Closed HLFH closed 8 years ago
These ads should be taken care of with ||pubdirecte.com^
by Peter Lowe’s Ad server list. Make sure the list is enabled and updated.
Thanks but I still get these ads on the HTTP URL: http://www.t411.in/. And I already have Peter Lowe’s Ad server list
Can you post the contents from the logger? Also the operating system, browser version and any settings that differ from the defaults, as per CONTRIBUTING.md?
OS: Microsoft Windows 10 Professionnel OS Build: 10.0.10240 Chrome version : 46.0.2490.86 m (64-bit) Extensions: Clearly, ColorZilla, CouchPotato, Evernote Web Clipper, Fontface Ninja, Google Cast, HTTP/2 and SPDY indicator, Quick Javascript Switcher, uBlock Origin, wallabag. uBlock Origin version: v1.3.3 uBlock settings: default
And the contents from the logger:
16:36:13 image http://www.t411.in/images/default.png 16:35:32 image http://www.t411.in/images/default.png 16:35:31 xhr http://cdn.myskyspire.com/bandito.php?p=6053&z=273&f=1&j=2&t=yxkqo 16:35:31 xhr http://cdn.myskyspire.com/bandito.php?p=6053&z=271&f=1&j=6&t=oakac 16:35:31 xhr http://cdn.myskyspire.com/bandito.php?p=6053&z=269&f=1&j=6&t=vn7uv 16:35:31 xhr http://cdn.myskyspire.com/bandito.php?p=6053&z=267&f=1&j=6&t=92jtt 16:35:31 image http://www.t411.in/themes/blue/css/images/pbar-ani-orange.gif 16:35:31 image http://www.t411.in/themes/blue/css/images/ui-bg_inset-hard_100_fcfdfd_1x100.png 16:35:31 image http://www.t411.in/themes/blue/images/menuBtn-bg.png 16:35:31 image http://www.t411.in/themes/blue/css/overlay/white.png 16:35:31 image http://www.t411.in/themes/blue/images/footer-bg.png 16:35:31 image http://www.t411.in/themes/blue/images/sub-menu-bg.png 16:35:31 image http://www.t411.in/themes/blue/images/login-bar-right-bg.png 16:35:31 image http://www.t411.in/themes/blue/images/icon-chat.png 16:35:31 image http://www.t411.in/themes/blue/images/icon-arrow-square.png 16:35:31 image http://www.t411.in/themes/blue/images/header-bg-fx.png 16:35:31 image http://www.t411.in/themes/blue/images/header-bg.png 16:35:31 image http://www.t411.in/themes/blue/images/login-bar-bg.png 16:35:31 image http://www.t411.in/themes/blue/images/search-history.png 16:35:31 image http://www.t411.in/themes/blue/images/search-btn.png 16:35:31 image http://www.t411.in/themes/blue/images/search-bg.png 16:35:31 image http://www.t411.in/themes/blue/images/logo.png 16:35:31 image http://www.t411.in/themes/blue/images/lodin-btn.png 16:35:31 image http://www.t411.in/themes/blue/images/border-top.png 16:35:31 script http://cdn.myskyspire.com/dispr.js 16:35:31 ||pubdirecte.com^ -- script http://www.pubdirecte.com/script/pop.php?id=21819&ref=9710 16:35:31 ||pubdirecte.com^ -- script http://www.pubdirecte.com/script/banniere.php?id=20761&ref=9710 16:35:31 ||pubdirecte.com^ -- script http://www.pubdirecte.com/script/banniere.php?id=36995&ref=9710 16:35:31 image http://irc.t411.in/screens/smodo/image1117124600.jpg 16:35:31 image http://irc.t411.in/screens/smodo/image1121140802.jpg 16:35:31 image http://irc.t411.in/screens/smodo/image1203122743.jpg 16:35:31 ||pubdirecte.com^ -- script http://www.pubdirecte.com/script/banniere.php?id=18983&ref=9710 16:35:31 ||pubdirecte.com^ -- script http://www.pubdirecte.com/script/banniere.php?id=18982&ref=9710 16:35:31 ||google-analytics.com^ -- script http://www.google-analytics.com/ga.js 16:35:31 image http://irc.t411.in/screens/smodo/image1117124600.jpg 16:35:31 image http://irc.t411.in/screens/smodo/image1121140802.jpg 16:35:31 script http://cdn.myskyspire.com/disd.php?idsite=6053&idzone=267[3] 16:35:31 ||adnetworkperformance.com^ -- script http://www.adnetworkperformance.com/a/display.php?r=443609 16:35:31 script http://www.t411.in/js/jquery/jquery.tagcanvas.min.js 16:35:31 image http://irc.t411.in/screens/smodo/image1203122743.jpg 16:35:31 ||onclickads.net^ -- script http://onclickads.net/apu.php?zoneid=15029 16:35:31 css http://www.t411.in/themes/blue/css/jbox.css 16:35:31 script http://www.t411.in/themes/blue/js/jbox.js 16:35:31 script http://www.t411.in/themes/blue/js/theme.min.js?v=6 16:35:31 script http://www.t411.in/js/messages.js 16:35:31 script http://www.t411.in/js/jquery/jquery.tools.min.js 16:35:31 script http://www.t411.in/js/jquery/jquery.lavalamp.js 16:35:31 script http://www.t411.in/js/jquery/jquery.easing.js 16:35:31 script http://www.t411.in/js/jquery/jquery.cookie.js 16:35:31 script https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js 16:35:31 script http://www.t411.in/js/jquery/jquery-1.7.js 16:35:31 css http://www.t411.in/themes/blue/css/styles.min.css?v=9 16:35:31 css http://www.t411.in/themes/blue/css/jquery-ui.css 16:35:31 inline-script http://www.t411.in/ 16:35:31 doc http://www.t411.in/
It seems that it's related to cdn.myskyspire.com... And it is specialized against adblockers apparently. Click on http://cdn.myskyspire.com/ to see the evil. :)
And it's related to this issue: https://github.com/gorhill/uBlock/issues/275 ; the guy behind this ad technology that counteracts uBlock Origin & Co is Yann B. D. and Goyave Lab. @gorhill Do we have a permanent fix?
You fail to provide the most basic details.
Unable to reproduce:
Will reopen once the issue comply with CONTRIBUTING and the case is made this is a uBO issue, not a 3rd-party filter list issue.
Ok sorry I see you provided details later on.
I still can't reproduce. Try:
If it has ads:
@gorhill I'm sure that T411 & Goyave Lab are not targeting every users right now, because T411.in is testing it since one week. I believe they target only a part of their userbase, including me.
Could I do a PR? It's like jeu.info commit.
Force a refresh of uBO's filter lists (purge all cache, update now).
I already did.
Reload the page in a new tab, see if it has ads.
i already did.
Disable all extensions, except uBO.
I already did. I still get the ad issue.
The only thing to do is submit a PR with
t411.in###page [class^="banniere-"]
||t411.in^$inline-script
And after, it's clean.
My logger is reporting the same exact resources blocked as yours. So you have to rule out one of your extensions is pulling then injecting the ads.
@gorhill No. I disabled every extension excepted uBlock Origin. T411.in is now testing an anti-adblocker technology, and because it's the testing period, I believe they don't target people outside of their authentic user base, like you or @publicarray. In fact, people in the t411.in chat have seen that on http://www.t411.in (not the HTTPS URL, the HTTP one), they are getting ads even if they have an adblocker enabled.
they don't target people outside of their authentic user base
So they are showing ads only if you log in?
@gorhill No. Even if I'm not logged in. So maybe they have a database of IP addresses of their real user base or they are targeting by location (France, Québec, etc.). I don't know but you could be sure that it's a real issue.
The site funds itself using donations. I am very skeptical about these ads. Bottom-line is that I am not going to pull a fix for an issue which I do not experience 1st-hand. I am just unable to get the ads you have in our screenshot. I will wait for more reports about this, I will have to reproduce this on my side before everything else.
Could it be your ISP? Try the encrypted connection instead: https://www.t411.in/
.
I just used AdwCleaner and FYI, I still get the issue. My ISP is SFR and it can't be my ISP, they are doing their job right. I know who is Goyave Lab and that it's their Phoenix anti-adblocker technology that is doing that. I understand that you are skeptical.
These are some screenshots to explain: A. When I'm using HTTPS, because http://cdn.myskyspire.com/ is mixed content, it isn't loaded.
B. But I could load the mixed content http://cdn.myskyspire.com/ if I want...
C. And I'm getting the ads from Goyave Lab and their T411.in partner.
D. T411.in is optimized for HTTP (no HTTPS redirect for example), not a lot of users are using the HTTPS URL. And using https://www.t411.in instead of http://www.t411.in would be a workaround not a permanent fix.
I do not get the ads with the non-encrypted connection -- with the "script"[1] from http://cdn.myskyspire.com/disd.php?idsite=6053&idzone=267[3]
being loaded. So far, the ISP hypothesis is very plausible:
http
.https
.http
or https
.[1] In quotes, because the content of the script is just this: 0ca
.
So please click on http://cdn.myskyspire.com/.
They say:
We are an ad network specialized in adblocked inventory,
No, it can't be my ISP. IMHO, it's Goyave Lab.
Adding ||t411.in^$inline-script is solving this issue. I no longer see ads with either http
or https
.
I also get ads with https if I enable/load mixed content.
Ok I get it. For me to figure the best solution I really need to find a way to reproduce on my side.
Ok I understand. Have a nice day.
What is the content of the http://cdn.myskyspire.com/disd.php?idsite=6053&idzone=267[3]
resource on your side? Mine contains nonsense, which cause javascript execution to throw.
For me, the source code of the http://cdn.myskyspire.com/disd.php?idsite=6053&idzone=267[3]
URL is:
document.write('<script type="text/javascript">var check = ".vtt"; var change = [".vtt",".bmx",".cbr",".ktm"];var css = ""; var height = ["90","600","600","0"]; var zone = "267[3]"; var zones = ["267","269","271","273"]; var type = ["6","6","6","2"]; var website = "6053"; var ip = "x.x.x.x"; var country = "75"; var blockstats = "http://cdn.myskyspire.com/53.php"; var ul = "http://cdn.myskyspire.com/";var t = "1";var tomy = "1";</script><script type="text/javascript" src="http://cdn.myskyspire.com/dispr.js"></script>');
I renamed my IP in var ip
to x.x.x.x
And what I see printed in the browser is only: document.write('');
Is that the same for you?
And blocking all of cdn.myskyspire.com
does not work? On my side it seems only ajax.googleapis.com
3rd-party is necessary for the page to work fine.
@gorhill Hum. You're right. Blocking all of cdn.myskyspire.com
seems to work! Thanks!! So, we just have to add it.
http://cdn.myskyspire.com/disd.php?idsite=6053&idzone=267[3]
Here it loads '0ro' which very well could mean 0=don't load ro=country code
Thanks @arthurtiteica
And 0ca
for @gorhill seems to be:
0=don't load
ca=Canada country code
So yes, T411.in and Goyave Lab are apparently distributing specific ads only to French users for a French website...
It occurred to me I could try with the Tor browser to get routes until the end point is in France. I did so and I was able to get the ads eventually. Anyway, I will let you report to EasyList the filter above, the simplest solution is always the preferred one.
already blocked on liste FR !
|http://*/bandito.php?$domain=t411.in
|http://*/clip.php?$popup,domain=t411.in
|http://*/disd.php?$domain=t411.in
@SMed79 You're right, it's now blocked on EasyList FR.
@HLFH >> blocked 20 hours ago / your issue is old 9 hours ago !
T411 issue on Liste FR forum > https://forums.lanik.us/viewtopic.php?f=91&t=26869
Thanks! Med
I just wanted to add that I am from Australia and that I did not get http://cdn.myskyspire.com/disd.php?idsite=6053&idzone=267[3]
in my logger instead I have http://cdn.bigour.net/disd.php?idsite=6053&idzone=267[3]
(both returning 0au
)
Hi,
On http://www.t411.in torrent tracker, it seems that ads are not blocked natively by uBlock Origin. Is there any reason to that? Could we fix it permanently (not a workaround...)?
Thanks in advance, HLFH