Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Redirect to ads

My site is hijacked by your injected JavaScript. This has previously been the cause of lawsuits against Comcast Cable providers as it is not pointed out in the terms of service that you inject your own code into that of your users. You should stop this practice before you too are sued.

Comments

  • edited March 23

    I'm sorry, but I don't which which injected javascript you are referring to. Can you be a bit more specific?

    Yes, we manipulate server output for performance and security, as does any hosting provider. But we have not, do not and will not ever inject ads in your website.

  • edited March 23

    My website is spreadthelove.rf.gd
    It has been redirecting to Amazon.com automatically. Sometimes it will work, and sometimes it wont.
    Any ideas of what the issue is?

    If it doesn't go to Amazon.com, this happens:clickconfirmation.com/?cid=1521841851010300002

  • I've got a user-facing website and an api backend setup being hosted at dragoncourt.rf.gd. When attempting to navigate to the website, the browser is hijacked. When using the api backend, I am given this http response from the server (note that this is NOT generated by the PHP code I've built):
    <html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"),b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("67e29580eda2987a9780a2ec849e6b7a");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://dragonncourt.rf.gd/user/init?i=1";</script><noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>

  • I should also note that when attempting to navigate to the "main domain" (jx1ndisg.epizy.com), it redirects to http://suspendeddomain.org/h/. When using the api with the main domain I get this response:
    <!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_yzFxP9P0G8Lxx6079WeFmhDoNv4iB8VYjdqLp9PQlFeMHjPChfi79T20GQ5vVK1vmEliyQglVHDVH5agTxQMZg=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head><!--[if IE 6 ]><body class="ie6"><![endif]--><!--[if IE 7 ]><body class="ie7"><![endif]--><!--[if IE 8 ]><body class="ie8"><![endif]--><!--[if IE 9 ]><body class="ie9"><![endif]--><!--[if (gt IE 9)|!(IE)]> --><body><!--<![endif]--><script type="text/javascript">g_o9=(function(){var DY=document,aBW=location,DE=DY.createElement('script'),aCZ=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(aBW.search!=='?z'){aBW.href='/?z';}};DE.onload=DE.onreadystatechange=function(){if(!aCZ&&LX){if(!window['googleNDT_']){} LX(google.ads.domains.Caf);} aCZ=true;};DY.body.appendChild(DE);return{aBL:function(n$){if(aCZ) n$(google.ads.domains.Caf);else LX=n$;},bq:function(){if(!aCZ){DY.body.removeChild(DE);}}};})();g_pb=(function(){var aBW=window.location,nw={},bH,aBU=aBW.search.substring(1),aCR,aCT;if(!aBU) return nw;aCR=aBU.split("&");for(bH=0;bH<aCR.length;bH++){aCT=aCR[bH].split('=');nw[aCT[0]]=aCT[1]?aCT[1]:"";} return nw;})();g_pa=(function(){var $is_ABP_whitelisted=null;var $Image1=new Image;var $Image2=new Image;var $error1=false;var $error2=false;var $remaining=2;var $random=Math.random()*11;function $imageLoaded(){$remaining--;if($remaining===0) $is_ABP_whitelisted=!$error1&&$error2;} $Image1.onload=$Image2.onload=$imageLoaded;$Image1.onerror=function(){$error1=true;$imageLoaded();};$Image2.onerror=function(){$error2=true;$imageLoaded();};$Image1.src='/px.gif?ch=1&rn='+$random;$Image2.src='/px.gif?ch=2&rn='+$random;return{aBN:function(){return'&abp='+($is_ABP_whitelisted?'1':'0');},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelisted===null) setTimeout($poll,100);else $callback();} $poll();}}})();(function(){var aCL=screen,RC=window,aBW=RC.location,aCY=top.location,DY=document,Sp=DY.body||DY.getElementsByTagName('body')[0],aCW=0,aCU=0,aCV=0,$IE=null;if(Sp.className==='ie6') $IE=6;else if(Sp.className==='ie7') $IE=7;else if(Sp.className==='ie8') $IE=8;else if(Sp.className==='ie9') $IE=9;function aCS($callback){aCV++;aCW=RC.innerWidth||DY.documentElement.clientWidth||Sp.clientWidth;aCU=RC.innerHeight||DY.documentElement.clientHeight||Sp.clientHeight;if(aCW>0||aCV>=5){$callback();} else{setTimeout(aCS,100);}} var $num_requirements=2;function $requirementMet(){$num_requirements--;if($num_requirements===0) aCX();} aCS($requirementMet);g_pa.$onReady($requirementMet);function aCX(){var ef=undefined,IQ=encodeURIComponent,aCQ;if(aCY!=aBW&&g_pb.r_s===ef) aCY.href=aBW.href;aCQ=DY.createElement('script');aCQ.type='text/javascript';aCQ.src='/glp'+'?r='+(g_pb.r?g_pb.r:(DY.referrer?IQ(DY.referrer.substr(0,255)):''))+ (g_pb.r_u?'&u='+g_pb.r_u:'&u='+IQ(aBW.href.split('?')[0]))+ (g_pb.gc?'&gc='+g_pb.gc:'')+ (g_pb.cid?'&cid='+g_pb.cid:'')+ (g_pb.query?'&sq='+g_pb.query:'')+ (g_pb.search?'&ss=1':'')+ (g_pb.a!==ef?'&a':'')+ (g_pb.z!==ef?'&z':'')+ (g_pb.z_ds!==ef?'&z_ds':'')+ (g_pb.r_s!==ef?'&r_s='+g_pb.r_s:'')+ (g_pb.r_d!==ef?'&r_d='+g_pb.r_d:'')+'&rw='+aCL.width+'&rh='+aCL.height+ (g_pb.r_ww!==ef?'&ww='+g_pb.r_ww:'&ww='+aCW)+ (g_pb.r_wh!==ef?'&wh='+g_pb.r_wh:'&wh='+aCU)+ (g_pa.$isWhitelisted()?'&abp=1':'')+ ($IE!==null?'&ie='+$IE:'')+ (g_pb.partner!==ef?'&partner='+g_pb.partner:'');Sp.appendChild(aCQ);}})();</script></body></html>

  • edited March 24

    @spreadthelove said:
    My website is spreadthelove.rf.gd
    It has been redirecting to Amazon.com automatically. Sometimes it will work, and sometimes it wont.
    Any ideas of what the issue is?

    If it doesn't go to Amazon.com, this happens:clickconfirmation.com/?cid=1521841851010300002

    This topic is about @chaoskreator 's site, not yours. If you have an issue with your site, please create your own topic and don't hijack someone else's. Or just check the relevant KB article yourself: https://infinityfree.net/support/why-doesnt-my-domain-work/

    @chaoskreator said:
    I've got a user-facing website and an api backend setup being hosted at dragoncourt.rf.gd. When attempting to navigate to the website, the browser is hijacked. When using the api backend, I am given this http response from the server (note that this is NOT generated by the PHP code I've built):
    <html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"),b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("67e29580eda2987a9780a2ec849e6b7a");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://dragonncourt.rf.gd/user/init?i=1";</script><noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>

    That's not your website being "hijacked", that's a security system. The short explanation: you cannot use InfinityFree to host an API. AJAX requests are only possible on the same domain.

    The longer explanation can be found here: https://infinityfree.net/support/javascript-error-using-api-or-mobile-android-app/

Sign In or Register to comment.