MyCE in your Face Popups?

vbimport

#1

Has anyone notice that when you log into MyCE you get a full face blocking pop ad? I been noticing that as of this last week? But at home with my PC hosts edit blocker I don’t see this. Did management go the route of Malware and use such tactics now?


#2

[moved thread to more appropriate forum]

I’ve noticed this happen recently, too (within the past couple of months).

Phone & computer, different browsers.

A quick screenshot or two to show what we’re referencing.




#3

Thanks for reporting, this is certainly not intentional and should not happen. I need to investigate this. I just had a quick look and couldn’t find any malware. So it probably is an advertising network that somehow serves this without our consent. Looking into it!

The strangest thing is that you see this when logged in, logged in users should not/hardly seen any ads :s

Anyone else who notices this, please report it too, as it can help find the culprit!

Certainly not, I rather shutdown the site than serve this crap!


#4

I have been seeing this for about 2 months JW, I thought it was intentional.


#5

WinX thing?

Me on 7 does not see this but I am rarely here/logged in


#6

[QUOTE=Millennium12;2780617]WinX thing?

Me on 7 does not see this but I am rarely here/logged in[/QUOTE]

One of my screenshots is from Chrome on Android 6.0.1; the other, Safari on OS X 10.11.6.


#7

I haven’t seen this ad here. Win10 and Edge browser.
Could this problem be regional specific?

@Albert
Your posted images appear [B]blank[/B] here (see my screenshot).


#8

How odd. They’re solidly visible for me, and look to be attached properly; the forum software even resized them to fit the required dimensions.

The “direct” links to the attachments (probably won’t make them any more visible if they didn’t load in the first place):


#9

I am on win 7, I use IE, I have not see the ADDs, I did see the screen shots that you put yup. hope this helps


#10

[QUOTE=Albert;2780619]One of my screenshots is from Chrome on Android 6.0.1; the other, Safari on OS X 10.11.6.[/QUOTE]

okay, I saw your screenshots - using latest FF and chrome here … no such problems!


#11

From what I can tell, the ad appears to be region-specific and is intermittent.

So far I have not seen any pop-up ads here in Ireland or while I was in Germany.

However, after trying a VPN connection to simulate being in the USA, an ad appeared and I was already logged in:

It did take a handful of VPN connection attempts to trigger the ad, so whoever is behind these dodgy ads seem to blocking VPN IP addresses/ranges similar to what content providers to enforce their region restrictions.

When I get time, I’ll try doing a trace to see what’s triggering it.



#12

I still use XP and have ad blockers,(use Firefox) so I haven’t seen them. I do have 30+ trackers show up though just before sign in and 3-5 after I have signed in.


#13

I get those unless I’m applying the hosts Ad-blocker from coolcolors (even on a VPNed connection) and whenever I test the TOR browser (it works as a proxy and so hosts edits won’t work).

I did choose to implement the hosts file even her due to them as I am opposed to intrusive ads and I make no exception. I would however prefer the forum VM to be left with as few modifications as possible to make sure I can get the full picture somewhere (it even reports to M$ at current).

In other words, go Seán :flower:


#14

This is incredibly tricky to trace as there’s quite a lot of obscured JavaScript.

Based on what I could make out after about 2 hours of looking at code, the following is the trace I have been able to capture:
[ol]
[li]Forum loads ‘http://cdn.nsstatic.net/ns/myce.com.js
[/li][li]Above script in turn loads ‘http://native.sharethrough.com/assets/tag.js
[/li][li]Above script in turn loads ‘https://z.moatads.com/sharethroughv2465247317527/moatad.js
[/li][li]Above script in turn displays a pop-up ad style lightbox with an ad from ‘p.flite.com’.
[/li][/ol]


#15

I have now removed the following code from the forum’s ‘FORUMHOME’ and ‘SHOWTHREAD’ HTML source:

<script type="text/javascript" id="nsgpt" data-channel="homepage" 
src="//cdn.nsstatic.net/ns/myce.com.js" async="true"></script>

If anyone is still seeing a pop-up ad, could you please post back here.

So far I have not managed to make the ad reappear after multiple USA VPN connection attempts.


#16

[QUOTE=Seán;2780661]I have now removed the following code from the forum’s ‘FORUMHOME’ and ‘SHOWTHREAD’ HTML source:

<script type="text/javascript" id="nsgpt" data-channel="homepage" 
src="//cdn.nsstatic.net/ns/myce.com.js" async="true"></script>

If anyone is still seeing a pop-up ad, could you please post back here.

So far I have not managed to make the ad reappear after multiple USA VPN connection attempts.[/QUOTE]

It reproduced on a VPN in Germany… I’ll check it, host file edits gone - I’ll rep ort back in a few days unless s ome one beats me to it which I h ope :slight_smile:


#17

So far I have not managed to get the ad to reproduce on the forum pages after countless VPN server locations.

However, it still is appearing intermittently on the Myce news pages while trying USA servers:

From a quick check at the source code, that above line I removed from the forum HTML source is present in the homepage source.

I’ll leave that DoMiN8ToR to check out or remove.



#18

switced to a U.S. server.


#19

I use Waterfox and Chrome, and its present on both.:sad:


#20

Thanks to Séan’s investigation I now know the culprit, it’s Netshelter, an advertising network we use. I will ask them to make sure no popup ads are shown on our site anymore.