Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=privseh.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://privseh.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://privseh.com/ | 200 OK Content-Length: 48367 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: pro100sex.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru" lang="ru"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ïðè Âñåõ</title> <meta name="description" content="Ïðè Âñåõ - Ýêñãèáèöèîíèçì, âóàéåðèçì, çàñâåòû è ðàçâðàò ïðè ñâ ...[4339 bytes skipped]... | ||
http://privseh.com/engine/classes/js/jquery.js | 200 OK Content-Length: 92793 Content-Type: application/javascript | clean |
http://privseh.com/engine/classes/js/jqueryui.js | 200 OK Content-Length: 64903 Content-Type: application/javascript | clean |
http://privseh.com/engine/classes/js/dle_js.js | 200 OK Content-Length: 22398 Content-Type: application/javascript | clean |
http://standadv.com/76wb25555489/e1/f1a/6/78.js | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://www.znews.su/user/1865/privseh.com_inf_4.php | 200 OK Content-Length: 1865 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: privseh.com var traff_style_photo = document.getElementById('privseh.com_nas_4_xxx_news'); if(traff_style_photo)traff_style_photo.innerHTML='<center><table cellspacing=3 width=100% style="border: 0px solid #6D126A;"><td align=center style="padding: 4px; border: 0px dashed #6D126A;" valign=top width=33.333333333333%><a href=http://www.znews.su/go_slin.php?id=42815&sour=1865 target=_blank><img src=http://www.znews.su/img/1077160722576081792.jpg style= "width: 160px; border: 1px ...[1589 bytes skipped]... | ||
http://www.znews.su/go_slin.php?id=42815&sour=1865 | HTTP/1.1 302 Found Connection: close Date: Sun, 07 Sep 2014 06:28:24 GMT Location: /go_news.php?id=1865&news=42815 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.7 | clean |
http://www.znews.su/go_news.php?id=1865&news=42815 | 200 OK Content-Length: 91059 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="key ...[4425 bytes skipped]... | ||
http://www.znews.su/user/1787/znews.su_inf_2.php | 200 OK Content-Length: 1941 Content-Type: text/html | clean |
http://www.znews.su/go_news.php?id=1787&news=43299&no_x=1 | 200 OK Content-Length: 84382 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="key ...[4425 bytes skipped]... | ||
http://bestevernews.com/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://lookfornews.net/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://www.znews.su/user/1787/znews.su_inf_4.php | 200 OK Content-Length: 9752 Content-Type: text/html | clean |
http://www.znews.su/go_slin.php?id=42814&sour=1787 | HTTP/1.1 302 Found Connection: close Date: Sun, 07 Sep 2014 06:28:30 GMT Location: /go_news.php?id=1787&news=42814 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.7 | clean |
http://www.znews.su/go_news.php?id=1787&news=42814 | 200 OK Content-Length: 91291 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: toget.ru <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="key ...[4425 bytes skipped]... | ||
http://visitweb.com/v/44953 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 07 Sep 2014 06:28:33 GMT Location: http://v.gfhdkse.com/v?bid=44953 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://v.gfhdkse.com/v?bid=44953 | 200 OK Content-Length: 66664 Content-Type: text/javascript | clean |
http://znews.su/ts/c8a3ee.js | 200 OK Content-Length: 266 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: privseh.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 07 Sep 2014 06:28:22 GMT
Pragma: no-cache
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=koi8-r
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aecknva8sfsp9dnrn6m7qcbvf7; path=/; domain=.privseh.com; HttpOnly
X-Powered-By: PHP/5.4.4-14+deb7u10
GET / HTTP/1.1
Host: privseh.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 07 Sep 2014 06:28:22 GMT
Pragma: no-cache
Server: nginx/1.2.1
Vary: Accept-Encoding
Content-Type: text/html; charset=koi8-r
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aecknva8sfsp9dnrn6m7qcbvf7; path=/; domain=.privseh.com; HttpOnly
X-Powered-By: PHP/5.4.4-14+deb7u10
Second query (visit from search engine):
GET / HTTP/1.1
Host: privseh.com
Referer: http://www.google.com/search?q=privseh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: privseh.com
Referer: http://www.google.com/search?q=privseh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.