What is suspicious about this address?

Risk here is fingerprinting, because reads the windows installation date…

Re: https://www.virustotal.com/#/url/81e9c696dda896747f21ee865bc734d0db0ad4182c1c2bff45020c436c4e3d0e/detection
two to flag…parked domain being abused: https://www.virustotal.com/#/domain/iyfnzgb.com
malicious and phishing etc. https://www.shodan.io/host/208.91.196.46
Checking for cloaking
There is a difference of 84 bytes between the version of the page you serve to Chrome and the version you serve to GoogleBot. This probably means some code is running on your site that’s trying to hide from browsers but make Google think there’s something else on the page

not flagged: https://urlquery.net/report/4e47ec0f-59eb-4454-ae55-6f8618d334be

top.location="-http://iyfnzgb.com/?domain=xandernet.net&dn=xandernet.net%2F&fp=c5CYYQmYvbp9nihZQYZnhkbBd%2FTWTt5OtlJCsghoq8Unc0YHZx7xguKoLnNSsaXfDwfSkb%2FnNSkuwBC2LABTaxFn6IF%2FHBZHQoJXs1q6kcLTNmbXYqr5rWzt2PH20c1zuQC%2FVoNtHut%2BMTfY8zH6NSqtFaC6x9CZJryaWKQfOec%3D&prvtof=j2qt2dyDjNYPJ22%2Bn23U1CT0jfm%2F7tvMgGVKz09V3yo%3D&poru=MgIvvo6dJSyUjG7ZD86wtLajraxA3OiZwlvV3cHIkNLYK7xPhxPz594pfWBwRbbwUEO5a1Nm%2BScnDZ58uXDMlc9FS65Kv3kXBGmLbTii%2B8g%3D&cifr=1&"; top.location="-http://iyfnzgb.com/?domain=xandernet.net&dn=xandernet.net%2F&fp=VvN%2FR0TYuhsH5Q0B%2FepRpyWCknw1j418z30k8wMbCIzDEvjrWri1BnGuqmKikbkv%2BLPY%2FQuj7aPStxCJikV7lFUUVgmagL9hFZ8BbfAHurKM415YO3dcebjySFBv3TEx%2FbziSUELwyVMo%2FKKuW90amzpm%2BjbUQ1nSDmfKbJ%2BbwV0Ycl7v0vn8CGTOQbvs%2FCN&prvtof=BkD7rdw6piJl6axEJP4KX2oyedsLFKPJTZvDvQWPmRw%3D&poru=zKAPukkbOwLWYUa6WmCsWFfGbZItxZnLGb41Ls8r4L%2FJ7TPwy3qUdmYZBBXozO%2BjGI87n4mumobsQf3Psg29W9ScntoXSLB0JGpZ6ajYMp8%3D&cifr=1&"; window.top.location = "-http://iyfnzgb.com/?domain=xandernet.net&dn=xandernet.net%2F&fp=c5CYYQmYvbp9nihZQYZnhkbBd%2FTWTt5OtlJCsghoq8Unc0YHZx7xguKoLnNSsaXfDwfSkb%2FnNSkuwBC2LABTaxFn6IF%2FHBZHQoJXs1q6kcLTNmbXYqr5rWzt2PH20c1zuQC%2FVoNtHut%2BMTfY8zH6NSqtFaC6x9CZJryaWKQfOec%3D&prvtof=Ax6kxaxhXhFP%2BaT8I9bQegbdlg5nHJMlL%2BEyNCiHc18%3D&poru=nDFAPaDUj8b2Czkg%2BhGxPNBU2v2a8NphM%2BBPXfrpTVGs3ZX5SCBys8hPhEPoqaE6ZD%2FsCUFYHFMlQDeczQPKl5p8ECasSYY1N4PTON0T0dg%3D&cifr=1&"; window.top.location = "-http://iyfnzgb.com/?domain=xandernet.net&dn=xandernet.net%2F&fp=VvN%2FR0TYuhsH5Q0B%2FepRpyWCknw1j418z30k8wMbCIzDEvjrWri1BnGuqmKikbkv%2BLPY%2FQuj7aPStxCJikV7lFUUVgmagL9hFZ8BbfAHurKM415YO3dcebjySFBv3TEx%2FbziSUELwyVMo%2FKKuW90amzpm%2BjbUQ1nSDmfKbJ%2BbwV0Ycl7v0vn8CGTOQbvs%2FCN&prvtof=z46V8McPHGBV5wlW%2FMyTFdoTfI4S56Ak4kEeCnE0Hnc%3D&poru=aDJzvyszwn1ViNUzI%2BuF3q5TcM2Masn%2BckqG6Oi0uJaJYiBjGWiqvY2FKoViUlfx3FonWTiylMp0fXiMoOUy%2BL8hI%2FGvlpNvfXt9zWL47wA%3D&cifr=1&"; Click here to proceed. Click here to proceed.
Consider: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=W3lmbnpnYi5eXW1gPHBbIz05UF0xSDlWNzEmI249eHxuI3t9bnt0Lm57dA%3D%3D~enc

Dom-Xss issues: Results from scanning URL: http://iyfnzgb.com/?pid=9po1h9v71&dn=xandernet.net/
Number of sources found: 3
Number of sinks found: 4 → if(window.top != self) / window.top.location = "-http://iyfnzgb.com/? /
{document.cookie = 'isframesetenabled=1; path=/; / href / frame source / document.cookie = 'isframesetenabled=1

var abp=abp||false;var scripts=document.getElementsByTagName("script");var script=scripts[scripts.length-1];if(script){var query=script.src.replace(/^[^\?]+\??/,"").split("&");var params={};for(var i=0;i<query.length;i++){var param=query[i].split("=");params[param[0]]=param[1]}if(params["ch"]==1)abp=true;else if(params["ch"]==2)abp=abp&&false};

Anyone? Blocked on same IP by avast security browser = -http://www.searchstarters.com/
See on IP → https://otx.alienvault.com/indicator/ip/208.91.196.46 & https://www.threatminer.org/host.php?q=208.91.196.46

likewise: https://urlquery.net/report/d44f3d95-5f67-49e3-b503-d1d28a2f1967
from virgin islands = (admin) Privacy Protection Service INC d/b/a PrivacyProtect.org
https://pastebin.com/NaXXJRz7 for /sk-logabpstatus.php? in address…

read analysis: https://www.reverse.it/sample/0a2ca004049e7f2c331bee021d5dfcf4894f289acad48305bdc91b451230a560?environmentId=100

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error hunter)

Hard to block fingerprinting, read: https://mashable.com/2014/07/21/impossible-block-tracking-tool/?europe=true
3rd party code blocking in the browser is your best chance…else only known fingerprinting is being blocked from listings.
In the browser test with https://extensions.inrialpes.fr/
In avast privacy browser extensions are not detected. My browser’s website login presence fingerprint is not unique!

pol