Not malicious but here in the Hall of Shame:
Re:
https://www.immuniweb.com/websec/?id=ZZv4yeuMand
https://urlscan.io/result/d73751bc-be77-4834-bc8a-b7089f662801on hoster:
https://www.shodan.io/host/88.99.247.221Insecure:
This website is insecure.
33% of the trackers on this site could be protecting you from NSA snooping. Tell -koliee.ir to fix it.
Identifiers | All Trackers
* Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.
-7ocilktl9nkh7ihXXXXXXcebb0 -wXw.koliee.ir phpsessid
Retireable jQuery libraries:
bootstrap 3.3.7 Found in -http://www.koliee.ir/js/bootstrap.min.js<br>Vulnerability info: **
High 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331
Medium 20184 XSS in data-target property of scrollspy CVE-2018-14041
Medium 20184 XSS in collapse data-parent attribute CVE-2018-14040
Medium 20184 XSS in data-container property of tooltip CVE-2018-14042
jquery 3.2.1.min Found in -http://www.koliee.ir/js/jquery-3.2.1.min.js<br>Vulnerability info:
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution 123
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
Blocked in the browser for me (pol): -www.smartsuppchat.com/loader.js?
INLINE: (function() { let alreadyInsertedMetaTag = false function __insertDappDete
1,238 bytes
INLINE: var _smartsupp = _smartsupp || {}; _smartsupp.key = '00ff41XXXXXXXXXX54e1b6ae86
418 bytes
** bootstrap insecurity: -www.koliee.ir/css/bootstrap.min.css
INJECTED
INLINE: @media print {#ghostery-purple-box {display:none !important}}
61 bytes INJECTED
font insecurity version 4.7.0
linting report hints:
https://webhint.io/scanner/52b964c6-33f6-497e-b75d-1a569424149cand especially here for this forum the 9 category of hints here:
https://webhint.io/scanner/52b964c6-33f6-497e-b75d-1a569424149c#category-securityfor instance disown-opener flaw for -http://koliee.ir/blog/1395/07/20/%D9%85%D8%AF%D8%A7%D8%B1%DA%A9-%D9%84%D8%A7%D8%B2%D9%85-%D8%AC%D9%87%D8%AA-%D8%A7%D9%87%D8%AF%D8%A7%D8%A1-%DA%A9%D9%84%DB%8C%D9%87/
Word Press vuln. Wordpress - 4.6.18
7.5
WPVDB-ID:8941
WordPress <= 4.8.2 - $wpdb->prepare() Weakness
7.5
WPVDB-ID:10004
WordPress <= 5.3 - wp_kses_bad_protocol() Colon Bypass
7.5
WPVDB-ID:9912
WordPress <= 5.2.3 - Server-Side Request Forgery (SSRF) in URL Validation
7.5
WPVDB-ID:9171
WordPress <= 5.0 - PHP Object Injection via Meta Data
7.5
WPVDB-ID:8730
WordPress 3.5-4.7.1 - WP_Query SQL Injection
7.5
WPVDB-ID:8905
WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
7.5
WPVDB-ID:8818
WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
6.8
WPVDB-ID:8720
WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
6.8
WPVDB-ID:9230
WordPress 3.9-5.1 - Comment Cross-Site Scripting (XSS)
6.8
WPVDB-ID:9913
WordPress <= 5.2.3 - Admin Referrer Validation
6.8
WPVDB-ID:8969
WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
6.5
WPVDB-ID:9100
WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
6.5
WPVDB-ID:9222
WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution
6.5
WPVDB-ID:8766
WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
5.8
WPVDB-ID:9054
WordPress 3.7-4.9.4 - Use Safe Redirect for Login
5.8
WPVDB-ID:9053
WordPress 3.7-4.9.4 - Remove localhost Default
5.8
WPVDB-ID:9169
WordPress <= 5.0 - Authenticated File Delete
5.5
WPVDB-ID:8767
WordPress 4.7.0-4.7.2 - Authenticated Unintended File Deletion in Plugin Delete
5.5
WPVDB-ID:8734
WordPress 4.7.0-4.7.1 - Unauthenticated Page/Post Content Modification via REST API
5
WPVDB-ID:9909
WordPress <= 5.2.3 - Unauthenticated View Private/Draft Posts
5
WPVDB-ID:9911
WordPress <= 5.2.3 - JSON Request Cache Poisoning
5
WPVDB-ID:8911
WordPress 3.0-4.8.1 - Path Traversal in Unzipping
5
WPVDB-ID:8815
WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
5
WPVDB-ID:9973
WordPress <= 5.3 - Improper Access Controls in REST API
5
WPVDB-ID:8729
WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
5
WPVDB-ID:8721
WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
5
WPVDB-ID:8912
WordPress 4.4-4.8.1 - Path Traversal in Customizer
5
WPVDB-ID:8816
WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
5
WPVDB-ID:8817
WordPress 3.4.0-4.7.4 - XML-RPC Post Meta Data Lack of Capability Checks
5
WPVDB-ID:8719
WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
5
WPVDB-ID:9174
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
5
WPVDB-ID:8910
WordPress 2.9.2-4.8.1 - Open Redirect
4.9
WPVDB-ID:9006
WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
4.3
WPVDB-ID:9975
WordPress <= 5.3 - Stored XSS via Crafted Links
4.3
WPVDB-ID:8820
WordPress 3.4.0-4.7.4 - Customizer XSS & CSRF
4.3
WPVDB-ID:8819
WordPress 3.3-4.7.4 - Large File Upload Error XSS
4.3
WPVDB-ID:9910
WordPress <= 5.2.3 - Stored XSS in Style Tags
4.3
WPVDB-ID:8716
WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
4.3
WPVDB-ID:9867
WordPress <= 5.2.2 - Cross-Site Scripting (XSS) in URL Sanitisation
4.3
WPVDB-ID:8913
WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
4.3
WPVDB-ID:8718
WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
4.3
WPVDB-ID:9173
WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
4.3
WPVDB-ID:9055
WordPress 3.7-4.9.4 - Escape Version in Generator Tag
4.3
WPVDB-ID:8769
WordPress 4.7-4.7.2 - Cross-Site Scripting (XSS) via Taxonomy Term Names
4.3
WPVDB-ID:8731
WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
4.3
WPVDB-ID:8914
WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
4.3
WPVDB-ID:8770
WordPress 4.2-4.7.2 - Press This CSRF DoS
4.3
WPVDB-ID:9170
WordPress <= 5.0 - Authenticated Post Type Bypass
4
WPVDB-ID:8967
WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
3.5
WPVDB-ID:9908
WordPress <= 5.2.3 - Stored XSS in Customizer
3.5
WPVDB-ID:9175
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
3.5
WPVDB-ID:9976
WordPress <= 5.3 - Stored XSS via Block Editor Content
3.5
WPVDB-ID:8968
WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
3.5
WPVDB-ID:8768
WordPress 4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
3.5
WPVDB-ID:8966
WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
3.5
WPVDB-ID:9172
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
3.5
WPVDB-ID:8765
WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
3.5
WPVDB-ID:8714
WordPress 4.3-4.7 - Remote Code Execution (RCE) in PHPMailer
0
WPVDB-ID:8906
WordPress 2.3.0-4.7.4 - Authenticated SQL injection
0
2017 Vulners.comvulners.com
Reputation Check
PASSED
Google Safe Browse:OK
Spamhaus Check:OK
Abuse CC:OK
Dshield Blocklist:OK
Cisco Talos Blacklist: OK
Externally Linked Host Hosting Provider Country
-www.ahmand.ir
-koliee.ir Hetzner Online GmbH Germany
-www.jnin.ir Hetzner Online GmbH Germany
-www.kartam.ir
-www.kifam.ir
-www.ahmand-group.ir
-www.zamenn.ir Hetzner Online GmbH Germany
-www.imbti.ir Hetzner Online GmbH Germany
-www.vamam.ir Hetzner Online GmbH Germany
-www.gancher.ir
polonus (volunteer 3rd party cold recon werbsite security-analyst and website error-hunter)