Skip to content
This repository has been archived by the owner on May 17, 2024. It is now read-only.

Guce domain breakage #188

Closed
liamengland1 opened this issue Jun 4, 2020 · 7 comments
Closed

Guce domain breakage #188

liamengland1 opened this issue Jun 4, 2020 · 7 comments
Labels
broken-site Valid block breaks a legit site help wanted Extra attention is needed

Comments

@liamengland1
Copy link

liamengland1 commented Jun 4, 2020
edited

This domain guce.huffpost.com breaks visiting huffpost.com, because of how Verizon Media
have set up their stupid cookie consent system. On any Verizon Media
site, on your first visit from that IP/device in a year (?), you will be redirected to the guce subdomain. If you are in a place with no privacy laws, you will be redirected back to your destination. If you are in EU, you will be redirected to consent.yahoo.com to give consent for cookies to be placed. Otherwise you will not be able to visit any Verizon Media sites. This is hard to reproduce, as they keep track of it server-side I think.

Other sites where this may occur:

aol.com
aol.ca
aol.co.uk
engadget.com
compuserve.com
isp.netscape.com
huffingtonpost.ca
huffingtonpost.co.uk
huffingtonpost.com.au
rivals.com
techcrunch.com
verizonmedia.com
yahoo.com
@lightswitch05 lightswitch05 added broken-site Valid block breaks a legit site help wanted Extra attention is needed labels Jun 4, 2020
@lightswitch05
Copy link
Owner

Thanks for the info, I'll keep an eye on it. Maybe someone else will have some more information to provide

@liamengland1
Copy link
Author

liamengland1 commented Jun 4, 2020
edited

aol.co.uk redirects to https://guce.advertising.com/collectIdentifiers

So that's another breakage right there.

@liamengland1
Copy link
Author

Just ran into this:

https://www.huffingtonpost.co.uk/entry/jk-rolwing-transphobic-tweet_uk_5ab77230e4b054d118e3b789

Here's what visiting that page looks like from a US IP, pihole enabled (inaccesible): https://streamable.com/m1lx0o

Here's what visiting that page looks like from a US IP, pihole disabled: https://streamable.com/pxz1aq

Here's a video showing some more inaccessible Verizon Media sites from a UK IP (proxy): https://streamable.com/r08ooo

@lightswitch05
Copy link
Owner

Thanks for the follow up @llacb47 - really A+ feedback. So the ask here is to whitelist both guce.advertising.com and guce.huffpost.com?

@liamengland1
Copy link
Author

liamengland1 commented Jun 11, 2020
edited

Yep, think so

Edit: to check if a Verizon Media site is using this, the guce subdomain will CNAME to real.rotation.guce.aws.oath.cloud. I've never seen it on isp.netscape.com or compuserve.com though (probably because those are ancient domains used by almost nobody).

Edit 2: on second thought I think the guce subdomain exists on all Verizon Media properties, but the hard cookie wall is implemented on site-to-site basis and GeoIP.

Edit 3: Rivals.com totally blocks UK. lol

Rivals is not available from your location
You are attempting to access Rivals from a location that is not currently allowed, either due to local laws such as GDPR or for security reasons. If you feel you are encountering this page in error, please email us at subscriptions@rivals.com

Edit 4: even worse, sometimes they do the redirects from client-side with the script https://s.yimg.com/oa/guce.js. (encountered on ryot.org with UK ip)

@lightswitch05
Copy link
Owner

Whitelisted!

@liamengland1
Copy link
Author

Thanks!

@liamengland1 liamengland1 mentioned this issue Jun 14, 2020
Open
@liamengland1 liamengland1 mentioned this issue Aug 6, 2020
Closed
@p1r473 p1r473 mentioned this issue Jan 22, 2021
Closed
@radupotop radupotop mentioned this issue Dec 2, 2022
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
broken-site Valid block breaks a legit site help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lightswitch05 @liamengland1