Summary version: Demon girl tale of a lax demon latest chapter v6c7 had a malicous redirect, I want to figure out how this happened (ex. was the NU redirect link wrong?) Or is there bad ads hosted there? Was their site itself infected? Should we put a step to prevent the issue if its the former? What can we do if so? *Summons the great* @Tony To those who may ask, yes I filed a report properly "report a problem" through user profile For those who may ask why I made this thread, to allow questions to be asked, or discussion, so i made this topic hoping for answers. So I would like to preface this with an incident that happened to me today. The series Tale of a lax demon https://www.novelupdates.com/series/demon-girl-tale-of-a-lax-demon/ had a malicious redirect which involved a URL that had letters and numbers like hexadecimal ended in .win and had a long string of text of words, symbols, letters and numbers. To summarize, about as suspicious as a link can get. To make matters worse that URL/page opened up long (wide) suspicious windows saying some words and had boxes with username and password to fill in. Which for a start I assume is either it trying to do something it shouldn't, or it trying to get something from you. Said windows opened at a rate of about 2 per second, all while popping up at the same spot, in the center of the screen. I quickly put a stop to that nonsense by immediately shutting off the router and using the task manager to close the browser. Not to my surprise all those fakes trying to pose as something from windows were closed along with when I ended all the browser processes. These details being said, I question if the link itself even lead to the site where the chapter was hosted. Yes I made a report through the proper channels (aka "report a problem" from the user profile). I just also had questions, want thoughts on what others think, such as what they think was going on there, or if they feel this issue cropping up should be addressed in some manner. All these things being said, this is not only a PSA of this issue happening, it is also a call to attention to a unique but small problem that might need to be addressed. Though before voicing my suggestion I figured I would just get the word out there and maybe have a discussion on if other's feel it would be a necessary, or helpful measure. I don't have much more time so I need to get going. I'll follow up on this later today if I can. Sidenote: I am on a different computer until I ensure the one that had the incident is clean and everything is in the clear.
...umm, your tldr; is still too long and really awkwardly written. You don't just insert random sidenotes and misc sound effects and expect it to be coherent. Condense it down to one sentence and we'll decide whether the rest is worth reading.
yes the link lead to the site it was hosted. i tried with different devices, both logged in and incognito, with diiferent internet connection and didn't get any of such redirect. as @Parth37955 said, it probably one of the ads.
It can go wherever the writer chooses. Most put it at the end in bold. But I have seen some writers place it in the beginning as an abstract for a long tale.
It's moonbunnycafe, always use adblockers on that site, maybe scriptblockers as well if you want to be safe.
So I noticed this as well, and decided to test a few things so I'll show my findings (all findings apply to chrome 65 on windowes 10): 100% Adware, loaded in as the ads load in, in addition, the ads inject various javascripts to call even more ads. Having a adblocker as you load the site prevents any scripts from the inital ads. If you enable the adblocker AFTER the scripts are loaded then you begin seeing hundreds of blocked calls to a domain. A look at the scripts (and after prettyprinting it) shows that it it draws invisible iframes with ads inside them. This leads to ballooning ram, cpu and network usage until the browser crashes due to lack of ram. While I'm not subject to redirect scripts, the site itself seems to be home to various adware that care not for your browsing experience. TLDR; MoonBunnyCafe is infected with adware, do not enter w/o adblockers.
Interesting, your findings are very helpful, Thanks for putting the effort in finding the answers. Its a shame though as I had indeed disabled the adblocker and script blocker (for simplicity sake) in efforts to help support translators through the revenue they get from ads. Seems I will have to be much more reserved and specific in handling that. Would you happen to know which source/domain was the troublemaker? Interestingly enough, I had actually read the past 2 or 3 chapters of that series like that without an incident, and under normal circumstances any suspicious redirecting action would be stopped, and either the page itself, or a small window would come up, both of which would state what and why it was blocked, as well as its source. This being said, with previous experiences being as they were it was a surprising change of pace when it got as invasive as it did. On a related note, I checked the series page and noticed it just says "app" now. I am pretty sure it used to outright say "moonbunnycafe" in one word, but I could be wrong. Has that changed? It seems they all say "app" now. I have also completed a series of antivirus scans, right down to boot-time and manually checking installed programs, startup programs, and each background service. Even checked to ensure the browser settings were as they should be, which looks normal. Looks like things are turning up clean. Thankfully the incident only lead to small issues.
While I'm not certain as to the exact origin of the ads, the site periodically loads in copies of a script from a proxy dns with only adware/browser clogger scripts on it (the site has whois protection and is made with a third party dns service so the trace runs cold). The additional site calls goto various ad sites, far more than is reasonable (I also believe some of these ad calls themselves make ad calls). I think these scripts are unlikely to cause any lasting harm to the browser/pc aside from eating resources but I might wrong.