New scan:

Malware Scanner report for crcarpriceservice.com

Malicious/Suspicious/Total urls checked
2/0/19
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/4/5
4 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://crcarpriceservice.com/
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 05:51:26 GMT
Location: http://www.consumerreports.org/cro/cars/index.htm
Server: Apache-Coyote/1.1
Content-Length: 0
clean
http://www.consumerreports.org/cro/cars/index.htm
200 OK
Content-Length: 168938
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=5k6ppe8z;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

Hidden iFrame found.
size: 1x1     style: hidden
src: http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=5k6ppe8z;ord=1?

<iframe src="http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=5k6ppe8z;ord=1?" width="1" height="1" frameborder="0" style="display:none">

Hidden iFrame found.
size: 1x1     style: hidden
src: http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=5k6ppe8z;ord=

<iframe src="http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=5k6ppe8z;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none">

http://www.consumerreports.org/etc/designs/cro/application-resources/scripts/jquery-1.11.0.min.js
200 OK
Content-Length: 96381
Content-Type: application/javascript
clean
http://crcarpriceservice.com/etc/designs/cro/application-resources/scripts/jquery-migrate-1.2.1.js
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 05:51:30 GMT
Location: http://www.consumerreports.org/cro/cars/index.htm
Server: Apache-Coyote/1.1
Content-Length: 0
clean
http://www.consumerreports.org/test404page.js
HTTP/1.1 404 Not Found
Cache-Control: max-age=0, private, no-store, no-cache, must-revalidate
Connection: close
Date: Fri, 29 Aug 2014 05:51:30 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-PWI-Host-ID: web06
X-PWI-Service-Time: Serviced at unix time t=1409291490934455 in D=23899 microseconds
X-PWI-Worker-Name: (null)
clean
http://www.consumerreports.org/cro/index.htm
200 OK
Content-Length: 161119
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=cvutlljb;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

Hidden iFrame found.
size: 1x1     style: hidden
src: http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=cvutlljb;ord=1?

<iframe src="http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=cvutlljb;ord=1?" width="1" height="1" frameborder="0" style="display:none">

Hidden iFrame found.
size: 1x1     style: hidden
src: http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=cvutlljb;ord=

<iframe src="http://3775131.fls.doubleclick.net/activityi;src=3775131;type=invmedia;cat=cvutlljb;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none">

http://www.consumerreports.org/etc/designs/cro/application-resources/scripts/jquery-migrate-1.2.1.js
200 OK
Content-Length: 16618
Content-Type: application/javascript
clean
http://www.consumerreports.org//cdn.optimizely.com/js/69071259.js/
HTTP/1.1 404 Not Found
Cache-Control: max-age=0, private, no-store, no-cache, must-revalidate
Connection: close
Date: Fri, 29 Aug 2014 05:51:34 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-PWI-Host-ID: web02
X-PWI-Service-Time: Serviced at unix time t=1409291494257378 in D=2333 microseconds
X-PWI-Worker-Name: (null)
clean
http://www.consumerreports.org/etc/designs/cro/application-resources/scripts/jquery.tools.min-1.2.5.js
200 OK
Content-Length: 46531
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/application-resources/scripts/jquery.cookie.js
200 OK
Content-Length: 4247
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/application-resources/modules/header/scripts/header.js
200 OK
Content-Length: 2747
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/application-resources/modules/header/scripts/typeahead.js
200 OK
Content-Length: 19599
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/shared-resources/scripts/sx-render.js
200 OK
Content-Length: 11418
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/application-resources/scripts/oas_analytics.js
200 OK
Content-Length: 947
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/application-resources/scripts/iframeDialog.js
200 OK
Content-Length: 4720
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/resources/js/mbox.js
200 OK
Content-Length: 67
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/shared-resources/scripts/forsee-survey/foresee-code.js
200 OK
Content-Length: 7318
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/shared-resources/scripts/forsee-survey/oeLauncher.js
200 OK
Content-Length: 51704
Content-Type: application/javascript
clean
http://www.consumerreports.org/etc/designs/cro/shared-resources/scripts/event-handlers.js
200 OK
Content-Length: 353
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: crcarpriceservice.com

Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 05:51:26 GMT
Location: http://www.consumerreports.org/cro/cars/index.htm
Server: Apache-Coyote/1.1
Content-Length: 0

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: crcarpriceservice.com
Referer: http://www.google.com/search?q=crcarpriceservice.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=crcarpriceservice.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://crcarpriceservice.com/

Result: crcarpriceservice.com is not infected or malware details are not published yet.