Hidden redirect code I can't figure out (11)

Hey guys,

I am not all that techy, but most landing pages I've borrowed I've been able to figure out how to get rid of sneaky redirects. Not this time. I have a landing page that I need help with. There doesn't seem to be any consistency with the redirects, I visited the page 10 times in a row with no redirect and then all of a sudden it will start redirecting again. The page is redirecting to a specific url: ssl.mmtgo

Is there anyone on here that can help detect the code on my lander? Or does anyone know who I can find to help with this? Any help is appreciated. Thanks

I'm looking to find someone that is able to help me clean up some pages as I need. Seems to be difficult finding someone that is knowledgeable in this type of stuff, even on sites like upwork. Some of these redirects are so well hidden that the average person doesn't seem to be aware of these tricks.

I also want to know how to clean a nasty redirect on a lander. I have encountered same problem as OP when the redirect is inconsistent. I think the redirect is hidden somewhere in the JS query. I tried replacing the JS query file with a clean one but it breaks the lander. Hope someone here can enlighten us.

It gets pretty easy to spot once you know what to look for.

It's almost always obfuscated code, typically a bunch of html entities in strings, and then the redirect is done via calling some variation of window.location = 'the + obfuscated + string'. So there shouldn't be any window.location stuff - that's a dead giveaway.

Originally Posted by wes888

I also want to know how to clean a nasty redirect on a lander. I have encountered same problem as OP when the redirect is inconsistent. I think the redirect is hidden somewhere in the JS query. I tried replacing the JS query file with a clean one but it breaks the lander. Hope someone here can enlighten us.

Anyone? I've spent hours on hours trying to figure this out. Starting to get some what frustrated.

I see a window.location in the bottom of the code but it is pointing to my url.. Even the backbutton is redirecting to another offer, but not every single time. In the pushstate script, I don't see anything suspicious/out of the ordinary

share the lp code and we'll find it for you

Some parts of the code that could be redirecting:

<script>function setButtonHeight(){conMid=(whCon.getBoundingClientR ect().bottom-whCon.getBoundingClientRect().top)/2,button.style.top=conMid-button.offsetHeight/2-0.2*button.offsetHeight/2+"px"}function spin(){switch(count){case 1:dWheel.className="spinAround",setTimeout(functio n(){alert("Sorry.\n\nProbeer het alstublieft opnieuw. U heeft nog EEN kans!")},6800);break;case 2:dWheel.className="spinAround2",setTimeout(functi on(){dWheel.className=dWheel.className+" transparent"},6800),setTimeout(function(){device.s tyle.display="block",device.style.left=whCon.offse tWidth/2-device.offsetWidth/2+"px",device.style.top=conMid-device.offsetHeight/2+"px"},7000),setTimeout(function(){first.innerHTM L="<img src='loading.gif'>",first.style.padding="195px 0px",setTimeout(function(){first.parentNode.remove Child(first),second.style.display="block",con.inse rtBefore(second,con.firstChild)},1500)},9000)}coun t++}function gotoUrl(b){PreventExitPop=!1,window.location.href= clickUrl}var clickUrl="MY TRACKING LINK",mydate=new Date,year=mydate.getFullYear(),month=mydate.getMon th(),day=mydate.getDate(),weekday=mydate.getDay(), montharray=new Array("januari","februari","maart","april","mei"," juni","juli","augustus","september","oktober","nov ember","december"),weekdayarray=new Array("zondag","maandag","dinsdag","woensdag","don derdag","vrijdag","zaterdag"),count=1,conMid,headl ine=document.getElementById("headline"),topDate=do cument.getElementById("topDate"),today=document.ge tElementById("today"),con=document.getElementById( "container"),whCon=document.getElementById("wheelC on"),dWheel=document.getElementById("wheel"),butto n=document.getElementById("pressButton"),device=do cument.getElementById("devMockup"),first=document. getElementById("firstpage"),second=document.getEle mentById("secondpage");topDate.innerHTML=day+" "+montharray[month]+" "+year,today.innerHTML=weekdayarray[weekday];</script>

Zip up the folder and upload it somewhere and share, or if you don't want to share with everyone PM me and I'll take a look real quick I'm a programmer and taking a break right now anyways. Not interested in stealing your LP I just run ecommerce and like code.

Okay so we still can't figure out what's causing the the redirect. Here is the zip file for the lander, would someone mind taking a look and see if you can find out what's causing this redirect?


(removed)

I'm not seeing anything hidden. There isn't a ton of javascript on the page and it's pretty straightforward.

There's a 3 minute setTimeout function that redirects you to your own link:

  <script type="text/javascript">
    var str1;
    str1 = "http://track.mytrackinglink.xyz/click";
    setTimeout(function () {
      alert(
        "Sie haben die Chance, das neue iPhone X zu gewinnen!\n\n1. ‘OK’ klicken, um Ihr iPhone X zu erhalten. Sie werden anschließend auf die Webseite unseres Partners weitergeleitet.\n2. Geben Sie Ihre E-Mail-Adresse ein, um Informationen darüber zu erhalten, wie Sie Ihren Preis erhalten können.\n\nEs ist kostenlos!"
      );
      PreventExitPop = false;
      window.location = str1
    }, 180000);
  </script>

That's that I thought at first, but then I noticed that on my mobile phone I'm being redirected to an anti-virus landing page. Is it possible that the network will redirect traffic to their own funnel if the traffic does not meet publisher requirements (geo, age, etc)

Originally Posted by cpamarketing348

That's that I thought at first, but then I noticed that on my mobile phone I'm being redirected to an anti-virus landing page. Is it possible that the network will redirect traffic to their own funnel if the traffic does not meet publisher requirements (geo, age, etc)