Scanned pages/files
Request | Server response | Status |
http://jaaleb.ir/ | 200 OK Content-Length: 101264 Content-Type: text/html | clean |
http://xslt.alexa.com/site_stats/js/t/a?url=jaaleb.ir | 200 OK Content-Length: 3153 Content-Type: application/x-javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://jaaleb.ir/sites/default/files/advagg_js/js__gxTJBxWJMoF1KnRV5P_59N9uD2ElV4yyX31SS3JIa1E__zy_W4MFzVhZEysqT50cLGajfQKfIROrDbmCkNb8V3Bg__vLKOw2Z8CEaDnXsdvGpde4xU2cJtVvVzaTY_UgLsVVE.js | 200 OK Content-Length: 8621 Content-Type: application/javascript | clean |
http://jaaleb.ir/sites/default/files/advagg_js/js__hrHlPFPkFG73EKIwFvj8dkFaPUGSv65OCcf5v59ji9o__xCVW2EvMdTUjav9NNvFjmNSQup6wJAo2bXr5L7qtfYE__vLKOw2Z8CEaDnXsdvGpde4xU2cJtVvVzaTY_UgLsVVE.js | 200 OK Content-Length: 22303 Content-Type: application/javascript | clean |
http://jaaleb.ir/sites/default/files/advagg_js/js__dTRSuW27RiJte-z_L4Px_rno5dZsdWKiU3HtuBiTSmc__fMZesVEDjDX8OsuLODQMNAC-e5HJ6sRefGTk9-PuaOc__vLKOw2Z8CEaDnXsdvGpde4xU2cJtVvVzaTY_UgLsVVE.js | 200 OK Content-Length: 1486 Content-Type: application/javascript | clean |
http://jaaleb.ir/sites/default/files/advagg_js/js__sssUuq-hZf3j2RA1ZKFBLQ2XLwJ3WGuSRL07sxTZIjU__NfnuHTMHphoq1wBM-ckSYoucmgHeOYiVAha1iUC0VUY__vLKOw2Z8CEaDnXsdvGpde4xU2cJtVvVzaTY_UgLsVVE.js | 200 OK Content-Length: 76958 Content-Type: application/javascript | clean |
https://apis.google.com/js/platform.js | 200 OK Content-Length: 37318 Content-Type: application/javascript | clean |
http://jaaleb.ir/feed | 200 OK Content-Length: 1208 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Mester Feisty <html>
<head> <title>Hacked By Mester Feisty</title> <link rel="shortcut icon" href="http://im54.gulfup.com/HgdNI5.jpg"> <meta content='Hacked By Mester Feisty' name='description'/> <meta content='Hacked By Mester Feisty' name='keywords'/> <meta content='Hacked By Mester Feisty' name='Abstract'/> <script src="http://masterendi.googlecode.com/files/salju.js"></script> </head> <style type ...[1073 bytes skipped]... | ||
http://masterendi.googlecode.com/files/salju.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://masterendi.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://masterendi.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://jaaleb.ir//www.google.com/ | 200 OK Content-Length: 1208 Content-Type: text/html | clean |
http://jaaleb.ir/contact | 200 OK Content-Length: 1208 Content-Type: text/html | clean |
http://jaaleb.ir/blog | 200 OK Content-Length: 1208 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jaaleb.ir
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Connection: keep-alive
Date: Wed, 10 Jun 2015 02:17:57 GMT
Accept-Ranges: bytes
ETag: "18b90-5574aa33-0"
Server: LiteSpeed
Vary: Accept-Encoding
Content-Length: 101264
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sun, 07 Jun 2015 20:31:47 GMT
X-Cached-By: Boost
...101264 bytes of data.
GET / HTTP/1.1
Host: jaaleb.ir
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Connection: keep-alive
Date: Wed, 10 Jun 2015 02:17:57 GMT
Accept-Ranges: bytes
ETag: "18b90-5574aa33-0"
Server: LiteSpeed
Vary: Accept-Encoding
Content-Length: 101264
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sun, 07 Jun 2015 20:31:47 GMT
X-Cached-By: Boost
...101264 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jaaleb.ir
Referer: http://www.google.com/search?q=jaaleb.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jaaleb.ir
Referer: http://www.google.com/search?q=jaaleb.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jaaleb.ir
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jaaleb.ir/
Result: jaaleb.ir is not infected or malware details are not published yet.
Result: jaaleb.ir is not infected or malware details are not published yet.