Recently, we noticed several websites with suspicious redirects to cloud.cdndynamic.com. After a careful review, we found multiple files contaminated and unauthorized users with admin privileges.
Try our free site check.
A malware analyst will provide a security report for your website.
Malicious links:
https://mc.yandex.ru/metrika/tag.js
https://yametric.com
Malicious IPs:
89.248.172.183, 94.102.51.144, used to inject malicious Javascript.
Github gist: https://gist.github.com/magefix/0aa49079a81900e54c0412ab639b7828
89.248.172.183 (Netherlands) Blocked for XSS: Cross Site Scripting in POST body: result = <script src=
Abajo tienes una muestra de estos ataques recientes:
septiembre 22, 2024 2:05am 94.102.51.144 (Países Bajos) Bloqueado por XSS: Cross Site Scripting en el cuerpo del POST: result =
Cleanup steps
- Perform a full website backup, including local files and database.
- Disable public access to avoid domain blacklisting and data loss.
- Clean up the website and ensure all plugins and themes are safe and updated.
- Check if the domain is blacklisted and search for SEO spam.
Cloudflare nameservers:
1. cdndynamic.com
Cloudflare nameservers: susan.ns.cloudflare.com, mike.ns.cloudflare.com ( reported on 9/22/2024 )
SERVA ONE LTD [email protected]
If you’ve recently noticed suspicious redirects to cloud.cdndynamic.com, we can help.
Our skilled malware analysts are available 24/7 to fix hacked WordPress websites and clean up malware – reach out to us if you need help.