Answer

It is a script that transfers the viewer outside the analysis target domain.

Currently, for mainstream tampering, cross-domain scripts (external domains) are inserted into a page, and infection spreads by automatically downloading a problematic file, so GRED WebCheck detects such cross-domain scripts, and notifies the customer with an alert email.

Furthermore, if redirected (URL redirection), in order to specify a script-related malicious URL, such as Gumblar, the analysis target domain as specified is extended to the one beyond the link for analysis.

These specifications are adopted as many cases have recently been redirected by JavaScript, such as Gumblar.