Getting rid of redirects to and from celeb-secret.live

What is celeb-secret[.]live?

Celeb-secret[.]live is a rogue website, practically identical to mediasource.online, dreamteammyfriend.com, videosp.pro and many others. It operates by generating redirects to compromised and possibly malicious sites, as well as presents users with highly dubious content (including clickbait).

It is noteworthy, that few visitors to celeb-secret[.]live access it willingly, most get redirected to it. Either by clicking on intrusive advertisements (usually hosted by unreliable sites) or by PUAs (potentially unwanted applications) already present in the device. It should be mentioned, that said undesirable applications do not need explicit user consent to be installed onto systems.

PUAs generate redirects to untrustworthy and malignant websites, deliver invasive ad campaigns and some can even track data.

PUAs promote celeb-secret[.]live by force-opening new browser tabs/windows and redirecting users to it. Intrusive adverts spread this rogue website by likewise redirecting to it. Once accessed, the first thing this website does, is check visitor's IP (Internet Protocol) address in order to learn their geolocation.

What celeb-secret[.]live does next, depends on this data; it either redirects users elsewhere or force-feeds them questionable content. Said content includes clickbait (e.g. "click allow to play video", "tap allow to verify, that you are 18 or older", "click here to view newest/viral movies/TV/videos/content" and etc.).

The celeb-secret[.]live site disguise the consent option to its notifications using clickbait. If consented to, it begins delivering intrusive advertisement campaigns (pop-ups, banners, surveys, coupons and so on). Adverts of this kind cause redirects to unreliable/malicious websites and some can even execute scripts to download/install PUAs.

As previously stated, unwanted applications also generate redirects and run ad campaigns. By employing a variety of tools, they enable third party graphical content. Hence, the adverts they deliver can limit browsing speed and site visibility (i.e. partially cover webpages).

Some PUAs can also spy on users' browsing activity (URLs visited, pages viewed and search engine history), in order to gather their personal information (IP address, geolocation and personal details). This vulnerable data is then passed onto third parties (not unlikely, cyber criminals), intent on abusing it for financial gain.

To summarize, PUAs can cause various system infections and lead to serious privacy issues (even culminate in identity theft). Due to threats they pose, all rogue applications must be uninstalled immediately.

Threat Summary:

Name	celeb-secret.live pop-up
Threat Type	Push notifications ads, Unwanted ads, Pop-up ads
Serving IP Address	213.227.145.147
Observed Domains	2o4ue.celeb-secret[.]live, 3ug1k.celeb-secret[.]live, cpyab.celeb-secret[.]live, hst5z.celeb-secret[.]live, qbzxk.celeb-secret[.]live, qimby.celeb-secret[.]live, riuvg.celeb-secret[.]live
Symptoms	Seeing advertisements not originating from the sites you are browsing. Intrusive pop-up ads. Decreased Internet browsing speed.
Distribution Methods	Deceptive pop-up ads, potentially unwanted applications (adware)
Damage	Decreased computer performance, browser tracking - privacy issues, possible additional malware infections.
Malware Removal (Windows)	To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner. ▼ Download Combo Cleaner To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

There are thousands of PUAs out there and many share certain traits. While their appearance and advertised features may differ, the way they operate does not. Developers of these dubious applications invest a lot of effort to make them appear legitimate.

They lure users into installing them by offering a wide range of features. However they are rarely operational. The purpose of PUAs is to generate revenue for their developers and nothing else. They do so by causing redirects to sale-oriented, unreliable and potentially malicious websites, running intrusive advertisement campaigns and tracking data.

How did adware install on my computer?

Unwanted app infiltration can occur through clicking on invasive ads (typically located within compromised websites), consequently triggering them to execute scripts, designed to make rogue PUA downloads/installs. However, these applications can also be installed by users themselves along with regular programs.

This software pre-packing is called "bundling". When installing, by ignoring terms, skipping steps and using pre-set options - users can end up allowing PUAs into their devices.

How to avoid installation of potentially unwanted applications?

Knowledge, attentiveness and caution are essential to all matters concerning device and user safety. It is recommended to use official and verified sources for all software downloads (preferably, direct download links). Using third party downloads is ill-advised, as programs from untrustworthy sources are more likely to be bundled with PUAs.

It is advised, to explore installation terms and possible options. Additionally, it is important to use "Custom/Advanced" install settings and opt-out/decline installing/downloading supplementary apps/features.

Prudent browsing is encouraged. It is worthy of note, that invasive adverts often appear ordinary and harmless, however the websites they mostly redirect to (e.g. gambling, pornography, adult-dating, etc.) can be used as identifiers.

After encountering such ads/redirects, users should inspect their device and remove all suspicious applications and/or browser extensions/plug-ins. If your computer is already infected with rogue applications, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

Appearance of celeb-secret[.]live website (GIF):

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

• What is celeb-secret.live pop-up?
• STEP 1. Remove spam notifications from Google Chrome
• STEP 2. Remove spam notifications from Google Chrome (Android)
• STEP 3. Remove spam notifications from Mozilla Firefox
• STEP 4. Remove spam notifications from Microsoft Edge
• STEP 5. Remove spam notifications from Safari (macOS)

Disable unwanted browser notifications:

Video showing how to disable web browser notifications:

Remove spam notifications from Google Chrome:

Click the Menu button (three dots) on the right upper corner of the screen and select "Settings". In the opened window select "Privacy and security", then click on "Site Settings" and choose "Notifications".

In the "Allowed to send notifications" list search for websites that you want to stop receiving notifications from. Click on the three dots icon near the website URL and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again).

Remove spam notifications from Google Chrome (Android):

Tap the Menu button (three dots) on the right upper corner of the screen and select "Settings". Scroll down, tap on "Site settings" and then "Notifications".

In the opened window, locate all suspicious URLs and tap on them one-by-one. Once the pop-up shows up, select either "Block" or "Remove" (if you tap "Remove" and visit the malicious site once more, it will ask to enable notifications again).

Remove spam notifications from Mozilla Firefox:

Click the Menu button (three bars) on the right upper corner of the screen. Select "Settings" and click on "Privacy & Security" in the toolbar on the left hand side of the screen. Scroll down to the "Permissions" section and click the "Settings" button next to "Notifications".

In the opened window, locate all suspicious URLs and block them using the drop-down menu or either remove them by clicking "Remove Website" at the bottom of the window (if you click "Remove Website" and visit the malicious site once more, it will ask to enable notifications again).

Remove spam notifications from Microsoft Edge:

Click the menu button (three dots) on the right upper corner of the Edge window and select "Settings". Click on "Cookies and site permissions" in the toolbar on the left hand side of the screen and select "Notifications".

Click three dots on the right hand side of each suspicious URL under "Allow" section and click "Block" or "Remove" (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again).

Remove spam notifications from Safari (macOS):

Click "Safari" button on the left upper corner of the screen and select "Preferences...". Select the "Websites" tab and then select "Notifications" section on the left pane.

Check for suspicious URLs and apply the "Deny" option using the drop-down menu or either remove them by clicking "Remove" at the bottom of the window (if you click "Remove" and visit the malicious site once more, it will ask to enable notifications again)

How to avoid browser notification spam?

Internet users should be very skeptical when being asked to allow notifications. While this is a useful feature that allows you to receive timely news from websites you like, deceptive marketers frequently abuse it.

Only allow notifications from websites that you fully trust. For added security - use an anti-malware application with a real-time web browsing monitor to block shady websites that tries to trick you into allowing spam notifications. We recommend using Combo Cleaner Antivirus for Windows.

▼ Show Discussion