What is this website warning prompted by?

June 2, 2015 at 23:19:05
Specs: Win 7
Among lots of other changes, I recently put FaceBook in my
hosts file and in the list of Restricted sites in Internet Options.
One of those two is probably why I get this warning message
regarding FaceBook on a LOT of web pages:

http://www.freemars.org/jeff2/FBWar...

I may have got similar warnings about one or two other
websites, but FaceBook warnings pop up very frequently.
I'm curious what that very common link links to. Is it just a
generic FaceBook home page where you can sign in?
Or what? The warning is identical for every website.
Microsoft web pages are one place they show up.

-- Jeff, in Minneapolis


See More: What is this website warning prompted by?

Report •

#1
June 3, 2015 at 00:32:16
I've never looked into the 'why' of it but I've noticed many pages get some of their content from other sites, especially facebook. It may be from their own facebook page or facebook may have a kind of hosting service to make their traffic look more impressive.

It usually goes by pretty quick but if you look at the activity bar on the bottom of the IE page for example it'll show the various sites the page is loading from. Anyway, I'm sure that's why those warnings are coming up. And I doubt the warnings are showing the complete URL--just their main page.


Report •

#2
Report •

#3
June 3, 2015 at 02:11:59
John,

I scanned through much of that. Some of them were asking the
same or similar question to what I asked, but all of the answers
were how to make the messages go away, not an explanation of
what FaceBook is trying to do. I should have said I was already
pretty sure I can make the popup warning messages go away by
changing a security setting from "Prompt" to either "Enable" or
"Disable". I've had the setting on "Prompt" in order to determine
whether I will miss anything by changing the setting to "Disable".

So I keep getting these messages involving FaceBook, which as
I said I have put in both my hosts file and Restricted sites list. They
show up on a variety of websites, including Microsoft. Very few if
any similar warning messages pop up regarding anything other
than FaceBook, even though I've got something like 60 sites in the
list (most or all of them listed twice, for some reason, with and
without "www." on the front end).

I figure that these link-things are all trying to do basically the same
thing, nomatter which site they are on. What are they trying to do?

-- Jeff, in Minneapolis


Report •

Related Solutions

#4
June 3, 2015 at 09:43:00
Are you running IE11 with all the updates, or an earlier version?

"No matter if you're missing ieframe.dll or if you're receiving a browser error message about it, reinstalling or updating to the latest version of Internet Explorer has resolved many user's issues with ieframe.dll."

http://pcsupport.about.com/od/findb...


Report •

#5
June 3, 2015 at 10:19:23
I'm running the version of IE that came with Windows 7, so my copy
of ieframe.dll is old. But that's irrelevant. I never got the messages
before because I never had that setting set to "Prompt" before, and
I never blocked FaceBook before. A couple of minutes ago I tried
to look at an item linked at the bottom of a web page, and got the
same popup message for AdBlade instead of FaceBook. So I am
seeing it for more than just FaceBook. AdBlade is also one of the
approximately 60 websites I have blocked. Declining the link in
that case meant I couldn't view the item. So I learned something.

-- Jeff, in Minneapolis


Report •

#6
June 3, 2015 at 11:35:42
If they are being picked up by hosts you should not be getting what was showing in the screenshot. You shouldn't even be getting the option. With IE Restricted sites it all depends on how the Restricted Sites options are setup.

Always pop back and let us know the outcome - thanks


Report •

#7
June 3, 2015 at 13:48:20
"I'm running the version of IE that came with Windows 7, so my copy
of ieframe.dll is old. But that's irrelevant"

It's not irrelevant. Win7 came with IE8. Are you saying you've never upgraded? If not, what are you waiting for? IE8 is almost 6 years old & support on websites is declinely rapidly. Microsoft is going to stop supporting it altogether in January. You should be running IE11. I'm curious what other updates you are avoiding. Have you installed SP1 yet?


Report •

#8
June 3, 2015 at 17:58:16
The browser or version of it that I'm using is irrelevant to finding
out what it is that Facebook is trying to do. I'm not interested in
either letting Facebook do it or preventing Facebook from doing it.
Those are both trivial. I can easily change the settings either way.
What is hard is finding out what Facebook is trying to do. Is it
something I want, or something I want to block?

Derek,

Maybe I was wrong that having Facebook in my hosts file and
Restricted sites list has anything to do with the messages.
It looks to me that when I go to a web page on Microsoft or
Bleepingcomputer.com or a whole *host* of other places, that
something on those pages wants to connect to Facebook. One
of my settings prevents that and pops up the warning instead.
Nothing is getting to my computer from Facebook.

And the hosts file doesn't prevent a connection between my
computer and the listed websites. It just prevents a DNS
lookup that would normally lead to a connection.

-- Jeff, in Minneapolis

message edited by Jeff Root


Report •

#9
June 3, 2015 at 18:35:38
"Restricted sites list"
What do you have in the Trusted sites Jeff?

Report •

#10
June 3, 2015 at 19:40:05
And the hosts file doesn't prevent a connection between my computer and the listed websites. It just prevents a DNS lookup that would normally lead to a connection.

If in Hosts you have set those websites to 127.0.0.1 then they will NOT connect because they are routed back to your local host. If you happen to use 127.0.0.0 (some folk do) then it will not connect because it is an invalid IP.

EDIT:
Amplified the 127.0.0.0 situation.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#11
June 4, 2015 at 02:25:58
Trusted sites is empty.

The defaults for Restricted sites restricts just about everything.
I restricted even more. The only restriction I relaxed was to
Disable "Use SmartScreen Filter".

I left most of the default settings in the Internet Zone, but made
quite a number of them more restrictive. Again I changed "Use
SmartScreen Filter" to "Disable". The only other restrictions I
relaxed are:

"Display Video and Animation on a webpage that Does not Use
External Media Player" > Changed from "Disable" to "Enable".

"Access data sources across domains" > Changed from
"Disable" to "Prompt" in order to learn whether and when this is
being attempted. I suspect that this may be the relevant setting.

"Display mixed content" > Changed from "Prompt" to "Enable".
Every time I got the prompt in the past, I clicked "Display", so I
see no reason to continue with the prompt.

Finally, "Websites in less privileged web content zone can
navigate into this zone" I made MORE restrictive, by changing
from "Enable" to "Prompt". This is the other possibility I see
as maybe causing the popup warning messages.


Regarding hosts, I forget exactly how it works, but I'm
pretty sure it only prevents a connection to a website when a
program needs to get the IP address corresponding to a host
name (which generally means a domain name). If it already
has the IP address, the hosts file isn't involved, since a DNS
lookup isn't needed.

That probably isn't relevant here, in which case I need not have
brought it up.

-- Jeff, in Minneapolis


Report •

#12
June 4, 2015 at 07:29:41
Hosts etc. Nope, it's kinda the other way round:

In IP (Internet Protocol Address) is "always" needed by the computer when you go to a website. The www version is just for us humans and is translated to an IP using DNS.

Windows always looks through the host file first to see if an alternative IP is required - perhaps the downside of having a huge hosts file. So if you are trying to connect to a website using "www and all that", it will check to see if the IP appears in hosts and use that instead. By using 127.0.0.1 (or 127.0.0.0) in hosts it will not connect to the normal website IP. This is global, unlike IE Restricted Sites, and independent of which browser you use.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#13
June 6, 2015 at 01:50:58
So nobody here knows what all those websites are downloading to
you from Facebook.com?

Is anyone else blocking it (whatever it is), or do you all allow it to be
downloaded?

Derek,

What you said is the same as what I said, except that you seem to
think an entry in hosts will block that website nomatter what.
All it does is circumvent a DNS lookup of the website's IP address.
If a program already has the IP address, then a DNS lookup isn't
needed, so the hosts file will not be consulted.

-- Jeff, in Minneapolis


Report •

#14
June 6, 2015 at 04:29:01
Hosts file is part of a DNS lookup and is consulted first if a DNS lookup is required.

example

127.0.0.1 localhost # loopback
173.252.120.6 www.facebook.com # in my case

DNS lookups are cached by the OS.
Programs generally do not cache IP addresses.
However the IP addr can be hardcoded in the program.

If you are using IE browser press F12 while in www.facebook.com and select NETWORK. It will display websites visited to download data.


Report •

#15
June 6, 2015 at 08:57:04
Re last para #13. I did this:

My IE home page is Bing. I checked this was working fine and double checked I could access Bing from links in my other two browsers too.

I obtained one of the Bing IP addresses (204.79.197.200) and checked that I could use this in the address line to access Bing from all three browsers - also fine.

I then put these entries in hosts:
127.0.0.1 www.bing.com
127.0.0.1 bing.com

I was then unable to access Bing from anywhere, even if I used 204.79.197.200 in the browser address bars. So it blocked Bing no matter what, although I accept that my previous explanation was over simplified.

No idea what would happen if 204.79.197.200 was hardcoded into programs - not easy to try.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#16
June 6, 2015 at 12:41:33
Interesting! I think I'd try an IP address hardcoded into a web page.
Visit the page and see if the other website is accessed.

-- Jeff, in Minneapolis


Report •

#17
June 6, 2015 at 14:29:38
I haven't a website but if you have one give it a whirl.

You might be right about embedded IPs but as you know, the host file has been used for donkeys years to block access to advertising. If it was just a matter of them embedding an IP number instead of a full blown address it would be surprise me that they didn't catch on to that idea ages ago.

However, life is full of surprises....

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#18
June 7, 2015 at 01:26:04
Yes. My uneducated guess was that so few people use the
hosts file that it wasn't a significant factor.

-- Jeff, in Minneapolis


Report •

#19
June 7, 2015 at 13:59:04
Yes, I think the use of Hosts has declined in the last 15 years or so, probably due to the development of better adblock programs and a generally less geeky attitude towards computers.

Always pop back and let us know the outcome - thanks


Report •

Ask Question