See: http://killmalware.com/bolsapubli.com/#
Detected: http://zulu.zscaler.com/submission/show/21a0e69f3b3f1ec69d5b1af4307d89bc-1420051045
Nothing here: https://www.virustotal.com/nl/url/46715f606af7c3f16b41ac9ac4f0a59829b2c2a91ab9cd7324dcb9db590f21f0/analysis/1420049589/
Nor here: http://sitecheck.sucuri.net/results/www.bolsapubli.com#sitecheck-details
Blacklisted: http://www.google.com/safebrowsing/diagnostic?site=www.bolsapubli.com & http://www.ip-finder.me/46.4.107.79/
& http://anti-hacker-alliance.com/index.php?details=46.4.107.79
HTML code contains blacklisted domain: wXw.bolsasecologicas.com
http-ogp-me-ns-fb → URL redirects to http://graph.facebook.com/schema/og/# , which returns JSON .
Suspicious Javascript Check: Suspicious
customizing_code_version_2document.write(unescape(“%3cscript%20src='”+ (document.location.protocol==‘https:’? "htxps://cdnssl.clicktale.net/www07/ptc/7c793858-1ef9-45f0-bea8-… Balkan Tracking Code
avast should detect as Win32:Oncer.
Web application version:
WordPress version: WordPress
Wordpress version from source: 4.1
Wordpress Version 3.8 for: htxp://www.bolsapubli.com/wp-includes/js/wp-ajax-response.js
RevSlider version: 4.1 (Should be patched against SoakSoak?) Re: http://revslidervulnerability.ultimateds.com/
WordPress theme: htxp://www.bolsapubli.com/wp-content/themes/3clicks/
Free malscript scanner for WP: http://gotmls.net/faqs/
polonus