Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ftp.loc.gov
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ftp.loc.gov/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ww38.secretdasie.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 25 Jan 2015 10:36:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_iezAcU178XP3xMc6EZ6wKSswmoQe5JZMY0wtdRBd2vSDJ9a165dCBJZHFGbfAAlPzP3JoWcHcu/JAjOAJyAS1w==
X-Buckets:
X-Check: 3c12dc4d54f8e22d666785b733b0052100c53444
X-Language: english
X-Template: tpl_CleanPeppermintBlack_oneclick
GET / HTTP/1.1
Host: ww38.secretdasie.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 25 Jan 2015 10:36:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_iezAcU178XP3xMc6EZ6wKSswmoQe5JZMY0wtdRBd2vSDJ9a165dCBJZHFGbfAAlPzP3JoWcHcu/JAjOAJyAS1w==
X-Buckets:
X-Check: 3c12dc4d54f8e22d666785b733b0052100c53444
X-Language: english
X-Template: tpl_CleanPeppermintBlack_oneclick
Second query (visit from search engine):
GET / HTTP/1.1
Host: ww38.secretdasie.com
Referer: http://www.google.com/search?q=ww38.secretdasie.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ww38.secretdasie.com
Referer: http://www.google.com/search?q=ww38.secretdasie.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://ftp.loc.gov/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 10 Jun 2014 11:11:07 GMT Location: http://www.loc.gov/index.html Server: Apache Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://www.loc.gov/index.html | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Jun 2014 11:11:07 GMT Location: http://www.loc.gov/ Server: Apache Vary: Accept-Encoding Content-Length: 264 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.loc.gov/ | 200 OK Content-Length: 130874 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: cdn.loc.gov LOCSuggest = { serviceUrl: 'http://www.loc.gov/search/suggest/' }; CDN_URL = 'http://cdn.loc.gov/'; MEDIA_URL = 'http://media.loc.gov'; | ||
http://www.loc.gov/static/js/lib/LAB-2.0.3.js | 200 OK Content-Length: 19398 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery-1.8.2.js | 200 OK Content-Length: 266882 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery-ui-1.10.2.custom.min.js | 200 OK Content-Length: 228062 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/modernizr-1.5.js | 200 OK Content-Length: 33675 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/suggest.js | 200 OK Content-Length: 15727 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery.carouFredSel-5.6.1.js | 200 OK Content-Length: 76838 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery.royalslider.min.js | 200 OK Content-Length: 50004 Content-Type: application/x-javascript | clean |
http://media.loc.gov/loader/js/media.js | 200 OK Content-Length: 8292 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: loc.gov /** * Application Bootstrap * * LICENSE: Copyright 2010-2011 The Library of Congress * All rights reserved. * * @author James Stuart/CACI <jstu@loc.gov> * @copyright 2010-2011 The Library of Congress * @version $Id: bootstrap.js 829 2013-04-23 19:44:38Z jlug $ */ if (!window.loc) { window.loc = {}; } loc.urlObj = (function (global, oDOC, handler) { var AUTO_CDN_URL = window.location.protocol + '//cdn.loc.gov', AUTO_MEDIA_URL = window.location.protocol + '//media.loc.gov'; var CDN_URL = global.CDN_URL||AUTO_CDN_URL; var LAB_ ...[8501 bytes skipped]... | ||
http://www.loc.gov/static/js/lib/BootstrapVideoPresenter.js | 200 OK Content-Length: 6061 Content-Type: application/x-javascript | clean |
http://cdn.loc.gov/js/global/foresee/foresee-trigger.js | 200 OK Content-Length: 69069 Content-Type: text/javascript | clean |
http://cdn.loc.gov/js/global/metrics/sc/v25.2/2.0/s_code.js | 200 OK Content-Length: 50580 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: loc.gov /* SiteCatalyst code version: H.25.2. Copyright 1996-2012 Adobe, Inc. All Rights Reserved More info available at http://www.omniture.com */ if (window.Site && window.Site.Plugins && window.Site.Plugins.sc && window.Site.Plugins.sc.getAccount ){ var s_account = window.Site.Plugins.sc.getAccount(); }else{ var cur_url=''+window.location.href; if(cur_url.indexOf('loc.gov/staff')>-1||cur_url.indexOf('loc.gov/extranet')>-1||cur_url.indexOf('col=staff')>-1||cur_url.indexOf('staff.loc.gov')>-1){ s_account="locintranetprod"; } if(!s_account){ var s_account="locgovprod"; } } var s=s_gi(s_account); /*** SITE CONFIG SECTION ***/ /* WARNING: Changing the site configuration variables can drastically alter the way your site collec ...[53890 bytes skipped]... | ||
http://ftp.loc.gov/discover/ | 404 Not Found Content-Length: 8259 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.loc.gov <!DOCTYPE html>
<html lang="en" class="no-js"> <head> <meta charset="utf-8" /> <title>Page Not Found (Library of Congress)</title> <meta name="description" content="page not found" /> <link rel="stylesheet" media="print" type="text/css" href="http://www.loc.gov/css/loc_print_ss.css" /> <style type="text/css"> @import url("http://www.loc.gov/css/loc_reset_v2.css"); /* reset */ @import url("http://cdn.loc.gov/css/lochead.css"); /* global header */ @import url("http://cdn.loc.gov/css/locfoot.css"); /* global footer */ @import url("http://www.loc.gov/css/loc_standard_v2_w.css"); /* standard 1024 */ #left_nav .leftnavimg {height:0px !important;border-top:0;} ...[10080 bytes skipped]... | ||
http://cdn.loc.gov/js/lib/modernizr-1.5.min.js | 200 OK Content-Length: 11642 Content-Type: text/javascript | clean |
http://www.loc.gov/global/foresee/foresee-trigger.js | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Jun 2014 11:11:18 GMT Location: http://cdn.loc.gov/js/global/foresee/foresee-trigger.js Server: Apache Vary: Accept-Encoding Content-Length: 300 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://cdn.loc.gov/test404page.js | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |