L.S.
Nir Sofer's tool "smsniff" revealed I did online contact -survey-smiles dot com,
(but blocked by my adblocker of choice)
See
https://quttera.com/detailed_report/survey-smiles.comwhich is a blacklisted site, on which we find cloaking:
Checking for cloaking
There is a difference of 60 bytes between the version of the page you serve to Chrome and the version you serve to GoogleBot. This probably means some code is running on your site that's trying to hide from browsers but make Google think there's something else on the page.
- different adblock key -
Re:
https://publicwww.com/websites/parking.bodiscdn.com/Malicious activity found, hence:
https://any.run/report/411c401e6c360af9094a20217b9d6ac1688f59ffda123decfc9c0d46230f31c7/9568444b-1cd5-4af1-b45b-1a0700d86630NSA snooping abuse: 100% of the trackers on this site could be protecting you from NSA snooping. Tell the blacklisted site to fix this. Adblock blocks.
Tracking (50%) is blocked on website.
Quick Source Review revealing:
HTML
-survey-smiles.com/
5,776 bytes, 54 nodes
Javascript 5 (external 3, inline 2)
INLINE: /* * This entire block is wrapped in an IIFE to prevent polluting the scope of
621,515 bytes
INLINE: -window.park = "eyJ1dWlkIjoiNWYxMjZmYTYtMWYxMC00Y2JiLWVmYjUtOTgwNGZkMjVkMGRmIiwic
937 bytes
-survey-smiles.com/js/parking.2.84.4.js
-www.google.com/adsense/domains/caf.js
-survey-smiles.com/
INJECTED
CSS 6 (external 0, inline 6)
INLINE: #cdac_container { font-family: Arial, sans-serif !important; font-size: 12px !i
1,536 bytes INJECTED
INLINE: .vt-augment { position: relative; display: flex; justify-content:
1,277 bytes INJECTED
INLINE: :root #ads > .dose > .dosesingle, :root .ad-block {display:none !important;}
76 bytes INJECTED
INLINE: .lds-ellipsis { display: inline-block; position: relative; width: 80
1,769 bytes INJECTED
INLINE: @media only screen and (max-width: 600px) { .hidden-xs { opacity: 0
480 bytes INJECTED
INLINE: [object HTMLStyleElement]
25 bytes INJECTED
Is this hidden tracking worth a PUP-detection?
Or is it into quite above board parked-domain tracking activity combined with Google's adsense support?
polonus (volunteer 3rd party cold recon website-security analyst and website error-hunter)