Apart from that their is excessive header information singing around globally and to potential attackers: http://fetch.scritch.org/%2Bfetch/?url=+www.favorideas.com&useragent=Fetch+useragent&accept_encoding= (see overview) This is a suspicious external script link: htxp://dnn506yrbagrg.cloudfront.net/pages/scripts/0006/5172.js? Virus and adware on there: https://www.mywot.com/en/scorecard/dnn506yrbagrg.cloudfront.net?utm_source=addon&utm_content=rw-viewsc hidden link: f755/5b0978e6d4b7036419922419d954f8c96f4a from google.com/coop/cse/brand?form=014978267664617683492:hnmfrer6nuy (2559 bytes, 314 hidden) …see jsunpack scan web cache: http://webcache.googleusercontent.com/search?q=cache:geTZ_GA-Sj0J:jsunpack.jeek.org/%3Freport%3D84aecf821a3c03ad64c04cb1308a1f41adf26e96+&cd=1&hl=nl&ct=clnk&gl=nl code hick-up: wXw.favorideas.com/wp-includes/js/comment-reply.js?ver=20090102 benign [nothing detected] (script) wXw.favorideas.com/wp-includes/js/comment-reply.js?ver=20090102 status: (referer=wXw.favorideas.com/wedding-themes/multicultural-themes/paris-theme-wedding/)saved 786 bytes 6185b986af821a054a3019dc326fc42420b63009 info: [decodingLevel=0] found JavaScript suspicious:
pol