Isn't this scan suspicious?

Here it is given all clean: http://urlquery.net/report.php?id=8129890

Checking with DrWeb’s URL checker: htxp://www.jaredyellin.com/wp-includes/js/jquery/jquery.form.js?ver=2.02m
File size: 8429 bytes
File MD5: 2ff1a749aeaa2a874b8bd53960e982cc

hxtp://www.jaredyellin.com/wp-includes/js/jquery/jquery.form.js?ver=2.02m - Ok

Checking: htxp://www.jaredyellin.com/wp-content/plugins/podcasting/player/audio-player-noswfobject.js?ver=2.0
File size: 974 bytes
File MD5: 3f6a4b9f6bb46b27ae017e6d6a0492ff

htxp://www.jaredyellin.com/wp-content/plugins/podcasting/player/audio-player-noswfobject.js?ver=2.0 - archive JS-HTML

htxp://www.jaredyellin.com/wp-content/plugins/podcasting/player/audio-player-noswfobject.js?ver=2.0/JSFile_1[0][3ce] - Ok
htxp://www.jaredyellin.com/wp-content/plugins/podcasting/player/audio-player-noswfobject.js?ver=2.0 - Ok

Checking: htxp://www.jaredyellin.com/wp-content/plugins/wp-email/email-js.js?ver=2.50
File size: 4684 bytes
File MD5: a57ae327222204b280451c0409dd76ef

htxp://www.jaredyellin.com/wp-content/plugins/wp-email/email-js.js?ver=2.50 - archive JS-HTML

htxp://www.jaredyellin.com/wp-content/plugins/wp-email/email-js.js?ver=2.50/JSFile_1[0][124c] - Ok
htxp://www.jaredyellin.com/wp-content/plugins/wp-email/email-js.js?ver=2.50 - Ok

Checking: htxp://www.jaredyellin.com/wp-content/plugins/contact-form-7/scripts.js?ver=2.1
File size: 4594 bytes
File MD5: cedbe736a465a51908c27ec691ab9c79

htxp://www.jaredyellin.com/wp-content/plugins/contact-form-7/scripts.js?ver=2.1 - Ok

Checking: htxp://www.google.com/cse/brand?form=cse-search-box&lang=en
File size: 2504 bytes
File MD5: ade8aa767d37e8b14b7e09bfaa5bcb48

htxp://www.google.com/cse/brand?form=cse-search-box&lang=en - Ok

Checking: htxp://www.jaredyellin.com/wp-includes/js/swfobject.js?ver=2.1
File size: 9759 bytes
File MD5: eaa5417940c71f441b016b12c534665d

htxp://www.jaredyellin.com/wp-includes/js/swfobject.js?ver=2.1 - Ok

Checking: htxp://www.jaredyellin.com/wp-includes/js/jquery/jquery.js?ver=1.3.2
File size: 55.93 KB
File MD5: 25e59325cb47d2ab5ea650d47f431a9c

htxp://www.jaredyellin.com/wp-includes/js/jquery/jquery.js?ver=1.3.2 - archive JS-HTML

htxp://www.jaredyellin.com/wp-includes/js/jquery/jquery.js?ver=1.3.2/JSTag_1[a1ce][3dee] - Ok
htxp://www.jaredyellin.com/wp-includes/js/jquery/jquery.js?ver=1.3.2 - Ok

Checking: htxp://brandentityinterviews.com/
Engine version: 7.0.6.10310
Total virus-finding records: 4745111
File size: 21.30 KB
File MD5: ce9ccfb2472bf19c6dc1c84415d5f1f2

htxp://brandentityinterviews.com/ - archive JS-HTML

htxp://brandentityinterviews.com//JSTAG_1[613][7b] - Ok
htxp://brandentityinterviews.com//JSTAG_2[4ce5][365] - Ok
htxp://brandentityinterviews.com//JSTAG_3[52c0][dd] - Ok
htxp://brandentityinterviews.com//JSTAG_4[53c9][6b] - Ok
htxp://brandentityinterviews.com/ - Ok

But here I get different results: http://maldb.com/brandentityinterviews.com/#redirects
Malicious Redirects
Conditional redirects found. Visitors from search engines are redirected
to: htxp://trustedtabsrx.com/?wm=12330&tr=8027
Redirect to this URL found in 86 sites

Has these redirects this been cleansed?

pol

Sucuri is clear in it’s verdict and flags: security warning in the URL + known spam detected: http://sucuri.net/malware/entry/MW:SPAM:SEO
and a suspicious conditional redirect. http://sitecheck.sucuri.net/results/brandentityinterviews.com/
Quttera also comes up with a suspicious file:
index
Severity: Suspicious
Reason: Detected suspicious redirection to external web resources at HTTP level.
Details: Detected HTTP redirection to hxtp://trustedtabsrx.com/?wm=12330%26tr=8027. *1
File size[byte]: 4294967295
File type: Unknown
MD5: 00000000000000000000000000000000
Scan duration[sec]: 0.001000

*1 = a low web rep rogue scam site: https://www.mywot.com/en/scorecard/onlinepharmacysearch.net?utm_source=addon&utm_content=popup-donuts
Given the all green by this adviser, which is dubious on its own: hxtp://www.scamadviser.com/is-trustedtabsrx.com.Com-safe.html

More "scam goodies"from that same IP: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=66.147.242.94

In the light of all of the above, these are weird scan results: http://www.webutation.net/go/review/brandentityinterviews.com

polonus

hello , on urlquery

http://urlquery.net/report.php?id=8132037

Hi g3n-h@ckm@n,

But that scanner scans a lot of things, but does not flag scams for instance.
That is why meta scanners always start their survey with web rep scan results: Google Safebrowsing, WOT, webutation, DrWebs, BitDefender’s TrafficLight, Trustwave just to mention a few of the most outstanding.
Not every website malware scanner scans for issues like spam, scam, certification issues and the like.
So at least we need to use a handful of scanners and online specifiic search results to get the total security picture for a particular site/domain/IP/url/uri etc.

polonus

haaaannn !!! ok :slight_smile:
I didn’t do the difference like this :smiley: