Rogue ad on eBay redirecting to a scam site - How to block it

Lately while browsing eBay, I got redirected several times to a phony prize give away. The last time I experienced something like this was back in 2015.

I used the Fiddler 4 debugger to look at the referral trail and it starts with the following DoubleClick ad on eBay, shown here three times in a row:

Unlike the previous rogue ad I encountered, this one persistently redirects. The previous one I encountered only redirected once a day per IP address.

As a test, I put the source URL of the ad into a new browser window:

Without touching anything, the browser redirects to the scam, in this case impersonating the ISP I use, i.e. Three Ireland:

To block the ad (if not using an ad-blocker):

  1. Go into the start menu and type “Notepad”.
  2. Right-click on Notepad and click “Run as administrator”, then click ‘Yes’.
  3. Go into the File menu and Open.
  4. In the “File name:” field, type: c:\windows\system32\drivers\etc\hosts
  5. Click ‘Open’.
  6. Add the following at the end on a new line: 0.0.0.0 fortvision.global.ssl.fastly.net
  7. Go into the File menu and Save.

The above will block the script that particular ad fetches. To block all Double Click ads, add this line to the end of the above hosts file: 0.0.0.0 s0.2mdn.net or better still, see this thread for a large comprehensive hosts file for blocking ads.

You should put the actual link so I can test it as well. Then I can put that into the hosts file to block it for the test to insure it works. I added these to the blocking hosts file. Give it a try I don’t use 0.0.0.0 because it is incompatible with Windows 10 uses and most site from my usage still use 127.0.0.1.

#2020 MyCE Blocks
127.0.0.1 install.search-aholic.com
127.0.0.1 software-updatescheck.com
127.0.0.1 mob1ledev1ces.com
127.0.0.1 mysoftwaresolutionsnow.com
127.0.0.1 eu.moneysavingexpertnerfyclublogin.xyz
127.0.0.1 fortvision.global.ssl.fastly.net

Updated to include these sites