Suspicious code or just acceptable ad on parking?

polonus · October 8, 2017, 12:48pm

Flagged as checked URL: hxtp://www.breakroulette.com/cgi-sys/suspendedpage.cgi
Suspicious code detected:
Object: htxp://www.breakroulette.com/cgi-sys/suspendedpage.cgi
SHA1: 41472ba5c40f61fa1c77c42cf06248f13b8785f0
Name: Suspicious-WI.

Not given: https://urlquery.net/report/4310e075-667d-4d2d-be26-0215d357bd1e

See code on parking and redirect inside code: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.breakroulette.com%2Fcgi-sys%2Fsuspendedpage.cgi
&
http://www.domxssscanner.com/scan?url=http%3A%2F%2Ffwdssp.com%2F%3Fdn%3Dreferer_detect%26pid%3D5POL4F2O4+

html data-adblockkey= & function applyFrameKiller() → http://toolbar.netcraft.com/site_report?url=http://fwdssp.com
→ https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=fwdssp.com%2F%3Fdn%3Dreferer_detect%26pid%3D5POL4F2O4&ref_sel=GSP2&ua_sel=ff&fs=1

polonus (volunteer website security analyst and website error-hunter)

Suspicious code or just acceptable ad on parking?

Announcements