Website hacked?


#1

When you click on https://ubuntu-pi-flavour-maker.org/about/ it takes you to some random page trying to sell something/con you. The page won’t let you go back so you have to close the tab. When you click the “about” link a second time you get to the correct page. Seems extremely dodgy.

If the page has been hacked, then have the pi downloads also been hacked?


Status of Ubuntu MATE 18.04 for Raspberry Pi 3 B & B+?
#2

I do get this page when trying to reach it on firefox:


#3

No problems here from the UK in Chromium or Firefox. Are you using extensions that manipulate the page? How are other browsers on the same computer?

There was this topic about the “Corrupted Content Error” issue a couple of weeks ago, which turns out the Privacy Badger extension was the cause:


#4

I followed the link to https://ubuntu-pi-flavour-maker.org/about/ and was redirected to a page with faux-pop-ups. This was about two hours ago, on my Android phone in Firefox, from the US. In case it’s helpful, here are pages I was redirected to from my Firefox history: https://pastebin.com/wbKj8qSV

Visiting it now, same location/wi-fi, on the same phone and on my computer in Firefox on Ubuntu MATE, it doesn’t give me that.

This forum loaded without issue each time.


#5

Pretty sure it is not a problem at my end. Happens on windows 10 with edge and an android tablet with chrome. No extensions/ad blockers etc running. Redirected to some page that then redirects you to another page which allegedly gives you a chance to win a new iPhone. Yeah right. The internet is full of (rude word)

Worrying if this has been happening for two years…


#6

I have the same problem, it’s redirected me to fake captcha.


#7

Hi,

The page returns status 304, only cache details for performance and seo improvements.

It’s good to do a cleanup in the browser, clear the cache and cookies in the option from the beginning.

If a captcha appears on the screen it is the cloudflare/firewall working to protect the page. Maybe the ip of your vpn or manual change in url return this.


#8

Don’t have any of these problems with this domain from the Netherlands. Not on my vpn account either.


#9

I don’t have any firewalls or VPN the captcha is actually fake, it’s showing when I was redirected to https://pastebin.com/wbKj8qSV I don’t know what is this, but it’s really looks like https://ubuntu-pi-flavour-maker.org/about/ was hacked.

EDIT:
The fake captcha site was https://sslgateways.com/?s=XmSM7Oany%2FOHH1nBoGXvUtaY2UGBbpMWycHSCQyVe4nb0mf1cEPeMOYNqqlcq41NMjtnlGmom7vmg5FVOSqPjg%3D%3D&src=dW looks like fishing or something like that.


#10

Hi,

I mean the website firewall… The redirect does not exist, if it happens part of the machine of the client and not of the server… Here I tested in 4 machines with 4 different connections… Works fine…


#11

Thank you to the posters testing this. I’m afraid most of what h4wk has written has gone over my head. I’m amazingly ignorant of how websites work. Could the embedded video be the problem?

Btw, no vpn here.


#12

Hi,

Look this…

But, in the mobile, second access in another network without https…

First…

Second…

The server does not redirect to https, it reports an error in mobile depending on the version of the browser. The page may have some configuration problem or some malware, but it does not seem to have been hacked, does it seem like an administration problem…


#13

Just tried on my iPhone, and I did got forwarded to multiple websites with that. After I removed all cache it worked just fine again.


#14

Like the other thread @lah7 mentioned, no one has considered how both these are hosted by Cloudflare. This means a totally different server can be involved for everyone attempting the same site. These addresses (each has 2 IPs) ideally route to the closest one for you but can also depend on different ISP topology. It’s done with a routing hack known as AnyCast and has its own possible issues.

And each server hosts thousands of sites. I’m surprised it doesn’t screw up more often.

Just wanted to mention this. Now back to your regularly scheduled thread. :slight_smile:


#15

I use Privacy Badger and the link is taking me to the correct page with no problems.


#16

Chromium with UB Origin and HTTPS Everywhere no problems.

Mickey :blush:


#17

Website legit for me. USA, Vivaldi.


#18

Yeah that seems to be the problem with mine. Disabled it and worked, thanks. :slight_smile:

Was in Firefox.


#19

Tried going to the webpage. The webpage loaded, but then it attempted to redirect me somewhere. Where it tried to take me I do not know because I closed the tab before the page even loaded.

I’m using Google Chrome on Android 8.1. I’ve done a malware scan using Avast Mobile Security, but no malware was found.

It appears to only affect the about page and not the homepage.


#20

Yeah that’s messed. Maybe when I get back home I’ll remember to take another look.