Unused domain rerouted to doubleclick! Unused domains are actually being diverting to an advertising nexus.
What is being shown here are non-blocked so-called ABP acceptable ads, see adblockkey-code,
There are two "allow" methods, one from the acceptable ads list, which is public, and another via an "x-adblock-key" that can be provided in an HTTP header. There is no list of which sites use the key.
Unblocked ad-clicks paying from inside the domain grave, so to say. Dracula would be proud here
at 70% of the revenue the remaining percentage allegedly goes to ABP German Sales-Office for allowing the ads through
It is now done for the suspended domain -malliehart.com ->
http://toolbar.netcraft.com/site_report?url=http://malliehart.comSee the code to circumvent this adblocker here
<!DOCTYPE html PUBLIC> <html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_W4zvVLEonbnwXF7hLlQHq6EE/BZ7facATZUUCpZwTf5blEU82LhE+WDlFY8PP5CdHFYEaZOfyGuGtK7cMflLBw==" >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>-malliehart.com</title>
<style type="text/css">*{margin:0; padding:0; border: 0; overflow:hidden} html, body {height: 100%;}</style>
</head>
<body width="100%" height="100%">
<noscript><meta http-equiv="refresh" content="0;url=-http://imptestrm.com/rg-erdr.php?_dnm=malliehart.com&_cfrg=2&_drid=as-drid-2555965863243342&_bkt=11426" /><center><p style="padding:1em; font-size:1.5em;">For search results please <a href="-http://imptestrm.com/rg-erdr.php?_dnm=malliehart.com&_cfrg=2&_drid=as-drid-2555965863243342&_bkt=11426" style="text-decoration:underline; color:#0000EE;">CLICK HERE</a>.</p></center></noscript>
<div id="rmgblock" width="100%" height="100%"></div>
<script type="text/javascript" src="-http://imptestrm.com/rg-main.php?_srg=1&bkt=11426&dmn=-malliehart.com&folio=394494536"></script>
<script type="text/javascript" language="JavaScript" src="-http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js"></script>
<script type="text/javascript"> function collectHeight(){try{var e=Math.max(document.documentElement.clientHeight,document.body.scrollHeight,document.documentElement.scrollHeight,document.body.offsetHeight,document.documentElement.offsetHeight);document.getElementById("rmgblock").style.height=e+"px"}catch(e){}}try{window.onresize=collectHeight;collectHeight()}catch(e){} </script>
</body></html>
This link -http://imptestrm.com/rg-erdr.php could be infesting your browser. At least there is PHISHing goin'on there.
This redirects to: -
http://dp.g.doubleclick.net/apps/domainpark/domainpark.cgi?client=&domain_name=imptestrm.com&channel=&drid=&output=htmlDomain registrars participate in all manner of unethical and deceptive behavior, websites should sign into their NS account and change the domain settings. It's really that easy to stop such "abuse". What happens to suspended and sinkholed domains otherwise is not completely clear.
Why such types of abuse should be flagged, read here:
http://www.bleepingcomputer.com/forums/t/576771/imptestrmcom-page-keeps-coming-up-in-browsers/polonus (volunteer website security analyst and website error-hunter)