Hello all, I've been having some issues with the computer and today i was looking at the source for google.com in my browser, and it came out to 4 lines of all javascript? Is this indicative of javascript dns takeover? I've pasted the code below. I have javascript turned off and if i turn it on this page won't load,
so I can't wrap it in code tags. I'm sorry. If someone could also tell me what the text codes are for that?
<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google</title><script>window.google={kEI:"IHDbSsU6k-yzA4iOrdkC",kEXPI:"17259,20495,21766,22107,22189,2 2199,22217",kCSIE:"17259,20495,21766,22107,22189,2 2199,22217",kCSI:{e:"17259,20495,21766,22107,22189 ,22199,22217",ei:"IHDbSsU6k-yzA4iOrdkC"},pageState:"#",kHL:"en",j:{en:1,l:func tion(){},e:function(){},b:location.hash&&location. hash!="#",pl:[]}};
(function(){for(var d=0,c;c=["ad","bc","p","pa","zd","ac","pc","pah","ph","sa", "zc","zz"][d++]
(function(b){google.j[b]=
function(){google.j.pl.push([b,arguments])}})(c)})();
window.google.sn="webhp";window.google.timers={loa d:{t:{start
new Date).getTime()}}};try{window.google.pt=window.gtb External&&window.gtbExternal.pageT();}catch(b){}wi ndow.google.jsrt_kill=1;
</script><style>td{line-height:.8em;}.gac_m td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts td{padding:0}.ts{border-collapse:collapse}em{font-weight:bold;font-style:normal}.lst{font-family:arial,sans-serif;font-size:17px;margin-bottom:0.2em;vertical-align:bottom; }.lsb{font-family:arial,sans-serif;font-size:15px;height:1.85em;margin:0.2em;}#gbar{float: left;height:22px}.gbh,.gbd{border-top:1px solid #c9d7f1;font-size:1px}.gbh{height:0;position:absolute;top:24px; width:100%}#gbi,#gbg,#gbs,#gbm{background:#fff;lef t:0;position:absolute;text-align:left;visibility:hidden;z-index:1000}#gbi,#gbg,#gbm{border:1px solid;border-color:#c9d7f1 #36c #36c #a2bae7;z-index:1001}#guser{padding-bottom:7px !important;text-align:right}#gbar,#guser{font-size:13px;padding-top:1px !important}.gb1,.gb3{zoom:1;margin-right:.5em}.gb2{display:block;padding:.2em .5em}a.gb1,a.gb2,a.gb3{color:#00c !important}.gb2,.gb3{text-decoration:none}a.gb2:hover{background:#36c;color: #fff !important}</style><script>var _gjwl=location;function _gjuc(){var b=_gjwl.href.indexOf("#");if(b>=0){var a=_gjwl.href.substring(b+1);if(/(^|&)q=/.test(a)&&a.indexOf("#")==-1&&!/(^|&)cad=h($|&)/.test(a)){_gjwl.replace("/search?"+a.replace(/(^|&)fp=[^&]*/g,"")+"&cad=h");return 1}}return 0}function _gjp(){!(window._gjwl.hash&&window._gjuc())&&setTi meout(_gjp,500)};
google.y={};google.x=function(e,g){google.y[e.id]=[e,g];return false};if(!window.google)window.google={};window.g oogle.crm={};window.google.cri=0;window.clk=functi on(d,e,f,j,k,l,m){if(document.images){var a=encodeURIComponent||escape,b=new Image,g=window.google.cri++;window.google.crm[g]=b;b.onerror=(b.onload=(b.onabort=function(){delet e window.google.crm[g]}));b.src=["/url?sa=T","",e?"&oi="+a(e):"",f?"&cad="+a(f):"","& ct=",a(j||"res"),"&cd=",a(k),d?"&url="+a(d.replace (/#.*/,"")).replace(/\+/g,"%2B"):"","&ei=","IHDbSsU6k-yzA4iOrdkC",l].join("")}
return true};
window.gbar={qs:function(){},tg:function(e){var o={id:'gbar'};for(i in e)o[i]=e[i];google.x(o,function(){gbar.tg(o)})}};</script></head><body bgcolor=#ffffff text=#000000 link=#0000cc vlink=#551a8b alink=#ff0000 onload="try{!google.j.b&&document.f.q.focus()}catc h(e){};if(document.images)new Image().src='/images/nav_logo7.png'" topmargin=3 marginheight=3><textarea id=csi style=display:none></textarea><script>if(google.j.b)document.body.style .visibility='hidden';</script><iframe name=wgjf style=display:none src="" onload="google.j.l()" onerror="google.j.e()"></iframe><textarea id=wgjc style=display:none></textarea><textarea id=csi style=display:none></textarea><textarea id=hcache style=display:none></textarea><span id=main><span id=ghead><div id=gbar><nobr><b class=gb1>Web</b> <a href="http://images.google.com/imghp?hl=en&tab=wi" onclick=gbar.qs(this) class=gb1>Images</a> <a href="http://video.google.com/?hl=en&tab=wv" onclick=gbar.qs(this) class=gb1>Videos</a> <a href="http://maps.google.com/maps?hl=en&tab=wl" onclick=gbar.qs(this) class=gb1>Maps</a> <a href="http://news.google.com/nwshp?hl=en&tab=wn" onclick=gbar.qs(this) class=gb1>News</a> <a href="http://www.google.com/prdhp?hl=en&tab=wf" onclick=gbar.qs(this) class=gb1>Shopping</a> <a href="http://mail.google.com/mail/?hl=en&tab=wm" class=gb1>Gmail</a> <a href="http://www.google.com/intl/en/options/" onclick="this.blur();gbar.tg(event);return !1" aria-haspopup=true class=gb3><u>more</u> <small>▼</small></a><div id=gbi><a href="http://groups.google.com/grphp?hl=en&tab=wg" onclick=gbar.qs(this) class=gb2>Groups</a> <a href="http://books.google.com/bkshp?hl=en&tab=wp" onclick=gbar.qs(this) class=gb2>Books</a> <a href="http://scholar.google.com/schhp?hl=en&tab=ws" onclick=gbar.qs(this) class=gb2>Scholar</a> <a href="http://www.google.com/finance?hl=en&tab=we" onclick=gbar.qs(this) class=gb2>Finance</a> <a href="http://blogsearch.google.com/?hl=en&tab=wb" onclick=gbar.qs(this) class=gb2>Blogs</a> <div class=gb2><div class=gbd></div></div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a> <a href="http://www.google.com/calendar/render?hl=en&tab=wc" class=gb2>Calendar</a> <a href="http://picasaweb.google.com/home?hl=en&tab=wq" onclick=gbar.qs(this) class=gb2>Photos</a> <a href="http://docs.google.com/?hl=en&tab=wo" class=gb2>Documents</a> <a href="http://www.google.com/reader/view/?hl=en&tab=wy" class=gb2>Reader</a> <a href="http://sites.google.com/?hl=en&tab=w3" class=gb2>Sites</a> <div class=gb2><div class=gbd></div></div><a href="http://www.google.com/intl/en/options/" class=gb2>even more »</a> </div></nobr></div><div id=guser width=100%><nobr><a href="/url?sa=p&pref=ig&pval=3&q=http://www.google.com/ig%3Fhl%3Den%26source%3Diglk&usg=AFQjCNFA18XPfgb7d KnXfKz7x7g1GDH1tg">iGoogle</a> | <a href="/preferences?hl=en">Search settings</a> | <a href="https://www.google.com/accounts/Login?hl=en&continue=http://www.google.com/">Sign in</a><div id=gbg></div></nobr></div><div class=gbh style=left:0></div><div class=gbh style=right:0></div></span> <center><span id=body><center><br clear=all id=lgpd><img alt="Google" height=110 src="/intl/en_ALL/images/logo.gif" width=276 id=logo onload="window.lol&&lol()"><br><br><form action="/search" name=f><table cellpadding=0 cellspacing=0><tr valign=top><td width=25%> </td><td align=center nowrap><input name=hl type=hidden value=en><input name=source type=hidden value=hp><input autocomplete="off" maxlength=2048 name=q size=55 class=lst title="Google Search" value=""><br><input name=btnG type=submit value="Google Search" class=lsb onclick="this.checked=1"><input name=btnI type=submit value="I'm Feeling Lucky" class=lsb onclick="this.checked=1"></td><td nowrap width=25% align=left><font size=-2> <a href=/advanced_search?hl=en>Advanced Search</a><br> <a href=/language_tools?hl=en>Language Tools</a></font></td></tr></table></form><br></center></span> <span id=footer><center><br><font size=-1><a href="/intl/en/ads/">Advertising Programs</a> - <a href="/services/">Business Solutions</a> - <a href="/intl/en/about.html">About Google</a></font><p><font size=-2>©2009 - <a href="/intl/en/privacy.html">Privacy</a></font></p></center></span> </span> <script>function _gjp() {!(location.hash && _gjuc()) && setTimeout(_gjp, 500);}google.j[1]={cc:[],co:['ghead','body','footer','xjsi'],pc:[],nb:0,css:document.getElementsByTagName('style')[0].innerHTML,main:'<span id=ghead></span><span id=body></span><span id=footer></span><span id=xjsi></span>'};</script><script>function wgjp(){var xjs=document.createElement('script');xjs.src='/extern_chrome/c807e9ccc08a197a.js';(document.getElementById('xjs d') || document.body).appendChild(xjs)};</script><div id=xjsd></div><div id=xjsi><script>if(google.y)google.y.first=[];if(google.y)google.y.first=[];if(!google.xjs){google.dstr=[];google.rein=[];window.setTimeout(function(){var a=document.createElement("script");a.src="/extern_js/f/CgJlbhICdXMrMAo4NUAJLCswDjgHLCswFjgQLCswFzgDLCswGD gELCswGTgJLCswHTgZLCswJTjJiAEsKzAmOAUsKzAnOAIsKzAq OAEsKzArOAYsKzA8OAAs/Vjq-yE5jfcU.js";(document.getElementById("xjsd")||docu ment.body).appendChild(a)},0);
google.xjs=1};google.y.first.push(function(){googl e.ac.m=1;google.ac.b=true;google.ac.i(document.f,d ocument.f.q,'','')});google.xjs&&google.j&&google. j.xi&&google.j.xi()</script></div><script>(function(){
function a(){google.timers.load.t.ol=(new Date).getTime();google.report&&google.report(googl e.timers.load,google.kCSI)}if(window.addEventListe ner)window.addEventListener("load",a,false);else if(window.attachEvent)window.attachEvent("onload", a);google.timers.load.t.prt=(new Date).getTime();
})();
</script>
</code>
--and this bit of Javascript I got from ixquick.com is suspicious to me.
<code>
<SCRIPT LANGUAGE=JAVASCRIPT> function getelem (i) { if (typeof document.getElementById == "undefined") { return document.all[i]; } else { return document.getElementById(i); } } function show_img (i_ob) { i_ob.style.visibility = 'visible'; } function show (ob) { ob.style.display = ''; } function hide (ob) { ob.style.display = 'none'; } function changeimage(id, url) { var imgname = document.getElementById(id); imgname.src = url; } function rc (result_number) { getelem('title_' + result_number).style.color = '#BCD3F5'; } function eh (e_ob, fg, enginename) { var sp_el = document.createElement('span'); if (document.blah1.elements[enginename].value != '') { if (fg == 1) { sp_el.innerHTML = 'Click to disable this search engine for your next search'; e_ob.title = sp_el.innerHTML; e_ob.style.color = '#4585e7';} else {e_ob.style.color = '#140b74';} } else { if (fg == 1) { sp_el.innerHTML = 'Click to enable this search engine for your next search'; e_ob.title = sp_el.innerHTML; e_ob.style.color = '#140b74'; } else {e_ob.style.color = '#4585e7';} } } function vch (e_ob, fg, enginename) { if (document.blah1.elements[enginename].value != '') { if (fg == 1) { e_ob.style.color = '#4585e7';} else {e_ob.style.color = '#140b74';} } else { if (fg == 1) { e_ob.style.color = '#140b74'; } else {e_ob.style.color = '#4585e7';} } } function vd_s (form_obj, enginename, engine) { for (i = 0; i < form_obj.elements.length; i++) { elem = form_obj.elements[i].name; if (elem.indexOf('engine') != -1) { form_obj.elements[elem].value = ''; } } form_obj.elements[enginename].value = engine; if (form_obj.elements['query'].value != '') { form_obj.submit(); } } function te (enginename, engine, instance, wp) { var formname = 'blah' + instance; var imagename = instance + engine; if (document[formname].elements[enginename].value != '') { document[formname].elements[enginename].value = ''; document[imagename].src = 'http://us2.ixquick.com/graphics/radio_res_U.gif'; if (wp == 'image') { getelem(imagename + '_span').style.color = '#4585E7'; } else { getelem(imagename + '_span').style.color = '#140B74'; } } else { document[formname].elements[enginename].value = engine; document[imagename].src = 'http://us2.ixquick.com/graphics/radio_res_C.gif'; if (wp == 'image') { getelem(imagename + '_span').style.color = '#140B74'; } else { getelem(imagename + '_span').style.color = '#4585E7'; } } } function changeImages() { if (document.images) { var selected = ""; if (typeof document.blah2 == 'undefined') { var catpos = changeImages.arguments[0].indexOf("_"); if (catpos != -1) { changeImages.arguments[0] = changeImages.arguments[0].substring(0,catpos); } } for (var i=0; i<changeImages.arguments.length; i+=2) { document[changeImages.arguments[i]].src = changeImages.arguments[i+1]; var intext = changeImages.arguments[i] + "_span"; getelem(intext).style.color = "#140B74"; var id=changeImages.arguments[i].indexOf("_"); if (id != -1){ changeImages.arguments[i] = changeImages.arguments[i].substring(0,id); } if (typeof document.blah1 != 'undefined') { document.blah1.cat.value=changeImages.arguments[i]; } if (typeof document.blah2 != 'undefined') { document.blah2.cat.value=changeImages.arguments[i]; } } } } function change (image_id, image_url) { getelem(image_id).src = image_url; return true; } function verifyChecked (form_obj) { var formname = form_obj.name; var orig_query = document[formname].query.value; if (orig_query == "") { return false; } form_obj.submit(); return false; } function maincats (ct) { uncheckall('web', 'phone', 'video', 'pics'); if ((ct == 'video') && (document.blah1.cat.value != 'video')) { for (i = 0; i < document.blah1.elements.length; i++) { elem_name = document.blah1.elements[i].name; if (elem_name.indexOf('engine') != -1) { document.blah1.elements[i].value = ''; } } } changeImages(ct, 'http://us2.ixquick.com/graphics/radio_res_C.gif'); } function cho (c_ob, fg, ct) { if (fg == 1) { c_ob.style.color = '#140b73'; window.status=''; return true; } else { if (document.blah1.cat.value != ct) { c_ob.style.color = '#4585E7'; } else { c_ob.style.color = '#140b73'; } } } function uncheckall() { var selected = ""; var intext = ""; for (var i=0; i<uncheckall.arguments.length; i+=1) { document[uncheckall.arguments[i]].src="http://us2.ixquick.com/graphics/radio_res_U.gif"; intext = uncheckall.arguments[i] + "_span"; getelem(intext).style.color = "#4585E7"; } } function ws () { window.status = ''; } function tc (t_ob) { t_ob.style.color = '#BCD3F5'; } function changeIxquickStarRatingImage(start, end, changeOnColor, newImageSrc) { for (var i=start;i<=end;i++) { if (document.getElementById('title_'+i) && document.getElementById('title_stars_'+i) ) { var current_color = getStyle('title_'+i, 'color'); if ( current_color.indexOf('#') == -1 ) { current_color = rgbConvert(current_color); } if ( current_color == changeOnColor || current_color == changeOnColor.toLowerCase() ) { var baseTag = document.getElementById("title_stars_"+i); var documentTag = baseTag.getElementsByTagName("img"); for (var j = 0; j < documentTag.length; j++) { if (documentTag[j].src.indexOf('s/white/graphics') != -1) { documentTag[j].src = newImageSrc; } } } } } return false; } function getStyle(el,styleProp) { var x = document.getElementById(el); if (x.currentStyle) var y = x.currentStyle[styleProp]; else if (window.getComputedStyle) var y = document.defaultView.getComputedStyle(x,null).getP ropertyValue(styleProp); return y; } function rgbConvert(str) { str = str.replace('rgb', '').replace('(' , '').replace(')' , ''); str = str.split(','); str[0] = parseInt(str[0], 10).toString(16).toLowerCase(); str[1] = parseInt(str[1], 10).toString(16).toLowerCase(); str[2] = parseInt(str[2], 10).toString(16).toLowerCase(); str[0] = (str[0].length == 1) ? '0' + str[0] : str[0]; str[1] = (str[1].length == 1) ? '0' + str[1] : str[1]; str[2] = (str[2].length == 1) ? '0' + str[2] : str[2]; return ('#' + str.join("")); } function newImage(arg) { if (document.images) { rslt = new Image(); rslt.src = arg; return rslt; } } function openResult(imgurl, url, where) { var reg = /result?/; if (reg.test(imgurl)) { var t_url = imgurl + "&j=js&anticache=" + Math.floor(Math.random()*1000001); newImage(t_url); }; reg = /\/highlight.pl?/; if (imgurl == url) { return true; } else if (reg.test(url)) { return true; } where = where.toLowerCase(); if (where == '_blank') { window.open(url); } else { location.href = url; }; return false; } function certifiedsecure() { day = new Date(); id = day.getTime(); eval("page" + id + " = window.open('http://www.certifiedsecure.nl/certificates/52771bfa615370cb7a6a9c31385086a8/', '" + id + "', 'toolbar=0,location=0,statusbar=0,scrollbars=1,men ubar=0,resizable=0,width=580,height=515');"); } var preloadFlag = false; function preloadImages() { if (document.images) { on = newImage('http://us2.ixquick.com/graphics/radio_res_U.gif'); off = newImage('http://us2.ixquick.com/graphics/radio_res_C.gif'); bg = newImage('http://us2.ixquick.com/graphics/blue-bg.gif'); bg_o = newImage('http://us2.ixquick.com/graphics/blue-bg_on.gif'); bg_c = newImage('http://us2.ixquick.com/graphics/blue-bg_click.gif'); pl1 = newImage('http://us2.ixquick.com/graphics/eng/plugin_promo_ff.gif'); pl2 = newImage('http://us2.ixquick.com/graphics/eng/plugin_promo_ff_hov.gif'); pl3 = newImage('http://us2.ixquick.com/graphics/eng/plugin_promo_ie.gif'); pl4 = newImage('http://us2.ixquick.com/graphics/eng/plugin_promo_ie_hov.gif'); a1 = newImage('http://us2.ixquick.com/graphics/eng/protects_privacy.gif'); a2 = newImage('http://us2.ixquick.com/graphics/eng/protects_privacy_hov.gif'); n1 = newImage('http://us2.ixquick.com/graphics/eng/certified_secure_results.gif'); seal = newImage('http://us2.ixquick.com/graphics/eng/privacy_seal_result.gif'); seal_h = newImage('http://us2.ixquick.com/graphics/eng/privacy_seal_result_hover.gif'); preloadFlag = true; } } preloadImages(); function bg_hover(id, imgp_url) { document.getElementById(id).style.backgroundImage = "url(" + imgp_url + ")"; } </SCRIPT> </HEAD><BODY aLink="#4064CE" bgColor="#FFFFFF" link="#4064CE" text="#333333" vLink="#4064CE" leftmargin="0" topmargin="0" MARGINHEIGHT="0" MARGINWIDTH="0" >
<!-- whichserver: http://s2-us2.ixquick.com/do/--><!-- Loading Time: 0 seconds --><table width="100%" border="0" cellspacing="0" cellpadding="0">
<FORM NAME="blah1" METHOD=POST AUTOCOMPLETE="off" ACTION="http://us2.ixquick.com/do/metasearch.pl?" onSubmit="return verifyChecked(this);">
Linux Security Discussion about keeping your machines secure, and the crackers out.
Submit Your Article
Latest Articles
Editor's Choice
Article Categories
Join Linux Forums Today
Win Great Prizes
Linear Mode
