Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://youthtrans.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: youthtrans.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 05:13:30 GMT Location: http://ph21us.ru/ Server: Apache Content-Length: 225 Content-Type: text/html; charset=iso-8859-1 | malicious |
URL: http://ph21us.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: ph21us.ru Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Found Connection: close Date: Tue, 16 Sep 2014 05:13:31 GMT Location: http://ultradoctors.com Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.28 | suspicious |
Scanned pages/files
Request | Server response | Status |
http://youthtrans.com/ | 200 OK Content-Length: 6814 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: earnmoneydo.com ...[3182 bytes skipped]... ans…</h3> <!--post text with the read more link--> <h1 style="text-align: center;"><strong>WEBSITE UNDER CONSTRUCTION</strong></h1> <!--post meta info--> <div class="meta-bottom wrap"> </div> </div><!--end .post--> </div><!--end #content--> <script language="JavaScript" src="http://earnmoneydo.com/tds/?wordpress_theme&keyword= &from=http://youthtrans.com/&inreferer="></script> <div class="wrap" id="feature-bottom"> <div class="w320-" id="feature-bottom-left"> <div class="widget"><h4> </h4> <div class="textwidget"></div> </div> </div> <div class="w320-" id="feature-bottom-middle"> <div class="widget"><h4> </h4> <div class="textwidget" ...[991 bytes skipped]... | ||
http://youthtrans.org/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://youthtrans.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://youthtrans.org/wp-content/themes/FlexxProfessional/lib/featured-images/js/jquery.cross-slide.js?ver=3.8.4 | 200 OK Content-Length: 11048 Content-Type: application/javascript | clean |
http://youthtrans.org/wp-content/themes/FlexxProfessional/lib/contact-page-plugin/js/md5.js?ver=3.8.4 | 200 OK Content-Length: 8571 Content-Type: application/javascript | clean |
http://youthtrans.org/wp-content/themes/FlexxProfessional/lib/contact-page-plugin/js/contact-page-plugin.js?ver=3.8.4 | 200 OK Content-Length: 510 Content-Type: application/javascript | clean |
http://earnmoneydo.com/tds/?wordpress_theme&keyword= &from=http://youthtrans.com/&inreferer= | 200 OK Content-Length: 5329 Content-Type: text/html | clean |
http://earnmoneydo.com/vendors/jquery/jquery-1.6.4.min.js | 200 OK Content-Length: 91668 Content-Type: application/javascript | clean |
http://earnmoneydo.com/vendors/jquery/jquery-ui-1.8.16.min.js | 200 OK Content-Length: 201875 Content-Type: application/javascript | clean |
http://earnmoneydo.com/cache/js/default/elgg.1406500737.js | 200 OK Content-Length: 62119 Content-Type: text/javascript | clean |
http://earnmoneydo.com/ | 200 OK Content-Length: 44602 Content-Type: text/html | clean |
http://earnmoneydo.com/login | 200 OK Content-Length: 6292 Content-Type: text/html | clean |
http://earnmoneydo.com/forgotpassword | 200 OK Content-Length: 5986 Content-Type: text/html | clean |
http://earnmoneydo.com/activity | 200 OK Content-Length: 44575 Content-Type: text/html | clean |
http://earnmoneydo.com/js/lib/ui.river.js | 200 OK Content-Length: 360 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=youthtrans.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://youthtrans.com/
Result: youthtrans.com is not infected or malware details are not published yet.
Result: youthtrans.com is not infected or malware details are not published yet.