Scanned pages/files
Request | Server response | Status |
http://gayblackthugs.net/ | 200 OK Content-Length: 47369 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by AlfabetoVirtual ...[2629 bytes skipped]... var title = jQuery(this).children("img").attr("title"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").filter( function() { return /(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = 'Hacked by AlfabetoVirtual';</script><style>body {font-family: Lucida Console, cursive, sans-serif;background-color: #000000;color:white; text-shadow:0 0 100px black;font-size:20px;}</style><center><br /><br /><br /><br /><br /><br /><h1>Hacked by AlfabetoVirtual</h1><h2 style='color: white'>Hackeado por AlfabetoVirtual</h2>Eu sou daqueles que antes bem só do que mal acompanhado,<br />se não faz tua cara, ...[53130 bytes skipped]... | ||
http://gayblackthugs.net/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/x-javascript | clean |
http://gayblackthugs.net/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15669 Content-Type: application/x-javascript | clean |
http://s10.histats.com/js9.js | 200 OK Content-Length: 7417 Content-Type: text/javascript | clean |
http://gayblackthugs.net/horny-black-lovers-cruising-each-other-at-the-beach/ | 200 OK Content-Length: 21170 Content-Type: text/html | clean |
http://gayblackthugs.net/wp-content/plugins/adrotate/adrotate-out.php?track=MTcsMTYsMCxodHRwOi8vZ3VuemJsYXppbmcuY29tL2hpdC5waHA/dz0xMDEyMDgmYW1wO3M9MzkmYW1wO3A9MSZhbXA7Yz0mYW1wO3Rvb2w9OQ= | HTTP/1.1 302 Found Connection: close Date: Tue, 15 Sep 2015 05:57:28 GMT Location: http://gunzblazing.com/hit.php?w=101208&s=39&p=1&c=&tool=9 Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://gayblackthugs.net/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://gunzblazing.com/hit.php?w=101208&s=39&p=1&c=&tool=9 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Connection: close Date: Tue, 15 Sep 2015 05:57:31 GMT Pragma: no-cache Location: http://www.darkthunder.com/x.php?program=4&p=4&w=101208&s=39&c=&tool=9&cs=1&show_extra=1&console=1&original_program=4&ref=1&referrer=1&site=39&webmaster=101208&ipv4=1318980578&tour=0&campaign=0&ip=78.158.11.226 Server: Apache Content-Length: 0 Content-Type: text/html Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Tue, 15 Sep 2015 05:57:31 GMT Set-Cookie: tool=9; expires=Fri, 18-Sep-2015 05:57:31 GMT; path=/; domain=.gunzblazing.com Set-Cookie: site-39=a%3A14%3A%7Bs%3A1%3A%22s%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22p%22%3Bi%3A4%3Bs%3A1%3A%22w%22%3Bs%3A6%3A%22101208%22%3Bs%3A7%3A%22console%22%3Bi%3A1%3Bs%3A16%3A%22original_program%22%3Bi%3A4%3Bs%3A7%3A%22program%22%3Bi%3A4%3Bs%3A3%3A%22ref%22%3Bs%3A1%3A%221%22%3Bs%3A8%3A%22referrer%22%3Bs%3A1%3A%221%22%3Bs%3A4%3A%22site%22%3Bs%3A2%3A%2239%22%3Bs%3A9%3A%22webmaster%22%3Bs%3A6%3A%22101208%22%3Bs%3A4%3A%22ipv4%22%3Bd%3A1318980578%3Bs%3A4%3A%22tour%22%3Bi%3A0%3Bs%3A8%3A%22campaign%22%3Bi%3A0%3Bs%3A2%3A%22ip%22%3Bs%3A13%3A%2278.158.11.226%22%3B%7D; expires=Tue, 29-Sep-2015 05:57:31 GMT; path=/; domain=.gunzblazing.com | clean |
http://www.darkthunder.com/x.php?program=4&p=4&w=101208&s=39&c=&tool=9&cs=1&show_extra=1&console=1&original_program=4&ref=1&referrer=1&site=39&webmaster=101208&ipv4=1318980578&tour=0&campaign=0&ip=78.158.11.226 | HTTP/1.1 302 Found Connection: close Date: Tue, 15 Sep 2015 05:57:33 GMT Location: http://www.darkthunder.com/tour/ Server: nginx/1.2.2 Content-Length: 0 Content-Type: text/html | clean |
http://www.darkthunder.com/tour/ | 200 OK Content-Length: 53856 Content-Type: text/html | clean |
http://www.darkthunder.com/images/tubestyle-combined.js | 200 OK Content-Length: 300883 Content-Type: text/ecmascript | clean |
http://gayblackthugs.net/tour/mas_functions.js | 404 Not Found Content-Length: 14851 Content-Type: text/html | clean |
http://gayblackthugs.net/category/80-guys-exotic-black-african-twinks/ | 200 OK Content-Length: 19976 Content-Type: text/html | clean |
http://gayblackthugs.net/brand-new-black-teen-hard-core-video/ | 200 OK Content-Length: 21345 Content-Type: text/html | clean |
http://gayblackthugs.net/wp-content/plugins/adrotate/adrotate-out.php?track=MTksMTQsMCxodHRwOi8vam9pbi44MGdheXMuY29tL3RyYWNrL01UQXdNREF3TURFMkxqSXVOeTQzTGpFdU1DNHdMakF1TUE | HTTP/1.1 302 Found Connection: close Date: Tue, 15 Sep 2015 05:57:36 GMT Location: http://join.80gays.com/track/MTAwMDAwMDE2LjIuNy43LjEuMC4wLjAuMA Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://gayblackthugs.net/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://join.80gays.com/track/mtawmdawmde2ljiuny43ljeumc4wljauma | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 15 Sep 2015 05:57:36 GMT Location: http://www.80gays.com/main.html?nats=MC4wLjcuNy4wLjAuMC4wLjA Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=4daqf7cgl7li85t41ld22iha35; path=/ Set-Cookie: nats=MC4wLjcuNy4wLjAuMC4wLjA; expires=Thu, 15-Oct-2015 05:57:36 GMT; path=/; domain=80gays.com Set-Cookie: nats_cookie=No%2BReferring%2BURL; expires=Thu, 15-Oct-2015 05:57:36 GMT; path=/; domain=80gays.com Set-Cookie: nats_unique=MC4wLjcuNy4wLjAuMC4wLjA; expires=Wed, 16-Sep-2015 05:57:36 GMT; path=/; domain=80gays.com Set-Cookie: nats_sess=e13a57b73cc2a5f378bef9a53b2c6e00; expires=Thu, 24-Dec-2015 06:57:36 GMT; path=/; domain=80gays.com X-Powered-By: PHP/5.3.3 | clean |
http://www.80gays.com/main.html?nats=mc4wljcuny4wljaumc4wlja | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 15 Sep 2015 05:57:38 GMT Location: http://www.80gays.com/?nats=mc4wljcuny4wljaumc4wlja Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.80gays.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://www.80gays.com/?nats=mc4wljcuny4wljaumc4wlja | 200 OK Content-Length: 26869 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
http://www.80gays.com/wp-content/themes/80gays/js/bootstrap.min.js | 200 OK Content-Length: 32023 Content-Type: text/javascript | clean |
http://gayblackthugs.net//cdn.sublimevideo.net/js/g0dleee0.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 15 Sep 2015 05:57:40 GMT Pragma: no-cache Location: http://gayblackthugs.net/cdn.sublimevideo.net/js/g0dleee0.js/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Tue, 15 Sep 2015 05:57:40 GMT X-Pingback: http://gayblackthugs.net/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://gayblackthugs.net/cdn.sublimevideo.net/js/g0dleee0.js/ | 404 Not Found Content-Length: 47209 Content-Type: text/html | clean |
http://gayblackthugs.net/category/dark-thunder/ | 200 OK Content-Length: 17710 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gayblackthugs.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 15 Sep 2015 05:57:23 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Pingback: http://gayblackthugs.net/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: gayblackthugs.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 15 Sep 2015 05:57:23 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-Pingback: http://gayblackthugs.net/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: gayblackthugs.net
Referer: http://www.google.com/search?q=gayblackthugs.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gayblackthugs.net
Referer: http://www.google.com/search?q=gayblackthugs.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gayblackthugs.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gayblackthugs.net/
Result: gayblackthugs.net is not infected or malware details are not published yet.
Result: gayblackthugs.net is not infected or malware details are not published yet.