New scan:

Malware Scanner report for handymanhotline.biz

Malicious/Suspicious/Total urls checked
11/0/17
11 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://handymanhotline.biz/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 21:29:26 GMT
Location: http://www.servicemagic.com/
Server: Apache/2.4.3 (Unix) mod_jk/1.2.37
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
clean
http://www.servicemagic.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 21:29:27 GMT
Location: http://www.homeadvisor.com/
Content-Length: 0
Set-Cookie: ServerID=235514048.20480.0000; expires=Sat, 27-Sep-2014 21:54:27 GMT; path=/
Set-Cookie: bbbbbbbbbbbbbbb=KLJFEPNFLPFINANDCBBODFMFDKNGBKIBHNFPOLOJKCCDCILLCBMHAMJEILLAPKGLMLNEPBNCAMNFMJPDOCCMLMPKCDAAHLMNLHNOOPIIABIFKIJACNPHJBKPGOEJKJIH; HttpOnly
Set-Cookie: TS01430915=0109d29b8d7b8cb7eb9e65b8382b3981ab566a77a40eabc67dedae724fc8e5a3956b6d9bd48035548594cde5427ff14ffbc36dff3474772e32958c64d68311ad98a08c0626; Path=/
clean
http://www.homeadvisor.com/
200 OK
Content-Length: 84575
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/N462518277/js/bundle/async.js/
404 Not Found
Content-Length: 76001
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/N1856456684/js/bundle/global.js/
404 Not Found
Content-Length: 76011
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/794142572/js/s_code.js/
404 Not Found
Content-Length: 76001
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

https://www.googleadservices.com/pagead/conversion.js
200 OK
Content-Length: 9447
Content-Type: text/javascript
clean
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/751754836/js/consumer/sub-nav.js/
404 Not Found
Content-Length: 76011
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com//cdn.optimizely.com/js/192644492.js/
404 Not Found
Content-Length: 76011
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com/how-it-works/
200 OK
Content-Length: 78274
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/387602536/js/bundle/survey-pixels.js/
404 Not Found
Content-Length: 76011
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com/article.home-improvement-library.html
200 OK
Content-Length: 93573
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com/write-a-review/
200 OK
Content-Length: 76425
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://cdn.gigya.com/js/socialize.js?apiKey=3_Wd_kQ4DJvIfvFBwN5u4vNdB_Rs4wdW8_OmExAoOq35NyVPyKy9RMvQBIPpT0YoDM
200 OK
Content-Length: 138240
Content-Type: text/javascript
clean
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/1027598463/js/bundle/xmd.js/
404 Not Found
Content-Length: 76001
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>');

Antivirus reports:

Avast
HTML:Iframe-inf
VIPRE
Heur.HTML.MalIFrame (v)
Norman
Iframer.AU
Sophos
Mal/Iframe-V
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://www.homeadvisor.com/servlet/ServiceProfessionalRegistrationServlet
200 OK
Content-Length: 28047
Content-Type: text/html
clean
http://www.homeadvisor.com/js/jQuery/jQuery.js
200 OK
Content-Length: 94840
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: handymanhotline.biz

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 27 Sep 2014 21:29:26 GMT
Location: http://www.servicemagic.com/
Server: Apache/2.4.3 (Unix) mod_jk/1.2.37
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1

...236 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: handymanhotline.biz
Referer: http://www.google.com/search?q=handymanhotline.biz

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=handymanhotline.biz

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://handymanhotline.biz/

Result: handymanhotline.biz is not infected or malware details are not published yet.