what is txtsrving.info ?

And why is it appearing in my script blocker these days ?

Google reveals very little on this :/
Imagine something sharp and witty here ......

Feedback
0reaction image LOL 0reaction image Wow! 0reaction image Wisdom

Comments

  • Emp_FabEmp_Fab Frets: 24209
    Open it in notepad and paste it here.
    Lack of planning on your part does not constitute an emergency on mine.
    Also chips are "Plant-based" no matter how you cook them.
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • DeadmanDeadman Frets: 3851
    Are there any tits in it?
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 6378
    Noscript plugin is blocking it.  Nothing to paste.
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • I would expect it's a domain that has been specifically chosen because it looks like a file and that domain was used to deliver malware.
    ဈǝᴉʇsɐoʇǝsǝǝɥɔဪቌ
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 6378
    It's on this site ....
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • the raw domain doesnt resolve but d.txtsrving.info does with this:

    c:\tools>curl -v http://d.txtsrving.info
    * Rebuilt URL to: http://d.txtsrving.info/
    * Adding handle: conn: 0x20745c0
    * Adding handle: send: 0
    * Adding handle: recv: 0
    * Curl_addHandleToPipeline: length: 1
    * - Conn 0 (0x20745c0) send_pipe: 1, recv_pipe: 0
    * About to connect() to d.txtsrving.info port 80 (#0)
    *   Trying 50.19.105.231...
    * Connected to d.txtsrving.info (50.19.105.231) port 80 (#0)
    > GET / HTTP/1.1
    > User-Agent: curl/7.32.0
    > Host: d.txtsrving.info
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    < Content-Type: application/javascript
    < Date: Sun, 06 Oct 2013 10:06:11 GMT
    < Expires: Mon, 07 Oct 2013 04:00:00 GMT
    < P3P: CP="CUR ADM OUR NOR STA NID"
    * Server nginx/1.2.1 is not blacklisted
    < Server: nginx/1.2.1
    < Set-Cookie: dau_197fb66019b7c0a3339bffad6771977b=1381053971::0::0; Expires=Mon
    , 07-Oct-2013 03:59:59 GMT; Max-Age=64428; Path=/
    < Content-Length: 98
    < Connection: keep-alive
    <
    callback(64428,{"ccid":"Mansfield","cid":"GB","ip":"90.212.6.54","ppi":"1","zone
    id":0,"rid":"J9"})* Connection #0 to host d.txtsrving.info left intact

    ဈǝᴉʇsɐoʇǝsǝǝɥɔဪቌ
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 6378
    That's nice ......

    What on earth is it doing ?
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • Dunno, but that ip it references is my current ip. I think it might be one of those add servers that will try to serve me up pictures of "single ladies" near my location (which it has got spectacularly wrong)
    ဈǝᴉʇsɐoʇǝsǝǝɥɔဪቌ
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • JalapenoJalapeno Frets: 6378
    Marked Untrusted

    Running deep scan ....
    Imagine something sharp and witty here ......

    Feedback
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
  • bertiebertie Frets: 13564
    its an IP /ISP source finder type thing.

    probably from the GCHQ  thread
    just because you don't, doesn't mean you can't
     just because you do, doesn't mean you should.
    0reaction image LOL 0reaction image Wow! 0reaction image Wisdom
Sign In or Register to comment.