Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=blboystube.xxx
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://blboystube.xxx/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://blboystube.xxx/ | 200 OK Content-Length: 59843 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.freshgaypics.com ...[2390 bytes skipped]... ms.php" title="BlboysTube Terms" rel="nofollow">Terms</a> | <a href="http://www.blboystube.com/rss.php" target="_blank" title="RSS" rel="nofollow">RSS</a> | <a href="http://feedburner.google.com/fb/a/mailverify?uri=blboystubecom&loc=en_US" rel="nofollow" target="_blank" title="Daily Email">Daily Email</a> | Fresh <a href="http://www.freshgaypics.com/" target="_blank" title="Free Gay Porn">Gay Porn</a> </div> <div class="info"> All the models appearing on BlboysTube.com are 18 y.o. or over, in compliance with <a href="http://www.blboystube.com/usc_statement.php" rel="nofollow" title="USC Statement">18 USC 2257.</a><br /> All videos posted and shown are provided by third parties and owned and copyrighted by&am ...[1278 bytes skipped]... | ||
http://blboystube.xxx/js/jquery.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://blboystube.xxx/js/scripts.js | 200 OK Content-Length: 203 Content-Type: application/javascript | clean |
http://www.blboystube.com/js/KernelTeamVideoSharingSystem_2.2.1.jsx | 200 OK Content-Length: 6703 Content-Type: application/javascript | clean |
http://blboystube.xxx/js/KernelTeamImageRotator.js | 200 OK Content-Length: 3293 Content-Type: application/javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 12387 Content-Type: application/javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 100803 Content-Type: application/javascript | clean |
http://blboystube.xxx/videos/twink-l-toes-tootsies-to-taint.html | 200 OK Content-Length: 34901 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function getEmbed() { var embedCode = '<object id="kt_player" name="kt_player" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="" height="">'; embedCode += '<param name="allowscriptaccess" value="always"/>'; embedCode ...[4689 bytes skipped]... Antivirus reports:
| ||
http://www.blboystube.com/js/KernelTeamVideoSharingVideoView_2.2.1.jsx | 200 OK Content-Length: 19440 Content-Type: application/javascript | clean |
http://www.blboystube.com/player/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://blboystube.xxx/go_cs/167/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 16 Sep 2014 07:50:32 GMT Pragma: no-cache Location: http://join.straightrentboys.com/track/ODM4ODI0OToyOjIz/ Server: nginx/1.5.10 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=enlp24kg1uava34qm0t3kcno06; path=/ X-Powered-By: PHP/5.4.28-1~dotdeb.1 | clean |
http://join.straightrentboys.com/track/odm4odi0otoyojiz/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 16 Sep 2014 07:50:28 GMT Location: http://www.straightrentboys.com/gayforpay/?nats=MC4wLjIzLjIzLjAuMC4wLjAuMA Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch prxp_module/1.12.18 psso_module/0.9.19 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=b916105ee4e59f66e45ae861db4ea60d; path=/ Set-Cookie: nats=MC4wLjIzLjIzLjAuMC4wLjAuMA; expires=Thu, 16-Oct-2014 07:50:28 GMT; path=/; domain=straightrentboys.com Set-Cookie: nats_cookie=No%2BReferring%2BURL; expires=Thu, 16-Oct-2014 07:50:28 GMT; path=/; domain=straightrentboys.com Set-Cookie: nats_unique=MC4wLjIzLjIzLjAuMC4wLjAuMA; expires=Wed, 17-Sep-2014 07:50:28 GMT; path=/; domain=straightrentboys.com Set-Cookie: nats_sess=aaceca22b41bb67da5bae359ffec2a20; expires=Thu, 25-Dec-2014 08:50:28 GMT; path=/; domain=straightrentboys.com X-Powered-By: PHP/5.2.6-1+lenny16 | clean |
http://www.straightrentboys.com/gayforpay/?nats=mc4wljizljizljaumc4wljauma | 200 OK Content-Length: 13503 Content-Type: text/html | clean |
http://www.straightrentboys.com/jwplayer.js | 200 OK Content-Length: 140572 Content-Type: application/javascript | clean |
http://blboystube.xxx/gayforpay/jwplayer.js | 404 Not Found Content-Length: 594 Content-Type: text/html | clean |
http://blboystube.xxx/test404page.js | 404 Not Found Content-Length: 594 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: blboystube.xxx
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Sep 2014 07:50:25 GMT
Pragma: no-cache
Server: nginx/1.5.10
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=86qhjoip7p6uct57aetgtit0c2; path=/
X-Powered-By: PHP/5.4.28-1~dotdeb.1
GET / HTTP/1.1
Host: blboystube.xxx
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Sep 2014 07:50:25 GMT
Pragma: no-cache
Server: nginx/1.5.10
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=86qhjoip7p6uct57aetgtit0c2; path=/
X-Powered-By: PHP/5.4.28-1~dotdeb.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: blboystube.xxx
Referer: http://www.google.com/search?q=blboystube.xxx
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: blboystube.xxx
Referer: http://www.google.com/search?q=blboystube.xxx
Result:
The result is similar to the first query. There are no suspicious redirects found.