Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Some links being hijacked when clicked from DuckDuckGo search results, pop up appears "Congratulations device user! "

  • 4 replies
  • 1 has this problem
  • 29 views
  • Last reply by walphilker
  • Solved

walphilker
walphilker

The full text of the pop-up is "Some links being hijacked, pop up "Congratulations device user! You are selected by our sponsor to be among the first few persons to win a Galaxy S10 or other"

The URL starts http://sweeps7668.bunnyvhyk7.live/4368084763/ and takes me to some false Survey about Google. This has happened a couple of times now with different websites. The link I clicked thsi time ( from DuckDuckGo search ) is https://www.topgadgetreviews.co.uk/finish-line-ceramic-wet-lubricant-120ml-bottle-review/ and after about 5 to 10 minutes when I click the link it is OK.

The full hijack link is as follows:

http://sweeps7668.bunnyvhyk7.live/7473237783/?utm_campaign=QPF8euu28II5lw7O2iHhCugVqK5RzfdNsTpLaMM91qY1&t=main9_143c3be8f9c3026d0802410a6e756e26fe6b&f=1&fp=Gd01tvRj7I3hp%2BtzBojF2df6dT2XPxwD3PBBik14iO6NEXxo2WZWGJn1mjKhbos3iparC0Cv57B5mkVoBG938KaII12RCB7g4YVnIl9W1WaR3L5J8ZTIVTbaIT65FzZzFh23zvjxCDsvkzugJFc%2FH%2FG2XEYkBU4Xi0xr6qdPjaf4HbWAwVB2cbrYGyDHLizpEkcuIjdlbyXjB5YTrWXDtpUlhDW3KgiTiUMT1qoC36SRh0XGua3WaLIJjGKBj%2FD1o2LW0OAFfoxBcfMcLL0%2BN6fb8DerOYIwsT4HhE8jZvHi4S2zPaBpkd7DjLJe6FUaTq%2FKtW7U3hFvZTlHFaNq96LRYZrsVUUzA58ahXs7e%2FeJHZBNR%2B2beJt%2BCi4x3t6UgcYnlB4NGmFDBdarzOdn9JYfXO0QgHTf6ogROTBtABZH5Sw7bDmncOXSt4hUHAJ54cC%2Ffvi7M8iVvsutu9ah7phnlAScs7S%2BpBPn0PP2kvAogB19R94UBz0r2R%2BVvhEkA6lV6VuY00ObvH6QdMVE3z1gs9EXI%2BKd1oVePD4cOVCdA7XlHg0Eoe%2BC4FMCkpSI0V6Pk0QVnk1yID5IMqZAZapLm9txeAiLHMhoGZPaLPNpMqVPMaTDVKBRmpFpjLRySFviZzqLyz15MdzEMcoqPDMrJ2X9j3GVsmFlkJB2%2FOzLw6TS0a3Pv6SDYeZjSaFUxjcaAwpDQiEQ1FJHxhoBdWPJyKIBmamJYZtbhHaYi8MXslHeHGTl1yYapyYtahezKVqE0PJF5eME6P%2BgAwfAxuMqbG54rTLPeE28gsk5SoGFm5bhKaIiDiWBCZyx58jHI9Atb%2BS8rX0mdhi14gZTOlZf%2FgwfoalXTJ5qlTIIbKl22bnFNpeCV3XibJtOthb6kgST%2FY4o32yurDZoKHFUWTRoBv3IJL5BjRF9lSaObC9x66B97IH2eW9wd%2F28wpilc6xmO9MRFJumhiXTNr8IhCSwLnRabV%2Fae%2F4GvKrckk26WJIpVaFQ3gvP1rsBDbBnNNXedKZw%2FOLmgnqjLE53Ud0khhDTXYdSCorTPbadqGPJ4h3KQbtZoPZ0JaBmwmPFOOPti2Cv2LYFuNctIzz9VKrMn5hQlY2j3lgvl1hGNAIKPycDpSZF%2F5SOaP2bLrwJLZKdO79WXWv38bW0q%2FyF5iADvyKJKnTOa7NZwPXgok5qVfslRl%2BSMLsOnJNE0I%2Ftywasy94ELGBTpnHi0gIZ4QCzfT3gqweNhnON7b5eA7sc6QAEqivlb86wTvW25U0qvQWVTeheGRyQygzsTM34PZ7UMaiLqtTG5Q4EpXZ9u1%2F%2FSXZtuqsNg0mS375BUOTEW8IsxqHw89SZL1PpTlSF03TJKCM1VyuCYOhmRq5bFlWZxeRBAHlXm2dQnrQpuWqm

The full text of the pop-up is "Some links being hijacked, pop up "Congratulations device user! You are selected by our sponsor to be among the first few persons to win a Galaxy S10 or other" The URL starts http://sweeps7668.bunnyvhyk7.live/4368084763/ and takes me to some false Survey about Google. This has happened a couple of times now with different websites. The link I clicked thsi time ( from DuckDuckGo search ) is https://www.topgadgetreviews.co.uk/finish-line-ceramic-wet-lubricant-120ml-bottle-review/ and after about 5 to 10 minutes when I click the link it is OK. The full hijack link is as follows: http://sweeps7668.bunnyvhyk7.live/7473237783/?utm_campaign=QPF8euu28II5lw7O2iHhCugVqK5RzfdNsTpLaMM91qY1&t=main9_143c3be8f9c3026d0802410a6e756e26fe6b&f=1&fp=Gd01tvRj7I3hp%2BtzBojF2df6dT2XPxwD3PBBik14iO6NEXxo2WZWGJn1mjKhbos3iparC0Cv57B5mkVoBG938KaII12RCB7g4YVnIl9W1WaR3L5J8ZTIVTbaIT65FzZzFh23zvjxCDsvkzugJFc%2FH%2FG2XEYkBU4Xi0xr6qdPjaf4HbWAwVB2cbrYGyDHLizpEkcuIjdlbyXjB5YTrWXDtpUlhDW3KgiTiUMT1qoC36SRh0XGua3WaLIJjGKBj%2FD1o2LW0OAFfoxBcfMcLL0%2BN6fb8DerOYIwsT4HhE8jZvHi4S2zPaBpkd7DjLJe6FUaTq%2FKtW7U3hFvZTlHFaNq96LRYZrsVUUzA58ahXs7e%2FeJHZBNR%2B2beJt%2BCi4x3t6UgcYnlB4NGmFDBdarzOdn9JYfXO0QgHTf6ogROTBtABZH5Sw7bDmncOXSt4hUHAJ54cC%2Ffvi7M8iVvsutu9ah7phnlAScs7S%2BpBPn0PP2kvAogB19R94UBz0r2R%2BVvhEkA6lV6VuY00ObvH6QdMVE3z1gs9EXI%2BKd1oVePD4cOVCdA7XlHg0Eoe%2BC4FMCkpSI0V6Pk0QVnk1yID5IMqZAZapLm9txeAiLHMhoGZPaLPNpMqVPMaTDVKBRmpFpjLRySFviZzqLyz15MdzEMcoqPDMrJ2X9j3GVsmFlkJB2%2FOzLw6TS0a3Pv6SDYeZjSaFUxjcaAwpDQiEQ1FJHxhoBdWPJyKIBmamJYZtbhHaYi8MXslHeHGTl1yYapyYtahezKVqE0PJF5eME6P%2BgAwfAxuMqbG54rTLPeE28gsk5SoGFm5bhKaIiDiWBCZyx58jHI9Atb%2BS8rX0mdhi14gZTOlZf%2FgwfoalXTJ5qlTIIbKl22bnFNpeCV3XibJtOthb6kgST%2FY4o32yurDZoKHFUWTRoBv3IJL5BjRF9lSaObC9x66B97IH2eW9wd%2F28wpilc6xmO9MRFJumhiXTNr8IhCSwLnRabV%2Fae%2F4GvKrckk26WJIpVaFQ3gvP1rsBDbBnNNXedKZw%2FOLmgnqjLE53Ud0khhDTXYdSCorTPbadqGPJ4h3KQbtZoPZ0JaBmwmPFOOPti2Cv2LYFuNctIzz9VKrMn5hQlY2j3lgvl1hGNAIKPycDpSZF%2F5SOaP2bLrwJLZKdO79WXWv38bW0q%2FyF5iADvyKJKnTOa7NZwPXgok5qVfslRl%2BSMLsOnJNE0I%2Ftywasy94ELGBTpnHi0gIZ4QCzfT3gqweNhnON7b5eA7sc6QAEqivlb86wTvW25U0qvQWVTeheGRyQygzsTM34PZ7UMaiLqtTG5Q4EpXZ9u1%2F%2FSXZtuqsNg0mS375BUOTEW8IsxqHw89SZL1PpTlSF03TJKCM1VyuCYOhmRq5bFlWZxeRBAHlXm2dQnrQpuWqm

Chosen solution

Standard8 is right.

See :

https://malwaretips.com/blogs/remove-dear-user-congratulations/

And also see these search results

Read this answer in context 👍 1

All Replies (4)

Standard8
Standard8 Mozilla Staff

You should check your computer for malware - it is likely there's something that has accidentally been installed that is causing this.

MalwareBytes seems to be a popular one.

walphilker
walphilker Question owner

I have run malware scans, it isn't my computer that is hijacked, it is the link. It might be your problem but you have a better chance of finding the source of the problem and notifying the affected sites.

McCoy
McCoy

Chosen Solution

Standard8 is right.

See :

https://malwaretips.com/blogs/remove-dear-user-congratulations/

And also see these search results

walphilker
walphilker Question owner

OK thanks, Bitdefender didn't spot it.