New scan:

Malware Scanner report for creditka.biz

Malicious/Suspicious/Total urls checked
0/0/14
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://bitly.com/sttmln
305 websites infected.
->http://goo.gl/0rxysb
3266 websites infected.
->http://sh.oowoo.ru/redsh.php
78 websites infected.
->http://hotzone2nn.com/sexgospital/?sid=269188418

->http://hotzonepqnn.info/sexgospital?sid=269188418


The website "creditka.biz" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://creditka.biz/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: creditka.biz
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Tue, 02 Sep 2014 12:06:22 GMT
Location: http://bitly.com/STTMlN
Server: nginx/1.6.0
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1
malicious
URL: http://bitly.com/STTMlN
(imitation of visitor from search engine)

GET /STTMlN HTTP/1.1
Host: bitly.com
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 301 Moved Permanently
Cache-Control: private; max-age=90
Connection: close
Date: Tue, 02 Sep 2014 12:06:23 GMT
Location: http://goo.gl/0rXySb
Server: nginx
Content-Length: 112
Content-Type: text/html; charset=utf-8
Mime-Version: 1.0
Set-Cookie: _bit=5405b2bf-00319-040fe-2f1cf10a;domain=.bitly.com;expires=Sun Mar 1 12:06:23 2015;path=/; HttpOnly
malicious
URL: http://goo.gl/0rXySb
(imitation of visitor from search engine)

GET /0rXySb HTTP/1.1
Host: goo.gl
Referer: http://www.google.com/search?q=redirect+check3
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Tue, 02 Sep 2014 12:06:23 GMT
Pragma: no-cache
Location: http://sh.oowoo.ru/redsh.php
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Alternate-Protocol: 80:quic
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
malicious
URL: http://sh.oowoo.ru/redsh.php
(imitation of visitor from search engine)

GET /redsh.php HTTP/1.1
Host: sh.oowoo.ru
Referer: http://www.google.com/search?q=redirect+check4
HTTP/1.1 302 Found
Connection: close
Date: Tue, 02 Sep 2014 12:05:13 GMT
Location: http://hotzone2nn.com/sexgospital/?sid=269188418
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=CP1251
X-Powered-By: PHP/5.2.17
suspicious
URL: http://hotzone2nn.com/sexgospital/?sid=269188418
(imitation of visitor from search engine)

GET /sexgospital/?sid=269188418 HTTP/1.1
Host: hotzone2nn.com
Referer: http://www.google.com/search?q=redirect+check5
HTTP/1.1 302 Found
Cache-Control: max-age=259200
Connection: close
Date: Tue, 02 Sep 2014 12:06:24 GMT
Pragma: no-cache
Location: http://hotzonepqnn.info/sexgospital?sid=269188418
Server: nginx/1.0.14
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Fri, 05 Sep 2014 12:06:24 GMT
Set-Cookie: PHPSESSID=m3oarnqr0cpe6niovu57ffo973; path=/
X-Powered-By: PHP/5.3.10
suspicious

Scanned pages/files

RequestServer responseStatus
http://creditka.biz/
200 OK
Content-Length: 39023
Content-Type: text/html
clean
http://creditka.biz/wp-includes/js/jquery/jquery.js?ver=1.10.2
200 OK
Content-Length: 93085
Content-Type: application/javascript
clean
http://creditka.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://creditka.biz/wp-includes/js/tw-sack.min.js?ver=1.6.1
200 OK
Content-Length: 3270
Content-Type: application/javascript
clean
http://ploms.net/js?id=17577
200 OK
Content-Length: 7686
Content-Type: text/html
clean
http://d1vbm0eveofcle.cloudfront.net/scripts/js3caf.js
200 OK
Content-Length: 3490
Content-Type: application/javascript
clean
http://d1vbm0eveofcle.cloudfront.net/scripts/tier2caf.js
200 OK
Content-Length: 28865
Content-Type: application/javascript
clean
http://ploms.net/scripts/feedmeCaf.php?q=&ip=78.158.11.226&max=10&hl=lt&d=ploms.net&ron=0&adult=0
200 OK
Content-Length: 5658
Content-Type: text/plain
clean
http://ploms.net/test404page.js
400 Bad Request
Content-Length: 20
Content-Type: text/html
clean
http://creditka.biz/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05
200 OK
Content-Length: 16305
Content-Type: application/javascript
clean
http://creditka.biz/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.7.2
200 OK
Content-Length: 8913
Content-Type: application/javascript
clean
http://creditka.biz/wp-content/plugins/light/js/jquery.fancybox.pack.js?ver=3.8.4
200 OK
Content-Length: 22643
Content-Type: application/javascript
clean
http://creditka.biz/wp-content/plugins/light/js/light.js?ver=3.8.4
200 OK
Content-Length: 687
Content-Type: application/javascript
clean
http://creditka.biz/wp-content/themes/creditka/js/tie-scripts.js?ver=3.8.4
200 OK
Content-Length: 62550
Content-Type: application/javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=creditka.biz

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://creditka.biz/

Result: creditka.biz is not infected or malware details are not published yet.