I should say at the outset that Cheezburger is all kinds of awesome, and none of this is their fault. I feel for them in that, somewhere along the line, a misbehaving operator is sabotaging their stuff.
I’ve recently built a Sheevaplug as a caching DNS server for my home network, so it was a handy place to bring up a squid proxy. I configured it in proxy-only mode, and set it as the proxy on my iPhone so that I could capture all the phone’s traffic without faffing around with router reconfiguration. A few minutes of kitten admiration later, and it happened: the Cheezburger app suddenly launched the App Store page for something called ‘Clash of Clans’ (no, it doesn’t get a hyperlink here, because this is a bloody rude thing to do).
Digging through the tcpdump output with the lovely Wireshark (which is what my final year degree project should have been… but I digress), I found that the Cheezburger app issued a request to Tictacti, which redirected to Appia, which then redirected to
Presumably hastrk2.com is an advertising network; browsing to it gives a redirect to the Google Play store, which is a pretty misleading thing to do if it’s not Google’s domain. The domain is registered to an individual in Seattle, and the IP address is in Amazon Web Services‘ range, making me think it’s not Google at all. I hear that Google has a reasonable amount of hosting capacity without relying on AWS.
Anyway… the unpleasantness happens when hastrk2.com replies with
HTTP/1.0 302 Moved Temporarily
Well that’s not very friendly. itms-appss is a URL scheme that jumps to the App Store, and when the running app tries to open it, iOS faithfully jumps to that app’s page (as if you’d buy it after that nasty experience). Interestingly, searching for itms-appss documentation gives some Apple documentation pages, but none of them refer to that scheme any more, so I don’t think it’s meant to be used in this way.
There are of course many ways to block this sort of horribleness—a nice Privoxy rule comes to mind—but these squid directives did it for me:
acl appstore_jumpers dstdomain .hastrk2.com
http_access deny appstore_jumpers
Online advertising pays for some wonderful things, but being cretinous just makes people hate your customers. At worst, people suspect a fault and end up in an Apple Store looking confused. So, to those responsible for this crap, I say: Get it right up you, scumbags.
Appreciate the article! Could it be someone making money of off this as “commercial”? If so, the person is making LOTS of money this way.
Anyhow; I was wondering if you could provide some instructions as to how I could implement the code in the last segment of the article.
Is the below code one that blocks this app-store jump?
If so, how do I get this to work on my iPhone?
“acl appstore_jumpers dstdomain .hastrk2.com
http_access deny appstore_jumpers”
Thanks in advance!
It’s just a nasty tactic to drive traffic to the app store, so that people download the ‘free’ app and go on to buy the inevitable in-app purchases.
The code in the article is a config snippet for Squid, which (in simple terms) is a program which sits between your iPhone and the Internet. You’ll need a separate computer to run it on (I have a Sheevaplug for other things, so I just put it on there), and set it as the iPhone’s HTTP proxy for your wireless network in Settings -> Wi-Fi.
Thanks for your reply!
Nasty tactic indeed. Desperate measures much.
I will apply this on my computer and phone as soon as possible. Again, thanks!
Yhank you for providing a solution
but I have a question: How can I write the code in my iPad?
Short answer: you can’t. The config I’ve given is for an external proxy, so won’t be of any use to you unless you know how to build and configure such things. I don’t know of any way around this other than using something external.
I think router can be setup with a filter for URL hastrk2.com .
You are looking at the Appia xml feed.
Just wanna say I had these ads popping up as well and I got rid of them by simply uninstalling my music downloader app. In my case it was “Simple mp3 downloader”. Haven’t had it happen since and I’ll install the app when I want music then delete it again when I’m done.
So your solution only works when using wifi on the network where you installed the proxy?
The proxy could be anywhere, but you have to configure your phone to use it.