Hi, there was an old script called AXS that I used for tracking clicks for external links from my site. It became compromised/hacked at one point long after I stopped using it when I realized it was being used for phishing/scams/illicit links. I deleted the script from my server, but lately have been getting several emails from people saying this code is being used to forward to people malware, scams, SEO spam, etc.
This is the link they provided: https://www.sports-central.org/cgi-bin/axs/ax.pl?
They said you put any URL after the question mark and it still redirects. This is the old path to the AXS script I had. My problem is I deleted that /cgi-bin/axs/ folder literally years ago and it doesn’t exist on my server (I even am showing hidden files in FTP). So how is this redirect still happening when that URL path doesn’t exist on my server? It should show a 404 error, right?
Thank you…