New scan:

Malware Scanner report for dfromyoutube.com

Malicious/Suspicious/Total urls checked
0/1/15
1 page has suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/7/7
7 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://dfromyoutube.com/
200 OK
Content-Length: 19950
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1000x800     style: hidden
src: http://s.click.aliexpress.com/e/ae6eieynm

<iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no">

https://code.jquery.com/jquery-2.1.1.min.js
200 OK
Content-Length: 84245
Content-Type: application/javascript
clean
https://apis.google.com/js/plusone.js
200 OK
Content-Length: 13354
Content-Type: application/javascript
clean
http://resources.infolinks.com/js/infolinks_main.js
200 OK
Content-Length: 3078
Content-Type: text/javascript
suspicious
Suspicious code. Script contains iFrame.

...[2030 bytes skipped]...
n="2w-8";f.o=e.r;f.18=M("18")||f.18;f.1G=M("25")||f.1G;4 J=6.1E("1S");5(J&&J.9){J[0].14(f)}}})()',62,183,'||||var|if|document|com||length|||||||||||||||src|window|for|url|body|1px|indexOf|function|js|location|createElement|Math|||||||||||||||||||||||||||version|try|01|catch|appendChild|height|in|else|async|substr|display|width|keek|none|rand|style|match|hasOwnProperty|return|break|infolinks|html|an|50|random|search|message|script|from|iframe|2Frouter|console|log|3D|2Fdyn|http|il|infolinks_|decodeURIComponent|split|getElementsByTagName|to|defer|null|windows|Date|phone|replace|getTime|iceboot|INFOLINKS|versions|mobi|1271|head|03a|iphone|366|1118|kiwibox|1186|navigator|classic|hostname|weight|undefined|ceil|ddw|true|ucweb|type|pubmatic|AdServer|user_sync|2Fusersync|3Fpmuservalue|text|static|ib|push|sv|javascript|floor|3Fuser_id|24UID|charset|href|join|06|getuid|usersyncup|userAgent|siteVersions|toLowerCase|UTF|img|1273|false|
...[182 bytes skipped]...

Decoded script:


(function(){try{var O=document.createElement("iframe");O.width="1px";O.height="1px";O.style.display="none";O.src="//ads.pubmatic.com/AdServer/js/user_sync.html?predirect=%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D";if(document.body){document.body.appendChild(O)}}catch(K){console.log(K.message)}try{var Y=document.createElement("img");Y.src="//ib.adnxs.com/getuid?%2F%2Frouter.infolinks.com%2Fdyn%2Fan-usersync%3Fuser_id%3D%24UID";Y.width="1px";Y.height="1px";Y.style.display="none"
...[5561 bytes skipped]...

http://dfromyoutube.com/hotvideos
200 OK
Content-Length: 14255
Content-Type: text/html
clean
https://ads.exoclick.com/ads.js
200 OK
Content-Length: 884
Content-Type: text/javascript
clean
http://dfromyoutube.com/../../Scripts/ads.js
400 Bad Request
Content-Length: 177
Content-Type: text/html
clean
http://dfromyoutube.com/test404page.js
404 Not Found
Content-Length: 1899
Content-Type: text/html
clean
http://dfromyoutube.com/?u=http://www.youtube.com/watch?v=R4ajQ-foj2Q
200 OK
Content-Length: 22057
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 728x90     style: hidden
src: http://www.goodstoday.net

<iframe style="width:728px;height:90px;margin:0 auto;display:none;" src="http://www.goodstoday.net" frameborder="0" scrolling="no">

Hidden iFrame found.
size: 1000x800     style: hidden
src: http://s.click.aliexpress.com/e/ae6eieynm

<iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no">

http://dfromyoutube.com/?u=http://www.youtube.com/
200 OK
Content-Length: 21968
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1000x800     style: hidden
src: http://s.click.aliexpress.com/e/ae6eieynm

<iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no">

Hidden iFrame found.
size: 728x90     style: hidden
src: http://www.goodstoday.net

<iframe style="width:728px;height:90px;margin:0 auto;display:none;" src="http://www.goodstoday.net" frameborder="0" scrolling="no">

http://dfromyoutube.com/ytb.safariextz
200 OK
Content-Length: 234324
Content-Type: application/octet-stream
clean
http://dfromyoutube.com/play/good-teamwork-and-bad-teamwork/fUXdrl9ch_Q.html
200 OK
Content-Length: 15672
Content-Type: text/html
clean
http://textadvertising.adclickmedia.com/cgi-bin/textadrotate.cgi?piao0858::49053
200 OK
Content-Length: 34
Content-Type: application/x-javascript
clean
http://dfromyoutube.com/play/good-teamwork-and-bad-teamwork/
200 OK
Content-Length: 15737
Content-Type: text/html
clean
http://dfromyoutube.com/good-teamwork-and-bad-teamwork.download
200 OK
Content-Length: 22114
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1000x800     style: hidden
src: http://s.click.aliexpress.com/e/ae6eieynm

<iframe src="http://s.click.aliexpress.com/e/ae6eieynm" style="display:none;width:1000px;height:800px;position:absolute;left:-3000px;" frameborder="0" scrolling="no">

Hidden iFrame found.
size: 728x90     style: hidden
src: http://www.goodstoday.net

<iframe style="width:728px;height:90px;margin:0 auto;display:none;" src="http://www.goodstoday.net" frameborder="0" scrolling="no">


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: dfromyoutube.com

Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Mon, 14 Dec 2015 14:41:04 GMT
Server: cloudflare-nginx
Content-Type: text/html; charset=utf-8
CF-RAY: 254aaae3f9922b21-WAW
Set-Cookie: __cfduid=dcee8d8f24384863d00ab77bb08f9a1531450104064; expires=Tue, 13-Dec-16 14:41:04 GMT; path=/; domain=.dfromyoutube.com; HttpOnly
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 3.0
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: dfromyoutube.com
Referer: http://www.google.com/search?q=dfromyoutube.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=dfromyoutube.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dfromyoutube.com/

Result: dfromyoutube.com is not infected or malware details are not published yet.