So I refreshed my page about 10-15 minutes ago and was greeted with a white page and no content loading on Sup Forums. This is using Umatrix.
It showed 3 new domains trying to load content. When I white list them the site loads normally, but 20-30 minutes ago they weren't being used at all.
Decided to take a look and one isn't showing up as a registered address, the other 2 were registered just 2 weeks ago.
...
fucked up on the 3rd one. Here's the proper whois
What the fuck is he playing at now?!
>nsa3
Botnet confirmed
>Colorado
>Luxembourg
>Ukraine
Was about to make a thread as well, having the same issues
Two of the three new domains belong to some suspicious company based in Ukraine, the third one appears to belong to Google
The sites are being injected by 1st-party scripts and only on some pages (on the catalog they don't seem to be injected)
What's going on?
same thing here with ublock. This is really fucking weird. What the hell is going on? I'm not going to allow any of these sites, guess I'll browse the fucking broken white page until this gets fixed.
I came to Sup Forums just for this. The fuck?
Can confrim that same shit happens with noscript.
What is Hiro planning this time?
...
fix the fucking website
Also seems to depend on the board, /ck/ is only accessing two of them.
It is fixed, goy. The data harvesting scripts are working as intended.
Why would any of these new domains be required for Sup Forums to load properly? This doesn't make any sense. Is this another Ekansovi bullshit? Has anyone checked for behind the scenes and websockets doing anything suspicious?
Your information is being sold and you're being tracked.
What's new? Google did this with the captcha for years. Are you guys scared that some fucker in Ukraine and some other fucker in Colorado (aka the government) are tracking your shit now?
It's some proxy shit, found this discussion.
github.com
Apparently Sup Forums now serves a script which intentionally breaks the site/css if those random domains which just popped up are blocked. Those domains themselves are apparently used to inject ads or something like that, I only skimmed over everything.
I don't even know if I'll be able to post this shit either.
Well goodbye Sup Forums
Fucking gook moot
Block every script from boards.Sup Forums.org and s.4cdn.org to re-enable the basic css
It appears a fix was added for the specific sites that have been using this. So it shouldn't be more than a day or two for Sup Forums to be added to the fix.
Probly coin miners.
Nope, already monitoring CPU and GPU usage.
Unless it's mining at less than 2% of my CPU use.
kill yourself hiro
>"Very good Hiro. Very good. The money should be in your account momentarily. Now, we are ready to proceed to Stage 2."
>"Uhhh Stage 2 Mr Bill-san? You never mention Stage 2??"
>"We discussed this in detail Hiro. Now listen closely..."
>"Uuhhh yes Bill?"
>"...activate the hardware backdoor."
>*click*
Sup Forums x works fine with a.4cdn.org blocked
Sup Forums, /d/, /e/, /f/, /gif/, /h/, /hr/, /r/, /s/, /t/, /u/, /wg/, /i/, /ic/, /r9k/, /s4s/, /vip/, /hm/, /y/, /aco/, /hc/, /soc/, and /wsr/ are completely untouched. Wonder what the link between them is
It could very well be, judging by the domains I'd say this is not gookmoot's doing though.
I confirm that a thread in Sup Forums won't load properly without also connecting to amgload.net, piquiqproxy and smcheck too.
What's going on?
No problem here
Sup Forums no longer appears to be running
>smcheck.org
doesn't work now
What the fuck. For a second it just went back to normal, then I refreshed and it's broken again.
Other than being all red boards?
These are both spam and porn dump boards.
There's no information to sell from them.
Sup Forums has piracy shit like the nyapocalypse so companies from big studios to literal fakku want to fuck them.
Sup Forums has Sup Forums
Sup Forums has autists who keep finding shit like this.
/k/ has muh guns so everyone wants to track them anyways.
pol is red too
Now I have to block google.com as well or it'll load anyway
The fuck
That's what I thought, but Sup Forums was straight up dead
Yeah same problems here, was just looking for a thread to find out what the fuck was going on.
Why isn't there desktop software for Sup Forums so we can avoid this whole bullshit and just use the API?
Yup, hiroshimoot is up to something. For whatever reason, refreshing enough times makes it work without allowing those domains, but this is some shady shit. Has anyone had a look at the scripts loaded yet?
Haha I can't even load the catalog on Sup Forums too if umatrix blocked these buttnet domains
>it's true
mooooooooot
There seem to be at least 2 XHR POST requests to at least 2 of those new domains on each page (re)load. Can someone figure out what their payloads are supposed to be? They look like base64 but don't decode to anything meaningful.
Well, you can always be a phoneposter.
Yeah every couple of reloads, I only get piguiproxy and amgload but not smcheck and then the page loads properly without having any of them allowed. So I guess Smcheck is the one that's breaking the site display.
moot can't help he left a long time ago.
Now it's gookmoot the same guy who was part of a huge drama in japan about selling user data.
Now I want to see you anons cry about moot not being here anymore and everyone can only blame themselves for being assholes to him during that gamergate faggotry from Sup Forums and Sup Forums.
>wake up
>see all that shit on my umatrix
What the fuck hiroshimoot
Things work if you still do the same things on your umatrix, but god damn
Works fine for me with them blocked.
Maybe you're all just retards lmao.
moot had it coming, he went to work at fuckin google so you know he would have caved to user data shit anyway.
it's weirdly nondeterministic whether it will load or not. I haven't de-obfuscated this shit to get a good look at it yet though.
hiro has been mirroring posts made here onto a bunch of forums since he took over. he's a shady guy.
>Things work if you still do the same things on your umatrix, but god damn
What do you mean by that? Is there any way to get Sup Forums to display properly without allowing those sites?
Inline scripts check if XHR to those 3rd party domains are blocked. If they don't load, the scripts stops loading CSS etc. Could maybe be fixed by somehow fucking that script up. You do get proper .css by disabling scripts, but that disables whole lot of other useful shit
God fucking damn it hiro
Except when it weirdly doesn't, probly a bug.
This is the ublock origin script used when sites first started using this work around.
+! reddit.com
+kimcartoon.me##script:inject(abort-current-inline-script.js, document.createElement, jsc.mgid.com)
+kimcartoon.me##script:inject(abort-current-inline-script.js, MutationObserver, 676574456c656d656e747342795461674e616d65)
+
Could probably be made to work here too
It's definitely the smcheck url that breaks it. Every time that one is not loaded it is displaying correctly with the other 2 still being blocked.
Disabling these new thingies in uBlock broke everything for me. Tabs that I had open before now refuse to update.
complain here
twitter.com
Sup Forums.org/feedback
Sometimes I have to refresh to make the page load. That's about all that's going wrong with mine.
>complain
just hack around it
Fuck you Hiroshima.
...
I don't get that domain ast all. I've been refreshing constantly.
>last answer is 2 years ago
They check it, senpai.
People always say this, the dev/mod/whoever confirmed it is regularly checked.
>feedback
>last post dated 09/07/15
Yeah that's probably not gonna be useful.
Also I would think twitter.com/Sup Forums is a better bet than Hiro's personal one, though maybe it doesn't matter.
Oh shit. any wireshark on that shit? Googling both domain doesnt really generate any details.
Just unblock google to make gstatic appear, and then unblock gstatic image
Don't touch the rest since it's just gonna fuck with the load of the site
Is it just me or does the site load properly more frequently now whenever you refresh?
By the way, how is no other affected board talking about this? Do so few people use adblockers? I imagine the more people start noticing it the quicker it gets fixed. The Ekansovi shit from like half a year ago was there for almost a week if I remember correctly.
This is what I'm getting. I tried refreshing 5+ times but the site still won't load properly
APOLOGIZE
Is this anti-adblock?
>yfw you realise most of Sup Forums is phone posters
much worse
it's anti anti-tracking
Adding:
boards.Sup Forums.org##script:contains(/./)
to uBlock's filter list seems to improve things somewhat
Though it still randomly activates itself at times
Right now I can post with Sup Forums X like usual
I think everyone who cares just rushed here, to the tech support board.
There's no need to Wireshark it. You can see the POST requests done in your browser's console. They're base64 encoded strings sent to both the piguiq and the amgload domains, but decoding it doesn't give anything coherent. The inline scripts need to be deobfuscated and made sense of.
Explain to someone who doesn't know jack about any of this stuff
Blacklist the AIDS domains on your DNS server. I blacklisted this shit in PiHole and allowed XHR in uMatrix browser-side, this way Sup Forums works fine (with scripts) and whatever filth is hosted on those unknown domains stays away.
I assume most people, even on Sup Forums, don't run their own DNS server, even something as easy as PiHole, so a nice solution that's just browser-side would be sweet.
Also noticed this.
What is the sneaky jap up to?
What's with all the suspicious shit he is adding to the site?
it worked for me
Forgive my cross-boarding.
I came from Sup Forums to see what the fuss was about, the thread was deleted almost instantly.
Werks fine on NoScript
Use Adguards DNS servers
Basically you are gay
>By the way, how is no other affected board talking about this?
It just happened to me in the past couple of seconds, I imagine it's being rolled out as we speak.
I just realized that I use recursive dns; I should probably actually block ads with it
Was that obfuscated one liner always here?
The site is now injecting a shady inline script
The shady inline script injects scripts from shady domains
The scripts from the shady domains are doing god knows what and sending data to said shady domains
When you load up Sup Forums your browser is trying to connect to three new fishy domains. At this point we are unsure exactly what purpose they serve, but its almost guaranteed they are adhosting/analytics domains.
>doesn't block tracking
>it works
oh wow what a surprise
>how is no other affected board talking about this
it's offtopic so redditor mods delete it
so I quickly hacked together something to post again by copy pasting the css in the page source in a stylish script but it looks like I travelled back in time.
I do not like this one bit.
No, and it's what is injecting the other scripts that are breaking the site
is an attempt to block all inline scripts (including the one that starts the whole shebang)
If you block every domain, even Sup Forums.org then you can browse like it's 2006 again and that works fine. Kinda miss the new features though.
What the fuck is going on though. Is this it, is Sup Forums officially now sold to ad farmers in Russia and China?
I use noscript and the site was fucked up until i allowed this shady stuff.
Posting without script is hard.
I’ve done some digging and the g in amgload stands for google. Not sure about anything else but safe to assume other domains are google related too.
>but it looks like I travelled back in time
>using Pale Moon
checks out