Code injection referencing https://avs5628z.cloudfine.quest/challenge.js

What is the name of the domain?

clp.centre55.com

What is the error number?

No error message

What is the error message?

No error message

What is the issue you’re encountering

So eventhough I’m not a Cloudflare client, an application I’m supporting is getting a code injection referecing: From what I can tell, cloudfine.quest is a Cloudflare asset. And the code injection is indeed worrisome to me. Is it a concern for Cloudflare? Is this header injection doing anything? Any direction from those who are actually knowledgeable, would be of assistance as I investigate.

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

Still investigating

Sorry, my injection reference didn’t appear when posted. Here is the actual injection

Blockquote

https://avs5628z.cloudfine.quest/challenge.js

<script type='text/javascript' async src='https://avs5628z.cloudfine.quest/challenge.js'></script>

Welcome to the Cloudflare Community.

That domain uses the Cloudflare proxy, but is not a Cloudflare owned property. Cloudflare does not control any content found at that domain.

Additionally, it looks like Cloudfine mimicks Cloudflare’s ‘browser check’ page.

image3458×1690 202 KB

If the application you’re using is loading that cloudfine script, then there’s a pretty good chance their web server may have gotten hacked or something along those lines, as the script being loaded on the page is almost certainly malicious.

Based on that additional input, it may be worth using the abuse reporting form.

Thanks all. Very much appreciated. Taking site offline as we investigate further.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.