Skip to content
This repository has been archived by the owner on Jan 27, 2021. It is now read-only.

Has the domain digitalclimatestrike.net been taken over? Now serving ads #116

Open
akirk opened this issue Jan 19, 2021 · 8 comments
Open

Has the domain digitalclimatestrike.net been taken over? Now serving ads #116

akirk opened this issue Jan 19, 2021 · 8 comments

Comments

@akirk
Copy link

akirk commented Jan 19, 2021
edited
Loading

The code for the widget is <script src="https://assets.digitalclimatestrike.net/widget.js" async></script> and it looks like https://assets.digitalclimatestrike.net/widget.js tries to serve ads from https://gladdiator.io/.

The Domain data has been updated on January 13, 2021:

$ whois digitalclimatestrike.net
   Domain Name: DIGITALCLIMATESTRIKE.NET
   Registry Domain ID: 2422473382_DOMAIN_NET-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2021-01-13T22:33:34Z

Did you lose control over the domain?
@akirk akirk changed the title Has the domain digitalclimatestrike.net been taken over? Has the domain digitalclimatestrike.net been taken over? Now serving ads Jan 19, 2021
@streiten
Copy link

Bildschirmfoto 2021-01-19 um 13 12 12

yes, yes. it not only tries. it actually does.
urgent action required.

@idmacdonald
Copy link

Hi,

We still had the widget embedded on our website, and we started seeing strange ad pop-ups today. We've removed the link to the widget's JS from our website in order to resolve the issue. But this was a rather ugly surprise. Have you all let the digitalclimatestrike.net domain lapse? Or has someone hijacked the domain's DNS?

I guess if the domain now belongs to someone else, there's not much that can be done. But if you all could get the domain configuration back under your control, that would be really good. We're obviously not the only ones to have added the widget to our website and then forget that it was there.

Best wishes,
-Ian Macdonald

@skurfuerst
Copy link

Hey,

also happened to us.

All the best,
Sebastian

@Chrissyx
Copy link

I can confirm this, too. Happend today on my homepage and removed the widget immediately.

@ursulac
Copy link

ursulac commented Jan 19, 2021

Us too

@TomWFox TomWFox mentioned this issue Jan 19, 2021
Merged
@TomWFox
Copy link

TomWFox commented Jan 19, 2021

Can also confirm this, shame this happened.

@deLinhuberin
Copy link

Same here, please check if the footer.php / header.php of Wordpress Themes or similiar places still contains the script. In some websites the script was inserted directly. The redirect is not persistent, often the next page load is normal and the existing infection is not further detected.

@lukealexander
Copy link

It looks like the domain got resold - real shame and even though the date has now passed, it's probably worth the organisers spreading the word on their website (which still advertises the code).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@skurfuerst @akirk @lukealexander @idmacdonald @streiten @TomWFox @ursulac @deLinhuberin @Chrissyx