Sonic.net

I got another one of these just now...

I was trying to get to Netflix while this happened, and I was redirected to a “survey” site. I filled out the survey just to see what would happen (it didn’t ask personal information, just general “quality of service” questions presumably about Netflix) and then offered me various products as a “gift” that looked suspiciously like things offered in scams (various beauty products, etc.).

Either I typed the wrong address when attempting to go to Netflix, or packets were intercepted during the DDOS attack Sonic just reported, or Netflix is really conducting surveys via third parties, which I somehow doubt.

This happen to anyone else?

Just got a survey request in a similar pattern.

closing a Chrome browser tab went:
http://brandrewardsurvey.com/3o52r33

which doesn't respond now but was showing a survey page with "Sonic.Net survey" in the title.

sf user wrote:Just got a survey request in a similar pattern.

closing a Chrome browser tab went:
http://brandrewardsurvey.com/3o52r33

which doesn't respond now but was showing a survey page with "Sonic.Net survey" in the title.

When I asked a similar question another time, folks replied that this is caused by the site you're going to grabbing your ISP info (via a WHOIS request or something) and presenting you with a page that looks like it's from them. I think folks in this thread mentioned something of the kind as well.

- Tim

Don't click! Sites brandrewardsurvey.com and rewardopportunities.com are both hosted on CloudFlare. While CloudFlare claims to be an innocent edge cache proxy, their real trick is bulletproof hosting. They've told me many times that they will not take down sites used for phishing and illegal telemarketing. They'll maybe tell you what the source of the content is, but it's usually the other popular American bulletproof hosting provider - Amazon.

https://blog.cloudflare.com/thoughts-on-abuse/