Scanned pages/files
| Request | Server response | Status |
http://webbabe.ws/ | 200 OK Content-Length: 75593 Content-Type: text/html | clean |
http://wed-porno.ru/?type=js&key=e96730746f4dd7e | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://wed-porno.ru/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://webbabe.ws/js/KernelTeamVideoSharingSystem.js?v=3.6.0 | 200 OK Content-Length: 7878 Content-Type: application/javascript | clean |
http://webbabe.ws/js/KernelTeamImageRotator_3.6.0.jsx | 200 OK Content-Length: 3004 Content-Type: text/javascript | clean |
http://webbabe.ws/js/jquery-1.7.2.min.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://webbabe.ws/js/cycle.js | 200 OK Content-Length: 51310 Content-Type: application/javascript | clean |
http://webbabe.ws/js/jquery.fancybox.js | 200 OK Content-Length: 48387 Content-Type: application/javascript | clean |
http://webbabe.ws/suggest/js/header-search.js | 200 OK Content-Length: 4717 Content-Type: application/javascript | clean |
http://webbabe.ws/js/main.js | 200 OK Content-Length: 58555 Content-Type: application/javascript | clean |
http://webbabe.ws/js/jquery-ui.js | 200 OK Content-Length: 302388 Content-Type: application/javascript | clean |
http://webbabe.ws/share42/share42.js | 200 OK Content-Length: 9572 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: postila.ru /* share42.com | 05.05.2014 | (c) Dimox */
(function($){$(function(){$('div.share42init').each(function(idx){var el=$(this),u=el.attr('data-url'),t=el.attr('data-title'),i=el.attr('data-image'),d=el.attr('data-description'),f=el.attr('data-path'),fn=el.attr('data-icons-file'),z=el.attr("data-zero-counter");if(!u)u=location.href;if(!fn)fn='icons.png';if(!z)z=0;if(!f){function path(name){var sc=document.getElementsByTagName('script'),sr=new RegExp ...[3688 bytes skipped]... | ||
http://webbabe.ws//top-fwz1.mail.ru/js/informer.js/ | 404 Not Found Content-Length: 17378 Content-Type: text/html | clean |
https://w.uptolike.com/widgets/v1/zp.js?pid=1302844 | 200 OK Content-Length: 40046 Content-Type: text/javascript | clean |
http://webbabe.ws/latest-updates/ | 200 OK Content-Length: 51945 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webbabe.ws
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Dec 2014 09:30:32 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=3935hgr04jl7v22hae0i7kugk6; path=/; domain=.webbabe.ws
GET / HTTP/1.1
Host: webbabe.ws
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 06 Dec 2014 09:30:32 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=3935hgr04jl7v22hae0i7kugk6; path=/; domain=.webbabe.ws
Second query (visit from search engine):
GET / HTTP/1.1
Host: webbabe.ws
Referer: http://www.google.com/search?q=webbabe.ws
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webbabe.ws
Referer: http://www.google.com/search?q=webbabe.ws
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webbabe.ws
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webbabe.ws/
Result: webbabe.ws is not infected or malware details are not published yet.
Result: webbabe.ws is not infected or malware details are not published yet.