polonus
1
Re: http://sitecheck.sucuri.net/results/anchor-roofing.com
System Details:
Running on: Apache/2.4.9
Powered by: PHP/5.4.29
Web application details:
Application: WordPress 4.0 - http://www.wordpress.org
Running cPanel 11.44.1.18: anchor-roofing.com:2082
Web application version:
WordPress version: WordPress 4.0
Wordpress version from source: 4.0
Wordpress Version 3.8 for: http://anchor-roofing.com/wp-includes/js/wp-ajax-response.js (backported?)
WordPress directory: http://www.anchor-roofing.com/wp-content
WordPress theme: http://www.anchor-roofing.com/wp-content/themes/anchor/
Outdated Web Server Apache Found: Apache/2.4.9 - so vurnerable, and possibly compromiesd.
Site blacklisted http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=anchor-roofing.com
Suspicious activity found. What?
polonus
polonus
2
Consider: wXw.anchor-roofing.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 benign
[nothing detected] (script) wXw.anchor-roofing.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
status: (referer=anchor-roofing.com/)saved 15248 bytes 374aa1f8db17575b0e35eabc46ad82062e09106c
info: [iframe] wXw.anchor-roofing.com/wp-content/plugins/contact-form-7/includes/js/
info: [decodingLevel=0] found JavaScript
error: undefined function e
suspicious: jsunpack scan results credits jsunpack (for security researchers and analyzers only - use NoScript and a VM and feel safer!
Extensive header info proliferation: Apache/2.4.9 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 ?
utf-8 0.87625, content decode detected.
Bitdefender TrafficLight blocks url=https://d31qbv1cthcecs.cloudfront.net/atrk.js as malicious
Others say it could be harmless code.
pol