Transition Technology: Ticket #888: Adverts on Transition Network Front Page loaded via flickrit.com embedded content

attachment set

chris — Sun, 06 Dec 2015 12:30:24 GMT

attachment set to 14260753359355.jpg

attachment set

chris — Sun, 06 Dec 2015 12:32:52 GMT

attachment set to tn.png

hours, totalhours changed

chris — Sun, 06 Dec 2015 12:40:17 GMT

hours changed from 0.0 to 0.25
totalhours changed from 0.0 to 0.25

I was just checking the page load time, given the huge amount of RAM I threw at the server last night to try to keep it up (see ticket:846#comment:58) via http://tools.pingdom.com/fpt and noticed that this image was served when the front page was loaded:

Here is the reference to it from the Pingdom results:

I assume this has been loaded via some 3rd party content embedded into the front page, I assume this was accidental and not intended?

Adverts are used to deliver a lot of malware these days, see for example http://www.theregister.co.uk/2015/08/27/malvertising_feature/

If that is the case should we try to track down the cause of this?

summary changed

chris — Sun, 06 Dec 2015 12:41:26 GMT

summary changed from Adverts on Transition Netword Front Page to Adverts on Transition Network Front Page

attachment set

chris — Sun, 06 Dec 2015 12:43:26 GMT

attachment set to tn2.png

chris — Sun, 06 Dec 2015 12:44:31 GMT

Here is another thing loaded from that server.

attachment set

chris — Sun, 06 Dec 2015 12:50:37 GMT

attachment set to tn3.png

chris — Sun, 06 Dec 2015 12:52:00 GMT

And some javascript from bam.nr-data.net that is loaded from the HTML above:

chris — Sun, 06 Dec 2015 12:53:50 GMT

The source of these adverts are webbugs are the content embedded in the front page from flickrit.com -- see the Referer fields in the images above.

description, summary changed

chris — Sun, 06 Dec 2015 12:54:54 GMT

description modified (diff)
summary changed from Adverts on Transition Network Front Page to Adverts on Transition Network Front Page loaded via flickrit.com embedded content

sam — Sun, 06 Dec 2015 12:56:45 GMT

Definitely unintentional.

My guess is it's to do with this thing: https://flickrit.com/faqs.html

I used it to embed a Flickr slideshow, as Flickr don't do that natively any more. They don't mention they are going to fill your site with ads, so it's unclear if they have been exploited themselves, or if that's their model. Either way I've removed it and it seems to have gone away: http://tools.pingdom.com/fpt/#!/cQcJDT/transitionnetwork.org

Sorry about that! Thanks Sam

status changed; resolution set

sam — Sun, 06 Dec 2015 12:57:24 GMT

status changed from new to closed
resolution set to fixed

description changed

chris — Sun, 06 Dec 2015 12:58:35 GMT

description modified (diff)

chris — Sun, 06 Dec 2015 12:59:14 GMT

Replying to sam:

I used it to embed a Flickr slideshow, as Flickr don't do that natively any more. They don't mention they are going to fill your site with ads, so it's unclear if they have been exploited themselves, or if that's their model. Either way I've removed it and it seems to have gone away: http://tools.pingdom.com/fpt/#!/cQcJDT/transitionnetwork.org

Thanks Sam! :-)