Navigation
Archive / Remove unused CSS rules – possible hack?
This is archived content. Visit our new forum.

Tagged: 

  • Author
    Posts
  • March 19, 2017 at 12:53 am #1412516

    luxuryhomesdigital
    Participant

    We have this site: http://mi3marketing.com/

    And when we run the Audit via Chrome console, it returns:

    Remove unused CSS rules (3364) 3364 rules (89%) of CSS not used by the current page. (unknown) : 100% is not used by the current page. (unknown) : 100% is not used by the current page. (unknown) : 100% is not used by the current page. (unknown) : 100% is not used by the current page.

    within ‘unknown’ css files are: .trc_related_container div[data-item-syndicated=”true”], ::content .trc_rbox_div .syndicatedItem, ::content .trc_rbox_border_elm .syndicatedItem, ::content .trc_rbox .syndicatedItem, ::content #tads.c, ::content #rhs_block > #mbEnd, ::content .commerce-inset, ::content a[href*=”.trust.zone”], ::content iframe[src^=”http://ad.yieldmanager.com/”], ::content iframe[id^=”google_ads_iframe”], ::content iframe[id^=”google_ads_frame”], ::content div[itemtype=”http://schema.org/WPAdBlock”], ::content div[id^=”div-gpt-ad”], ::content div[id^=”dfp-ad-“], ::content div[id^=”MarketGid”], ::content a[href^=”https://www.googleadservices.com/pagead/aclk?”], ::content a[href^=”http://www.yourfuckbook.com/?”], ::content a[href^=”http://www.socialsex.com/”], ::content a[href^=”http://www.liutilities.com/”], ::content a[href^=”http://www.fleshlight.com/”], ::content a[href^=”http://www.fbooksluts.com/”], ::content a[href^=”http://www.bet365.com/home/?affiliate”], ::content a[href^=”http://websitedhoome.com/”], ::content a[href^=”http://us.marketgid.com”], ::content a[href^=”http://pubads.g.doubleclick.net/”], ::content a[href^=”http://online.ladbrokes.com/promoRedirect?”], ::content a[href^=”http://mgid.com/”], ::content a[href^=”http://marketgid.com”], ::content a[href^=”http://affiliate.coral.co.uk/processing/”], ::content a[href^=”http://adultfriendfinder.com/p/register.cgi?pid=”], ::content a[href^=”http://adserving.unibet.com/”], ::content a[href^=”http://ads2.williamhill.com/redirect.aspx?”], ::content a[href^=”http://ads.betfair.com/redirect.aspx?”], ::content a[href^=”http://adfarm.mediaplex.com/”], ::content a[href^=”http://ad.doubleclick.net/”], ::content a[href^=”http://ad-emea.doubleclick.net/”], ::content a[href*=”/adrotate-out.php?”], ::content .yom-ad, ::content .wpInsertInPostAd, ::content .wnad, ::content .withAds, ::content .wideAd, ::content .view_ad, ::content .type_ads_default, ::content .trc-content-sponsored, ….. AND MORE

    The site is running under WordPress and Wordfence scan returns no malware and scan by our hosting provider returns no trace of malicious files. Just looking from the URLs in the css files tell us that we must have been hacked. Does anyone has ideas where should we look to find hacked codes or files?

    March 19, 2017 at 11:01 am #1412832

    Christian
    Moderator

    Hey there,

    We’re sorry but this is outside the scope of our support. Please contact a website security service provider or a third party web developer for investigation.

    Thanks.

  • Author
    Posts