Fighting Malicious Ads on Download Pages
-
In Poland, one ad loaded with the slogan “download” the driver update programme (Eset blocks opening as PUA).
The other two ads look like clickbait/are of poor quality.
Malicious links removed
As I don’t want some kind of DDoS attack, I’ve cut the
doubleclick.netparameters. -
@krystian3w
I cannot reach to destination domain (to be banned) without full link.
Could you send them to me via my email “don.h@free.fr” ? -
I have yet to visit a Notepad++ download page (with ad blocker off) that doesn’t show malicious ads. I don’t think the attempt to block them is working. Apparently there is an endless supply of them.
Malicious link removedBy the way, since the introduction of the “Advertising” label, what I see is this:
(page down)
and the real download link after the second page down. (If I make my browser window wide enough, the normal configuration returns, but this is how I normally have it, and it’s comfortable on most web sites.)
-
@Coises said in Fighting Malicious Ads on Download Pages:
I have yet to visit a Notepad++ download page (with ad blocker off) that doesn’t show malicious ads. I don’t think the attempt to block them is working. Apparently there is an endless supply of them.
Sorry I don’t have the time yet to contact adsense for this issue.
The following ads domaine has been blocked:
https://ff.sitesearchweb.com/I don’t think the block list does not work.
Additionally I just block the 2 following:
https://ff.sitesearchweb.com/offer
https://www.sitesearchweb.com/Could you try again by removing all cache to see if it work?
and the real download link after the second page down. (If I make my browser window wide enough, the normal configuration returns, but this is how I normally have it, and it’s comfortable on most web sites.)
It’s due to the theme used is conformed to responsive criteria - for that I can do nothing.
-
@donho said in Fighting Malicious Ads on Download Pages:
Could you try again by removing all cache to see if it work?
Sure. Now it looks like this (scale shrunk to fit):
Malicious link removedI don’t think the block list does not work.
I have no reason to think that it doesn’t block what you enter. What I meant was that it’s not accomplishing much, since it seems like no matter how many bad ads you block, there are always more to take their place. It seems like this is making a lot of work for you, but the whole nature of the advertising system is just undermining your efforts. (No complaint or criticism towards you, just disgust for the whole ad-supported nightmare that is the modern web.)
It’s due to the theme used is conformed to responsive criteria - for that I can do nothing.
Understood. I probably use a bit narrower browser window than most people.
-
Sure. Now it looks like this (scale shrunk to fit):
Cool ! it seems the blocking is working - thanks to block
https://ff.sitesearchweb.com/offer.
It’s tricky. Typinghttps://ff.sitesearchweb.com/will redirect tohttps://www.sitesearchweb.com/so I realizehttps://ff.sitesearchweb.com/is not a real domain. And the main part of the link you provide ishttps://ff.sitesearchweb.com/offer(after stripping the parameters) so blocking it make work.I will remove
https://ff.sitesearchweb.com/from the list because 349 blocages restants (limite de 500) - please let me know if these ads returns back, then I’ll add it again into the list.The 3 domains that you provided has been blocked:
scamSite: get.wavebrowserpro.com scamSite: productivityboost.net scamSite: photoeditor.netPlease let me know if you see others.
-
I have no reason to think that it doesn’t block what you enter. What I meant was that it’s not accomplishing much, since it seems like no matter how many bad ads you block, there are always more to take their place. It seems like this is making a lot of work for you, but the whole nature of the advertising system is just undermining your efforts. (No complaint or criticism towards you, just disgust for the whole ad-supported nightmare that is the modern web.)
I do what I can do.
Though a lot of them are missleading, not all of ad destinations are “malicious” - here’s an example:
The link of “Download the White Paper” is:
https://more.suse.com/Security_controls_for_the_OWASP_Kubernetes_Top_10.html?utm_source=google&utm_medium=display&utm_campaign=5_0004280_OA_Google_NeuVector_OWASP_Whitepaper_mp_2024737_en&utm_term=NeuVector_Prime&qgad=749273370457&gad_source=5&gad_campaignid=22495509070&gclid=EAIaIQobChMIq7mXqOCgjgMV3Yd_BB0V5DQqEAEYASAAEgJecfD_BwEwhich leads to
https://more.suse.com/- a section ofsuse.comwebsite.
It’s not the first time I’ve seen this - I have also blocked Microsoft & Google chrome.I don’t think these prestigious companies are aware that they are running the misleading ads. The real issue, I suspect, is that the marketing departments within these companies work with ad agences that view the traffic as an efficient way to boost superficial performance metrics and revenues.
OTOH, back to 2013, in Oracle Java download from their website, it contained even the crapeware:
https://www.facebook.com/Notepad.plus.plus/photos/pb.100057220819766.-2207520000/569194946466175/?type=3
And Adobe did the same thing:
https://www.facebook.com/Notepad.plus.plus/photos/pb.100057220819766.-2207520000/948957855156547/?type=3The both cases above, it’s really too huge that I don’t see how they can be innoncent.
-
Malicious link removedMalicious link removed
-
@Fitsneezy
Bothconvertfile.ai&gamesuniverse.coare blocked.
Thank you. -
Still showing misleading download links:
Malicious link removedvia
Malicious link removed -
Instead of posting the actual links here – so that this forum becomes a honeypot for every webscraper and gets all these malicious downloads higher in search-engine rankings – could I suggest that people just email Don at the email address he’s already published in this discussion?
-
@Steve-Bonds
Blocked, thank you.@PeterJones
Sorry about the pollution with these scam links. I modified the 1st announce and I’ve removed some malicious links in this thread. Feel free to remove the rest if you judge necessary.
