289 replies to this topic

[Perlmuxxed]

My Google play opens up with some Partner search app... Ist' annoying. Started few days ago. It only opens for the first time I'm on the site. Using Opera for Android and normal view not mobile version of the site.

[mhh]

My Google play opens up with some Partner search app... Ist' annoying. Started few days ago. It only opens for the first time I'm on the site. Using Opera for Android and normal view not mobile version of the site.

This doesn't seem to be a problem from our side. I have no idea what your google play has to do with Batoto. It happening only once at the start also indicates that it's something from your side. Otherwise it would happen more frequently. 

 

Since your post doesn't tell me much I could obviously be wrong. 

[drojf]

Here's what i posted to the suggestions forum (didn't know this thread existed):

 

Hi, I've been having javascript-style advert popups / redirects on your website for a while and I thought I'd let you know. At first I thought it was just my computer having some browser redirect, but after continuing to use batoto for a while, I have realized it is always the same popup, and it only ever occurs on Batoto. I have attached images of the popups, and below are the links of the website I get redirected to. 
 
After clicking ok/closing the dialog, I am redirected to:
http://cleanmasterapp.com/rmx/au/offer.php
 
And then that redirects me to:
http://www.free-choice.com.au/cgi-bin/wingame.pl?partner_pk=419&wingame_pk=42&sub_id_postback=933f179dfcde7c7f110e30fb45bb12d5&sub_id=CD13939
 

 

[mhh]

Here's what i posted to the suggestions forum (didn't know this thread existed):

 

Hi, I've been having javascript-style advert popups / redirects on your website for a while and I thought I'd let you know. At first I thought it was just my computer having some browser redirect, but after continuing to use batoto for a while, I have realized it is always the same popup, and it only ever occurs on Batoto. I have attached images of the popups, and below are the links of the website I get redirected to. 
 
After clicking ok/closing the dialog, I am redirected to:
http://cleanmasterapp.com/rmx/au/offer.php
 
And then that redirects me to:
http://www.free-choice.com.au/cgi-bin/wingame.pl?partner_pk=419&wingame_pk=42&sub_id_postback=933f179dfcde7c7f110e30fb45bb12d5&sub_id=CD13939
 

Thanks for posting it here as well. I'll help Grumpy a lot when he sorts through all the reports if everything is in one place. (good that you made the links not "clickable")

[Grumpy]

Here's what i posted to the suggestions forum (didn't know this thread existed):

 

Hi, I've been having javascript-style advert popups / redirects on your website for a while and I thought I'd let you know. At first I thought it was just my computer having some browser redirect, but after continuing to use batoto for a while, I have realized it is always the same popup, and it only ever occurs on Batoto. I have attached images of the popups, and below are the links of the website I get redirected to. 
 
After clicking ok/closing the dialog, I am redirected to:
hp://cleanmasterapp.com/rmx/au/offer.php
 
And then that redirects me to:
hp://www.free-choice.com.au/cgi-bin/wingame.pl?partner_pk=419&wingame_pk=42&sub_id_postback=933f179dfcde7c7f110e30fb45bb12d5&sub_id=CD13939
 

Can you tell me which page this popup occurred?

[drojf]

Ah sorry, it was this page: http://vatoto.com/read/_/202087/taiyou-no-ie_v8_ch32_by_maigo/21

I've had it happen on other pages before, so I didn't think the exact page was relevant :S. read the previous page which said it was relevant.

I created the screenshot at

04:05:00 Thursday October 24, 2013 in Australia/Victoria converts to
17:05:00 Wednesday October 23, 2013 in GMT/UTC

 

ooh, it happened agian, about 3 minutes ago, this time on http://vatoto.com/read/_/84710/fudanshism-fudanshi-shugi_ch2_by_noname-scan

also, i just noticed that the fake java update advert I got (not just now, a while ago) was the same one on page 1 of this topic

Edited by drojf, 26 October 2013 - 02:01 PM.

[ducmq]

Hi recently when on batoto I got redirect to this website: hmmp://javeupdatefrr.com/download/chrome.php?dv1=Ybrant%20Digital 

Tried to block it by modifying my host file but didn't work so this thread is my last hope ^^ 

 

edit: the ad appear randomly so I can't give you a precise page where the bad ad occurred. Sometime it redirect me when I'm at the home page, sometime while I was reading a manga.... But every time It's automatic, by that I mean I got redirect without me doing anything for example: 1 min ago I was on batoto then I switch to another tab, I come back later and the ad was there.   

Edited by ducmq, 29 October 2013 - 06:39 PM.

[JustifiedHubris]

Hi, so on any page in Batoto this link occasionally pops up:

 

hxxp://javeupdatecaa.com/download/chrome.php?dv1=glispa GmbH 

[Grumpy]

I have already reported the javaupdate crap to the ad network responsible. Unfortunately all I can do for this one at the moment.

 

If people see it still after 24hrs of this post, please post again.

[Infset]

Hey,

got a ad that replaced the entire page (or its a frame that's over the entire page)

 

<body id="Yinterstitial5023202" style="overflow: hidden;"><span id="ClicksorInterstitial5023202"></span><ispan id="ClicksorInterstitialOuterSpan_5023202" class="noclicksorinline" style="top: 0px; left: 0px; display: block; position: absolute; width: 100%; height: 100%; background-color: white; z-index: 9999320; opacity: 1; background-position: initial initial; background-repeat: initial initial;"><ispan id="ClicksorInterstitialInnerSpan_5023202" class="noclicksorinline" style="display: block; position: fixed; width: 100%; height: 100%; left: 0px; top: 0px; background-color: white; z-index: 9999320; background-position: initial initial; background-repeat: initial initial;"><ispan dir="ltr" style="z-index: 9999320; width: 100%; padding: 0px; display: block; margin: 0px; position: relative;"><table cellspacing="0" cellpadding="0" width="100%" style="width:100%;border:0px;padding:0px;margin:0px;display:block;visibility:visible;background-color:transparent;"><tbody><tr><td valign="middle" align="left" style="padding:10px 0 10px 15px;font-size:25px;white-space:nowrap;background-color:transparent;">WWW.BATOTO.NET</td><td valign="middle" align="right" style="vertical-align:middle;padding:10px 15px 10px 0;text-align:right;width:100%;background-color:transparent;"><a href="#" style="font-family: Arial, Helvetica, sans-serif; color: rgb(0, 0, 255); font-weight: bold; text-decoration: underline; font-size: 13px; border: none; visibility: visible; background-color: transparent;" onclick="Yesup.clicksor.Code[0].ITS.hide_intermission(); return false;" id="ClicksorSkipThisAd"><img style="border:none;display:inline;margin:0;padding:0;background-color:transparent;" src="http://pub.clicksor.net/newServing/img//skip_general.gif" alt="Skip this ad &gt;"></a></td></tr></tbody></table></ispan><ispan id="ClicksorInterstitialBar_5023202" style="background-image: url(http://pub.clicksor.net/newServing/img//bar_inter.gif); background-color: rgb(255, 255, 255); font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: rgb(51, 51, 51); display: block; margin: 0px; white-space: nowrap; text-align: left; border-width: 1px 0px; border-color: rgb(174, 174, 174); border-style: solid; padding: 5px 15px; background-position: 0% 0%; background-repeat: repeat no-repeat;"><span style="float:right;margin:0;padding:0;font-size:12px;"><a href="javascript:void(0);" style="font-family:Arial,Helvetica,sans-serif;color:#00f;font-weight:bold;text-decoration:underline;font-size:12px;margin:0;padding:0;display:inline;background-color:transparent;text-transform:none;cursor:pointer;" onclick="Yesup.bookmark_url('-1_advertiser','','');">Bookmark This Ad</a>&nbsp;&nbsp;|&nbsp;&nbsp;<a href="javascript:void(0)" +="" style="font-family:Arial, Helvetica, sans-serif;color:#00f;text-decoration:underline;margin:0;padding:0;display:inline;font-weight:bold;background-color:transparent;text-transform:none;cursor:pointer;" onclick="window.open(&quot;http://signup.clicksor.com/advertise_here.php?nid=1&amp;srid=9021889&quot;);">Your Ad Here</a></span>Advertisement powered by Clicksor</ispan><iframe id="ClicksorInterstitialAdIframe_5023202" src="" height="683" width="1440" marginwidth="0" marginheight="0" frameborder="0" scrolling="auto" style="display: block; position: relative;"></iframe></ispan></ispan></body>

 

Also in another page got a popup to here serw.clicksor.com/newServing/links.php?zone=0&chad=1&adu=2&cs=&adtype=1&nid=1&sid=173462&pid=114984&spid=&image=2&memkey=79cc1706be4faf5bfbd0470f4d14c76c&durl=&lq=0&lb=17&qp=YF4lKDH7JSsl-SIs-yss91tZYCckLiF7Ji7zZl4rfCcyfSknJXwiL_0mKyD-IzUg_GthJSEvIiYoJHwjM3w

Attached Files

•  Screen Shot 2013-10-30 at 20.16.38 .png   58.97KB   12 downloads

Edited by Infset, 30 October 2013 - 08:39 PM.

[Grumpy]

Hey,

got a ad that replaced the entire page (or its a frame that's over the entire page)

 

<body id="Yinterstitial5023202" style="overflow: hidden;"><span id="ClicksorInterstitial5023202"></span><ispan id="ClicksorInterstitialOuterSpan_5023202" class="noclicksorinline" style="top: 0px; left: 0px; display: block; position: absolute; width: 100%; height: 100%; background-color: white; z-index: 9999320; opacity: 1; background-position: initial initial; background-repeat: initial initial;"><ispan id="ClicksorInterstitialInnerSpan_5023202" class="noclicksorinline" style="display: block; position: fixed; width: 100%; height: 100%; left: 0px; top: 0px; background-color: white; z-index: 9999320; background-position: initial initial; background-repeat: initial initial;"><ispan dir="ltr" style="z-index: 9999320; width: 100%; padding: 0px; display: block; margin: 0px; position: relative;"><table cellspacing="0" cellpadding="0" width="100%" style="width:100%;border:0px;padding:0px;margin:0px;display:block;visibility:visible;background-color:transparent;"><tbody><tr><td valign="middle" align="left" style="padding:10px 0 10px 15px;font-size:25px;white-space:nowrap;background-color:transparent;">WWW.BATOTO.NET</td><td valign="middle" align="right" style="vertical-align:middle;padding:10px 15px 10px 0;text-align:right;width:100%;background-color:transparent;"><a href="#" style="font-family: Arial, Helvetica, sans-serif; color: rgb(0, 0, 255); font-weight: bold; text-decoration: underline; font-size: 13px; border: none; visibility: visible; background-color: transparent;" onclick="Yesup.clicksor.Code[0].ITS.hide_intermission(); return false;" id="ClicksorSkipThisAd"><img style="border:none;display:inline;margin:0;padding:0;background-color:transparent;" src="http://pub.clicksor.net/newServing/img//skip_general.gif" alt="Skip this ad &gt;"></a></td></tr></tbody></table></ispan><ispan id="ClicksorInterstitialBar_5023202" style="background-image: url(http://pub.clicksor.net/newServing/img//bar_inter.gif); background-color: rgb(255, 255, 255); font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: rgb(51, 51, 51); display: block; margin: 0px; white-space: nowrap; text-align: left; border-width: 1px 0px; border-color: rgb(174, 174, 174); border-style: solid; padding: 5px 15px; background-position: 0% 0%; background-repeat: repeat no-repeat;"><span style="float:right;margin:0;padding:0;font-size:12px;"><a href="javascript:void(0);" style="font-family:Arial,Helvetica,sans-serif;color:#00f;font-weight:bold;text-decoration:underline;font-size:12px;margin:0;padding:0;display:inline;background-color:transparent;text-transform:none;cursor:pointer;" onclick="Yesup.bookmark_url('-1_advertiser','','');">Bookmark This Ad</a>&nbsp;&nbsp;|&nbsp;&nbsp;<a href="javascript:void(0)" +="" style="font-family:Arial, Helvetica, sans-serif;color:#00f;text-decoration:underline;margin:0;padding:0;display:inline;font-weight:bold;background-color:transparent;text-transform:none;cursor:pointer;" onclick="window.open(&quot;http://signup.clicksor.com/advertise_here.php?nid=1&amp;srid=9021889&quot;);">Your Ad Here</a></span>Advertisement powered by Clicksor</ispan><iframe id="ClicksorInterstitialAdIframe_5023202" src="" height="683" width="1440" marginwidth="0" marginheight="0" frameborder="0" scrolling="auto" style="display: block; position: relative;"></iframe></ispan></ispan></body>

 

Also in another page got a popup to here serw.clicksor.com/newServing/links.php?zone=0&chad=1&adu=2&cs=&adtype=1&nid=1&sid=173462&pid=114984&spid=&image=2&memkey=79cc1706be4faf5bfbd0470f4d14c76c&durl=&lq=0&lb=17&qp=YF4lKDH7JSsl-SIs-yss91tZYCckLiF7Ji7zZl4rfCcyfSknJXwiL_0mKyD-IzUg_GthJSEvIiYoJHwjM3w

This really doesn't tell me much. >.<

Please see the first post and see if you can provide some information I can use to pin point this. We don't even use clicksor, it's coming in through another network and I can't even tell which given what you told me.

[Rhymenoise]

I've been getting 2 that pop up from nowhere.

It happens randomly and normally when I'm tried so I just refresh the page.

 

One is a box titled "cleanmaster.app" or some crap like that forces me to their site.

There other turns a comic page into a full ad page that changes the theme and everything, only thing left is batoto.net on top the rest is the normal click here to win crap. There's also a skip this ad button but I'm tried so I just refreshed.

 

I'll try to screencap them next time it happens.

 

Also it's not a virus, I've run both my scans and they come up with nothing.

 

Edit: the second one looked like the one Infset posted about

Edited by Rhymenoise, 31 October 2013 - 12:50 AM.

[baroner]

http://vatoto.com/read/_/203473/idol-pretender_ch15_by_vexed-scans/2 i get a pop up add that is annoying and a lot of manga have been having that lately i notice is some hacker trying to mess with you guys?

[Grumpy]

http://vatoto.com/read/_/203473/idol-pretender_ch15_by_vexed-scans/2 i get a pop up add that is annoying and a lot of manga have been having that lately i notice is some hacker trying to mess with you guys?

What kind of popup are we talking about? A new window/tab? Javascript popup notice? Or something like a div popup?

 

I think you're just getting bad ads, but I could use more information in tracking them down so we can get rid of them.

[ducmq]

Hi recently when on batoto I got redirect to this website: hmmp://javeupdatefrr.com/download/chrome.php?dv1=Ybrant%20Digital 

Tried to block it by modifying my host file but didn't work so this thread is my last hope ^^ 

 

edit: the ad appear randomly so I can't give you a precise page where the bad ad occurred. Sometime it redirect me when I'm at the home page, sometime while I was reading a manga.... But every time It's automatic, by that I mean I got redirect without me doing anything for example: 1 min ago I was on batoto then I switch to another tab, I come back later and the ad was there.   

Another ad just like the one I mention in my previous post:

hmqp://getlatestjave.com/index.php?dv1=DSNR%20Media%20Group

[mhh]

Clicksor ad: 

First this happened when I wanted to go to the next page: 

Spoiler

Clicking "abrechen/cancel" brought me to this: 

Spoiler

Skip add  actually went beck to the page but opened this pop up in a different window: 

Spoiler

[Aclgrafix]

Hi, not sure if this is intentional or not but starting today I've been getting a lot of random pop ups and every 5-10 pages of reading a manga i get an add like the type you get with tiny URL links (didn't take any screenshots since i didn't know about this topic)

 

edit: guy above me posted a second before me but its the same thing

Edited by Aclgrafix, 31 October 2013 - 01:37 PM.

[Euodiachloris]

I just got hit by the Clicksor forceful ad campaign, as well. The little blighter.  It did a one-two with the "update your Java" old-timer, as well, though.

 

One suspects a similar source for both.

Edited by Euodiachloris, 01 November 2013 - 02:37 AM.

[mhh]

Getting feedback is good, but Grumpy needs something to report/work with. Screenshots that have everything definitely help - see first post. 

[backwardglove]

when I reread 
Satou-kun no Juunan Seikatsu...
by browser would be jacked stating that I need to download a new media player and then I would be transferred to here:
 
 
hxxp://www.softigloo.com/nlp/e/yesadvertising/free_media_player?p1=1&p3=4-8991-8692-170000001688039064-2925011615-1383241734-1385833734&utm_source=yesadvertising&utm_medium=affiliate&utm_campaign=1&utm_content=free_media_player

Edited by Grumpy, 01 November 2013 - 05:08 AM.
don't link things please