Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=inhein.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://inhein.com/ | HTTP/1.1 303 See other Connection: close Date: Thu, 28 Aug 2014 13:34:19 GMT Location: http://inhein.com/ru/ Server: nginx/0.5.34 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 90fab25a88b566ebab32a100f77b26ca=36f600d2d039d36ad14ef433c1508960; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://inhein.com/ru/ | 200 OK Content-Length: 28882 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery(document).ready(function(){ var vtemplaylistvtemmp301 = new jPlayerPlaylist({ jPlayer: "#vtemmp3_vtemmp301", cssSelectorAncestor: "#vtemmp3_container_vtemmp301" },[ { title:"Angel Of Decay", mp3:"https://dl.dropbox.com/s/3ezkqqwh7kmkp0f/Angel%20Of%20Decay.mp3?dl=1" },{ title:"The Path", mp3:"https://dl.dropbox.com/s/yanwqqy301klrm8/The%20Path.mp3?dl=1" },{ title:"Unlife", mp3:"https://dl.dropbox.com/s/uo },{ title:"Voice Of Desolation", mp3:"http://cs4341.userapi.com/u1199692/audio/7ceeb19a8e82.mp3" },{ title:"", mp3:"" } ], { playlistOptions: { autoPlay: false }, swfPath: "http://inhein.com/modules/mod_vtem_mp3/js/", supplied: "mp3, m4a", muted:false, volume: 0.5, preload: "metadata", loop: false }); }); Antivirus reports:
| ||
http://code.jquery.com/jquery-1.7.2.js | 200 OK Content-Length: 252881 Content-Type: application/x-javascript | clean |
http://typeface.neocracy.org/typeface-0.15.js | 200 OK Content-Length: 24339 Content-Type: text/javascript | clean |
http://inhein.com/$this->baseurl/templates/$this->template/js/cyrillicgoth.js | 404 Not Found Content-Length: 382 Content-Type: text/html | clean |
http://inhein.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://inhein.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://inhein.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://inhein.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://inhein.com/modules/mod_vtem_mp3/js/jquery.jplayer.min.js | 200 OK Content-Length: 42856 Content-Type: application/javascript | clean |
http://inhein.com//mc.yandex.ru/metrika/watch.js/ | HTTP/1.1 303 See other Connection: close Date: Thu, 28 Aug 2014 13:34:23 GMT Location: http://inhein.com/ru/mc.yandex.ru/metrika/watch.js Server: nginx/0.5.34 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=utf-8 Set-Cookie: 90fab25a88b566ebab32a100f77b26ca=a317033d081030b8cf027fdbfad2c3e0; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://inhein.com/ru/mc.yandex.ru/metrika/watch.js | 404 Not Found Content-Length: 349 Content-Type: text/html | clean |
http://inhein.com/templates/crypt_2/js/lightbox.js | 200 OK Content-Length: 11598 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: inhein.com
Result:
HTTP/1.1 303 See other
Connection: close
Date: Thu, 28 Aug 2014 13:34:19 GMT
Location: http://inhein.com/ru/
Server: nginx/0.5.34
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=utf-8
Set-Cookie: 90fab25a88b566ebab32a100f77b26ca=36f600d2d039d36ad14ef433c1508960; path=/
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: inhein.com
Result:
HTTP/1.1 303 See other
Connection: close
Date: Thu, 28 Aug 2014 13:34:19 GMT
Location: http://inhein.com/ru/
Server: nginx/0.5.34
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=utf-8
Set-Cookie: 90fab25a88b566ebab32a100f77b26ca=36f600d2d039d36ad14ef433c1508960; path=/
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: inhein.com
Referer: http://www.google.com/search?q=inhein.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: inhein.com
Referer: http://www.google.com/search?q=inhein.com
Result:
The result is similar to the first query. There are no suspicious redirects found.