Did you guys implemented ads on the site?
I'm getting ads right after the banner and some hidden near the post buttons....
Was redirected to several gambling sites :/
Update:
So every time i try to post a reply/edit etc... there is some script that is trying to redirect to some shady sites... Chrome block it and SEP logs the event:
Code:
[SID: 31349] Malicious Site: Malicious Domain Request 21 attack blocked. Traffic has been blocked for this application: C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
Code:
12-Nov-19 17:33:26 Intrusion Prevention Major Incoming TCP 213.174.153.229 80 N/A myip 50496 N/A C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE 31349 72509 Malicious Site: Malicious Domain Request 21 find-my-great-life.com/ntv.json?key=b0ed4259c041b3223c7c47d379b88714&vstc=4&uuid=b1e15ffc-ee8e-4582-adeb-52adc09ebfba%3A1%3A2&custom=%7B%22d37e3bc4%22%3A%22b%22%7D user localmachine Default 2 12-Nov-19 17:31:50 12-Nov-19 17:32:21
Same here.
@
rikardo1979, can something be done about some of the ads hijacking the browser and redirecting you directly to those ads without clicking on them ?
This is the most urgent issue I have with the new ads.
The other issues is that sometimes your not able to click on forum buttons/links that are obscured by ads like the "Alerts" part on the forum.
Plus on the main site, sometimes its not clear what is an ad and whats not.
Can the ads be tagged/marked as being ads to better distinct ?
(12th Nov, 2019 05:21 AM)Exnor Wrote: [ -> ]
Code:
12-Nov-19 17:33:26 Intrusion Prevention Major Incoming TCP 213.174.153.229 80 N/A myip 50496 N/A C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE 31349 72509 Malicious Site: Malicious Domain Request 21 find-my-great-life.com
Hmm seems we might be contributing to malware now
https://blog.malwarebytes.com/detections/find-great-life-com/
(16th Nov, 2019 05:19 AM)deHakkelaar Wrote: [ -> ] (12th Nov, 2019 05:21 AM)Exnor Wrote: [ -> ]
Code:
12-Nov-19 17:33:26 Intrusion Prevention Major Incoming TCP 213.174.153.229 80 N/A myip 50496 N/A C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE 31349 72509 Malicious Site: Malicious Domain Request 21 find-my-great-life.com
Hmm seems we might be contributing to malware now
https://blog.malwarebytes.com/detections/find-great-life-com/
Well it still tries to redirect the browser to some shady sites... as soon as i open the reply on the forum a redirection was detected and blocked...
Again the same site/domain:
Code:
16-Nov-19 21:54:40 Intrusion Prevention Major Incoming TCP 213.174.153.231 80 N/A myip 50240 N/A C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE 31349 72519 Malicious Site: Malicious Domain Request 21 find-my-great-life.com/ntv.json?key=b0ed4259c041b3223c7c47d379b88714&vstc=4&uuid=b1e15ffc-ee8e-4582-adeb-52adc09ebfba%3A1%3A2&custom=%7B%22d37e3bc4%22%3A%22b%22%7D user locamachine Default 1 16-Nov-19 21:53:37 16-Nov-19 21:53:37
I am not seeing any ads at all, but then I am using Firefox and have an old pi running pihole so those two differences might be making all the difference.
(17th Nov, 2019 07:23 PM)Skywatch Wrote: [ -> ]I am not seeing any ads at all, but then I am using Firefox and have an old pi running pihole so those two differences might be making all the difference.
I only see the ads on Android... On windows Symantec blocks them and the redirects and logs it ( the above paste).
But Chrome on Android does not block or stop the redirects :/ ...
(18th Nov, 2019 09:05 AM)Exnor Wrote: [ -> ]I only see the ads on Android...
Time to get Pi-hole and block any ad/malware/crypto mining domain with ease for your entire network
EDIT: Bit old but might still work:
http://forum.xbian.org/thread-3899.html
I run
https://diversion.ch/diversion/diversion.html on my router and use the brave browser. between the two, I usually see no advertising or pop-ups.
I believe that using the router firmware's DNS-over-TLS encryption capabilities (pointed at CloudFlare)
may help the router's
AND browser's blocking things do their jobs better.
I could probably do a better job at protecting my network with a router firewall, but since I implemented the protocols afforded me by using the scripts to block those things, I don't see threats on my machine/mobile, so I'm not in danger of clicking anything malicious accidentally.
(18th Nov, 2019 09:16 AM)deHakkelaar Wrote: [ -> ] (18th Nov, 2019 09:05 AM)Exnor Wrote: [ -> ]I only see the ads on Android...
Time to get Pi-hole and block any ad/malware/crypto mining domain with ease for your entire network
EDIT: Bit old but might still work:
http://forum.xbian.org/thread-3899.html
Sadly a Raspberry Pi 1 does not have enough bandwidth on the shared ethernet port ( it uses the USB bus) for my needs and I'm not buying a model 4 with the current inflated prices :/ . ( I do have 2 Pi 1B units doing nothing right now... But i need something that cand handle a symmetrical full duplex 500Mbits/s bandwidth and last time i tested the model 1 barely reached 100 Mbits/s of stable data rate.).
Also this problem of "hidden" redirect scrips or concealed links is only present in this forum... I have not visited any other site with this behaviour on a Android machine.
Time to save some money and buy a more modern gateway/router i guess....
(19th Nov, 2019 03:39 AM)Exnor Wrote: [ -> ]Sadly a Raspberry Pi 1 does not have enough bandwidth on the shared ethernet port ...
Pi-hole doesnt need any bandwidth.
Its a caching DNS proxy that blocks blacklisted domains.
Only tiny little DNS queries run through Pi-hole.
Normal network traffic takes the default routes via your router if need to go to internet.
The old Pi 1's are perfectly suited for this simple task.
(19th Nov, 2019 10:06 AM)deHakkelaar Wrote: [ -> ] (19th Nov, 2019 03:39 AM)Exnor Wrote: [ -> ]Sadly a Raspberry Pi 1 does not have enough bandwidth on the shared ethernet port ...
Pi-hole doesnt need any bandwidth.
Its a caching DNS proxy that blocks blacklisted domains.
Only tiny little DNS queries run through Pi-hole.
Normal network traffic takes the default routes via your router if need to go to internet.
The old Pi 1's are perfectly suited for this simple task.
I didn't knew that :o. . always assumed that it worked as a gateway of sorts.
I have to visit the project site. Thanks for the info
.
But it still remains the question, why did the site manager inserted this type of ads here in the forum?
Thank you all for the feedback here.
I have talked to the ads guys and they promised they have fixed the issues.
Please if you can test it extensively and if you find any issue just let me know so we can deal with it
Thank you
(22nd Nov, 2019 10:11 PM)rikardo1979 Wrote: [ -> ]Thank you all for the feedback here.
I have talked to the ads guys and they promised they have fixed the issues.
Please if you can test it extensively and if you find any issue just let me know so we can deal with it
Thank you
Well something is still active.... As soon as i entered the forum Symantec Endpoint Protection 14.2 pop up this warning:
Code:
22-Nov-19 17:00:12 Intrusion Prevention Major Incoming TCP 213.174.153.231 80 N/A myip 49824 N/A C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE 31349 72524 Malicious Site: Malicious Domain Request 21 find-my-great-life.com/ntv.json?key=b0ed4259c041b3223c7c47d379b88714&vstc=4&uuid=ded22d58-1e82-4f6e-ba3b-5d646f51883e%3A3%3A2&custom=%7B%22d37e3bc4%22%3A%22b%22%7D localuser localmachine Default 1 22-Nov-19 16:59:08 22-Nov-19 16:59:08
The Ads themselves are blocked, the placeholders still appear but the ads do not.
I have yet to test on Android...