User Panel
Posted: 9/9/2022 10:02:56 PM EDT
For several years now, ARFCOM has joined w/ Vigilink to sell your data for profit. IE, whenever you click on a monetized link here on ARFCOM, Vigilink records your IP address, what the link you've clicked on is, and sends a tiny payment to @Goatboy.
Here's an example, recently posted of a Vigilink: https://www.gunbroker.com/item/944935556 But how can you know it's a Vigilink? Looks just like a Gunbroker link, right? Move your mouse over the link above, and see the URL your browser displays, or copy the link by right clicking w/ your mouse and paste the copied link into a blank address bar on another page, but without clicking Paste & Go, just paste. See the redirect.vigilink.com in front of the actual Gunbroker link?: https://redirect.viglink.com/?u=https%3A%2F%2Fwww.gunbroker.com%2Fitem%2F944935556&key=41eb5962625ae87b4762e5bd8c88faf6&prodOvrd=RAL What can you do to not put your browsing habits into a giant commercial database that ATF can reference w/ a phone call? Well, you could go to the 1st link I've posted, highlight the text, copy the TEXT, not the link, & paste the text into a blank address bar in your browser. You've successfully skipped Vigilink tracking. But what if someone rudely posts a link like this? $335 shipped Now, if you copy the price & paste that into the address bar, you get nowhere. You have to copy the link, paste the entire Vigilink URL into your browser, and commence to hacking. Deleting redirect.vigilink.com is pretty easy, along w/ the /?u=. But now you have two https//https in there, as well as %3A%2F%2F and there's some more %2F in there there. Well, it turns out that in ASCII %2F is just this: / and %3A is just: : so what we have is https://rwww.gunbroker.com/item/944935556&key=41eb5962625ae87b4762e5bd8c88faf6&prodOvrd=RAL So just chop the 2nd https%3A%2F%2F outta there, and replace any other %2Fs you see with /, and you'll have a working URL. However, there's still tracking information in there. See all that crap AFTER the item number? That's Vigilink crap. Delete everything after the item number, starting w/ &key= til you get down to this: https://www.gunbroker.com/item/944935556 I'll talk about Amazon links in another post, they put the Vigilink code on the end, and we'll also talk about how ATF can use this information, including your captured IP address. @Subnet |
|
Arfcom is an ad revenue maximizing machine.
And all those link manipulations tie your arfcom profile to your irl identity. The “delete names from old posts” and username change stuff is just a smokescreen. |
|
Quoted: I’m going to start up Vaglink. All the links are to vag. View Quote Attached File Throw in some buttholes and I'm in. |
|
|
Nobody cares.
It’s all gotten so deep and circumspect that the lengths you’d have to go to actually be anonymous on the internet are no longer worth it. Unplug and abstain pretty much completely or be tracked. That’s pretty much it. So embrace the suck. Keep your mags topped off and enjoy the runaway train … next stop: Boog 2.0 |
|
|
Thanks for the PSA. It’s too late for 99.9% of us, but it’s good to know anyway.
|
|
Hovering lets me know whether to click it. Ublock origin blocks it if I'm dumb.
|
|
There needs to be a browser plug-in to cleanse Vigilinks from the urls automatically
|
|
In any URL, anything with a & or ? is optional extra info and it and everything to the right of it can be stripped off to get the basic URL. Like if you do a search on Amazon, then want to send just the product link to someone, you have to strip off all that crap which contains your search cirteria, where you came from to get there, etc.
|
|
|
// ==UserScript== // @name Remove viglink and avantlink on links // @namespace namespace // @version 0.1 // @description Make the links crystal clear, without referrer crap. // @author me // @match http://www.ar15.com/* // @match https://www.ar15.com/* // @icon data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== // @run-at document-end // @grant none // ==/UserScript== (function() { 'use strict'; const replacestring = '$1' // var reg = /^https?\:\/\/redirect.viglink.com\/\?u=([^\&]+).*$/ var reg = /^https?\:\/\/(?:redirect.viglink.com\/\?u=|www.avantlink.com\/click.php\?.*url=)([^\&]+).*$/ var links = [].slice.apply(document.getElementsByTagName("a")); links.forEach(function(link) { var href = link.href; if (href.length && href.substring(0, 1) !== "#" && href.indexOf("redirect.viglink.com")) { if (href.match(reg)) { var linkTarget = link.href.replace(reg,replacestring); link.href = decodeURIComponent(linkTarget); console.log("Rewritten URL: " + href + " as " + link.href); } } }) })(); Userscript... |
|
My piHole blocks all that stuff which means I basically don't click any links from here.
|
|
View Quote Lol @ pic name. Yes uBlock Origin is an excellent tool, but not all our members have it, and even those that my have it may still post confusing links. If you post the raw link, ARFCOM will embed the Vigilink redirection within the link, but you can still just copy & paste the raw text; folks who post text in the link break the link & now you have to spend time & effort combing out the tracking add ons. |
|
Quoted: // ==UserScript== // @name Remove viglink and avantlink on links // @namespace namespace // @version 0.1 // @description Make the links crystal clear, without referrer crap. // @author me // @match http://www.ar15.com/* // @match https://www.ar15.com/* // @icon data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== // @run-at document-end // @grant none // ==/UserScript== (function() { 'use strict'; const replacestring = '$1' // var reg = /^https?\:\/\/redirect.viglink.com\/\?u=([^\&]+).*$/ var reg = /^https?\:\/\/(?:redirect.viglink.com\/\?u=|www.avantlink.com\/click.php\?.*url=)([^\&]+).*$/ var links = [].slice.apply(document.getElementsByTagName("a")); links.forEach(function(link) { var href = link.href; if (href.length && href.substring(0, 1) !== "#" && href.indexOf("redirect.viglink.com")) { if (href.match(reg)) { var linkTarget = link.href.replace(reg,replacestring); link.href = decodeURIComponent(linkTarget); console.log("Rewritten URL: " + href + " as " + link.href); } } }) })(); Userscript... View Quote Nice. Does that strip out the additional tracking added on the end? |
|
Quoted: Nice. Does that strip out the additional tracking added on the end? View Quote View All Quotes View All Quotes Quoted: Quoted: // ==UserScript== // @name Remove viglink and avantlink on links // @namespace namespace // @version 0.1 // @description Make the links crystal clear, without referrer crap. // @author me // @match http://www.ar15.com/* // @match https://www.ar15.com/* // @icon data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== // @run-at document-end // @grant none // ==/UserScript== (function() { 'use strict'; const replacestring = '$1' // var reg = /^https?\:\/\/redirect.viglink.com\/\?u=([^\&]+).*$/ var reg = /^https?\:\/\/(?:redirect.viglink.com\/\?u=|www.avantlink.com\/click.php\?.*url=)([^\&]+).*$/ var links = [].slice.apply(document.getElementsByTagName("a")); links.forEach(function(link) { var href = link.href; if (href.length && href.substring(0, 1) !== "#" && href.indexOf("redirect.viglink.com")) { if (href.match(reg)) { var linkTarget = link.href.replace(reg,replacestring); link.href = decodeURIComponent(linkTarget); console.log("Rewritten URL: " + href + " as " + link.href); } } }) })(); Userscript... Nice. Does that strip out the additional tracking added on the end? Yes. |
|
Once upon a time Arfcom was probably the only site that never put tracking cookies on your computer. Now days there are at least four and I’ve seen as many as nine.
|
|
|
And people still get butt hurt them I tell them their link is full of monkey butt pox aids and that their input has made a negative impact on the thread.
My browser blocks everything with vigilink. Vigilink is aids. |
|
Quoted: Once upon a time Arfcom was probably the only site that never put tracking cookies on your computer. Now days there are at least four and I’ve seen as many as nine. View Quote Attached File |
|
|
|
Quoted: IDK if there is, but ublock origin blocks viglink links for you. View Quote View All Quotes View All Quotes Quoted: Quoted: There needs to be a browser plug-in to cleanse Vigilinks from the urls automatically IDK if there is, but ublock origin blocks viglink links for you. jordanmills posted a userscript above, I think it runs in Greasemonkey. |
|
ARFCOM isn’t your friend. You think the feds can’t pull every single thread you’ve EVER viewed with nary an email to the goat?
Shit, they probably already have direct database access, regardless if site staff is complicit or not. As said before, there are no more secrets, so be prepared to answer for everywhere you’ve been, everything you’ve read, and everything you’ve ever said. Remember when we started a revolution over the Brit’s snooping letters and taxing tea? Now we carry around tracking devices with 4K cameras and microphones. Clown world. |
|
Brave browser. Not perfect but I'm pretty sure it blocks fingerprinting. Currently Brave protects against fingerprinting by preventing third party sites from accessing functionality frequently used to fingerprint users. This includes highly identifying parts of the Canvas, Web Audio and WebGL APIs, among others. These default settings can be changed through Brave’s Shields interface, where users can disable these protections if needed, or also extend them to the first party. Brave prevents known fingerprinting scripts from being loaded, through the browser’s Shields protections. Brave both uses, and contributes to the development of, privacy-protecting filter lists like EasyList and EasyPrivacy. More information about current Brave fingerprinting and privacy protections are available on our Wiki. |
|
Quoted: jordanmills posted a userscript above, I think it runs in Greasemonkey. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: There needs to be a browser plug-in to cleanse Vigilinks from the urls automatically IDK if there is, but ublock origin blocks viglink links for you. jordanmills posted a userscript above, I think it runs in Greasemonkey. Yep. Should run in any popular userscript manager. Decodes and replaces that junk inline and you never notice them any more. |
|
Quoted: Browser fingerprinting View Quote https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/ Chrome/Chromium: https://chrome.google.com/webstore/detail/canvas-blocker-fingerprin/nomnklagbgmgghhjidfhnoelnjfndfpd |
|
Quoted: Except they have the time, date, & IP address from your VPN, so ATF can call up your VPN & say, please pull your logs and give us syclone170's IP address at this time on this date. View Quote View All Quotes View All Quotes Quoted: Quoted: I dont care if they capture my phony URL address from my VPN Except they have the time, date, & IP address from your VPN, so ATF can call up your VPN & say, please pull your logs and give us syclone170's IP address at this time on this date. Any VPN provider worth using doesn’t capture any logs like that. It’s the whole point of their service. |
|
|
|
Thanks OP, interesting topic and I learned something.
I'm running Brave and Adblock+ (I think it's called) I'll have to check into Ublock |
|
https://pi-hole.net/
this will work on your entire LAN. it can be set up to be used at all times on your phone remotely. fuck all things that track. and all ads. |
|
Quoted: Quoted: Arfcom is an ad revenue maximizing machine. And all those link manipulations tie your arfcom profile to your irl identity. The “delete names from old posts” and username change stuff is just a smokescreen. BuT YoUrE NoT a PaId MeMbEr Support the community |
|
dns filtering/ blocking on my machines haven't let me use those links for quite a while
and yes UBlock on the browser stops it too it is what it is |
|
Quoted: Any VPN provider worth using doesn’t capture any logs like that. It’s the whole point of their service. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: I dont care if they capture my phony URL address from my VPN Except they have the time, date, & IP address from your VPN, so ATF can call up your VPN & say, please pull your logs and give us syclone170's IP address at this time on this date. Any VPN provider worth using doesn’t capture any logs like that. It’s the whole point of their service. And the guarantee that they don't keep logs is ironclad, is it? Because we trust BigTech so much. |
|
If you're worried about the atf databases then maybe don't post on arfcom.
|
|
Of all the sites that Brave blocks "ads and creepy things" Arfcom is at the top of the list.
|
|
|
Quoted: And the guarantee that they don't keep logs is ironclad, is it? Because we trust BigTech so much. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: Quoted: I dont care if they capture my phony URL address from my VPN Except they have the time, date, & IP address from your VPN, so ATF can call up your VPN & say, please pull your logs and give us syclone170's IP address at this time on this date. Any VPN provider worth using doesn’t capture any logs like that. It’s the whole point of their service. And the guarantee that they don't keep logs is ironclad, is it? Because we trust BigTech so much. At least one of those services has been pulled into court to provide logs, only to say “we don’t have any.” They also recently had third party auditors go thru their system and verify their no logs policy was accurate. They even made all of their software open source so people can look thru that if they want to. |
|
Quoted: At least one of those services has been pulled into court to provide logs, only to say “we don’t have any.” They also recently had third party auditors go thru their system and verify their no logs policy was accurate. They even made all of their software open source so people can look thru that if they want to. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: Quoted: Quoted: I dont care if they capture my phony URL address from my VPN Except they have the time, date, & IP address from your VPN, so ATF can call up your VPN & say, please pull your logs and give us syclone170's IP address at this time on this date. Any VPN provider worth using doesn’t capture any logs like that. It’s the whole point of their service. And the guarantee that they don't keep logs is ironclad, is it? Because we trust BigTech so much. At least one of those services has been pulled into court to provide logs, only to say “we don’t have any.” They also recently had third party auditors go thru their system and verify their no logs policy was accurate. They even made all of their software open source so people can look thru that if they want to. What vpn service ? |
|
Quoted: What vpn service ? View Quote PIA https://www.privateinternetaccess.com/blog/privacy-audit/ They have also moved their own servers out of countries that pass laws requiring logs to be kept. Definitely understand being skeptical of such claims, but this companies claims have held up multiple times so far. |
|
Quoted: // ==UserScript== // @name Remove viglink and avantlink on links // @namespace namespace // @version 0.1 // @description Make the links crystal clear, without referrer crap. // @author me // @match http://www.ar15.com/* // @match https://www.ar15.com/* // @icon data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== // @run-at document-end // @grant none // ==/UserScript== (function() { 'use strict'; const replacestring = '$1' // var reg = /^https?\:\/\/redirect.viglink.com\/\?u=([^\&]+).*$/ var reg = /^https?\:\/\/(?:redirect.viglink.com\/\?u=|www.avantlink.com\/click.php\?.*url=)([^\&]+).*$/ var links = [].slice.apply(document.getElementsByTagName("a")); links.forEach(function(link) { var href = link.href; if (href.length && href.substring(0, 1) !== "#" && href.indexOf("redirect.viglink.com")) { if (href.match(reg)) { var linkTarget = link.href.replace(reg,replacestring); link.href = decodeURIComponent(linkTarget); console.log("Rewritten URL: " + href + " as " + link.href); } } }) })(); Userscript... View Quote Neat, thanks! Now no more fuckery needed when my pi-hole blocks the viglinks! |
|
Quoted: At least one of those services has been pulled into court to provide logs, only to say “we don’t have any.” They also recently had third party auditors go thru their system and verify their no logs policy was accurate. They even made all of their software open source so people can look thru that if they want to. View Quote ExpressVPN runs on VMs and RAM drives, which they reboot weekly. They’re quite serious about no tracking, and are based in BVI. https://www.expressvpn.com/blog/trustedserver-a-deep-dive-into-the-security-of-our-innovative-server-tech/ |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.