Ad-jacking
#1
Hi guys,


I did a search and only found one post about this ad-jack. The site in question is traffic.adxprts.com. It seems that after two clicks on TPB this page opens a new instance of Firefox and closes my current instance of Firefox. Also, the page tries to redirect to protect-your-privacy.net.


The way it is working is something like this. I do a search and my search results appear. I click on one of the results and a page a new browser window open then closes. If I click on anything else, a new browser opens and the current one closes. In the bottom left corner is the traffic website. Then in the address bar appears the protect website. No page is open, just a blank page with an address on the bottom left.

   

Shorty this page will turn into the protect your privacy page.

   

Now what is not right about this is the lack of any controls. The only thing I can do is delete the page. Sure I can open a new page by the Firefox Icon, but nothing within this page. I can not even change the URL.

I have scanned my PC with many different scanners to see if I had something hiding but could find nothing. I have added both pages and IP address to Host Files and that did not help. I added both pages to AdBlock and it did nothing. I added both pages to NoScript and it sort of helped but not 100%.

So the final issue is I basically cannot use TPB past a few clicks. Beats me why an ad would completely remove the original page just to show ads. Defeats the purpose, yes?

Not sure if you can help figure out if in fact adxprts is doing things they shouldn't. I doubt you even have contact with them. I read some of your replies about ads and that makes a lot of sense.


Thanks
Reply
#2
NoScript does a pretty good job preventing this from happening.
Reply
#3
Yes, NoScript did help, but the blank page still showed up and the TPB page I had was closed. I am using a simple rule...

Site traffic.adxprts.com
Deny

Site protect-your-privacy.net
Deny

Is there anything that you think needs to be added to prevent the page from even appearing?

Thanks
Reply
#4
get a popup blocker(a good one) and add exosrv.com, exoclick.com, adxprtz.com, and adxprts.com to a block list (host file or router)
That's all you need
Problem solved

IE has one built in, turn it to high
poper blocker I hear works for firefox and chrome

PS, things like no script and other JS blockers may prevent you from commenting on torrents, among other things that require javascript
Reply
#5
Thank you, Keka_Umans. My guess is you have experienced the same thing. So far it appears to be fixed. But I have made and added so many tools that I do not know which one makes the difference. I will have to clear them all and start with one at a time to see.

Thanks again.
Reply
#6
(Nov 08, 2017, 10:52 am)OmnibusPrime5 Wrote: Thank you, Keka_Umans. My guess is you have experienced the same thing. So far it appears to be fixed. But I have made and added so many tools that I do not know which one makes the difference. I will have to clear them all and start with one at a time to see.

Thanks again.
No problem, and yes i have, many times in the past

I stopped using adblockers/script blockers years ago, some sites get blocked on my router(for my mobile devices)
The rest I do in the Windows host file.
Popup blocker that only allows white listed sites, that is a must these days

There is a good post on here I saw about host file blocking, i'll add it in when I find it
you'll have to google how to block sites in your specific router

Edit: https://pirates-forum.org/Thread-PIRATE-...#pid195783
I actually use Steven Black's host file myself and I have IE11's popupblocker set to "high: block all"
that's all I need, I just allow once, or always for sites I need to allow on
Reply
#7
So far I have determined that blocking through Host file alone is ineffective. Why I do not know, but my host file has the address for adxprts(z) and that page is still getting through. However, it is not closing my open browser session, so that is good.
Reply
#8
(Nov 08, 2017, 15:11 pm)OmnibusPrime5 Wrote: So far I have determined that blocking through Host file alone is ineffective. Why I do not know, but my host file has the address for adxprts(z) and that page is still getting through. However, it is not closing my open browser session, so that is good.
I might have those two in my router, I do use TPB on my phone to watch for new shows
coin-hive.com is definitely in my router so any site using them doesn't kill my phones *****U

But yeah, none of those will stop JS based popups (will stop some content loading in the frame), that's why you need a popup blocker as well
Host files only redirect the request to nowhere, they won't stop the request itself

Strict Popup Blocker is good for Firefox, it blocks anything short of a dialog box(message from website/alert/prompt)
You have to turn it off to select files on PC for some sites, it thinks it is a popup

Edit: traffic.adxprts.com and traffic.adxprtz.com are blocked in my router as is exoclick.com and exosrv.com
Reply
#9
I tried several popup blockers and found Popup Blocker (Strict) to be the better. I tested them on Popuptest.com.

Again, thanks for the help.

OK, I added them to my router but that is not working. I think because they are HTTPS sites. How did you get pass that part of the address? My router is loaded with DD-WRT and I can add the sites to the Restricted list. Maybe because I am using VPN so the router will not see the addresses. Hmmm...
Reply
#10
(Nov 08, 2017, 20:22 pm)OmnibusPrime5 Wrote: I tried several popup blockers and found Popup Blocker (Strict) to be the better. I tested them on Popuptest.com.

Again, thanks for the help.

OK, I added them to my router but that is not working. I think because they are HTTPS sites. How did you get pass that part of the address? My router is loaded with DD-WRT and I can add the sites to the Restricted list. Maybe because I am using VPN so the router will not see the addresses. Hmmm...
I'm not sure about your router, but with mine I don't use http(s) just domain.ext
just added exoclick.com and so on, so try that

VPN still goes through your router to get to the VPN server.
although, the return trip, (actually, both trips) should be encrypted, so your router will only see data, the VPN client decrypts it client side, so that might definitely be part of it.
My ISP seems to only care if I pay my bill, so I use no vpn

but try adding without http(s) see if that works, should be able to find the routers manual online
that will tell you for sure what format it expects for blocking sites
Reply




Users browsing this thread: 1 Guest(s)