Be wary of Wowhead on capped/slow plans!

General Discussion
1 2 3 18 Next
There's another thread here asking about issues on Wowhead:

http://us.battle.net/forums/en/wow/topic/20752326947

Wowhead is indeed having some major problems right now. Several users are noting that the site uploads potentially several gigabytes of data in a relatively short timeframe, while each individual page load can be numerous megabytes in size. If you are accessing Wowhead from a capped Internet plan, the site can potentially use up all of your data in only a few hours. Likewise, if you are using Wowhead on a slower Internet connection, it can consume a lot of bandwidth in the background and drastically impact your in-game latency.

There is a thread on Wowhead's forum regarding this as well:

http://www.wowhead.com/forums&topic=257920&p=4013956

Additionally, as usual, be careful in general when browsing Wowhead. Wowhead has gained a notorious reputation for serving up malicious advertisements. When accessing Wowhead, I personally recommend using an ad blocking program such as uBlock Origin for your safety.

Bad advertisements are relatively rare and you are highly unlikely to be affected, but if you notice any strange behaviour with your Battle.net account or are concerned in general, run an occasional malware scan with a program such as Windows Defender or Malwarebytes Anti-Malware.

Stay safe, and have fun!
I've temporarily disabled uBlock Origin and disabled my hosts-based ad blocking to see what's going on with Wowhead. There's...a lot of nastiness. The site continues to refresh advertisements in the background. This means that every minute or so it loads in some new scripts and renders some new ads. There are also several .swf (Flash) ads that didn't seem to load, and there have been >1700 requests.

The console is an unintelligible mess. In all my years I've never seen so much garbage get logged because of bad advertisements. Here's a screenshot:

https://i.imgur.com/lWsp7eV.png

Lots and lots and lots of 403s/404s/503s. The number of domains it tries to connect to simply to load ads is absolutely mind-boggling, and the constant advertisement refreshing means that it's unfortunately significantly easier to have a potential bad ad pushed to a user than I could have imagined.

I followed through some of the domains too. Some of these sites are hosting and providing content illegally, and some do contain truly malicious content.

In the time between pasting the link to that screenshot and getting to typing this paragraph, Wowhead has well exceeded 2000 requests and continues to refresh advertisements. This is nasty.

It is my recommendation to discontinue use of Wowhead immediately. If you continue using Wowhead, please ensure that you have an ad blocker running for your protection. If you notice unauthorised access to your Battle.net account or find your computer experiencing abnormal behaviour, run a malware scan with Windows Defender, Malwarebytes, or a similar product.
Was going to post this in another thread -

http://imgur.com/a/KO15X

The website itself is opening an absolute boatload of TCP connections and appears to be uploading meta data from your browser to, from what whois is pointing to a marketing company.

https://www.networksolutions.com/whois/results.jsp?ip=192.33.31.57

After blocking that IP, wowhead becomes completely inaccessible.

Edit - Just disabled it and ran an inspect element on wowheads website. I'd highly recommend running a script blocker.

</script><script type=text/javascript>INSTART.Init({"apiDomain":"assets.insnw.net","correlation_id":"1480132222:fdeea580930f8a3f","custName":"zamnetwork","disableInjectionXhr":true,"disableInjectionXhrQueryParam":"instart_disable_injection","iframeCommunicationTimeout":3000,"nanovisorGlobalNameSpace":"I10C","partialImage":false,"propName":"wowhead","rId":"1923","release":"nv-7.0.6","rum":false,"serveNanovisorSameDomain":true,"useIframeRpc":false,"useWrapper":false,"ver":"abd","virtualDomains":4,"virtualizeDomains":["^www\\.wowhead\\.com$"]}
I think this should be sticky.
I have an account there with almost 10k rep, been a member since around 2012, and over the passed year it's just got progressively worse.

Extremely intrusive adverts (I don't run adblock so I can passively support the website)

Random total freezes where I have to shut down my browser through task manager.

Randomly triggering my anti virus.

I don't know what the hell happened over there.. isn't it also possible to link your battle.net account to wowhead? seems safe LOL.
pretty standard proceedings for ZAM media
Jesus christ they need to step their game up immediately.
11/25/2016 07:49 PMPosted by Berronax
isn't it also possible to link your battle.net account to wowhead?


I just went into my account settings and unlinked mine!
Stop using wowhead.
Youtube everything you need.
I blame russia!
11/25/2016 07:52 PMPosted by Avelissa
11/25/2016 07:49 PMPosted by Berronax
isn't it also possible to link your battle.net account to wowhead?


I just went into my account settings and unlinked mine!


Never did it in the first place me, nor would I do it for twitch.

Seems too dangerous to link your bnet accounts to any external website, then again I'm not really savvy when it comes to this sort of stuff.

But linking my bnet to wowhead? sounds about as safe and sticking a knife into a toaster.
Yikes.

Is this going to signify the rise of Thottbot again?

Or actually ick, looks like Thottbot got absorbed into wowhead a while back huh?
11/25/2016 07:46 PMPosted by Disagreed
The website itself is opening an absolute boatload of TCP connections and appears to be uploading meta data from your browser to, from what whois is pointing to a marketing company.
https://www.networksolutions.com/whois/results.jsp?ip=192.33.31.57

After blocking that IP, wowhead becomes completely inaccessible.


The IP is owned by a company known as Instart Logic:

https://www.instartlogic.com/

To be completely fair, Instart Logic is legitimate. They offer several services that can be appealing to web developers.

I have no reason to believe that Instart Logic itself is at all related to the bad behaviour on Wowhead.
11/25/2016 07:46 PMPosted by Rukwar
I think this should be sticky.


+1 for the potential this raises for wreaking devastation on a good chunk of the playerbase.
Wow i forgot that you can link your accounts, Blizz needs to do some serious security checks because i imagine this could be bad if it hacks into peoples accounts.
Thank you for this heads up.

I deeply appreciate it!

*edit- I agree with others. This should be a sticky.
Please everyone send a warning in trade / general. A everyone needs to be made aware.
Last time I saw someone was trying to get this word out the thread was deleted lol..... but yea its been bad for a long time now and they haven't done squat to improve it.
I haven't had any problems with wowhead that I've noticed (I have addblock +), however after reading this I downloaded ublock origin and am going to run a full scan on my computer to catch anything (hopefully there's nothing).

Do you have any suggestions for websites similar to wowhead but not bad?
11/25/2016 07:49 PMPosted by Berronax
isn't it also possible to link your battle.net account to wowhead? seems safe LOL.

Accounts should not be at risk regardless of whether they were linked to Wowhead or not.

To my knowledge, Battle.net accounts are most often compromised when players click through links and provide account details in phishing emails. Less commonly, some malware may target Battle.net accounts and use a keylogger to pass login information to an unsavoury third-party.

Authenticators largely protect against both types of attacks. I highly recommend using an authenticator if you aren't already. That is - bar none - the simplest and most effective way of protecting your account.
11/25/2016 07:52 PMPosted by Gigolock
Stop using wowhead.
Youtube everything you need.
I blame russia!


I wish. Youtube (and video streams) are something that I'm not fond of. Sometimes a few seconds is all I need for my information not five or so minutes.

Anyway with WoWhead out of the picture I may have to now...

Join the Conversation

Return to Forum