![Screenshot_2017-01-19-18-54-37[1].png](/community/data/attachments/549/549519-12b16bdda0fca23571ed2140ae7caef1.jpg)
Most likely this is because of a malicious ad. DIYA itself doesn't serve malicious content and that's why I have a picky adblocker. I block every ad that comes from a not-so-reputable ad provider. Ads about 'Sales' etc from webshops that usually get related to what I search for (eg if I were to shop alot on Bax-Shop it'd start giving me ads from bax and related) are allowed.
It's certainly a problem at a server, but neither DIYA or you are at fault. The server sends a querry to the google adsense provider servers and DIYA just receives an ad link that it then sends along, embedded, in the page. It's the provider server sending you a bad ad. It happens.
It's certainly a problem at a server, but neither DIYA or you are at fault. The server sends a querry to the google adsense provider servers and DIYA just receives an ad link that it then sends along, embedded, in the page. It's the provider server sending you a bad ad. It happens.
The warning is about www(dot)av199(dot)net, not this site...
Funny. Had to edit as the forum's auto formatting for url's did something weird and ended up with this:
Weirder. Even putting it in CODE tags couldn't tame it. Let's see if we can break it somehow...
And, yes, both Google safe browsing and Fortinet see this as a malware site.
Funny. Had to edit as the forum's auto formatting for url's did something weird and ended up with this:
Code:
www . av199 . netÓ°ÒôÐÂʱ´úÍø -¼ÒÍ¥Ó°Ôº|HiFi|ÒôÏì|Ñ¡¹º|ÖÇÄÜ|¸ßÇå|3D|µ÷ÊÔ|4k|³§ÉÌ - Powered by hd199 . netWeirder. Even putting it in CODE tags couldn't tame it. Let's see if we can break it somehow...
And, yes, both Google safe browsing and Fortinet see this as a malware site.
Last edited:
> the forum's auto formatting for url's did something weird
A naked URL, the forum connects to the site(!) and fetches the site-name, Title, the stuff seen in the browser tab.
That site is Chinese, and apparently this forum's software is baffled by the non-Euro character set, and renders as strange Latin characters.
Why it does this in CODE mode is very strange. You would think CODE would be dead-literal, not URL-look-upped.
Chinese on the Web is newer and this forum's software is older.
It is not clear why av199 is being flagged. I can't find a reputable report.
av199 seems to be hd199. It seems to be audio/AV/HD industry news. Lots of ads, and maybe one of them triggered the malware block.
A naked URL, the forum connects to the site(!) and fetches the site-name, Title, the stuff seen in the browser tab.
That site is Chinese, and apparently this forum's software is baffled by the non-Euro character set, and renders as strange Latin characters.
Why it does this in CODE mode is very strange. You would think CODE would be dead-literal, not URL-look-upped.
Chinese on the Web is newer and this forum's software is older.
It is not clear why av199 is being flagged. I can't find a reputable report.
av199 seems to be hd199. It seems to be audio/AV/HD industry news. Lots of ads, and maybe one of them triggered the malware block.
Ah, I didn't know that function connects to the URL. Seems like a serious security problem...
That was a copy and paste of the already looked up URL.
Ah, yes, UTF is missing.
I got mine from virustotal.com. 2 out of 54 report it. And those two are the most severe ones. So it's probably an ad on that site and not the site itself.
But if you add that they redirect from one domain to another, probably for SEO reasons, they're not the most careful...
Probably.
> I didn't know that function connects to the URL. Seems like a serious security problem...
When the WWW was simpler, it musta seemed a good way to convert big ugly URLs to nice click text. Pull the file, extract the TITLE, use that text. When good web sites used decent TITLEs in Euro characters, the only drawback was maybe a huge download (you request the whole HTML page even though you only want one line, usually but not invariably near the top).
The HTML file is held in forum software and TITLE extracted. So most ordinary malware will be ignored, or make the forum barf without infecting "us". True, this could be exploited with script in TITLE. Such script "could" then be rendered and maybe run in our browsers. The software this forum runs on is not *that* common, so is unlikely to be worth the script writing. But it could happen.
Yes, this does log as a "hit" which is "points" for some sites. Mostly bogus, since few of us here can read that site and be "valid hits" (understand, can click on ads, etc). I hate when sites earn free hits to run-up SEO. But it may only be the one hit when first posted, and the TITLE stored as message text.
When the WWW was simpler, it musta seemed a good way to convert big ugly URLs to nice click text. Pull the file, extract the TITLE, use that text. When good web sites used decent TITLEs in Euro characters, the only drawback was maybe a huge download (you request the whole HTML page even though you only want one line, usually but not invariably near the top).
The HTML file is held in forum software and TITLE extracted. So most ordinary malware will be ignored, or make the forum barf without infecting "us". True, this could be exploited with script in TITLE. Such script "could" then be rendered and maybe run in our browsers. The software this forum runs on is not *that* common, so is unlikely to be worth the script writing. But it could happen.
Yes, this does log as a "hit" which is "points" for some sites. Mostly bogus, since few of us here can read that site and be "valid hits" (understand, can click on ads, etc). I hate when sites earn free hits to run-up SEO. But it may only be the one hit when first posted, and the TITLE stored as message text.
vBulletin is pretty common. And version 3 is safer than version 4, which fell prey to the marketeers. But the various plugins are the real risk.
Anyhow, no site is really safe from a determined attacker. There's always something nobody reckoned with. It's just that this mechanism was unexpected, because I never thought about it.
Anyhow, no site is really safe from a determined attacker. There's always something nobody reckoned with. It's just that this mechanism was unexpected, because I never thought about it.
- Status
- This old topic is closed. If you want to reopen this topic, contact a moderator using the "Report Post" button.