what is txtsrving.info ?

And why is it appearing in my script blocker these days ?

Google reveals very little on this :/
Imagine something sharp and witty here ......

Feedback
0reaction image LOL 0reaction image Wow! 0reaction image Wisdom

Comments

  • Emp_FabEmp_Fab Frets: 6096
    Open it in notepad and paste it here.
    The voice of common sense!
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • DeadmanDeadman Frets: 1671
    Are there any tits in it?
    Dealer feedback is here 
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 1855
    Noscript plugin is blocking it.  Nothing to paste.
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • I would expect it's a domain that has been specifically chosen because it looks like a file and that domain was used to deliver malware.
    Prion Son - Alt/Prog/Metal: https://prionson.bandcamp.com/
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 1855
    It's on this site ....
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • the raw domain doesnt resolve but d.txtsrving.info does with this:

    c:\tools>curl -v http://d.txtsrving.info
    * Rebuilt URL to: http://d.txtsrving.info/
    * Adding handle: conn: 0x20745c0
    * Adding handle: send: 0
    * Adding handle: recv: 0
    * Curl_addHandleToPipeline: length: 1
    * - Conn 0 (0x20745c0) send_pipe: 1, recv_pipe: 0
    * About to connect() to d.txtsrving.info port 80 (#0)
    *   Trying 50.19.105.231...
    * Connected to d.txtsrving.info (50.19.105.231) port 80 (#0)
    > GET / HTTP/1.1
    > User-Agent: curl/7.32.0
    > Host: d.txtsrving.info
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    < Content-Type: application/javascript
    < Date: Sun, 06 Oct 2013 10:06:11 GMT
    < Expires: Mon, 07 Oct 2013 04:00:00 GMT
    < P3P: CP="CUR ADM OUR NOR STA NID"
    * Server nginx/1.2.1 is not blacklisted
    < Server: nginx/1.2.1
    < Set-Cookie: dau_197fb66019b7c0a3339bffad6771977b=1381053971::0::0; Expires=Mon
    , 07-Oct-2013 03:59:59 GMT; Max-Age=64428; Path=/
    < Content-Length: 98
    < Connection: keep-alive
    <
    callback(64428,{"ccid":"Mansfield","cid":"GB","ip":"90.212.6.54","ppi":"1","zone
    id":0,"rid":"J9"})* Connection #0 to host d.txtsrving.info left intact

    Prion Son - Alt/Prog/Metal: https://prionson.bandcamp.com/
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 1855
    That's nice ......

    What on earth is it doing ?
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • Dunno, but that ip it references is my current ip. I think it might be one of those add servers that will try to serve me up pictures of "single ladies" near my location (which it has got spectacularly wrong)
    Prion Son - Alt/Prog/Metal: https://prionson.bandcamp.com/
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 1855
    Marked Untrusted

    Running deep scan ....
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • bertiebertie Frets: 1582
    its an IP /ISP source finder type thing.

    probably from the GCHQ  thread
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
Sign In or Register to comment.