Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=media.loc.gov
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://media.loc.gov/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fnt.es
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 27 Aug 2014 09:08:19 GMT
Server: Microsoft-IIS/6.0
Content-Length: 72501
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=4omgav55pd351j450ifnqj2t; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...72501 bytes of data.
GET / HTTP/1.1
Host: fnt.es
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 27 Aug 2014 09:08:19 GMT
Server: Microsoft-IIS/6.0
Content-Length: 72501
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=4omgav55pd351j450ifnqj2t; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...72501 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: fnt.es
Referer: http://www.google.com/search?q=fnt.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fnt.es
Referer: http://www.google.com/search?q=fnt.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://media.loc.gov/ | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Jun 2014 09:52:13 GMT Location: http://www.loc.gov/ Server: Apache/2.2.15 (Red Hat) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.6 | malicious |
http://www.loc.gov/ | 200 OK Content-Length: 130874 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: cdn.loc.gov LOCSuggest = { serviceUrl: 'http://www.loc.gov/search/suggest/' }; CDN_URL = 'http://cdn.loc.gov/'; MEDIA_URL = 'http://media.loc.gov'; | ||
http://www.loc.gov/static/js/lib/LAB-2.0.3.js | 200 OK Content-Length: 19398 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery-1.8.2.js | 200 OK Content-Length: 266882 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery-ui-1.10.2.custom.min.js | 200 OK Content-Length: 228062 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/modernizr-1.5.js | 200 OK Content-Length: 33675 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/suggest.js | 200 OK Content-Length: 15727 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery.carouFredSel-5.6.1.js | 200 OK Content-Length: 76838 Content-Type: application/x-javascript | clean |
http://www.loc.gov/static/js/lib/jquery.royalslider.min.js | 200 OK Content-Length: 50004 Content-Type: application/x-javascript | clean |
http://media.loc.gov/loader/js/media.js | 200 OK Content-Length: 8292 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: loc.gov /** * Application Bootstrap * * LICENSE: Copyright 2010-2011 The Library of Congress * All rights reserved. * * @author James Stuart/CACI <jstu@loc.gov> * @copyright 2010-2011 The Library of Congress * @version $Id: bootstrap.js 829 2013-04-23 19:44:38Z jlug $ */ if (!window.loc) { window.loc = {}; } loc.urlObj = (function (global, oDOC, handler) { var AUTO_CDN_URL = window.location.protocol + '//cdn.loc.gov', AUTO_MEDIA_URL = window.location.protocol + '//media.loc.gov'; var CDN_URL = global.CDN_URL||AUTO_CDN_URL; var LAB_ ...[8501 bytes skipped]... | ||
http://www.loc.gov/static/js/lib/BootstrapVideoPresenter.js | 200 OK Content-Length: 6061 Content-Type: application/x-javascript | clean |
http://cdn.loc.gov/js/global/foresee/foresee-trigger.js | 200 OK Content-Length: 69069 Content-Type: text/javascript | clean |
http://cdn.loc.gov/js/global/metrics/sc/v25.2/2.0/s_code.js | 200 OK Content-Length: 50580 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: loc.gov /* SiteCatalyst code version: H.25.2. Copyright 1996-2012 Adobe, Inc. All Rights Reserved More info available at http://www.omniture.com */ if (window.Site && window.Site.Plugins && window.Site.Plugins.sc && window.Site.Plugins.sc.getAccount ){ var s_account = window.Site.Plugins.sc.getAccount(); }else{ var cur_url=''+window.location.href; if(cur_url.indexOf('loc.gov/staff')>-1||cur_url.indexOf('loc.gov/extranet')>-1||cur_url.indexOf('col=staff')>-1||cur_url.indexOf('staff.loc.gov')>-1){ s_account="locintranetprod"; } if(!s_account){ var s_account="locgovprod"; } } var s=s_gi(s_account); /*** SITE CONFIG SECTION ***/ /* WARNING: Changing the site configuration variables can drastically alter the way your site collec ...[53890 bytes skipped]... | ||
http://media.loc.gov/discover/ | 404 Not Found Content-Length: 9520 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.loc.gov <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title><link href="/css/styles.css" media="screen" rel="stylesheet" type="text/css" > <!--[if IE7]> <link href="http://www.loc.gov/css/loc_lte_ie6.css" media="screen" rel="stylesheet" type="text/css" ><![endif]--><script type="text/javascript" src="http://cdn.loc.gov/js/lib/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="http://cdn.loc.gov/sites/library-of-congress.js"></script> <script type="text/javascript" src="http://cdn.loc.gov/js/lib/jquery-ui-1.8.10.js"></script> <script type="text/j ...[11288 bytes skipped]... | ||
http://cdn.loc.gov/js/lib/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://cdn.loc.gov/sites/library-of-congress.js | 200 OK Content-Length: 5951 Content-Type: text/javascript | suspicious |
Page code contains blacklisted domain: loc.gov (function (global, oDOC, handler) {
var AUTO_CDN_URL = 'http://cdn.loc.gov'; var CDN_URL = global.CDN_URL||AUTO_CDN_URL; var LAB_URL = global.LAB_URL||CDN_URL+'/js/LAB-2.0.3.min.js'; var SHARE_URLS = global.SHARE_URLS||{ JQUERY: global.JQUERY||CDN_URL+'/js/lib/jquery-1.5.1.min.js', JQUERY_UI: global.JQUERY_UI||CDN_URL+'/js/lib/jquery-ui-1.8.10.min.js', JQUERY_UI_CSS: global.JQUERY_UI_CSS||CDN_URL+'/css/plugins/jquery-ui-themes/base/jq ...[6009 bytes skipped]... |