camelia 6 Posted February 22, 2018 Share Posted February 22, 2018 Hi, i am getting this EIS notification in a very reputable website, Do I have to Block or Allow? Thanks Camelia Link to comment Share on other sites More sharing options...
Administrators Marcos 5,281 Posted February 22, 2018 Administrators Share Posted February 22, 2018 *.doubleCLCICK.net sounds like a bogus site. If it's accessed by Firefox even without opening any website, it's likely that some of the extensions accessed it. Link to comment Share on other sites More sharing options...
itman 1,752 Posted February 22, 2018 Share Posted February 22, 2018 I checked this out on the QUALS web site. First, stats.g.doubleclick.net is Google Analytics. The cert. it uses shows *.g.doubleclick.net in the subject name. Link to comment Share on other sites More sharing options...
ESET Insiders stackz 115 Posted February 23, 2018 ESET Insiders Share Posted February 23, 2018 (edited) stats.g.doubleclcick.net redirects to a scam site so I'd definitely block communication. Edited February 23, 2018 by stackz Link to comment Share on other sites More sharing options...
itman 1,752 Posted February 23, 2018 Share Posted February 23, 2018 Oops. My eyes are getting bad in my old age. I didn't notice that the URL is g.stats.doubleclcick.net versus g.stats.doubleclick.net which is Google Analytics. Link to comment Share on other sites More sharing options...
itman 1,752 Posted February 23, 2018 Share Posted February 23, 2018 (edited) Here's the detailed analysis of g.stats.doubleclcick.net on QUALS here: https://www.ssllabs.com/ssltest/analyze.html?d=g.stats.doubleclcick.net&s=159.253.28.197&ignoreMismatch=on&latest . Definitely looks like a man-in-the-middle interception to me. Edited February 23, 2018 by itman Link to comment Share on other sites More sharing options...
BrianE 2 Posted March 10, 2018 Share Posted March 10, 2018 On 23/02/2018 at 2:33 PM, itman said: Oops. My eyes are getting bad in my old age. I didn't notice that the URL is g.stats.doubleclcick.net versus g.stats.doubleclick.net which is Google Analytics. This is precisely how fraudsters and other criminals try to dupe people into visiting scam websites. They create a website that is almost identical to the genuine site but just make a minor change such as in this example, which most people won't notice until it's too late. I would recommmend getting the Web Of Trust (WOT) extension for your browser as that will give you a visual indication of many scam websites (to see how it looks in action, take a look at the screenshot I have uploaded). Link to comment Share on other sites More sharing options...
Recommended Posts