Topic: [Watchlisted] Motionhits.com (seems to be the same as thebighits cpx24) (Read 244 times)

Cubby · « **on:** November 11, 2009, 12:23:53 PM »

This HTML code is dangerous and may harm your computer

No zeroiframes detected!
Check took 22.13 seconds

(Level: 0) Url checked:
http://motionhits.com/index.php?id=lhbf0826
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (iframe source)
http://www.resultsz.com/search/anticheat.php?username=hadit777&s=lhbf0826&type=2
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.lxtrack.com/search/tracking.php?id=lhbf0826
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.yourcasinolasvegas.net/?keywords=shopping
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.mibebu.com/search/index.php?u=olgatru&k=shopping
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.searchfindquote.com/search/index.php?username=chaychit&keywords=household+storage
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (iframe source)
http://www.resultsz.com/search/anticheat.php?username=hadit777&s=lhbf0826&type=2
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.lxtrack.com/search/tracking.php?id=lhbf0826
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.equityloansite.com/?keywords=internet+connection
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.webfreestuff.com/en/index.php?user=210&keywords=internet+connection
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://buy-a-carr.blogspot.com/2009/11/are-all-car-insurance-companies-equal.html
Blank page / could not connect
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.freemobilecomputer.com/?keywords=online+schools
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
http://www.cpx24.com/funcs.js
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
http://s10.histats.com/js9.js
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (script source)
http://s+st_dominio+.histats.com/stats/0.php?+send_vars+&
Blank page / could not connect
No ad codes identified

(Level: 2) Url checked: (script source)
http://s+st_dominio+.histats.com/stats/+s_sid+.php?+send_vars+&
Blank page / could not connect
No ad codes identified

Edited to alter thread title

Craig · « **Reply #1 on:** November 15, 2009, 07:23:42 PM »

You're right, the contact link leads to cpx24, sorry it took me this long, still catching up on everything.

Source Code URL: hxxp://motionhits.com/

This site will be added to the Watchlist on the next edit because it's linking to CPX24 on the contact page.

Mvents Warning;

This HTML code is dangerous and may harm your computer

2 hidden Iframes were detected!
This was at: http://www.resultsz.com/search/anticheat.php?username=hadit777&s=&type=2&good=1
Here are the destination URL's detected (showing 1 to 2):
http://www.cpx24.com/goodclick.php?id= (0x0)
http://www.lxtrack.com/search/tracking.php?id= (0x0)

All of these Iframes were expanded. Would you like to view the analysis of this site from Jutaky's detector?

Extracted Code;

This frame;

This HTML code is dangerous and may harm your computer

When expanded leads to the following frames;

This HTML code is dangerous and may harm your computer

This HTML code is dangerous and may harm your computer

This HTML code is dangerous and may harm your computer

This HTML code is dangerous and may harm your computer

Complete Code;

This HTML code is dangerous and may harm your computer

<html xmlns="http://www.w3.org/1999/xhtml"><head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="pragma" content="no-cache">
<title>MotionHits - </title>
<script src="http://www.cpx24.com/funcs.js" type="text/javascript"></script>
<style>

</style>
<script>
var prefix="";

if(visited==1) {
prefix="&good=1";
}else{ prefix="&bad=1"; }
</script>
<script>
function ifr_func(){
document.getElementById("ifr").style.height=(screen.height-390) + "px";
document.getElementById("ifr").style.width=(screen.width-50)+"px";
}
</script>

</head><body scroll="NO">
<center>
<span style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; font-family: Verdana; font-style: normal; font-variant: normal; font-weight: bold; font-size: 10px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none; color: rgb(0, 0, 0); -moz-background-clip: border; -moz-background-origin: padding; -moz-background-inline-policy: continuous;">
User <b></b> has already received credit for your visit today</span>
<div id="menu">
<ul>
<li><a href="http://www.cpx24.com/index.php?menu=join&refi=">Sign Up</a></li>
<li><a href="http://www.cpx24.com/index.php?menu=advertise&refi=">Advertise</a></li>
<li><a href="http://www.cpx24.com/index.php?menu=contact&refi=">Contact</a></li>
</ul>

</div>
<div style="clear: both;"><table style="font-family: Verdana; font-style: normal; font-variant: normal; font-weight: bold; font-size: 10px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none; color: rgb(255, 255, 255);" align="center" border="0" width="100%"><tbody><tr align="center"><td width="33%"></td><td width="33%"><a href="textout.php?url=http://cpx24.com/index.php?menu=advertise&ref=" target="_blank">Your Ad Here</a></td><td width="33%"><a href="textout.php?url=http://cpx24.com/index.php?menu=advertise&ref=" target="_blank">Your Ad Here</a></td></tr></tbody></table></div>

</center>

<div style="height: 100%;"><iframe id="ifr" style="margin: 0pt; padding: 0pt; position: absolute; z-index: 0; height: 510px; width: 1390px;" src="http://www.resultsz.com/search/anticheat.php?username=hadit777&s=&type=2&good=1" onload="ifr_func()" onresize="resizeIframe()" scrolling="NO" frameborder="0"></iframe></div>

<script>
var prefix="";

if(visited==1) {
prefix="&good=1";
}else{ prefix="&bad=1"; }

function ShowIt(prefix){
var url="http://www.resultsz.com/search/anticheat.php?username=hadit777&s=&type=2" + prefix;
document.getElementById("ifr").src=url;
}
ShowIt(prefix);
</script>
<noscript>
<div style="height:100%;"><iframe src="http://www.resultsz.com/search/anticheat.php?username=hadit777&s=&type=2" onresize="resizeIframe()" style="height:100%;padding:0;margin:0;width:100%;" frameborder="0" id="ifr" SCROLLING="NO"></iframe></div>
</noscript>

<script>
n4 = (document.layers)? true:false;
ie = (document.all)? true:false;
n6 = (document.getElementById)? true:false;
function imprimir(){
if (ie){
document.getElementById("ifr2").focus();
}
}
//imprimir();
</script>

<script type="text/javascript" language="javascript">

var s_sid = 123529;var st_dominio = 4;
var cimg = 0;var cwi =150;var che =30;
</script>
<script type="text/javascript" language="javascript" src="http://s10.histats.com/js9.js"></script><script type="text/javascript" language="JavaScript" src="http://s4.histats.com/stats/0.php?123529&11&0&3&1&889&328901&0&0&0&1000&0&0&0&0&en-GB&1440&http%3A%2F%2Fmotionhits%2Ecom%2F&"><\/script>');
</script>

<noscript><a href="http://www.histats.com" target="_blank">
<img src="http://s4.histats.com/stats/0.gif?123529&1" alt="hit counters" border="0"></a>
</noscript>

</body></html>

Cubby · « **Reply #2 on:** December 02, 2009, 07:22:35 AM »

and now thehitsusa

This HTML code is dangerous and may harm your computer

No zeroiframes detected!
Check took 4.91 seconds

(Level: 0) Url checked:
http://thehitsusa.com/index.php?id=lhbf0826
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (iframe source)
http://www.resultsz.com/search/anticheat.php?s=lhbf0826
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.lxtrack.com/search/tracking.php?id=lhbf0826
Blank page / could not connect
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.personalnurseonline.com/?keywords=nurse+assistant
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.mibebu.com/search/index.php?u=floxit&k=domain
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 2) Url checked: (iframe source)
http://www.homebaseloan.com/?keywords=mobile+phone
Zeroiframes detected on this site: 0

This HTML code is dangerous and may harm your computer

2 hidden Iframes were detected!
This was at: http://www.resultsz.com/search/anticheat.php?s=lhbf0826&type=2&good=1
Here are the destination URL's detected (showing 1 to 2):
http://www.cpx24.com/goodclick.php?id=lhbf0826 (0x0)
http://www.lxtrack.com/search/tracking.php?id=lhbf0826 (0x0)

News:

Author Topic: [Watchlisted] Motionhits.com (seems to be the same as thebighits cpx24) (Read 244 times)

Cubby

[Watchlisted] Motionhits.com (seems to be the same as thebighits cpx24)

Craig

Re: Motionhits.com (seems to be the same as thebighits cpx24)

Cubby

Re: Motionhits.com (seems to be the same as thebighits cpx24)