polonus
7
Also consider this -
There is a redirect -http://click.ph redirects to .> -https://bitly.com/
with the following suspicious code:
-www.youtube.com/ suspicious
[suspicious:2] (ipaddr:74.125.226.106) (iframe) -www.youtube.com/
status: (referer=bitly.com/s/v380/js/compressed.js)saved 125292 bytes 3620e2a2ad87980f1d915f1d4cacacd5bf9cbea4
info: [script] -s.ytimg.com/yt/jsbin/www-core-vflDiOJwz.js
info: [script] -s.ytimg.com/yt/jsbin/www-guide-vflFbQPew.js
info: [img] -s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif
info: [iframe] -ad-g.doubleclick.net/adi/com.ythome/default;sz=970x250,960x250;tile=1;dcopt=ist;klg=en;kt=K;kga=-1;kgg=-1;kcr=us;dedup=1;kmyd=1;kbsg=HPUS111212;ord=4167667384826780?
info: [img] -i4.ytimg.com/vi/__/default.jpg
info: [decodingLevel=0] found JavaScript
suspicious
polonus