2. Games
    Featured games
    More games+
  3. Login
    Login

    Reset password

    Facebook login Google login
  4. Register
  5. Support
    Forum more Get in contact with other users and admins
    FAQ more Browse through a list of common questions.
    Ticket system more Ask our support staff for help.
    Rules more All rules concerning the moonID portal and boards can be found here.
  6. 17:12:24
    17:12:24 Server time
    17:12:24 Local time
  7. en
    Change language

moonID.net - Please discuss stuff about moonID hereBug reports → MALVERTISING ON MG INT3

jbcoops
avatar
Posted Sept. 24, 2023, 8:25 p.m.

When I login to INT 3 Malwarebytes pops up with info that there's Malvertising there, but I can continue because they've blocked it. Here is their report:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 9/22/23
Protection Event Time: 6:17 PM
Log File: 02f9d53a-59af-11ee-96af-1866da2a20d0.json

-Software Information-
Version: 4.6.1.280
Components Version: 1.0.2117
Update Package Version: 1.0.75571
License: Premium

-System Information-
OS: Windows 10 (Build 19044.3086)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: Malvertising
Domain: cdn28786515.ahacdn.me
IP Address: 45.133.44.53
Port: 443
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

(end)

Since I use AdBlocker Ultimate I see very few ads, but think MoonID should know that something nefarious might be going on on MG Int 3.

Show comments (2)
Patti CRATR.games
avatar
Posted Sept. 25, 2023, 4:15 p.m.

Hello,

Unfortunately, the report doesn't say anything except that there seems to be something wrong with malwarebytes.com and firefox.exe.
Apparently, as is well known, the program is throwing false positives again
The real log file would certainly be more interesting, but as I said, it certainly seems to be a file positive, which is unfortunately often known since we don't display third-party advertising :)
aszlig CRATR.games
avatar
Posted Sept. 25, 2023, 6:22 p.m.

Since I use AdBlocker Ultimate I see very few ads, but think MoonID should know that something nefarious might be going on on MG Int 3.

You shouldn't see any ads on MG, KF or moonID because we have removed them a while ago.

This makes it even more weird to see something like this, since we don't embed external code/content, except from images in player profiles (which we will get rid of very soon).

Are you positive that this is only triggered by visiting https://int3.monstersgame.moonid.net/ without having any other browser tabs open?

Show comments (2)
jbcoops
avatar
Posted Sept. 25, 2023, 9:20 p.m.

i have many tabs open... but this only happens on MG INT 3... like i said... Malwarebytes flashes it and i continue. i think i opened a ticket with them once about it but dropped it... maybe i'll open another one.

of course i don't know if i'm the only one seeing this. obviously if it's just me then i'm the only one with the prob. Patti wants to see the full log, but i'm not sure how to retrieve it.
aszlig CRATR.games
avatar
Posted Sept. 26, 2023, 1:32 p.m.

of course i don't know if i'm the only one seeing this. obviously if it's just me then i'm the only one with the prob. Patti wants to see the full log, but i'm not sure how to retrieve it.

The network log and/or HAR file ideally would be the best way to diagnose this, but one thing you could try in order to rule out things such as browser plugins interfering is to open https://int3.monstersgame.moonid.net/ in a private tab and see whether you get same warning.
Page:  1
You need to login to add a post.

Connecting... Connecting