Malicious Redirect / Fake Flash update
- 
				WhitneyReed
- Senior Member
- Posts: 131
- Joined: Sun Sep 28, 2014 4:00 pm
Malicious Redirect / Fake Flash update
When playing the daily for the first time today, after clicking the check box and before selecting a game variant I was automatically redirected to what *looked* like the Flash update page, but was actually from domain daetepurpleport.org and automatically tried to download a file from that site.  Unfortunately I don't know what triggered it, whether if it was from the video or a banner ad.   
(edited to add:)
I don't know if this will help, but these are the redirects that immediately preceded the malicious page:
http://gslbeacon.lijit.com/beacon?viewI ... 2214&v=1.2
http://gslbeacon.lijit.com/beacon?viewI ... 2214&v=1.2
This is the actual page:
https://daetepurpleport.org/45318161414 ... 50915.html
			
			
									
									
						(edited to add:)
I don't know if this will help, but these are the redirects that immediately preceded the malicious page:
http://gslbeacon.lijit.com/beacon?viewI ... 2214&v=1.2
http://gslbeacon.lijit.com/beacon?viewI ... 2214&v=1.2
This is the actual page:
https://daetepurpleport.org/45318161414 ... 50915.html
- 
				Webman
- Video Poker Master
- Posts: 5202
- Joined: Wed Jul 13, 2005 5:00 pm
Thanks for the info. We will pass this along to our ad networks so they can remove whichever ad is causing this. Good job looking at the URL instead of trusting the page. Only download updates for your computer or plugins directly through the manufacturer, not from popups or web redirects.
			
			
									
									
						- 
				WhitneyReed
- Senior Member
- Posts: 131
- Joined: Sun Sep 28, 2014 4:00 pm
Unfortunately this has been popping up again the last few days (about four times now).  This morning while playing the daily I was about to spin the bronze wheel when it popped up, throwing me out of the game and losing my spin.  Unfortunately I don't have any way of knowing what ad is triggering it.  The page that's coming up now is:
https://eishirecyclart.net/122181614142 ... 3cce4.html
			
			
									
									
						https://eishirecyclart.net/122181614142 ... 3cce4.html
- 
				Webman
- Video Poker Master
- Posts: 5202
- Joined: Wed Jul 13, 2005 5:00 pm
Yuck. What web browser are you using?
			
			
									
									
						- 
				WhitneyReed
- Senior Member
- Posts: 131
- Joined: Sun Sep 28, 2014 4:00 pm
  Yuck. What web browser are you using?
 
I'm using the the latest IE 11 on windows 10
			
			
									
									
						I'm using the the latest IE 11 on windows 10
- 
				WhitneyReed
- Senior Member
- Posts: 131
- Joined: Sun Sep 28, 2014 4:00 pm
Happened again today, this time in the middle of the weekly.  This time it was a different host:
https://poojogaspadine.net/828181614142 ... c7193.html
If there's anything I can do, let me know!
			
			
									
									
						https://poojogaspadine.net/828181614142 ... c7193.html
If there's anything I can do, let me know!
- 
				Webman
- Video Poker Master
- Posts: 5202
- Joined: Wed Jul 13, 2005 5:00 pm
Let me know if this happens again. I think a recent change will help.
			
			
									
									
						- 
				Kap L
- Forum Rookie
- Posts: 27
- Joined: Sun Jan 12, 2014 9:42 pm
As I also replied to the other post about malicious site, the same thing happened to me several times this evening, on both the daily and the weekly. It's also happened a few other times this week. I'm using Safari on a Mac.
			
			
									
									
						- 
				Tedlark
- Video Poker Master
- Posts: 8728
- Joined: Mon Oct 02, 2006 12:29 am
  I must be living under a lucky star, I dont seem to have these issues when I play here on this site.
			
			
									
									
						- 
				WhitneyReed
- Senior Member
- Posts: 131
- Joined: Sun Sep 28, 2014 4:00 pm
Unfortunately I just had another incident during the monthly today.  I was playing on Chrome this time and McAfee caught the redirect, but I was knocked out of the game.  McAfee brought up a warning screen and I didn't click to accept the site so I don't know if it was another flash thing or not.  Here is the URL, I hope it helps:
http://engine.spotsce​nered.info/Redi ... d=3​0262
[Edit:]
Just happened a second time. This is what history shows:
https://dnshost.me/in/0174615323602/?ads=wy0z4b6cj8
			
			
									
									
						http://engine.spotsce​nered.info/Redi ... d=3​0262
[Edit:]
Just happened a second time. This is what history shows:
https://dnshost.me/in/0174615323602/?ads=wy0z4b6cj8



 
                         
                         
                         
                         
                         
                         
                         
                         
                         
                         
                         
                        





 Gold Exclusive
 Gold Exclusive My Favorites
 My Favorites 
                         
                         
                         
                         
                         
                         
                         
                         
                         
                         
                         
                        

 
                           
                           
                          














 
                       
                       
                      
                       
                       
                
               
			