Scanned pages/files
| Request | Server response | Status |
http://jonbesh.net/ | 200 OK Content-Length: 74523 Content-Type: text/html | clean |
http://jonbesh.net/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/js/avia-compat.js?ver=2 | 200 OK Content-Length: 1105 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/config-layerslider/LayerSlider/static/js/greensock.js?ver=1.11.8 | 200 OK Content-Length: 53010 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/config-layerslider/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.3.1 | 200 OK Content-Length: 56423 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/config-layerslider/LayerSlider/static/js/layerslider.transitions.js?ver=5.3.1 | 200 OK Content-Length: 21095 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/js/avia.js?ver=3 | 200 OK Content-Length: 103179 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/js/shortcodes.js?ver=3 | 200 OK Content-Length: 130032 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-content/themes/enfold_v3.0.4_Capsol.ir/js/aviapopup/jquery.magnific-popup.min.js?ver=2 | 200 OK Content-Length: 20947 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.15.1 | 200 OK Content-Length: 77432 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-includes/js/mediaelement/wp-mediaelement.js?ver=4.1.8 | 200 OK Content-Length: 926 Content-Type: application/javascript | clean |
http://jonbesh.net/wp-includes/js/comment-reply.min.js?ver=4.1.8 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://jonbesh.net/contact-us | 200 OK Content-Length: 35572 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-HACKED BY ANONCODERS AND DARKSHADOW-TN +ACM-ANTI+AF8-SHIAA+ADw-DIV style+AD0AIg-DISP <!DOCTYPE html> <html dir="rtl" lang="fa-IR" class=" html_stretched responsive av-default-lightbox html_header_top html_logo_left html_menu_right html_slim html_header_sticky html_header_shrinking html_mobile_menu_phone html_content_align_center html_entry_id_2 "> <head> <meta charset="UTF-7" /> <!-- page title, displayed in your browser bar --> <title>+ADw-/title+AD4-HACKED BY ANONCODERS AND DARKSHADOW-TN +ACM-ANTI+AF8-SHIAA+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- | ارتباط با ٠ا</title> <meta name="robots" content="index, follow" /> <!-- mobile setting --> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <!-- Scripts/CSS and wp_head hook --> <link rel="alternate" type="application/rss+xml" title="+ADw-/title+AD4-HACKED BY ...[41764 bytes skipped]... | ||
http://jonbesh.net/maramname | 200 OK Content-Length: 34055 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jonbesh.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 22 Dec 2015 13:08:31 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://jonbesh.net/>; rel=shortlink
Set-Cookie: PHPSESSID=69a874d876bef6524ec78c8c568b280b; path=/
X-Pingback: http://jonbesh.net/xmlrpc.php
X-Powered-By: PHP/5.4.45
X-UA-Compatible: IE=edge,chrome=1
GET / HTTP/1.1
Host: jonbesh.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 22 Dec 2015 13:08:31 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://jonbesh.net/>; rel=shortlink
Set-Cookie: PHPSESSID=69a874d876bef6524ec78c8c568b280b; path=/
X-Pingback: http://jonbesh.net/xmlrpc.php
X-Powered-By: PHP/5.4.45
X-UA-Compatible: IE=edge,chrome=1
Second query (visit from search engine):
GET / HTTP/1.1
Host: jonbesh.net
Referer: http://www.google.com/search?q=jonbesh.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jonbesh.net
Referer: http://www.google.com/search?q=jonbesh.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jonbesh.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jonbesh.net/
Result: jonbesh.net is not infected or malware details are not published yet.
Result: jonbesh.net is not infected or malware details are not published yet.