Scanned pages/files
Request | Server response | Status |
http://mycontractorguide.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 17:26:09 GMT Location: http://www.servicemagic.com/ Server: Apache/2.4.3 (Unix) mod_jk/1.2.37 Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.servicemagic.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 17:26:09 GMT Location: http://www.homeadvisor.com/ Content-Length: 0 Set-Cookie: ServerID=235514048.20480.0000; expires=Tue, 01-Jul-2014 17:51:09 GMT; path=/ Set-Cookie: bbbbbbbbbbbbbbb=HGAEEPIBKNKNBKICPBBJDJFBECGOPFGJJONPBGALOCMDJBJNPIHJDKKKCGGAINCNGOJBDCIEBHDMPLHAOONPJKBCOFHOGAMBILOIIKOPPNKBAJLOEJNHPMJAJJNKJMIE; HttpOnly Set-Cookie: TS01430915=0109d29b8d2e16c8ddf5f54d16cec9340d3e8615011a69ddf279b28e93a9e786b028235b99071808b7d4dc66940c9e09661ab447afa83d4d6fa30f3074aec04e203ece7897; Path=/ | clean |
http://www.homeadvisor.com/ | 200 OK Content-Length: 84252 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/1817568378/js/bundle/global.js/ | 404 Not Found Content-Length: 76651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/N462518277/js/bundle/async.js/ | 404 Not Found Content-Length: 76651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/N1655356919/js/s_code.js/ | 404 Not Found Content-Length: 76651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
https://www.googleadservices.com/pagead/conversion.js | 200 OK Content-Length: 9217 Content-Type: text/javascript | clean |
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/751754836/js/consumer/sub-nav.js/ | 404 Not Found Content-Length: 76651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com//cdn.optimizely.com/js/192644492.js/ | 404 Not Found Content-Length: 76661 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com/how-it-works/ | 200 OK Content-Length: 78114 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/697972008/js/bundle/survey-pixels.js/ | 404 Not Found Content-Length: 76651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com/article.home-improvement-library.html | 200 OK Content-Length: 94358 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com/write-a-review/ | 200 OK Content-Length: 76692 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://cdn.gigya.com/js/socialize.js?apiKey=3_Wd_kQ4DJvIfvFBwN5u4vNdB_Rs4wdW8_OmExAoOq35NyVPyKy9RMvQBIPpT0YoDM | 200 OK Content-Length: 135604 Content-Type: text/javascript | clean |
http://www.homeadvisor.com//cdn1.homeadvisor.com/rb/52343869/js/bundle/xmd.js/ | 404 Not Found Content-Length: 76651 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="https://fls.doubleclick.net/activityi;src=3196561;type=smpat048;cat=patht281;u3=0;u1=0;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.homeadvisor.com/servlet/ServiceProfessionalRegistrationServlet | 200 OK Content-Length: 27595 Content-Type: text/html | clean |
http://www.homeadvisor.com/js/jQuery/jQuery.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mycontractorguide.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 01 Jul 2014 17:26:09 GMT
Location: http://www.servicemagic.com/
Server: Apache/2.4.3 (Unix) mod_jk/1.2.37
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
...236 bytes of data.
GET / HTTP/1.1
Host: mycontractorguide.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 01 Jul 2014 17:26:09 GMT
Location: http://www.servicemagic.com/
Server: Apache/2.4.3 (Unix) mod_jk/1.2.37
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
...236 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mycontractorguide.com
Referer: http://www.google.com/search?q=mycontractorguide.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mycontractorguide.com
Referer: http://www.google.com/search?q=mycontractorguide.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mycontractorguide.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mycontractorguide.com/
Result: mycontractorguide.com is not infected or malware details are not published yet.
Result: mycontractorguide.com is not infected or malware details are not published yet.