20d5/cdb9d2002442843baab241f2e883563d1de5 from cdnjs.cloudflare.com/ajax/libs/sweetalert/1.1.3/sweetalert.min.js (16977 bytes, 152 hidden) download


maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js benign
[nothing detected] (script) maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
     status: (referer=PokeHuntr.com/)saved 37045 bytes 430a443d74830fe9be26efca431f448c1b3740f9
     info: [decodingLevel=0] found JavaScript
     error: line:8: Bootstrap's JavaScript requires jQuery
     file: 430a443d74830fe9be26efca431f448c1b3740f9: 37045 bytes

Decoded Files
430a/443d74830fe9be26efca431f448c1b3740f9 from maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js (37045 bytes) download


pagead2.googlesyndication.com/pagead/js/adsbygoogle.js benign
[nothing detected] (script) pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
     status: (referer=PokeHuntr.com/)saved 63818 bytes e6891a97a11b654c29304f5dda6569af43626418
     info: [decodingLevel=0] found JavaScript
     file: e6891a97a11b654c29304f5dda6569af43626418: 63818 bytes

Decoded Files
e689/1a97a11b654c29304f5dda6569af43626418 from pagead2.googlesyndication.com/pagead/js/adsbygoogle.js (63818 bytes) download