Scanned pages/files
Request | Server response | Status |
http://idahoyouthwildernessinitiative.org/ | 200 OK Content-Length: 27965 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-HACKED BY AMAR+AF4-SHG +ACY JoKeR+AF4-SHG ...[87 bytes skipped]... <![endif]--> <!--[if IE 7]> <html id="ie7" lang="en-US"> <![endif]--> <!--[if IE 8]> <html id="ie8" lang="en-US"> <![endif]--> <!--[if !(IE 6) | !(IE 7) | !(IE 8) ]><!--> <html lang="en-US"> <!--<![endif]--> <head> <meta charset="UTF-7" /> <title>+ADw-/title+AD4-HACKED BY AMAR+AF4-SHG +ACY JoKeR+AF4-SHG +ACM-SHKUPIHACKERSGROUP ./Albanian Attackers+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- | Idaho Youth Wilderness Initiative</title> <link rel="pingback" href="http://idahoyouthwildernessinitiative.org/xmlrpc.php" /> <!--[if lt IE 9]> <script src="http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/js/html5.js" type="text/javascript"></script> ...[30967 bytes skipped]... | ||
http://idahoyouthwildernessinitiative.org/wp-includes/js/jquery/jquery.js?ver=1.11.3 | 200 OK Content-Length: 95977 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-global-functions.js?ver=2.5.3 | 200 OK Content-Length: 4352 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-includes/js/comment-reply.min.js?ver=4.3 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/js/custom.js?ver=2.5.3 | 200 OK Content-Length: 35277 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/includes/builder/scripts/jquery.fitvids.js?ver=2.5.3 | 200 OK Content-Length: 2943 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/includes/builder/scripts/waypoints.min.js?ver=2.5.3 | 200 OK Content-Length: 8051 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/includes/builder/scripts/jquery.magnific-popup.js?ver=2.5.3 | 200 OK Content-Length: 47718 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/wp-content/themes/Divi/includes/builder/scripts/frontend-builder-scripts.js?ver=2.5.3 | 200 OK Content-Length: 104214 Content-Type: application/javascript | clean |
http://idahoyouthwildernessinitiative.org/about-us/ | 200 OK Content-Length: 29246 Content-Type: text/html | clean |
http://idahoyouthwildernessinitiative.org/about-us/who-we-are/ | 200 OK Content-Length: 30304 Content-Type: text/html | clean |
http://idahoyouthwildernessinitiative.org/about-us/fiscal-sponsor/ | 200 OK Content-Length: 22463 Content-Type: text/html | clean |
http://idahoyouthwildernessinitiative.org/about-us/advisory-committee/ | 200 OK Content-Length: 29838 Content-Type: text/html | clean |
http://idahoyouthwildernessinitiative.org/gallery/ | 200 OK Content-Length: 47570 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: idahoyouthwildernessinitiative.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 21 Dec 2015 02:09:41 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://idahoyouthwildernessinitiative.org/>; rel=shortlink
Ngpass_ngall: 1
Set-Cookie: PHPSESSID=6de0a8dcacef3522a94e5e873f1d87ec; path=/
X-Pingback: http://idahoyouthwildernessinitiative.org/xmlrpc.php
GET / HTTP/1.1
Host: idahoyouthwildernessinitiative.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 21 Dec 2015 02:09:41 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://idahoyouthwildernessinitiative.org/>; rel=shortlink
Ngpass_ngall: 1
Set-Cookie: PHPSESSID=6de0a8dcacef3522a94e5e873f1d87ec; path=/
X-Pingback: http://idahoyouthwildernessinitiative.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: idahoyouthwildernessinitiative.org
Referer: http://www.google.com/search?q=idahoyouthwildernessinitiative.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: idahoyouthwildernessinitiative.org
Referer: http://www.google.com/search?q=idahoyouthwildernessinitiative.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=idahoyouthwildernessinitiative.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://idahoyouthwildernessinitiative.org/
Result: idahoyouthwildernessinitiative.org is not infected or malware details are not published yet.
Result: idahoyouthwildernessinitiative.org is not infected or malware details are not published yet.