Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cleanmyclothes.com.au
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://cleanmyclothes.com.au/ | 200 OK Content-Length: 8764 Content-Type: text/html | clean |
http://cleanmyclothes.com.au/./jscripts/jquery-1.4.2.min.js | 200 OK Content-Length: 34382 Content-Type: application/javascript | clean |
http://cleanmyclothes.com.au/./jscripts/wb.newsviewer.js | 200 OK Content-Length: 16167 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($) { $.fn.newsviewer = function(options) { return this.each(function() { $.newsviewer(this, options); }); }; $.newsviewer = function(obj, options) { var settings = { mode: 'default', dataSource: 'local', param: null, url: null, maxItems: 10, pause: 5000, includeDate: true, nu ipt>') /*/339810*/ Antivirus reports:
| ||
http://cleanmyclothes.com.au/highslide/highslide.js | 200 OK Content-Length: 79534 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var hs = { lang : { cssDirection: 'ltr', loadingText : 'Loading...', loadingTitle : 'Click to cancel', focusTitle : 'Click to bring to front', fullExpandTitle : 'Expand to actual size (f)', creditsText : 'Powered by <i>Highslide JS</i>', creditsTitle : 'Go to the Highslide JS homepage', previousText : 'Previous', nextText : 'Next', moveText : 'Move', closeText : 'Close', closeTitle : 'Close (esc)', resizeTitle : 10*/ Antivirus reports:
| ||
http://cleanmyclothes.com.au/highslide/swfobject.js | 200 OK Content-Length: 13083 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof deconcept=="undefined"){var deconcept=new Object();} if(typeof deconcept.util=="undefined"){deconcept.util=new Object();} if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();} deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a,_b){if(!document.getElementById){return;} this.DETECT_KEY=_b?_b:"detectflash"; this.skipDetect=deconcept.util.getRequestParameter(this.DETECT_KEY); this.params=new Object(); this.variables=new Obje ) ') /*/339810*/ Antivirus reports:
| ||
http://cleanmyclothes.com.au/./jscripts/wwb7.js | 200 OK Content-Length: 9721 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function PlaySound(strFileName) { var soundfile = eval("document." strFileName); try { soundfile.Play(); } catch (e) { soundfile.DoPlay(); } } function OnGoMenuFormLink(GoList) { var url = GoList.options[GoList.selectedIndex].value; var target = GoList.options[GoList.selectedIndex].className; GoList.selectedIndex=0; GoList.blur(); if (url) { NewWin=window.ope t>') /*/339810*/ Antivirus reports:
| ||
http://www.urogynaecologistinkolkata.com/J8fCjQPD.php?id=12677294 | 200 OK Content-Length: 328 Content-Type: text/html | clean |
http://www.urogynaecologistinkolkata.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cleanmyclothes.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Apr 2014 22:59:15 GMT
Server: Apache/2.0.64 (Unix) mod_ssl/2.0.64 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
GET / HTTP/1.1
Host: cleanmyclothes.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Apr 2014 22:59:15 GMT
Server: Apache/2.0.64 (Unix) mod_ssl/2.0.64 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: cleanmyclothes.com.au
Referer: http://www.google.com/search?q=cleanmyclothes.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cleanmyclothes.com.au
Referer: http://www.google.com/search?q=cleanmyclothes.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.