Like here: http://maldb.com/advancetechmonitor.com/
See why: http://sitecheck.sucuri.net/results/advancetechmonitor.com/
WordPress version outdated: Upgrade required. → Wordpress internal path: /home/parsec29/public_html/wordpress/wp-content/themes/delicate/index.php
WordPress version: WordPress 3.1.1
WordPress theme: htxp://www.advancetechmonitor.com/wordpress/wp-content/themes/delicate/ → http://jsunpack.jeek.org/?report=a8cbc700c3ac3b1c795e98f47bedb42c676de773 (view in browser with NS and RP extensions active in a VM or sandbox - fror security researchers only)
For the defacement campaign results, see these search query results
https://www.google.nl/search?q=ADw-TITLE%2BAD4-Hacked+By+HaYaL-ET-06+%2BADw-%2FTITLE%2BAD4&oq=ADw-TITLE%2BAD4-Hacked+By+HaYaL-ET-06+%2BADw-%2FTITLE%2BAD4&aqs=chrome..69i57&sourceid=chrome&espv=210&es_sm=93&ie=UTF-8
Defacement on site has now been cleansed, but Quttera detecs 19 instances of a detected URL that was generated during page execution.
For the suspicious code dump, see: http://jsunpack.jeek.org/?report=8e8ed3eefac0a246293402b48e4b26f127283de3
Suspicious request: Blocked URL: https://www.google.nl/search?q=<script+type%3D’text%2Fjavascript’+language%3D’javascript’+>++document.documentElement.innerHTML+%3D+unescape(‘%253c%2548%2554%254d%25&oq=%3Cscript+type%3D’text%2Fjavascript’+language%3D’javascript’+%3E++document.documentElement.innerHTML+%3D+unescape('%253c%2548%2554%254d%25&aqs=chrome…69i57&sourceid=chrome&espv=210&es_sm=93&ie=UTF-8 (blocked by Netcraft Extension and Malscript Detector Add-on) (this was removed when defacement was cleansed - so results are historic for the greater part)
polonus
polonus