Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=badcreditfyi.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://badcreditfyi.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: badcreditfyi.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 06 Oct 2014 17:31:34 GMT
Location: http://www.birkenstocksandalsca.ca/
Server: nginx/1.6.2
Content-Type: text/html
X-Cacheable: YES
X-Served-From-Cache: Yes
GET / HTTP/1.1
Host: badcreditfyi.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Mon, 06 Oct 2014 17:31:34 GMT
Location: http://www.birkenstocksandalsca.ca/
Server: nginx/1.6.2
Content-Type: text/html
X-Cacheable: YES
X-Served-From-Cache: Yes
Second query (visit from search engine):
GET / HTTP/1.1
Host: badcreditfyi.com
Referer: http://www.google.com/search?q=badcreditfyi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: badcreditfyi.com
Referer: http://www.google.com/search?q=badcreditfyi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://badcreditfyi.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 06 Oct 2014 17:31:34 GMT Location: http://www.birkenstocksandalsca.ca/ Server: nginx/1.6.2 Content-Type: text/html X-Cacheable: YES X-Served-From-Cache: Yes | clean |
http://www.birkenstocksandalsca.ca/ | 200 OK Content-Length: 14410 Content-Type: text/html | clean |
http://www.birkenstocksandalsca.ca/min/?f=/includes/templates/lite_orange/jscript/jscript_imagehover.js&1399817846 | 200 OK Content-Length: 4641 Content-Type: application/x-javascript | clean |
https://www.billingcheckout.com/risk/index.js | 200 OK Content-Length: 1692 Content-Type: application/x-javascript | clean |
https://www.promptlypayments.com/risk/index.js | 200 OK Content-Length: 1616 Content-Type: application/x-javascript | clean |
http://js.users.51.la/15863913.js | 200 OK Content-Length: 1980 Content-Type: application/x-javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12510 Content-Type: application/javascript | clean |
http://badcreditfyi.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 06 Oct 2014 17:31:42 GMT Location: http://Kos1Sin4.ru/ Server: nginx/1.6.2 Content-Type: text/html; charset=iso-8859-1 X-Cacheable: YES X-Served-From-Cache: Yes | clean |
http://kos1sin4.ru/ | HTTP/1.1 302 Found Connection: close Date: Mon, 06 Oct 2014 17:31:43 GMT Location: http://doctorhecrew.com Server: nginx/1.6.2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://doctorhecrew.com/ | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://doctorhecrew.com/test404page.js | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |