Scanned pages/files
| Request | Server response | Status |
http://dfromyoutube.com/ | 200 OK Content-Length: 19950 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1000x800 style: hidden src: http://s.click.aliexpress.com/e/ae6eieynm <iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no"> | ||
https://code.jquery.com/jquery-2.1.1.min.js | 200 OK Content-Length: 84245 Content-Type: application/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 13354 Content-Type: application/javascript | clean |
http://resources.infolinks.com/js/infolinks_main.js | 200 OK Content-Length: 3078 Content-Type: text/javascript | suspicious |
Suspicious code. Script contains iFrame. ...[2030 bytes skipped]... n="2w-8";f.o=e.r;f.18=M("18")||f.18;f.1G=M("25")||f.1G;4 J=6.1E("1S");5(J&&J.9){J[0].14(f)}}})()',62,183,'||||var|if|document|com||length|||||||||||||||src|window|for|url|body|1px|indexOf|function|js|location|createElement|Math|||||||||||||||||||||||||||version|try|01|catch|appendChild|height|in|else|async|substr|display|width|keek|none|rand|style|match|hasOwnProperty|return|break|infolinks|html|an|50|random|search|message|script|from|iframe|2Frouter|console|log|3D|2Fdyn|http|il|infolinks_|decodeURIComponent|split|getElementsByTagName|to|defer|null|windows|Date|phone|replace|getTime|iceboot|INFOLINKS|versions|mobi|1271|head|03a|iphone|366|1118|kiwibox|1186|navigator|classic|hostname|weight|undefined|ceil|ddw|true|ucweb|type|pubmatic|AdServer|user_sync|2Fusersync|3Fpmuservalue|text|static|ib|push|sv|javascript|floor|3Fuser_id|24UID|charset|href|join|06|getuid|usersyncup|userAgent|siteVersions|toLowerCase|UTF|img|1273|false| ...[182 bytes skipped]... Decoded script: (function(){try{var O=document.createElement("iframe");O.width="1px";O.height="1px";O.style.display="none";O.src="//ads.pubmatic.com/AdServer/js/user_sync.html?predirect=%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D";if(document.body){document.body.appendChild(O)}}catch(K){console.log(K.message)}try{var Y=document.createElement("img");Y.src="//ib.adnxs.com/getuid?%2F%2Frouter.infolinks.com%2Fdyn%2Fan-usersync%3Fuser_id%3D%24UID";Y.width="1px";Y.height="1px";Y.style.display="none" ...[5561 bytes skipped]... | ||
http://dfromyoutube.com/hotvideos | 200 OK Content-Length: 14255 Content-Type: text/html | clean |
https://ads.exoclick.com/ads.js | 200 OK Content-Length: 884 Content-Type: text/javascript | clean |
http://dfromyoutube.com/../../Scripts/ads.js | 400 Bad Request Content-Length: 177 Content-Type: text/html | clean |
http://dfromyoutube.com/test404page.js | 404 Not Found Content-Length: 1899 Content-Type: text/html | clean |
http://dfromyoutube.com/?u=http://www.youtube.com/watch?v=R4ajQ-foj2Q | 200 OK Content-Length: 22057 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1000x800 style: hidden src: http://s.click.aliexpress.com/e/ae6eieynm <iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no"> Hidden iFrame found. size: 728x90 style: hidden src: http://www.goodstoday.net <iframe style="width:728px;height:90px;margin:0 auto;display:none;" src="http://www.goodstoday.net" frameborder="0" scrolling="no"> | ||
http://dfromyoutube.com/?u=http://www.youtube.com/ | 200 OK Content-Length: 21968 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 728x90 style: hidden src: http://www.goodstoday.net <iframe style="width:728px;height:90px;margin:0 auto;display:none;" src="http://www.goodstoday.net" frameborder="0" scrolling="no"> Hidden iFrame found. size: 1000x800 style: hidden src: http://s.click.aliexpress.com/e/ae6eieynm <iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no"> | ||
http://dfromyoutube.com/ytb.safariextz | 200 OK Content-Length: 234324 Content-Type: application/octet-stream | clean |
http://dfromyoutube.com/play/good-teamwork-and-bad-teamwork/fUXdrl9ch_Q.html | 200 OK Content-Length: 15672 Content-Type: text/html | clean |
http://textadvertising.adclickmedia.com/cgi-bin/textadrotate.cgi?piao0858::49053 | 200 OK Content-Length: 34 Content-Type: application/x-javascript | clean |
http://dfromyoutube.com/play/good-teamwork-and-bad-teamwork/ | 200 OK Content-Length: 15737 Content-Type: text/html | clean |
http://dfromyoutube.com/good-teamwork-and-bad-teamwork.download | 200 OK Content-Length: 22114 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 728x90 style: hidden src: http://www.goodstoday.net <iframe style="width:728px;height:90px;margin:0 auto;display:none;" src="http://www.goodstoday.net" frameborder="0" scrolling="no"> Hidden iFrame found. size: 1000x800 style: hidden src: http://s.click.aliexpress.com/e/ae6eieynm <iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no"> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dfromyoutube.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Mon, 14 Dec 2015 14:41:04 GMT
Server: cloudflare-nginx
Content-Type: text/html; charset=utf-8
CF-RAY: 254aaae3f9922b21-WAW
Set-Cookie: __cfduid=dcee8d8f24384863d00ab77bb08f9a1531450104064; expires=Tue, 13-Dec-16 14:41:04 GMT; path=/; domain=.dfromyoutube.com; HttpOnly
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 3.0
X-Powered-By: ASP.NET
GET / HTTP/1.1
Host: dfromyoutube.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Mon, 14 Dec 2015 14:41:04 GMT
Server: cloudflare-nginx
Content-Type: text/html; charset=utf-8
CF-RAY: 254aaae3f9922b21-WAW
Set-Cookie: __cfduid=dcee8d8f24384863d00ab77bb08f9a1531450104064; expires=Tue, 13-Dec-16 14:41:04 GMT; path=/; domain=.dfromyoutube.com; HttpOnly
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 3.0
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: dfromyoutube.com
Referer: http://www.google.com/search?q=dfromyoutube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dfromyoutube.com
Referer: http://www.google.com/search?q=dfromyoutube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dfromyoutube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dfromyoutube.com/
Result: dfromyoutube.com is not infected or malware details are not published yet.
Result: dfromyoutube.com is not infected or malware details are not published yet.