Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=inboobs.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://inboobs.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://inboobs.net/ | 200 OK Content-Length: 20277 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru ...[3695 bytes skipped]... sByTagName("script")[0]; s.parentNode.insertBefore(sm, s);})(); </script> <script language="javascript" type="text/javascript" src="http://js.redtram.com/n4p/i/n/inboobs.net_11.01.2011_19199.js"></script> <script charset="windows-1251" language="javascript" type="text/javascript" src="http://www.znews.su/user/1131/inboobs.net_inf_1.php"></script> <script language="JavaScript" src="http://toget.ru/informers/showinformer.php?id=inboobs1"></script> <script language="JavaScript" src="http://toget.ru/informers/showinformer.php?id=inboobs2"></script> <script language="JavaScript" src="http://toget.ru/informers/showinformer.php?id=inboobs4novosti1"></script> <script language="JavaScript" src="http://toget.ru/informers/showinformer.php?id=inboobs4novosti2"></script> <script type="text/javascript"> var tntds = {"p": ...[223 bytes skipped]... | ||
http://inboobs.net/templates/dialog_box.js | 200 OK Content-Length: 4722 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://clearac.com/74/47e36363d0 | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://widget.reformal.ru/tab5.js | 200 OK Content-Length: 13015 Content-Type: application/x-javascript | clean |
http://js.redtram.com/n4p/i/n/inboobs.net_11.01.2011_19199.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://www.znews.su/user/1131/inboobs.net_inf_1.php | 200 OK Content-Length: 10884 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: inboobs.net var traff_style_photo = document.getElementById('inboobs.net_nas_1_xxx_news'); if(traff_style_photo)traff_style_photo.innerHTML='<center><table bgcolor=#000000 cellspacing=3 width=100% style="border: 0px solid #;"><tr><td align=center style="padding: 4px; border: 0px solid #6D126A;" valign=top ><a href=http://www.znews.su/go_slin.php?id=48687&sour=1131 target=_blank><img src=http://www.znews.su/img/1092663259245455232.jpg style= "width: 200px; border: 1px sol ...[4080 bytes skipped]... | ||
http://www.znews.su/go_slin.php?id=48687&sour=1131 | HTTP/1.1 302 Found Connection: close Date: Fri, 12 Sep 2014 19:25:23 GMT Location: /go_news.php?id=1131&news=48687 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.14 | clean |
http://www.znews.su/go_news.php?id=1131&news=48687 | 200 OK Content-Length: 91342 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="key ...[4425 bytes skipped]... | ||
http://www.znews.su/user/1787/znews.su_inf_2.php | 200 OK Content-Length: 1930 Content-Type: text/html | clean |
http://www.znews.su/go_news.php?id=1787&news=45808&no_x=1 | 200 OK Content-Length: 81248 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="key ...[4425 bytes skipped]... | ||
http://bestevernews.com/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://lookfornews.net/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://www.znews.su/user/1787/znews.su_inf_4.php | 200 OK Content-Length: 9785 Content-Type: text/html | clean |
http://www.znews.su/go_slin.php?id=46016&sour=1787 | HTTP/1.1 302 Found Connection: close Date: Fri, 12 Sep 2014 19:25:26 GMT Location: /go_news.php?id=1787&news=46016 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.14 | clean |
http://www.znews.su/go_news.php?id=1787&news=46016 | 200 OK Content-Length: 91327 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="key ...[4425 bytes skipped]... | ||
http://visitweb.com/v/44953 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 19:25:28 GMT Location: http://v.gfhdkse.com/v?bid=44953 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://v.gfhdkse.com/v?bid=44953 | 200 OK Content-Length: 66443 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: inboobs.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Sep 2014 19:25:21 GMT
Pragma: no-cache
Server: gws
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Last-Modified: 0, 12 Sep 2014 19:25:21 GMT
GET / HTTP/1.1
Host: inboobs.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Sep 2014 19:25:21 GMT
Pragma: no-cache
Server: gws
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Last-Modified: 0, 12 Sep 2014 19:25:21 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: inboobs.net
Referer: http://www.google.com/search?q=inboobs.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: inboobs.net
Referer: http://www.google.com/search?q=inboobs.net
Result:
The result is similar to the first query. There are no suspicious redirects found.