I just noticed Sup Forums pages starting to grab XML requests from this site
First time I see that, doesn't seem to happen in any other page I visit, only Sup Forums. It wasn't (and isn't) on trash yet, but it sure is on Sup Forums, Sup Forums and /vg/.
Is this hiroshima doing?
I just noticed Sup Forums pages starting to grab XML requests from this site
OP isnt a fag
Glad it's not only on me, but what is it really? Google results aren't helping much, and I'm still concerned
its on Sup Forums too
but not /gif/ lel
Updated Date: 2017-01-16T15:21:16Z
Creation Date: 2017-01-16T15:21:16Z
hmmmmm
It's not on /ic/ or /i/ either
Probably something to do with the Jews
It's fine for me
So it's a blue-board only thing, with the exception of Sup Forums
Doesn't look like an advertiser, and "ivosnake" isn't quite the trustworthy name
>XML request
"In the early development of the World Wide Web, it was found possible to breach users' security by the use of JavaScript to exchange information from one web site with that from another less reputable one. All modern browsers therefore implement a same origin policy that prevents many such attacks, such as cross-site scripting. XMLHttpRequest data is subject to this security policy, but sometimes web developers want to intentionally circumvent its restrictions. This is sometimes due to the legitimate use of subdomains as, for example, making an XMLHttpRequest from a page created by foo.example.com for information from bar.example.com will normally fail."
Sup Forums IS BEING WATCHED, RUUUUUUUUUUUUUUUUUUUUUUUUN!
>Sup Forums IS BEING WATCHED
By the Crazy Ivans, no less.
Just went through everything and here are the only boards that have it
g
k
m
o
p
v
vg
vr
w
vip
cm
pol
tv
Cross site request are cancer and you should already be blocking this shit
So it's a faggot that likes different kinds of tech shit.
>Cross site request are cancer and you should already be blocking this shit
I'm lazy!
Probably not on a blue board, since there's no ads
I thought it may be a scrip-related issue, but even loading up without scripts the requests are still there. It's definitely Sup Forums.
you're missing sp and jp. This is a blue board thing that has to do with ads, and none of the yotsuba boards are affected, like gif, d, ic, i, aco
I feel like it's a portmanteau of snake backwards and the obvious sovi. I wonder if it's related to the fact that invisibro is working for Jared Kushner.
>This is a blue board thing that has to do with ads
Think it's another one of those "malicious ads fuck Sup Forums over" episodes?
>sp and jp
Not seeing it on either board here
uBlock origin shows it as a websocket. Put this in your filter.
||ekansovi.com$domain=Sup Forums.org
That's weird, because it's there for me
I'm not interested in how to block it desu, umatrix already got that done
I'm interested in knowing what it actually is doing, but I don't have a browser sandbox to fry for this
gist.github.com
This is dodgy as fuck.
>if they're an evil racist alt righter neo nazi force them to connect to us with a unique identifier
>ekans
>the poison snake pokemon
>I'v o snake
>I owe snakes
>I am indebted to poisonous snakes
window.document.location.href.indexOf("boards.Sup Forums.org/pol1aa/")
what did they mean by this?
SHEEEEEIIIIIITTTTTTT
the fuck does this mean. Still not on Sup Forums for me. Maybe tied to certain ads?
>ovi means egg
>ekans egg
So some /d/tard
>links to 1x1 pixel gifs
Fucking tracking shit
I've been wondering what the hell it was too, must be the NSA.
localstorage was a mistake
Bump.
just blocked it in uBlock thanks for the heads up
im not seeing it in my umatrix
do you see doubleclick?
If you don't, you're probably not on a blue board and you're not getting served ads
i can see doubleclick
this is on Sup Forums
im using ublock origin too if thats why
what the fuck is going on here
eh, it is possible
if you can, open the logger, refresh the page and see if it is blocked in there
if it isn't, what country are you from?
inb4 this thread magically disappears
thx mods
Not whom you're replying to, but I can't see it in the log either. Austria.
checked both umatrix and ublock logs, no mention of the domain
im in the uk
I see them and I'm in Italy
Can you guys see if you have cookies from the domain in your storage?
Like your dad?
Nothing. But I set my browser to block all 3rd party cookies.
PAY DENBTS MARIO
ah, there it is
a cookie with some kind of uid
No one cares
Sage goes in all fields
CIA nigger spotted
interesting
i don't actually see the domain in noscript or umatrix though
>CLOUDFLARE IS SPYWARE
kondisave.ag
evasionk.be
ivasenko.biz
kondisave.biz
nicksoave.ca
novakies.ch
aoknives.cn
aboveskin.com
aiksbevon.com
akioevans.com
aksivendo.com
aoknives.com
askocenvi.com
avdienkos.com
avionske.com
avonbikes.com
benisakov.com
bokavisen.com
bosinveka.com
bovineska.com
casinokev.com
danikoves.com
davesinko.com
denisakov.com
ekaenvios.com
eniskovac.com
enokidasv.com
eskinova.com
evandosik.com
evanisko.com
evanoski.com
evansiok.com
evasion2k.com
iaksenov.com
ianvoakes.com
iksenova.com
inovadesk.com
isaenkov.com
ivascenko.com
ivasenko.com
kainos-ev.com
kanvideos.com
kanvoices.com
kasieavon.com
It's just a targeted marketing company tracking redirects to other websites from particular boards.
Mostly to filter trolls from the chat and/or discussion sections.
It's not worth discussing because it's obvious what it's meant for: keeping Sup Forums in Sup Forums
>CLOUDFLARE IS SPYWARE
keaviones.com
keenaviso.com
kenodavis.com
kenovias.com
kenovisa.com
keondavis.com
kesinova.com
kevasion.com
kevcasino.com
kevindaos.com
kevinsabo.com
kevinsao.com
kivonesa.com
knasvideo.com
koendavis.com
koinsave.com
konadives.com
konavibes.com
kondisave.com
konevisa.com
kosinevac.com
kseniavo.com
navisocke.com
nedisakov.com
nevadoski.com
nicksoave.com
nkavideos.com
nokiadevs.com
novabikes.com
oinksave.com
okavines.com
okeanvisa.com
osakenavi.com
sakevino.com
sankvideo.com
saveinok.com
savekoin.com
savenokia.com
saveoink.com
seikovan.com
sevanokai.com
skanvideo.com
skinabove.com
skinevado.com
snakvideo.com
socknaive.com
svainokea.com
svanekoia.com
vakciones.com
vanoeski.com
vasekino.com
wew hiro finally did it again, the absolute madman
SPYWARE
vinocakes.com
vinokase.com
vinoscake.com
viosenka.com
beniskova.cz
kondisave.de
von-seika.de
novabikes.dk
vaskeinfo.dk
bosinveka.eu
kondisave.eu
denisovka.info
enovickas.info
ivasenko.info
kevasion.info
konavibes.info
kondisave.info
ksvainoce.info
novabikes.it
denisovka.kz
aoknives.net
evanisko.net
ivasenko.net
konavibes.net
kondisave.net
vasekino.net
viaosken.net
bosinveka.nl
novabikes.nl
bokavisen.no
kinosave.org
konavibes.org
kondisave.org
voeasekni.org
ivasenko.pro
aksenov-i.ru
denisovka.ru
eivasenko.ru
esadovnik.ru
fisenkova.ru
iaksenov.ru
isaenkov.ru
isaenkova.ru
ivasenko.ru
kadenisov.ru
kinosave.ru
okeanvisa.ru
oki-vesna.ru
savekino.ru
videoskan.ru
vse-nokia.ru
vsenokia.ru
isaenkov.su
evanoski.top
seonkiva.blogspot.com
evanoski.gmail.com
isaenkov.iamroot.ru
saveonkia.co.uk
kasvideno.cc.vg
>tracking redirects
then why does it have to use localstorage?
This is shaping up to be some mobile-side adawre shit
So If I have it blocked, which uMatrix does by default, it should be harmless?
Isn't it obvious? Most of these retarded alt-right Sup Forums goers are too dumb to clear their cookies, making it easier to track their behaviors and unmask their anonymity even if they use a VPN or proxy. It's a persistent cookie for this reason.
Again, not worth discussing. Sage.
>tracking is okay if we do it to the people we don't like
haha wait until it sinks in that trump has control of the NSA
except it's not just on Sup Forums
if it's a third party tracking, none of the information go back to hiroshima, especially if it's cloudflare covert tracking
if it was just Sup Forums i'd be extremely concerned, but it's basically all blue board, and looking at it seem Sup Forums wasn't even intended to be tracked in the first place
He doesn't. This tracking isn't even ordered by the US government, but funded by a group of NGOs and corporations (mostly media companies which I shall not name).
Shared userbase. Also, Sup Forums and some other boards have done raid-lke activities on other sites before. This is to prevent the bad elements of Sup Forums from spilling out ever again. It is for the good of the internet. Sage.
>but funded by a group of NGOs and corporations (mostly media companies which I shall not name).
lol okay
>This is to prevent the bad elements of Sup Forums from spilling out ever again.
when did you arrive here, 2014?
>meanwhile, Sup Forums is not being tracked
wew lad, if you spin it any stronger it'll just fucking break
Interesting. are all of your filters for individual elements? why don't you just mass accept 4cdn.org and then block the cookies, frames and other, that way if new things are added then the site would still work.
DUDE I warned you about gook moot bro
i dont like the idea its still saving shit in my local storage. but killing all inline JS ruins Sup Forums
Is there any interest if I hosted my own Sup Forums proxy? It would look/behave exactly like Sup Forums but it would tell your client to fetch the json/media from 4chans server. I'd literally be a skeleton. No tracking scripts, nothing. Not even ads.
This is not new apparently:
go back there
All of these started appearing just days after J-list cancelled their sponsorship.
In my defense, outside the happenings thread i dont use /qa/ at all.
die retard
Why do you even have local storage enabled? firefox runs fine without it, if you're on chrome then you're fucked
>I just noticed Sup Forums pages starting to grab XML requests from this site
>XML
what do you think the X in XHR stands for?
xenomorph
What's the difference between 1st-party and Sup Forums.org in the Sup Forums.org scope?
eXtremely High Resolution
1-st party is generic for all 1st party sties you visit, Sup Forums.org is specific to Sup Forums.org
XMLHttpRequests
Yeah but we're in the Sup Forums.org scope, so what's the difference between -- assuming we have 1st-party blocked in the global scope -- enabling 1st-party vs Sup Forums.org in the Sup Forums.org scope?
What the fuck is 1st-party?
It's the default for every site you visit, but still reflects domain-specific allowed/forbidden content you set up for the domain, if any
the default is all css and image are allowed, all domains are blocked, all frames are blocked, 1st party frames are allowed. Then specific to domain, Sup Forums.org is forbidden from using cookies and boards.Sup Forums.org is forbidden from loading other stuff. doubleclick is in the umatrix blacklist by default i think
If I wanted to let 1st party not load media, I could disabled it for 1st party, and all sites I visit would be disallowed from loading media type streams and files. If I wanted to do the same, but only for Sup Forums, I'd disable it on the scope
I blame moot.
Wouldn't have the "Block third party cookies and site data" option be enough in chrome?
Nope.
afaik all that does is discard cookies at the end of the session and redirect all third party localstorage calls to sessionstorage, and only if that is not possible would it block it
HOW DO I BLOCK THIS I ONLY HAVE UBLOCK ORIGIN
see I would still recommend you get umatrix
Remember to delete it too once you block it.
>deleting it
Just clearing the cache?
If you are using chrome
Settings>Content Settings>All cookies and site data>Search it>Delete
Thankyou user, you're a life saver.
So basically I think they're stalking Sup Forumsshitters, hackers/doxxers and pedos.
So, you're telling me they're jews making a list for future assassinations?
Good to know.
Well look at the tracked boards:
>Sup Forums
>/r9k/
>/pol1aa/
The boards that spend the most time shitting up other boards, being a general nuisance and doing illegal things. (Although clearly Sup Forums has either been mispelled or something)
>/bant/
New honeypot for Sup Forums shitposters.
>/soc/
>/s4s/
>/r/
>/aco/
>/gif/
>/t/
>/e/
>/u/
>/hm/
>/y/
etc
Probably fishing for CP
>/hr/
Probably fishing for CP other than that one Star Wars cross section thread.
those are exclusion, which is why it appears on Sup Forums, but not on /bant/.
All those boards you see in the github file are excluded from this, the same goes for ads it seems
I have no idea why /pol1aa/ is even there, it's not an unlisted or secret board, maybe they didn't want to be active on Sup Forums but someone fucked up?
You are right when I visit boards not on the list it attempts to connect to the domain via umatrix. If I was to reverse that assumption perhaps it is new advertising.
come on Sup Forums, you can't be serious
it still uses localstoarge and opens websockets to transmit images
>keep until they expire
S E S S I O N
doesnt self destructing cookies fix this?
||ekansovi.com$important
boards.Sup Forums.org##script:contains(window.upManager)
test
Apparently the captcha wasn't bad enough. Absolutely disgusting.
>noscript
what?
i see it in ublock too
lel this shit has been here for over a month and you faggots just found out?
anyone who has websockets enabled and allows 3rd party XHR deserves it anyways
Here's the inline script that calls for ekansovi.com[/com], gist.github.com
Some autist is having a lot of fun with this it seems.
obfuscated javascript should be fucking illegal