Forum
[PROBLEM] Intrusive ads? - Printable Version

+- Forum (http://forum.xbian.org)
+-- Forum: Community (/forum-5.html)
+--- Forum: Feedback (/forum-12.html)
+---- Forum: The website (/forum-13.html)
+---- Thread: [PROBLEM] Intrusive ads? (/thread-4050.html)

Pages: 1 2

Intrusive ads? - Exnor - 12th Nov, 2019 05:21 AM

Did you guys implemented ads on the site?

I'm getting ads right after the banner and some hidden near the post buttons....

Was redirected to several gambling sites :/

Update:
So every time i try to post a reply/edit etc... there is some script that is trying to redirect to some shady sites... Chrome block it and SEP logs the event:

Code:
[SID: 31349] Malicious Site: Malicious Domain Request 21 attack blocked. Traffic has been blocked for this application: C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE

Code:
12-Nov-19 17:33:26    Intrusion Prevention    Major    Incoming    TCP    213.174.153.229    80    N/A    myip    50496    N/A    C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE    31349    72509    Malicious Site: Malicious Domain Request 21    find-my-great-life.com/ntv.json?key=b0ed4259c041b3223c7c47d379b88714&vstc=4&uuid=b1e15ffc-ee8e-4582-adeb-52adc09ebfba%3A1%3A2&custom=%7B%22d37e3bc4%22%3A%22b%22%7D        user localmachine    Default    2    12-Nov-19 17:31:50    12-Nov-19 17:32:21


RE: Intrusive ads? - deHakkelaar - 16th Nov, 2019 04:55 AM

Same here.
@rikardo1979, can something be done about some of the ads hijacking the browser and redirecting you directly to those ads without clicking on them ?
This is the most urgent issue I have with the new ads.

The other issues is that sometimes your not able to click on forum buttons/links that are obscured by ads like the "Alerts" part on the forum.
Plus on the main site, sometimes its not clear what is an ad and whats not.
Can the ads be tagged/marked as being ads to better distinct ?

RE: Intrusive ads? - deHakkelaar - 16th Nov, 2019 05:19 AM

(12th Nov, 2019 05:21 AM)Exnor Wrote:  
Code:
12-Nov-19 17:33:26    Intrusion Prevention    Major    Incoming    TCP    213.174.153.229    80    N/A    myip    50496    N/A    C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE    31349    72509    Malicious Site: Malicious Domain Request 21    find-my-great-life.com

Hmm seems we might be contributing to malware now Sad

https://blog.malwarebytes.com/detections/find-great-life-com/

RE: Intrusive ads? - Exnor - 17th Nov, 2019 08:11 AM

(16th Nov, 2019 05:19 AM)deHakkelaar Wrote:  
(12th Nov, 2019 05:21 AM)Exnor Wrote:  
Code:
12-Nov-19 17:33:26    Intrusion Prevention    Major    Incoming    TCP    213.174.153.229    80    N/A    myip    50496    N/A    C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE    31349    72509    Malicious Site: Malicious Domain Request 21    find-my-great-life.com

Hmm seems we might be contributing to malware now Sad

https://blog.malwarebytes.com/detections/find-great-life-com/

Well it still tries to redirect the browser to some shady sites... as soon as i open the reply on the forum a redirection was detected and blocked...

Again the same site/domain:
Code:
16-Nov-19 21:54:40    Intrusion Prevention    Major    Incoming    TCP    213.174.153.231    80    N/A    myip 50240    N/A    C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE    31349    72519    Malicious Site: Malicious Domain Request 21    find-my-great-life.com/ntv.json?key=b0ed4259c041b3223c7c47d379b88714&vstc=4&uuid=b1e15ffc-ee8e-4582-adeb-52adc09ebfba%3A1%3A2&custom=%7B%22d37e3bc4%22%3A%22b%22%7D        user locamachine    Default    1    16-Nov-19 21:53:37    16-Nov-19 21:53:37


RE: Intrusive ads? - Skywatch - 17th Nov, 2019 07:23 PM

I am not seeing any ads at all, but then I am using Firefox and have an old pi running pihole so those two differences might be making all the difference.

RE: Intrusive ads? - deHakkelaar - 18th Nov, 2019 07:54 AM

(17th Nov, 2019 07:23 PM)Skywatch Wrote:  I am not seeing any ads at all, but then I am using Firefox and have an old pi running pihole so those two differences might be making all the difference.

Terminal
pi@noads:~ $ pihole -q find-my-great-life.com
[i] No results found for find-my-great-life.com within the block lists

Terminal
pi@noads:~ $ pihole -b find-my-great-life.com
[i] Adding find-my-great-life.com to blacklist...
[i] find-my-great-life.com does not exist in whitelist, no need to remove!
[i] Pi-hole blocking is enabled
[i] Using cached Event Horizon list...
[i] 149448 unique domains trapped in the Event Horizon
[i] Number of blacklisted domains: 2
[i] Number of regex filters: 0
[✓] Parsing domains into hosts format
[✓] Cleaning up stray matter
[✓] Force-reloading DNS service
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled

Terminal
pi@noads:~ $ pihole -q find-my-great-life.com
Match found in Blacklist
find-my-great-life.com

Terminal
pi@noads:~ $ host find-my-great-life.com
find-my-great-life.com has address 0.0.0.0
find-my-great-life.com has IPv6 address ::


RE: Intrusive ads? - Exnor - 18th Nov, 2019 09:05 AM

(17th Nov, 2019 07:23 PM)Skywatch Wrote:  I am not seeing any ads at all, but then I am using Firefox and have an old pi running pihole so those two differences might be making all the difference.


I only see the ads on Android... On windows Symantec blocks them and the redirects and logs it ( the above paste).

But Chrome on Android does not block or stop the redirects :/ ...

RE: Intrusive ads? - deHakkelaar - 18th Nov, 2019 09:16 AM

(18th Nov, 2019 09:05 AM)Exnor Wrote:  I only see the ads on Android...

Time to get Pi-hole and block any ad/malware/crypto mining domain with ease for your entire network Wink

EDIT: Bit old but might still work:
http://forum.xbian.org/thread-3899.html

RE: Intrusive ads? - gkusiak - 19th Nov, 2019 02:23 AM

I run https://diversion.ch/diversion/diversion.html on my router and use the brave browser. between the two, I usually see no advertising or pop-ups.
I believe that using the router firmware's DNS-over-TLS encryption capabilities (pointed at CloudFlare) may help the router's AND browser's blocking things do their jobs better.
I could probably do a better job at protecting my network with a router firewall, but since I implemented the protocols afforded me by using the scripts to block those things, I don't see threats on my machine/mobile, so I'm not in danger of clicking anything malicious accidentally.

RE: Intrusive ads? - Exnor - 19th Nov, 2019 03:39 AM

(18th Nov, 2019 09:16 AM)deHakkelaar Wrote:  
(18th Nov, 2019 09:05 AM)Exnor Wrote:  I only see the ads on Android...

Time to get Pi-hole and block any ad/malware/crypto mining domain with ease for your entire network Wink

EDIT: Bit old but might still work:
http://forum.xbian.org/thread-3899.html

Sadly a Raspberry Pi 1 does not have enough bandwidth on the shared ethernet port ( it uses the USB bus) for my needs and I'm not buying a model 4 with the current inflated prices :/ . ( I do have 2 Pi 1B units doing nothing right now... But i need something that cand handle a symmetrical full duplex 500Mbits/s bandwidth and last time i tested the model 1 barely reached 100 Mbits/s of stable data rate.).

Also this problem of "hidden" redirect scrips or concealed links is only present in this forum... I have not visited any other site with this behaviour on a Android machine.

Time to save some money and buy a more modern gateway/router i guess....

RE: Intrusive ads? - deHakkelaar - 19th Nov, 2019 10:06 AM

(19th Nov, 2019 03:39 AM)Exnor Wrote:  Sadly a Raspberry Pi 1 does not have enough bandwidth on the shared ethernet port ...

Pi-hole doesnt need any bandwidth.
Its a caching DNS proxy that blocks blacklisted domains.
Only tiny little DNS queries run through Pi-hole.
Normal network traffic takes the default routes via your router if need to go to internet.
The old Pi 1's are perfectly suited for this simple task.

RE: Intrusive ads? - Exnor - 19th Nov, 2019 10:58 AM

(19th Nov, 2019 10:06 AM)deHakkelaar Wrote:  
(19th Nov, 2019 03:39 AM)Exnor Wrote:  Sadly a Raspberry Pi 1 does not have enough bandwidth on the shared ethernet port ...

Pi-hole doesnt need any bandwidth.
Its a caching DNS proxy that blocks blacklisted domains.
Only tiny little DNS queries run through Pi-hole.
Normal network traffic takes the default routes via your router if need to go to internet.
The old Pi 1's are perfectly suited for this simple task.

I didn't knew that :o. . always assumed that it worked as a gateway of sorts.

I have to visit the project site. Thanks for the info Smile .

But it still remains the question, why did the site manager inserted this type of ads here in the forum?

RE: Intrusive ads? - deHakkelaar - 19th Nov, 2019 11:06 AM

Work in progress Wink

RE: Intrusive ads? - rikardo1979 - 22nd Nov, 2019 10:11 PM

Thank you all for the feedback here.
I have talked to the ads guys and they promised they have fixed the issues.
Please if you can test it extensively and if you find any issue just let me know so we can deal with it

Thank you

RE: Intrusive ads? - Exnor - 23rd Nov, 2019 03:23 AM

(22nd Nov, 2019 10:11 PM)rikardo1979 Wrote:  Thank you all for the feedback here.
I have talked to the ads guys and they promised they have fixed the issues.
Please if you can test it extensively and if you find any issue just let me know so we can deal with it

Thank you

Well something is still active.... As soon as i entered the forum Symantec Endpoint Protection 14.2 pop up this warning:

Code:
22-Nov-19 17:00:12    Intrusion Prevention    Major    Incoming    TCP    213.174.153.231    80    N/A    myip    49824    N/A    C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE    31349    72524    Malicious Site: Malicious Domain Request 21    find-my-great-life.com/ntv.json?key=b0ed4259c041b3223c7c47d379b88714&vstc=4&uuid=ded22d58-1e82-4f6e-ba3b-5d646f51883e%3A3%3A2&custom=%7B%22d37e3bc4%22%3A%22b%22%7D        localuser    localmachine Default    1    22-Nov-19 16:59:08    22-Nov-19 16:59:08

The Ads themselves are blocked, the placeholders still appear but the ads do not.

I have yet to test on Android...