polonus
November 1, 2014, 10:15pm
1
polonus
November 1, 2014, 10:53pm
2
Similar: https://www.virustotal.com/nl/url/dd376910a39f16672431ac80506b31fab73a90458082037ccba30fe31303e504/analysis/1414880228/
and redirects to: htxp://imptestrm.com/rg-erdr.php?_dnm=roamtrans.net &_cfrg=2&_drid=as-drid-2555965863243342&_bkt=9727
Very serious malware or just redirected to a double click generic advertising site.
Blocked by an extension as htxp://dp.g.doubleclick.net/apps/domainpark/domainpark.cgi?client=&domain_name=imptestrm.com &channel=&drid=&output=html
Another example: http://csi.websense.com/Report/LinkDetection?id=6f17df3c-eb81-42b0-9929-a283015e1e73
See:
and this: ca-dp-rookmedia30_3ph_js → http://urlquery.net/report.php?id=1392996207945 removed :o
Redirects to: htxp://imptestrm.com/rg-erdr.php?_dnm=fearfactor2013.com &_cfrg=2&_drid=as-drid-2555965863243342&_bkt=9727
See: http://jsunpack.jeek.org/?report=cf19bd9aa63ab6418ce890b9b31c5a2ac9529299
Network Solutions is actually diverting unused domains to an advertising nexus in the British Virgin Islands.
The Register actually published a whole article about this practice (Entitled: "Network Solutions hijacks customer sub-domains for ad fest-- Your site. " Read: http://www.theregister.co.uk/2008/04/11/network_solutions_sub_domain_parking/
Webmaster: Domain registrars participate in all manner of unethical and deceptive behavior. Just sign into your NS account and change the domain settings. It’s really that easy.
polonus