1

See 12 alerts from Fortinet’s Webfilter: http://urlquery.net/report.php?id=1430843577133
Google safe browse check
WARNING
Google finds the site to be potentially dangerous: http://killmalware.com/autofocusstudios.com/
See: http://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Fautofocusstudios.com&hl=en
See: https://www.virustotal.com/nl/url/3b9bd12faf304822303ddb51bb2c4c4fab4b69a5d75a688ffefdad26f2623e0a/analysis/1430843887/
IP badness history: https://www.virustotal.com/nl/ip-address/108.60.19.145/information/
Also listed as a PHISH site: 108.60.19.145 → http://permalink.gmane.org/gmane.comp.security.phishings/53252

WordPress pug-ins on site:
-mailchimp-for-wp
-jetpack
-download-manager
-All in One SEO Pack * All in One SEO Pack version: 2.2.6.2

Theme : photolux
Version 2.3.1 – 23 April 2015:

  • Fixed: Security fix: escaped the URLs every time the add_query_arg() function is used to fix the recently found XSS vulnerability of the add_query_arg() function
  • Fixed: editor buttons lightbox dialog – media window displayed behind the dialog on Chrome
  • Fixed: the navigation button display of the Simple Google Map widget
    Stay up to date: http://www.wordpressexploit.com/

Included javascripts:
-http://autofocusstudios.com/wp-includes/js/jquery/jquery.js
-http://autofocusstudios.com/wp-includes/js/jquery/jquery-migrate.min.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/main.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/cufon-yui.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/fonts/charis_sil.js
-http://autofocusstudios.com/wp-content/themes/photolux/js/grid-gallery.js
-http://autofocusstudios.com/wp-content/plugins/download-manager/bootstrap/js/bootstrap.min.js
-http://autofocusstudios.com/wp-content/plugins/download-manager/js/front.js
-http://autofocusstudios.com/wp-content/plugins/download-manager/js/chosen.jquery.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/core.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/widget.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/mouse.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/ui/draggable.min.js
-http://autofocusstudios.com/wp-includes/js/jquery/jquery.form.min.js
-http://s0.wp.com/wp-content/js/devicepx-jetpack.js
-http://s.gravatar.com/js/gprofiles.js
-http://autofocusstudios.com/wp-content/plugins/jetpack/modules/wpgroho.js
-http://autofocusstudios.com/wp-includes/js/comment-reply.min.js
-http://stats.wp.com/e-201519.js
-gtranslate

Site malicious: http://zulu.zscaler.com/submission/show/86fbd6c12be04e473f987cd7a726f88a-1430843740

See atatched tracker tracker report - do not open links inside a browser - info provided for security research purposes only.

polonus (volunteer website security analyst and website error-hunter)