Hi true indian,
Bitdefender TrafficLight flags the site as unsafe. Also see what WOT has:
http://www.mywot.com/en/scorecard/gulfoilspillsupport.com?utm_source=addon&utm_content=popup-donutsSite with Wordpress backdooring....Blackhole IP & PHP malware IP. Malware,
JS:Trojan.JS.Dropper.D, at this particular site was closed:2012-07-02 13:42:37
I see: /css/Analytical-Testing-Services.css HTTP/1.1
Host: gulfoilspillsupport dot com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: htxp://gulfoilspillsupport.com/caspharma/
HTTP/1.1 301 Moved Permanently
X-Pingback: htxp://www.gulfoilspillsupport.com/xmlrpc.php (in xmlrpc.php there is the WP vulnerability)
XML-RPC server accepts POST requests only. (vulnerable to create hacked WordPress backdoors).
Well urlquery also produces IDS alerts for that site, denoting javascript anomalities.
WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation by the xmlrpc.php script. A remote attacker with contributor permissions could exploit this vulnerability to publish posts to the Web site.
quote taken from Digging into WP from article author Jeff Starr.
polonus