Ticket #888 (closed defect: fixed)

Opened 12 months ago

Last modified 12 months ago

Adverts on Transition Network Front Page loaded via flickrit.com embedded content

Reported by: chris Owned by: ade
Priority: major Milestone: Maintenance
Component: Drupal modules & settings Keywords:
Cc: paul, sam, ade Estimated Number of Hours: 0.0
Add Hours to Ticket: 0 Billable?: yes
Total Hours: 0.25

Description (last modified by chris) (diff)

It it intentional or accidental that adverts from https://secureads.bitbillions.com/ are being loaded on the front page of https://www.transitionnetwork.org/ via the embedded content from flickrit.com?

Attachments

14260753359355.jpg (5.9 KB) - added by chris 12 months ago.
tn.png (94.9 KB) - added by chris 12 months ago.
tn2.png (97.8 KB) - added by chris 12 months ago.
tn3.png (83.5 KB) - added by chris 12 months ago.

Change History

Changed 12 months ago by chris

Changed 12 months ago by chris

comment:1 Changed 12 months ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.25
  • Total Hours changed from 0.0 to 0.25

I was just checking the page load time, given the huge amount of RAM I threw at the server last night to try to keep it up (see ticket:846#comment:58) via http://tools.pingdom.com/fpt and noticed that this image was served when the front page was loaded:


Here is the reference to it from the Pingdom results:


I assume this has been loaded via some 3rd party content embedded into the front page, I assume this was accidental and not intended?

Adverts are used to deliver a lot of malware these days, see for example http://www.theregister.co.uk/2015/08/27/malvertising_feature/

If that is the case should we try to track down the cause of this?

comment:2 Changed 12 months ago by chris

  • Summary changed from Adverts on Transition Netword Front Page to Adverts on Transition Network Front Page

Changed 12 months ago by chris

comment:3 Changed 12 months ago by chris

Here is another thing loaded from that server.


Last edited 12 months ago by chris (previous) (diff)

Changed 12 months ago by chris

comment:4 Changed 12 months ago by chris

And some javascript from bam.nr-data.net that is loaded from the HTML above:


comment:5 Changed 12 months ago by chris

The source of these adverts are webbugs are the content embedded in the front page from flickrit.com -- see the Referer fields in the images above.

comment:6 Changed 12 months ago by chris

  • Description modified (diff)
  • Summary changed from Adverts on Transition Network Front Page to Adverts on Transition Network Front Page loaded via flickrit.com embedded content

comment:7 follow-up: ↓ 10 Changed 12 months ago by sam

Definitely unintentional.

My guess is it's to do with this thing: ​https://flickrit.com/faqs.html

I used it to embed a Flickr slideshow, as Flickr don't do that natively any more. They don't mention they are going to fill your site with ads, so it's unclear if they have been exploited themselves, or if that's their model. Either way I've removed it and it seems to have gone away: ​http://tools.pingdom.com/fpt/#!/cQcJDT/transitionnetwork.org

Sorry about that!
Thanks
Sam

comment:8 Changed 12 months ago by sam

  • Status changed from new to closed
  • Resolution set to fixed

comment:9 Changed 12 months ago by chris

  • Description modified (diff)

comment:10 in reply to: ↑ 7 Changed 12 months ago by chris

Replying to sam:

I used it to embed a Flickr slideshow, as Flickr don't do that natively any more. They don't mention they are going to fill your site with ads, so it's unclear if they have been exploited themselves, or if that's their model. Either way I've removed it and it seems to have gone away: ​http://tools.pingdom.com/fpt/#!/cQcJDT/transitionnetwork.org

Thanks Sam! :-)

Note: See TracTickets for help on using tickets.