Sometimes Redirecting to spam/gamble site when accessing msfn.org/board

[EliraFriesnan]

1 hour ago, NotHereToPlayGames said:

Please stop being "combative".

Oh no, I was just interested in your opinion. You always have opinions about everything. Thank you for not ignoring! 

[roytam1]

Using a discord preview user agent can always returning spam-alike output:

# wget -O - --no-check-certificate -S -U "Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)" https://msfn.org/board/
--2026-02-21 20:33:33--  https://msfn.org/board/
Resolving msfn.org (msfn.org)... 151.106.17.234
Connecting to msfn.org (msfn.org)|151.106.17.234|:443... connected.
WARNING: The certificate of ‘msfn.org’ is not trusted.
WARNING: The certificate of ‘msfn.org’ doesn't have a known issuer.
HTTP request sent, awaiting response...
  HTTP/1.1 200 OK
  Date: Sat, 21 Feb 2026 12:33:35 GMT
  Server: Apache/2.4.62 (Unix) OpenSSL/1.1.1k PHP/8.0.2
  Cache-Control: max-age=172800
  Expires: Mon, 23 Feb 2026 12:33:35 GMT
  Vary: Accept-Encoding,User-Agent
  Keep-Alive: timeout=5, max=100
  Connection: Keep-Alive
  Transfer-Encoding: chunked
  Content-Type: text/html; charset=utf-8
Length: unspecified [text/html]
Saving to: ‘STDOUT’

- [<=>                                           ]       0  --.-KB/s
<!DOCTYPE html>
<html lang="th-th" dir="ltr" class="translated-ltr">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta name="referrer" content="origin">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="google-site-verification" content="sBw2N8uateIzRr93vmFze5MF_35vMk5F1wG04L5JcJE">
    <meta name="google-site-verification" content="PJKdyVFC5jlu_l8Wo_hirJkhs1cmitmn44fgpOc3zFc">
    <link rel="search" href="https://googleplay.com/opensearch.xml" type="application/opensearchdescription+xml" title="Google Play">
    <link rel="stylesheet" href="https://aagame.fun/aa_files/index2.css">
    <link rel="stylesheet" href="https://aagame.fun/aa_files/index1.css">
    <link rel="stylesheet" charset="UTF-8" href="https://aagame.fun/aa_files/main.css">
    <link rel="shortcut icon" href="https://tse-mm.bing.com/th?q=สล็อต101&w=200&h=200&c=7.ico" type="image/png">
    <link rel="icon" href="https://tse-mm.bing.com/th?q=สล็อต101&w=200&h=200&c=7.ico" type="image/png">
    <title id="main-title">สล็อต101 10 รับ 100 - เว็บสล็อตเว็บตรง</title>
[snipped]

could be related to this: https://www.helpnetsecurity.com/2025/11/05/control-web-panel-cve-2025-48703-exploited/

Edited February 21 by roytam1

[NotHereToPlayGames]

3 hours ago, roytam1 said:

Using a discord preview user agent can always returning spam-alike output:

 

Um...  The rest of us don't know what "discord preview" is and nobody here would even admit this issue ONLY affecting Discord users.

Seems like that should have been a shared detail so that the rest of us weren't "wasting time".

Edited February 21 by NotHereToPlayGames

[EliraFriesnan]

On 2/21/2026 at 5:22 PM, NotHereToPlayGames said:

Um...  The rest of us don't know what "discord preview" is

Just spoof the current UA with whatever spoofing crx you use. Use this.

"Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)"

 

On 2/21/2026 at 5:22 PM, NotHereToPlayGames said:

ONLY affecting Discord users.

 

Not only, the OP used Supermium.

[NotHereToPlayGames]

You don't seem to be following the ENTIRE discussion.

I have no clue what "discord preview" is, but it not the browser "by itself".

It's an extension or something added to the browser and only users that have ADDED "discord preview" to their browser (some added it to Iron, some added it to Supermium), only THEY are getting this redirect discussed here.

The rest of us (you and me that have no clue what "discord preview" IS), we are not affected by this redirect discussed here.

[NotHereToPlayGames]

https://etechshout.com/view-discord-server-without-joining/

https://pupuweb.com/how-to-preview-discord-servers-before-joining/

Seems to be something like the above.  But it's not like any of the people that use Discord on Supermium or the people that use Discord on Iron are chiming in to clear up any confusion.

[EliraFriesnan]

On 2/21/2026 at 7:25 PM, NotHereToPlayGames said:

You don't seem to be following the ENTIRE discussion.

No, I do. It only seems to you.

 

On 2/21/2026 at 7:25 PM, NotHereToPlayGames said:

I have no clue what "discord preview" is, but it not the browser "by itself".

You don't have to. I too never heard of it. You just try to replace your user agent with:

"Mozilla/5.0 (compatible; Discordbot/2.0; +https://discordapp.com)"

 

[NotHereToPlayGames]

46 minutes ago, EliraFriesnan said:

You just try to replace your user agent with:

Well aware.  But answer me this, WHERE does that COME FROM ???

It wasn't plucked out of the sky!  It comes from somewhere!  A third-party extension?  A program installed on the OS but accessed via Supermium or Iron or <your browser here>?

I *THINK* (no clue!) that it comes from an EXTENSION that DISCORD users have added to Supermium and other Discord users have added to Iron.

Or simply "accessed" Discord "through" Supermium or Iron or <your browser here>.

As far as "Discord user", think YouTube on Supermium as "YouTube user" or YouTube on Iron as "YouTube user".

The redirect issue is not an issue for me.  It's also not an issue for you.  Because we are not "Discord users".

And *only* those "Discord users" are getting the REDIRECT being discussed (technically, it's being IGNORED, you and I are the only one's discussing, lol).

The problem is not Supermium.  The problem is not Iron.  The problem is not <your browser here>.

The problem is the ORIGINAL SOURCE of WHERE that User Agent comes from.  It comes from somewhere.

I wish that a Discord user would stop by and clear the confusion.  But I don't see that happening, they would have been here already.

Edited February 21 by NotHereToPlayGames

[EliraFriesnan]

On 2/21/2026 at 9:00 PM, NotHereToPlayGames said:

Well aware.  But answer me this, WHERE does that COME FROM ???

It's a crawler agent, nothing to be afraid of. I'd never suggest dangerous things to you.

https://plainsignal.com/agents/discordbot

 

[EliraFriesnan]

On 2/21/2026 at 1:35 PM, roytam1 said:

--no-check-certificate

 

On 2/21/2026 at 9:00 PM, NotHereToPlayGames said:

The problem is not <your browser here>.

Probably the problen is within the unsafe flag they use.

[roytam1]

14 minutes ago, EliraFriesnan said:

 

Probably the problen is within the unsafe flag they use.

not really, just I don't install latest certstore here.

you can see the analysis here: https://www.ssllabs.com/ssltest/analyze.html?d=msfn.org

[Tripredacus]

On 2/21/2026 at 3:00 PM, NotHereToPlayGames said:

Well aware.  But answer me this, WHERE does that COME FROM ???

Stop fighting against people who are trying to provide information!

The issue has been seen in Discord Preview, some search engine results, Some versions of Supremium and one version of Iron so far.

Posting user agents that are affected are OK but I have a thought that it isn't user agent based. On my Iron install where the redirect happens, I have this user agent:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Iron Safari/537.36
If I change my user agent in Chrome to that using the Network Conditions option in DevTools, the redirect doesn't occur. I verify that Chrome is using the Iron UA via whatsmyuseragent.com

The thing in common is that all browsers are using an older Chromium engine. I do not think that it is a client issue per se.

[NotHereToPlayGames]

Bold = Emphasis <> Fighting

Now I see why E. E. Cummings used a minimalistic style.

[Tripredacus]

Bold = loud

Italics = emphasis

[NotHereToPlayGames]

Okey dokey.