CSS @font-face random links to casino pages

The urls look like this u/@font-facexxx.slotxx.online/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.svg  the xxx are random numbers and similar urls occur randomly. It doesn’t disrupt website functionalities and I found it only when I do a link scan. It will appear at random pages. It always embed in u/@font-face and was advised by the Divi team to check the installed plugins instead.

I’m clueless how to resolve it and it will resurface every once and then.

What I’ve done:

1. Scanned with Solid Security Pro and Malcare (no issues found)
2. Deactivate and reactivate plugins one by one (can’t find any issues)
3. Updated all plugins and theme
4. Use reCaptcha for all forms (Initially, I assume is due to script injection but it happens even after all spam comments and bot registrations are deleted)
5. When I searched by the url [slotxx.online](http://slotxx.online), the entry is often found in wp\_woocommerce\_sessions

Any thoughts to resolve this? Thanks

1 Comment
  1. If you’re seeing casino links in your site, you’ve been hacked. Install Wordfence and run a scan. Report back with the results.


This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer