Imagehost Problems, Imagebam, Imagevenue, PimpAndHost, PixHost, ImgBox etc

[oldlevi]

Quote:

Originally Posted by bawjaws

keep getting this with Pixhost

Same here.

[buttsie]

Linking to an example post for the mods to test would help

I dont get that on pixhost so its most likely either

Ads - malvertising
Scripts - redirecting to a site
False positive from your security software

A little scare to upgrade to premium

Occasionally i'll get avast free warning me of similar stuff on imgbox in between the suggestions to upgrade to premium

I ignore it mostly as i use an ad & script blocker

[Rubinski]

I'm also not having problems on pixhost.to images.

I'm on W10 using free avast, free firefox browser, and free AdBlock Plus on comcast.

Not sure what you guys are using, but maybe you should try a different free browser?

[mongo630]

I am getting the same message. It is my premium ESET that is not letting me view pixhost. I use google and Win 7

[oldlevi]

Quote:

Originally Posted by buttsie

Linking to an example post for the mods to test would help

I dont get that on pixhost so its most likely either

Ads - malvertising
Scripts - redirecting to a site
False positive from your security software

A little scare to upgrade to premium

Occasionally i'll get avast free warning me of similar stuff on imgbox in between the suggestions to upgrade to premium

I ignore it mostly as i use an ad & script blocker

I get this message on all recent posts using pixhost--here's an example from the jennifer lawrence thread: http://vintage-erotica-forum.com/sho...&postcount=552

[buttsie]

I just tested it with chrome
- ad blocker off
- allowing scripts temporarily on script safe (does seem to be an excessive number)

my avast free on - no warning messages


Tested the Cover image url with 3 ads at bottom at www.virustotal.com
0/69 - no issues - including Eset

The cover
https://www.virustotal.com/#/url/0c0...4445/detection


Which just leaves your security suite - the trouble is they are all different
- some are less or more aggressive with detections

Most of them get false positives though av-comparatives has eset at the top with avira for not getting many

https://www.av-comparatives.org/vendors/eset/

All you can do is report it to your security vendor for analysis


Do a reverse image search on google - most Celeb pics get posted reposted ad nauseum

[mekiq]

Eset
Pale moon + Image Host Grabber

and I am facing the same problem with Pixhost.to

I am using IHG and Eset for years and this is probably first time Eset directly blocks download of the JPG through IHG.

When looking to the pixhost.(org|to) script through host editor, it calls the search function. It's basically going through the source code of the host page until it hits the IMG tag. And then filters out the result. So I am not exactly sure how sign of JS/Adware.Agent.AC application is triggered.

Quote:

function(pageData, pageUrl) {
var retVal = {imgUrl: null, fileName: null, status: "ABORT"};
// Search for <img ... id="image" ... />
var iTag = (pageData.match(/<img\b[^>]*?\bid\s*=\s*('|")image\1[^>]*?>/i)||[])[0];
if (iTag) {
var iUrl = (iTag.match(/\bsrc\s*=\s*('|")(.*?)\1/i)||[])[2];
if (iUrl) {
retVal.imgUrl = iUrl;
retVal.status = "OK";
var iName = (iTag.match(/\balt\s*=\s*('|")(.*?)\1/i)||[])[2];
// Fallback: Get original filename from url, part after last slash
if (!iName) iName = iUrl.split('/').pop();
iName = iName.replace(/^\d*_/, ""); // remove leading digits and underscore
if (iName) { // exists and is not empty
retVal.fileName = iName;
}
}
}
return retVal;
}

[halvar]

Quote:

Originally Posted by mekiq

When looking to the pixhost.(org|to) script through host editor, it calls the search function. It's basically going through the source code of the host page until it hits the IMG tag. And then filters out the result. So I am not exactly sure how sign of JS/Adware.Agent.AC application is triggered.

The warning is not triggered by this little piece of code. These 'web security' tools intercept all the traffic that goes in and out. Some of them even break the https encryption, which is really a bad thing.
IHG downloads the whole page that contains the link to the image. Then it searches for the link using regular expressions, as you said. If the downloaded page contains scripts or links to scripts these may trigger the warning, even if they are not loaded or executed.

My recommendation: ditch those web security tools. They do more harm than good.
Keep your system and browser up to date and use ad- and script-blockers.

[mekiq]

Quote:

Originally Posted by halvar

The warning is not triggered by this little piece of code. These 'web security' tools intercept all the traffic that goes in and out. Some of them even break the https encryption, which is really a bad thing.
IHG downloads the whole page that contains the link to the image. Then it searches for the link using regular expressions, as you said. If the downloaded page contains scripts or links to scripts these may trigger the warning, even if they are not loaded or executed.

My recommendation: ditch those web security tools. They do more harm than good.
Keep your system and browser up to date and use ad- and script-blockers.

The code I have quoted in a previous post is IHG specific search function for pixhost.to host.

Adware.Agent.AC itself is a java script code (created by third party) pixhost.to pages most likely contains since 2018-08-29.
It's uncompiled mark up language code, that's why it went through IHG during download, as you mentioned.

It may be a false alarm, but Eset consider some of the functions as dodgy / malevolent and that's why it's currently blocked until it will be fixed by the company who created it.

source:
http://www.virusradar.com/en/threat_...a/graph/437069
and
Malware Finding and Cleaning forum on Eset.


EDIT: That means, bypassing ESET in this particular case is actually a solution as IHG does not execute the code.

[Baranovich]

PimpAndHost is currently not functioning correctly. I tried to post several times in the Babe of the Day thread. It will upload the photos but when you insert them into the post it doesn't display them as thumbnails, it only shows them as underlined file names and extensions.

I tried inserting photos one at a time and also by inserting them all at once and it didn't make a difference.

Will try again a little later to see when and if the issue gets resolved during the day today.