Re:
https://urlquery.net/report/cabd2d48-a558-4add-b735-4ad73508376231 instances of PHISHING.
WordPress Version -Version does not appear to be latest
See:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3Lmt0bXN0dSNbXS5wbA%3D%3D~enc16 direct threats:
https://app.upguard.com/#/ktmstudio.pl/images/wp-admin/index.htmlDom-XSS issues: results from scanning URL: -http://www.ktmstudio.pl/wp-content/themes/monstroid2/assets/js/jquery.ui.totop.min.js?ver=1.2.0
Number of sources found: 41
Number of sinks found: 17
& results from scanning URL: -http://www.ktmstudio.pl/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6
Number of sources found: 56
Number of sinks found: 10
Site blacklisted:
https://sitecheck.sucuri.net/results/www.ktmstudio.plOutdated Software Detected
PHP under 7.3.1
1 vuln. library detected:
https://retire.insecurity.today/#!/scan/b36ce29efbe3fd253be1ebd308dc2853e691f31968cf56a9d1e60914ae6e808bjquery 1.12.4 Found in -http://www.ktmstudio.pl/wp-includes/js/jquery/jquery.js?ver=1.12.4
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
Detected 110 times during last 30 days:
https://checkphish.ai/ip/195.162.24.218195.162.24.218 · 02.04.2019 [ K ], PL, Scan Attempt: SystemKylosHack-Info. AS48505 Kylos sp. z o.o. | Kylos | Kylos sp. z o.o.. Poland, Łódź. flagged at
http://fackers.ru/page/31/it’s not very smart to publish just IP addresses or ranges. It is not a secret that many IP addresses are dynamic, therefore, to search for a bully you need data on the date and time of the attack, and preferably an extract from the log file. info credits go to Инкогнито
Additional IP info can however be sought from -VT, Shodan, Censys (account), Netcraft Site Report, urlscan.io/#195.162.24.218 (11 months ago)
polonus (volunteer 3rd party cold reconnaisance website security analyst and website error-hunter)