See: http://www.isithacked.com/check/http%3A%2F%2Fselfishchristian.com%2Fcgi-sys%2Fsuspendedpage.cgi
→ http://toolbar.netcraft.com/site_report?url=http://selfishchristian.com
on the IP a 404 not found: http://toolbar.netcraft.com/site_report?url=http://192.254.185.212
risk status = 9 red out of 10!
content
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Contact Support</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body marginwidth="0" marginheight="0" leftmargin="0" topmargin="0">
<iframe width="100%" height="100%" frameborder="0" SCROLLING="auto" marginwidth="0" src="htxp://fwdssp.com/?dn=referer_detect&pid=5POL4F2O4" * ></iframe>
</body>
</html>
- blocked by Bitdefender TrafficLight as part of a PHISHing attempt.
List of iframes included
htxp://fwdssp.com/?dn=referer_detect&pid=5POL4F2O4
Webmaster please contact Hostgator.com :o → http://toolbar.netcraft.com/site_report?url=http://fwdssp.com
Quttera misses the above history: http://quttera.com/detailed_report/selfishchristian.com
pol
Update.
Here we see the same suspicious code on another website: This is a suspicious page
Result for 2016-06-13 16:17:32 UTC
Website: -http://retailmavens.com
Start URL: -http://retailmavens.com/
Start URL was redirected to another page: -http://retailmavens.com/cgi-sys/suspendedpage.cgi
Checked URL: -http://retailmavens.com/cgi-sys/suspendedpage.cgi
Suspicious code detected:
Object: -http://retailmavens.com/cgi-sys/suspendedpage.cgi
SHA1: 41472ba5c40f61fa1c77c42cf06248f13b8785f0
Name: Suspicious-WI.
For that code: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fretailmavens.com%2Fcgi-sys%2Fsuspendedpage.cgi+
For that suspicious code inside that: http://www.domxssscanner.com/scan?url=http%3A%2F%2Ffwdssp.com%2F%3Fdn%3Ddetect%26pid%3D5POL4F2O4
error in code
found JavaScript
error: line:6: SyntaxError: missing } in compound statement:
error: line:6:
error: line:6: ^
error: line:3: SyntaxError: missing ; before statement:
error: line:3: %2BEt%2Fo%2FrcUQiimciWjLienSjL0f0UcvYHZyBicA6w%3D%3D&cifr=1&"; /* --> <html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_NFXcAH+LdCKplmA8d29obefZ50xWd+Gcz
error: line:3: .......................................................................^
When one has an error saying ; missing, you have to look at the line before (or sometimes the file loaded before). Info credits go to Stackoverflow’s QuickFix. Wrong syntax for functions.
polonus (volunteer website security analyst and website error-hunter)