See: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fpaywriter.tumblr.com Re: http://killmalware.com/paywriter.tumblr.com/# malicious site: https://www.virustotal.com/nl/url/94184f74755068403c2301b1cb4f63362a1c59f1b63d8da28da9b5c79783c3e0/analysis/1448457899/ flagged as adult content/social networks Detection missed: https://sitecheck.sucuri.net/results/paywriter.tumblr.com#sitecheck-details Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fassets.tumblr.com%2Fassets%2Fhtml%2Fiframe%2Fteaser.html%3F_v%3D45631c19c03dbcf0e4dc673313d6c70d%23src%3Dhttp%253a%252f%252fpaywriter.tumblr.com%252f%26lang%3Den_us%26name%3Dpaywriter%26avatar%3Dhttp%253a%252f%252f38.media.tumblr.com%252favatar_51bddc61f5ea_64.png%26title%3Dpaypabak%2Btumblr%26url%3Dhttp%253a%252f%252fpaywriter.tumblr.com%252f%26page_slide%3Dslide Unique IDs about your web browsing habits have been insecurely sent to third parties on -http://assets.tumblr.com/assets/html/iframe/teaser.html 4 to Tumblr and 1 to Google… Detected libraries: jquery - 1.7.2 : -http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Info: Severity: medium http://bugs.jquery.com/ticket/11290 http://research.insecurelabs.org/jquery/test/ 1 vulnerable library detected
iFrame Check flagged as suspicious: Suspicious ’ -https://secure.assets.tumblr.com/assets/html/iframe/o.html?_v=321e518cb9b2cf082d604d6757c75da1#src=h’ -http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http’
polonus (volunteer website security analyst and website error-hunter)
P.S. Update scan detection: https://www.virustotal.com/nl/file/2494488384b0d63fa7d66353b793eb7eb522abbb85ddf2ecea92b51b7fd13de4/analysis/1448466384/ (thanks again Pondus for reporting!)
