Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ftboys.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ftboys.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ftboys.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Sep 2014 02:12:34 GMT Location: http://www.ftboys.com/ Server: nginx/1.5.10 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ftboys.com/ | 200 OK Content-Length: 76727 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.freshgaypics.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Twink Boys Free Gay Porn Videos and Gay Sex Movies</title> <meta name="description" content="Free gay porn site with hot XXX videos including first time gay videos, preview gay porn clips and fucking hot gay movies with sexy twink ...[4245 bytes skipped]... | ||
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://ftboys.com/gallery/trenton-ducati-rails-marten-james.html?id=156536&url=http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html&p=90 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Sep 2014 02:12:35 GMT Location: http://www.ftboys.com/gallery/trenton-ducati-rails-marten-james.html?id=156536&url=http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html&p=90 Server: nginx/1.5.10 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ftboys.com/gallery/trenton-ducati-rails-marten-james.html?id=156536&url=http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html&p=90 | HTTP/1.1 302 Found Connection: close Date: Fri, 19 Sep 2014 02:12:36 GMT Location: /cgi-bin/a2/out.cgi?c=1&s=90&u=http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html Server: nginx/1.5.10 Content-Length: 0 Content-Type: text/html Set-Cookie: stclick=1; expires=Sat, 20-Sep-2014 02:12:36 GMT Set-Cookie: stfirst=first_click_done; expires=Sat, 20-Sep-2014 02:12:36 GMT X-Powered-By: PHP/5.4.28-1~dotdeb.1 | clean |
http://www.ftboys.com/cgi-bin/a2/out.cgi?c=1&s=90&u=http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html | HTTP/1.1 302 Found Connection: close Date: Fri, 19 Sep 2014 02:12:36 GMT Location: http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html Server: nginx/1.5.10 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.blboystube.com/videos/trenton-ducati-rails-marten-james.html | 200 OK Content-Length: 34678 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function getEmbed() { var embedCode = '<object id="kt_player" name="kt_player" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="" height="">'; embedCode += '<param name="allowscriptaccess" value="always"/>'; embedCode ...[4692 bytes skipped]... Antivirus reports:
| ||
http://www.blboystube.com/js/jquery.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://ftboys.com/js/scripts.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Sep 2014 02:12:38 GMT Location: http://www.ftboys.com/js/scripts.js Server: nginx/1.5.10 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ftboys.com/js/scripts.js | 404 Not Found Content-Length: 7113 Content-Type: text/html | clean |
http://www.ftboys.com/gayamateur/ | 200 OK Content-Length: 80617 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.freshgaypics.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>Gay Amateur Videos, Amateur Gay Sex, Free Gay Amateur Porn</title> <meta name="description" content="Free amateur gay porn movies. Watch the hot gay amateurs masturbating, posing nude and having their first gay sex"> <meta name="Keywords" CONTENT="gay amate ...[4250 bytes skipped]... | ||
http://www.ftboys.com/gallery/tyler-tristan-rain.html?cat=2492&url=http://www.blboystube.com/videos/tyler-tristan-rain.html&p=70 | HTTP/1.1 302 Found Connection: close Date: Fri, 19 Sep 2014 02:12:40 GMT Location: /cgi-bin/a2/out.cgi?c=1&s=70&u=http://www.blboystube.com/videos/tyler-tristan-rain.html Server: nginx/1.5.10 Content-Length: 0 Content-Type: text/html Set-Cookie: stclick=1; expires=Sat, 20-Sep-2014 02:12:40 GMT Set-Cookie: stfirst=first_click_done; expires=Sat, 20-Sep-2014 02:12:40 GMT X-Powered-By: PHP/5.4.28-1~dotdeb.1 | clean |
http://www.ftboys.com/cgi-bin/a2/out.cgi?c=1&s=70&u=http://www.blboystube.com/videos/tyler-tristan-rain.html | HTTP/1.1 302 Found Connection: close Date: Fri, 19 Sep 2014 02:12:41 GMT Location: http://www.blboystube.com/videos/tyler-tristan-rain.html Server: nginx/1.5.10 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.blboystube.com/videos/tyler-tristan-rain.html | 200 OK Content-Length: 34905 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function getEmbed() { var embedCode = '<object id="kt_player" name="kt_player" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="" height="">'; embedCode += '<param name="allowscriptaccess" value="always"/>'; embedCode ...[4664 bytes skipped]... Antivirus reports:
| ||
http://www.blboystube.com/js/scripts.js | 200 OK Content-Length: 203 Content-Type: application/javascript | clean |
http://www.blboystube.com/js/KernelTeamVideoSharingSystem_2.2.1.jsx | 200 OK Content-Length: 6703 Content-Type: application/javascript | clean |
http://www.blboystube.com/js/KernelTeamVideoSharingVideoView_2.2.1.jsx | 200 OK Content-Length: 19440 Content-Type: application/javascript | clean |
http://www.ftboys.com/js/KernelTeamImageRotator.js | 404 Not Found Content-Length: 7113 Content-Type: text/html | clean |
http://www.ftboys.com/bigcocks/ | 200 OK Content-Length: 80475 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.freshgaypics.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>Gay Big Dicks Videos, Hard Huge Cocks Sex, Gay Black Men with Big Cocks Online</title> <meta name="description" content="Big cocks free gay tube videos. Perfect men with sexy faces enjoy their first huge cocks"> <meta name="Keywords" CONTENT="big cock, huge ...[4250 bytes skipped]... | ||
http://www.ftboys.com/gallery/giant-black-dick.html?cat=24846&url=http://www.blboystube.com/videos/giant-black-dick.html&p=70 | HTTP/1.1 302 Found Connection: close Date: Fri, 19 Sep 2014 02:12:45 GMT Location: /cgi-bin/a2/out.cgi?c=1&s=70&u=http://www.blboystube.com/videos/giant-black-dick.html Server: nginx/1.5.10 Content-Length: 0 Content-Type: text/html Set-Cookie: stclick=1; expires=Sat, 20-Sep-2014 02:12:45 GMT Set-Cookie: stfirst=first_click_done; expires=Sat, 20-Sep-2014 02:12:45 GMT X-Powered-By: PHP/5.4.28-1~dotdeb.1 | clean |
http://www.ftboys.com/cgi-bin/a2/out.cgi?c=1&s=70&u=http://www.blboystube.com/videos/giant-black-dick.html | HTTP/1.1 302 Found Connection: close Date: Fri, 19 Sep 2014 02:12:45 GMT Location: http://www.blboystube.com/videos/giant-black-dick.html Server: nginx/1.5.10 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.blboystube.com/videos/giant-black-dick.html | 200 OK Content-Length: 34329 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function getEmbed() { var embedCode = '<object id="kt_player" name="kt_player" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="" height="">'; embedCode += '<param name="allowscriptaccess" value="always"/>'; embedCode ...[4661 bytes skipped]... Antivirus reports:
| ||
http://www.blboystube.com/js/KernelTeamImageRotator.js | 200 OK Content-Length: 3293 Content-Type: application/javascript | clean |
http://www.blboystube.com/player/swfobject.js | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ftboys.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 19 Sep 2014 02:12:34 GMT
Location: http://www.ftboys.com/
Server: nginx/1.5.10
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: ftboys.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 19 Sep 2014 02:12:34 GMT
Location: http://www.ftboys.com/
Server: nginx/1.5.10
Content-Type: text/html; charset=iso-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: ftboys.com
Referer: http://www.google.com/search?q=ftboys.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ftboys.com
Referer: http://www.google.com/search?q=ftboys.com
Result:
The result is similar to the first query. There are no suspicious redirects found.