Webman Posted December 29, 2020 ID:1429788 Share Posted December 29, 2020 Some images are being blocked by Malwarebytes Browser Guard (Chrome) from our media server, named 111.png These are legitimate graphics that load in a game, but the games fail to load properly when these images are blocked. Please whitelist these images on the media.vidpok.com domain. Thank you. A couple of examples are: https://media.vidpok.com/games/WheelDeluxe17/images/animations/111.png https://media.vidpok.com/games/UXSpin/images/animations/mainMenu/111.png There may be others as well, but all .png images should be safe on this domain. Thank you. Link to post
gonzo Posted December 29, 2020 ID:1429796 Share Posted December 29, 2020 Actually, we do not block images. We block domains/subdomains. If an image is not being displayed, it could be the result of: The server where the images are stored (I do not believe this to be the case here) The referring server (possible) Association with an ad server or tracker (possible) If you use Browser Guard yourself, Click on the Malwarebytes logo in your address bar to find out more, or you can download Browser Guard debug log and send it to me. The log grows extremely fast, so you should start with a fresh browser, do as little as necessary to reproduce the missing images, and download the log as soon as you can. If you are hearing about this from one of your users, I would need to know the name of the game (and hope that its a free one). Link to post
Webman Posted December 29, 2020 Author ID:1429797 Share Posted December 29, 2020 Thank you for the prompt reply. Interesting that only these image URL's seem to be blocked, as we load hundreds of images off that server that seem to be unaffected. The games are loaded from the videopoker.com domain, however if you visit the image URL's above directly, the following appears: Website blocked due to a suspicious download Download blocked: https://media.vidpok.com/games/WheelDeluxe17/images/animations/111.png If you need to load the game, which is indeed free, you can visit the following address:https://www.videopoker.com/play/?game=127&mbtest=1&title=Ultimate X Spin Poker You will see that it loads to about 98% before presenting an error. The console allowed me to see the images that were being denied. Turning off "scams" blocking in Browser Guard allows them to load. Link to post
Webman Posted December 29, 2020 Author ID:1429798 Share Posted December 29, 2020 Note that the following is blocked: https://media.vidpok.com/games/UXSpin/images/animations/mainMenu/111.png Whereas this is not? https://media.vidpok.com/games/UXSpin/images/animations/mainMenu/112.png These are simply two different frames of an animation. Link to post
gonzo Posted December 30, 2020 ID:1429821 Share Posted December 30, 2020 Thank you for the additional information. I see two issues, one of which may rear its ugly head at some point. I'll start with it. In less than one minute of testing, the log showed 69 blocked instances of advertising and trackers. One of the primary design criteria of Browser Guard is to block ads and trackers, which are considered by many users to be invasive. While I typed this last paragraph, another 600 calls to ads and trackers were blocked! Second, and the one that you brought up is the image that is blocked. Seeing that it is a suspicious download changes the playing field a little bit. There are two types of suspicious downloads. They are: An executable (EXE) file. A .PNG file is not an executable, so we rule that one out. Any file that is downloaded whose MIME type does not match the type of file being downloaded. This is done so an EXE masquerading as a TXT file cannot be downloaded and massaged after download to cause damage. I expect a mismatched MIME type to be the problem here. What I would suggest is to check out the specifications of the PNG files being downloaded and look for the mismatch. See if that makes the difference. Fixing it on this end would be a last resort, and other protection products would likely be triggered by this as well (if it is the issue). Whatever the outcome, please let me know in case a different repair method is needed. INTERESTING! Link to post
Webman Posted December 30, 2020 Author ID:1429827 Share Posted December 30, 2020 Eliminating the possibility of ads being an issue, let's look at the images alone. I took an image that is not blocked on that server (112.png above) and saved it to our main server. As 112.png it is still not blocked on this other server. Renaming the exact same image to 111.png however, it is blocked. Based on that, I have to believe any image named 111.png is currently being blocked. Sample of the same exact image with different names, one blocked the other not: https://www.videopoker.com/111.png (blocked) http://www.videopoker.com/112.png (not blocked) Link to post
Webman Posted December 30, 2020 Author ID:1429829 Share Posted December 30, 2020 Yes, it is certainly that. Here is a completely unrelated image on an unrelated website and server, renamed to 111.png which is also blocked: http://www.mycloset.com/111.png The obvious answer of course is don't name any images 111.png. But I'm not sure that's the best solution here. Do you really want to be blocking any such image for no reason? Let me know if you can assist on your end. Thanks! Link to post
gonzo Posted December 30, 2020 ID:1429931 Share Posted December 30, 2020 The site has been whitelisted. Please allow 15-30 minutes for changes to take effect. Link to post
Webman Posted December 30, 2020 Author ID:1429940 Share Posted December 30, 2020 Here is a new image I will test with, for reference (attaching here) Link to post
Webman Posted December 30, 2020 Author ID:1429944 Share Posted December 30, 2020 As you will see via the above attachment, a brand new clean image with this filename is even blocked on this site here. I'm not certain a domain whitelisting is going to solve it, but will give it an hour. Visiting the URL of the attached image above, I get: Website blocked due to a suspicious download Download blocked: https://content.invisioncic.com/Mmalware/monthly_2020_12/111.png.ecbfc5065eb8fff1b9e40104f5d4277f.png Link to post
gonzo Posted December 30, 2020 ID:1429946 Share Posted December 30, 2020 I do not have an answer at this point. I have referred this thread to the developers in hopes they do have an answer. They are on break until January 4, so hopefully the whitelisting will work until we know something more concrete. Thanks for your patience on this! Link to post
Webman Posted December 30, 2020 Author ID:1429947 Share Posted December 30, 2020 Understood and thank you for your prompt replies. Our game developers are out as well or I would have the images renamed already. 😉 Link to post
gonzo Posted December 30, 2020 ID:1429953 Share Posted December 30, 2020 I did see that there were no mime types specified, so "image/PNG" was assumed. I also noted that one was an HTTP request while the other was HTTPS. I tried both images with both protocols, but the results were as you had already seen. Developer may look tonight, but he is skiing right now. Link to post
Webman Posted December 30, 2020 Author ID:1429971 Share Posted December 30, 2020 No luck from whitelisting. Just to boil this down for the developers: Any image on any web site with the name 111.png is flagged as a suspicious download. Because several of our games have images with this filename, the games are unable to load for people with Browser Guard running. Disabling the "scams" feature allows them to work, but it's been a chore to talk customers through this (and some may not want to, nor should they need to). Thanks. Link to post
Webman Posted January 6, 2021 Author ID:1430813 Share Posted January 6, 2021 Any update? Link to post
gonzo Posted January 6, 2021 ID:1430937 Share Posted January 6, 2021 The developer is back from Christmas break, and I have reminded him this is waiting for him. I'm being gently persistent, if you know what I mean. Link to post
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now