No Script detected a potential Cross-Site Scripting attack

Been getting this on random threads the last few days.....



NoScript detected a potential Cross-Site Scripting attack

from www.abovetopsecret.com... to s7.addthis.com....

Suspicious data:

(URL) s7.addthis.com...=0.8383125188879924&iit=1511553423306&tmr=load=1511553421267&core=1511553421287&main =1511553423300&ifr=1511553423316&cb=0&cdn=0&md=0&kw=&ab=-&dh=www.abovetopsecret.com&dr=http://www.abovetopsecret.com/forum/today.php&du=http://www.abo vetopsecret.com/forum/thread1191756/pg1&href=http://www.abovetopsecret.com/forum/thread1191756/pg1&dt=Hitler's Chef, page 1&dbg=0&cap=tc=0&ab=0&inst=1&jsl=33&prod=undefined&lng=en&ogt=site_name,description,title,image&pc=men&pub=ra-56bff035f71c375b&ssl=0&sid=5a18798d5efbf d3d&srf=0.01&ver=300&xck=0&xtr=0&og=image=http%3A%2F%2Ffiles.abovetopsecret.com%2Fimages%2Fats8.jpg&title=Hitler's%20Chef%2C%20page%201&description=Hi tler's%20Chef%2C%20page%201&site_name=AboveTopSecret.com&csi=undefined&rev=v8.1.2-wp&ct=1&xld=1&xd=1



Anybody have any idea what this is and what it is used for?

The thread links to a Toronto Sun article. Media outlets like that usually have a bunch of links that include trackers, banners and web beacons. My browser says there are around 30 trackers on the news page and no beacons.

NoScript is flagging the *potential* for cross-site scripting. It's an advisory rather than a positive CSS issue.

Im getting spoutable ads pop up on certain ats pages advertising male enhancement

a reply to: anotherside

It's CREEPY how well ads know us!!!

This is what's concerning...

"image&pc"

After doing some research, it appears they create a custom image for each pc which allows them to track across various media sites and can eventually pinpoint your pc to all your browsing.


www.how-to-remove.com...

This company is also known for using a technique called “canvas fingerprinting” which allows to follow users without any Javascript nor Cookies. This technique will be soon used by at least 5% of the most popular websites.

s7.addthis.com’s technique is about sending instructions to the browser so it creates a hidden image. All these images are different from computer to computer, thus they can easily become a unique identifier. This is why it’s called “canvas fingerprinting”. After this is done, it’s easy to isolate a computer and know the browsing history.

a reply to: RickinVa

You been hit. Not me.. Im clean

Ever since updating to the newest Firefox version and the newest NS version for it, I'm getting quite a few of those warnings as well.

a reply to: Subrosabelow

It started when I went to the new version of firefox as well.

Just finished a full system scan with Norton's and it shows nothing.

XSS attacks are used by inputting code into something like a textbox or login window and receiving a different reply.
The reply itself doesn't always lead to something bad, but it could give away info regarding the server that could be used to someone malicious' advantage.

It seems you're getting the message due to a redirect that wasn't supposed to happen.
I think?

a reply to: GreenGunther

I was able to clear it by resetting the data in Firefox.

This version of Firefox is a little wonky.... I have already seen once false update that was blocked by Norton's on Yahoo yesterday.

Plus I do not care for the new format... I will probably go back to the older version if possible.

a reply to: anotherside

I get spoutable ads also when logged in,soon as i access the site.When i click on new or recent,it usually disappears.Always 2 ads,usually for get rich quick schemes but one was asking if i'm up for a sugar mommy in the provincial capital here.

Eta - this happens only on my cell using Chrome browser,not on pc.

originally posted by: anotherside
Im getting spoutable ads pop up on certain ats pages advertising male enhancement

That's why I hit the lingerie ads wherever i see them, if I'm gonna get a pop up, might as well be something decent to look at.

Pun intended?

originally posted by: RickinVa
a reply to: GreenGunther

Plus I do not care for the new format... I will probably go back to the older version if possible.

I'm OK with the new version apart from the bookmarks which are screwed up. Most of them don't show up unless I use the search field or open the library. The problem with that is I don't have a photographic memory of every fricken site I've visited and chose to favourite. That's the entire point of adding a bookmark ffs!

This company is also known for using a technique called “canvas fingerprinting” which allows to follow users without any Javascript nor Cookies. This technique will be soon used by at least 5% of the most popular websites.

I've gotta thank you for the 'canvas fingerprinting' thing. It's opened my eyes to how shopping recommendations appear on unlinked sites. For example, we were talking about eating insects in a recent ATS thread and Amazon was recommending savoury insects on my landing page the next day. I bought a bunch of critters about six months ago and there was no obvious reason why they'd be listed again.

Apparently FF's next build will offer to block HTML5 fingerprinting. The problem there is someone will design something else. It will also add more effort to surf the web because every site visit will include a drop-down box asking for permission for the site to access the canvas. I don't have big issues with site preferences or targeted marketing, but I have a massive issue with not being asked first.

a reply to: Raxoxane

It's a stored cookie or some-such.

Go into settings in chrome, clear the cache, delete the cookies, make the history dissapear and you will most likely be getting some new ads, but our country is rank with terrible advertisements, so deleting the old ones just causes new ones to appear. Google is very good with ad tracking and delivering specific ads to specific individuals. If it's an android phone you must also clear stored information within your google account

They collect a lot of data to make it happen, so does Microsoft and a lot of other companies.
our entire countries ID numbers, cell numbers, residence information etc. has all ready been leaked online.

I've wanted to forward some of the ads that appear in my country to the admins... we really need a better internet than this. There is no hope for the stupid, easily distractible idiots of the modern age. We must protect the mentally frail.