New scan:

Malware Scanner report for afrocrowd.org

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/5
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

hacked by   (3152 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://afrocrowd.org/
200 OK
Content-Length: 43009
Content-Type: text/html
clean
http://afrocrowd.org/sites/all/modules/jquery_update/replace/jquery/1.10/jquery.min.js?v=1.10.2
200 OK
Content-Length: 93107
Content-Type: application/javascript
clean
http://afrocrowd.org/misc/jquery.once.js?v=1.2
200 OK
Content-Length: 2974
Content-Type: application/javascript
clean
http://afrocrowd.org/misc/drupal.js?nv3zns
200 OK
Content-Length: 14544
Content-Type: application/javascript
clean
http://afrocrowd.org/sites/all/themes/responsive_blog/js/jquery.cycle.all.min.js?nv3zns
200 OK
Content-Length: 33868
Content-Type: application/javascript
clean
http://afrocrowd.org/sites/all/themes/responsive_blog/js/slide.js?nv3zns
200 OK
Content-Length: 1076
Content-Type: application/javascript
clean
http://afrocrowd.org/sites/default/files/twitter_block/widgets.js?nv3zns
200 OK
Content-Length: 88153
Content-Type: application/javascript
clean
http://afrocrowd.org/sites/all/themes/responsive_blog/js/main-menu.js?nv3zns
200 OK
Content-Length: 2349
Content-Type: application/javascript
clean
http://afrocrowd.org/sites/all/themes/responsive_blog/js/pngfix.min.js?nv3zns
200 OK
Content-Length: 8359
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var DD_belatedPNG={ns:"DD_belatedPNG",imgSize:{},delay:10,nodesFixed:0,createVmlNameSpace:function(){if(document.namespaces&&!document.namespaces[this.ns])document.namespaces.add(this.ns,"urn:schemas-microsoft-com:vml")},createVmlStyleSheet:function(){var screenStyleSheet,printStyleSheet;screenStyleSheet=document.createElement("style");screenStyleSheet.setAttribute("media","screen");document.documentElement.firstChild.insertBefore(screenStyleSheet,document.documentElement.firstChild.firs
... 3039 bytes are skipped ...
vml[v].shape.stroked=
false;el.vml[v].shape.appendChild(el.vml[v].fill);el.parentNode.insertBefore(el.vml[v].shape,el)}el.vml.image.shape.fillcolor="none";el.vml.image.fill.type="tile";el.vml.color.fill.on=false;lib.attachHandlers(el);lib.giveLayout(el);lib.giveLayout(el.offsetParent);el.vmlInitiated=true;lib.applyVML(el)}};try{document.execCommand("BackgroundImageCache",false,true)}catch(r){}DD_belatedPNG.createVmlNameSpace();DD_belatedPNG.createVmlStyleSheet();DD_belatedPNG.fix(".pngfix");

Antivirus reports:

Emsisoft
Gen:Heur.Zygug.6 (B)

http://afrocrowd.org/rss.xml
200 OK
Content-Length: 4468
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: hacked by

...[1341 bytes skipped]...
nd :$ 
</span>

<span style="background-color: #800000">&nbsp;<span lang="ar-sa">]]</span> </span></font></b></p>
<p align="center">

&nbsp;</p>
<p align="center">

<span style="background-color: #800000"><b>
<font color="#FFFFFF" size="6" face="Tahoma">hacked by </font></b>
</span></p>
<p align="center">

&nbsp;</p>
<p align="center">

<font color="#FF0000" size="7"><b>!!!!!! Islam Hacker Team !!!!!!</b></font></p>
<p align="center">

<font color="#FF0000" size="7"><b>Donsoufiane2@gmail.com</b></font></p>
<p align="center">

<
...[3228 bytes skipped]...


http://afrocrowd.org/test404page.js
200 OK
Content-Length: 4468
Content-Type: text/html
clean
http://afrocrowd.org/?q=content/about
200 OK
Content-Length: 17673
Content-Type: text/html
clean
http://afrocrowd.org/?q=content/outreach-partners
200 OK
Content-Length: 17601
Content-Type: text/html
clean
http://afrocrowd.org/?q=content/wikipedias-wiktionaries
200 OK
Content-Length: 19057
Content-Type: text/html
clean
http://afrocrowd.org/?q=content/press
200 OK
Content-Length: 18249
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: afrocrowd.org

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 29 Sep 2015 20:36:52 GMT
ETag: "1443559012"
Server: nginx
Vary: Accept-Encoding
Content-Language: en
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 29 Sep 2015 20:36:52 GMT
Set-Cookie: _PHP_SESSION_PHP=408; expires=Tue, 06-Oct-2015 20:36:52 GMT; path=/
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.4.45-0+deb7u1
Second query (visit from search engine):
GET / HTTP/1.1
Host: afrocrowd.org
Referer: http://www.google.com/search?q=afrocrowd.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=afrocrowd.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://afrocrowd.org/

Result: afrocrowd.org is not infected or malware details are not published yet.