Is something infecting my Google searches?
Posted
by
hippietrail
on Super User
See other posts from Super User
or by hippietrail
Published on 2012-11-16T06:57:43Z
Indexed on
2012/11/17
5:04 UTC
Read the original article
Hit count: 462
I starting doing some experimentation toward making a browser userscript for Google searches and when opening the JavaScript console noticed something that strikes me as very fishy:
The page at https://www.google.com.au/search?oq=XYZ&sourceid=chrome&ie=UTF-8&q=XYZ displayed insecure content from http://50.116.62.47/js/chromeServerV45.js.
The page at about:blank displayed insecure content from http://96.126.107.154/amz/google.php?callback=a&q=XYZ&country=US.
(XYZ is a placeholder for whatever the search terms really was.)
Is it likely that I've picked something like a drive-by browser infection? I've tried all kinds of searches for these URLs and other keywords but I've had no luck finding anything conclusive about whether they're malicious or what they are:
50.116.62.47
chromeServerV45.js
96.126.107.154
amz/google.php
The only extensions I have installed are either widely used or written by myself. But something else is strange and I'm not sure if it's just a coincidence. I updated my Windows Chrome browser today to version 23.0.1271.64 m and now my Extensions tab as well as my settings tab are blank, so I can't try disabling my extesions.
Here's some discussion I've been able to find so far but not really understand and make sense of:
- for
96.126.107.154
: "anomalous-javascript-pt2"
© Super User or respective owner