We occasionally get reports of ads that trigger antivirus warnings or infect computers that are browsing the wiki. This FAQ is an attempt to consolidate all the information about such things into one thread. Please read the below before reporting any incidents.
This thread may also be used to report ads that violate our policies in other ways, such as being too "adult" or NSFW, automatically playing audio/video, etc.
REPORTING: try to get a screenshot of the console as well as this will help identify where it's coming from.
REDIRECTS: Its very tricky to get the first URL of a redirect trigger because they are designed to hide where it came from. So you need a redirect plug-in
active while the redirect happens so you can find the first URL, not the last. Where you were directed to doesn't help track down the source.
- TV Tropes, as a site, does not contain malware. We are a text-and-image wiki; viruses and malware cannot be uploaded to or embedded in the articles. As always, however, beware of any external link that you don't recognize, since we cannot automatically screen edits or posts for malicious links.
- 99.99% of the time, any suspected malware will be related to the wiki advertising.
- TV Tropes does not directly control the ads that are displayed. We use third-party ad providers and we determine things like the size and placement.
- We instruct our providers not to serve ads that redirect your browser, take control of the screen from you, forcibly scroll your screen, play audio without being clicked on, install malware, "pop up" or "pop over" your screen, or in any other way interfere with your browsing experience.
- We have custom software designed to detect ads that do these things and automatically block them.
- Malicious entities are constantly trying to sneak ads through the providers' networks in violation of these instructions. As providers have little incentive to proactively detect and block them, it's up to websites to report these sorts of problems.
- We rely on our users to report ads that get through these measures.
- Just because you see a particular ad doesn't mean everyone else sees it. Ads are customized by the ad providers to your location (by IP address), the content of the page you're viewing, and your browsing profile, which is tracking data accumulated by third parties over the course of all your internet browsing.
- Just because you get a malware warning or infection that seems related to an ad on TV Tropes does not necessarily mean that it is caused by one of our ads. Pre-existing malware on your computer can intercept ads and replace them with malicious ones.
- Ads containing malware, obviously.
- Misbehaving ads, such as ones that load a pop-up or pop-under, redirect your browser to another page, hijack your screen or automatically scroll it.
- "Adult" or NSFW ads. Scantily clad women alone may or may not qualify, depending on context, but we want this site to be work-safe.
- Ads that automatically play audio — that is, the audio starts without you clicking on the ad first. Video ads are acceptable.
- Note: Political content is not grounds for rejecting an ad. However, an ad that contains or implies hate speech, disinformation, or outright falsehoods may be objectionable enough to be blocked.
- First and foremost, maintain current, updated antivirus software, and keep your operating system and browser up to date with all patches offered by the software vendors. This includes Adobe Flash, Java, and other rich media plug-ins. Turn on your software's automatic updates if they are not already on and act immediately when prompted to install them.
- Never click on pop-ups purporting to have detected a virus, offering to "tune up" your PC, or otherwise inducing you to click on a link that you were not expecting. Any genuine message of this nature would come from your antivirus software and not from a web page.
- Be careful clicking on external links. These are identified with a small icon next to them. Example: Google. TV Tropes does not endorse or control the content of external links and you open them at your own risk.
- Never respond to any email or web page that asks for personal or financial information, including passwords, unless you have verified its identity. No reputable company will ever ask you for your password(s), other than to log in.
- You may choose to opt out of having tracking information collected by ad providers. This does not stop malware but helps you maintain your online privacy. See here for additional information.
- TV Tropes requests that you do not use ad blocking software while visiting us, as this site depends on advertising revenue to operate. If you do run an ad blocker, please add tvtropes.org to its exception list, or consider donating to the site to have certain ads removed.
- We (or the ad provider) place a "Report advertisement" link next to most advertising frames. Clicking on this will generate an automatic report and is the best way to do so. If you cannot click on this link or do not see it, continue for more advice.
- Try to identify the source URL of the suspect ad (see below). You can also use the target URL (if you are redirected), but note that this may be intentionally obfuscated by the ad provider to hide the source.
- Identify the ad provider. Some ads have a small area that links to the ad provider's page (like Google or AOL). In other cases, you can tell from the referral URL or you can look it up in a search.
- Go to the ad provider's contact/abuse page and fill out their form. Below are some links to common providers' abuse pages:
- Scan your computer for viruses. If your antivirus software will not operate (many malicious programs attempt to disable your antivirus software), you can download a scanning tool on a known clean system and run it on your infected machine from a read-only CD-R or flash drive.
- If you suspect that you've been tricked into divulging personal information to a phishing attempt or other fraud, change your passwords to affected sites immediately and contact your bank, credit card companies, and the credit bureaus to request a fraud alert.
- Please note that TV Tropes cannot assist you with the specifics of maintaining your computer. That's your responsibility. You may request general help in the appropriate forums, but please don't post new threads in the forums dedicated to wiki operation (Wiki Talk, Frequently Asked Questions, etc.).
- Sometimes, the wiki administration can get better results from the ad providers in dealing with malicious ads. If you can identify a malicious ad by referral URL, you can post the link in this thread, but please omit the "http" component so it doesn't create a hyperlink that someone might click on inadvertently.
- For image ads, right-clicking (or a long tap on mobile devices) should give you the option to view and copy the URL that clicking on it will send you to.
- For Flash, Java, or HTML 5.0 ads, it may be difficult to identify the source or the URL by right-clicking. In these cases, you need to view the page source to identify the ad so we can report it.
- In Internet Explorer, you can right-click in a blank or text area of any web page, and choose View Source from the context menu. Firefox also has this option. In Chrome, you can use the Inspect Element menu option, which interactively highlights the portion of the page whose code you are hovering over. You can use this to identify the ad frame and its source URL.
- For embedded ads, there will be a "frame" element with a "src" parameter. Drill down until you get to the lowest level. All we need to identify the ad is the "src" URL from that frame.
for more information or to discuss the service.
Edited by kory on Nov 15th 2023 at 10:36:27 AM
Virustotal check for IP address that tvtropes.org uses gives malware flaggings to certain .jpg link and several malware alerts.
https://www.virustotal.com/fi/ip-address/209.15.34.67/information/
Lost in Space
That report is five years old. You've been told in the past that TVT cannot inherently contain malware due to the medium. If someone's uploaded malicious images, that would be a potential risk, but rather than linking to some third-party site of dubious reputation, please identify specific items of concern.
Edit: it appears that the scan is pointing to a specific image file. We can look at that.
edited 28th Jul '16 6:38:54 AM by Fighteer
"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"
Yeah, the thing I was wondering was if someone managed to upload malicious file, but also I remember checking TV tropes IP on Virustotal some time in the past and I've not noticed that alert there until today.
Exxolon
ALERT! ALERT! Multiple pages are autodownloading a file called Your_Taxes-08.16.rar to my PC. I got a popup alert in Chrome asking if I wanted to download multiple files. First see on my Edit List page. There's something seriously nasty floating around the site.
These are the voyages...
A quick Google of that file name +"malware" shows that it's a malvertising issue. In other words, something bad got into the adnet again...
EDIT: other site user reports it's linked to a ad for "JSK Ultrasonics" if that helps.
edited 10th Aug '16 2:13:50 PM by Ripsaw
Be careful what you wish for, 'cause you might just get it all...
Exxolon
The "Give Qurbani, Give Love" adverts are incredibly annoying. Every time their "fill in the text" box pops in the ad, the screen jumps to the advert so you can fill it in.
Exxolon
Can we terminate the adverts above with extreme prejudice please, they are making the site almost unusable for me at the moment.
New account is voidify
I just got two redirect ads within 5 minutes of browsing on mobile [Latest chrome, latest iOS, iPhone 5c]. One was from YMMV.A Troll In Central Park (I was googling "I'm a bad troll" to find the YouTube clip for a Facebook argument, saw tvt link, got curious) and redirected to adserver.kimia.es/sf2/retarget/kAU24T1D0E9OE01005HG0JVUU00QRK040MIP10E90200DD9I00QRK00
And the other one was from this very thread when going to report the first one and redirected to http://lp.want-to-win.com/au/iphonese/?networkid=74&optinfo=ido7ateen4en&publisher=8389_13893
edited 18th Aug '16 8:23:19 PM by SmartGirl333
New account is voidify
...Aaand I got another after editing that post. It was to http://pay.netsize.com/Html5/Flow/GetEndUserIp/N5000A2A500484436/c55c92e3-7198-495a-bbb9-c70406973794
Perpetually Confused
So I don't usually care where you guys put banners; but on the mobile version this is excessive and makes the site unusable by hiding navigation bars. (Chrome latest version on android 6.0.1)
edited 17th Aug '16 8:20:29 PM by Ghilz
I have to keep ad-blocking plug-ins on whenever i go here because it seriously slows down my browser, and even then, the ads still manage to play! Sometimes it outright crashes it.
Lately, when I use the site on my phone, I suddenly get kicked over to the iOS app store. There's no change to the site's URL or anything, the app store just suddenly pops up. Usually, I get directed to the Lyft app.
Although it only seems to happen when I check the site in the morning, always around 5 or 6 AM UTC -4:00, and it only does it once per day.
edited 25th Aug '16 10:58:02 AM by CrystalGlacia
"Jack, you have debauched my sloth."
Show an affirming flame
I'd like to report that I've been having issues with some mobile advert or another; can't provide more details as Chrome mobile lacks the "view page source" function. Whatever it is, it triggers the phone's vibrate function briefly, and attempts at navigating away from the page lead to the standard Chrome warning about losing entered information if I leave.
I think the pop-up blocker or something similar is preventing the advert itself from fully showing.
Recurred a number of times, usually while navigating the forums.
edited 28th Aug '16 2:55:46 PM by SabresEdge
Charlie Stross's cheerful, optimistic predictions for 2017, part one of three.
I have been experiencing the same issues as ![[up]](https://static.tvtropes.org/pmwiki/pub/smiles/arrow_up.png "[up]"){kind=icon}
, but usually on the article watchlist or query pages such as Ask The Tropers and You Know That Show.
Transcender of Gender
Been getting hit with a redirect ad on mobile (iPhone 4S). Happens on multiple trope pages, but thus far hasn't happened on the forums. Never mind, literally got redirected right after hitting 'Add Post':
edited 30th Aug '16 4:22:37 AM by whizzerd
they/them || "Forgive me, regent of queer amphibians" - Lt.BGob
I've been getting these popups on my iPhone. I just got one of those 'congratulations, you've won!' messages that redirected me to a different page
edited 30th Aug '16 7:09:04 AM by Xopher001
Every single time this "Fashion awards 2016 highlights" ad loads, which is most every page, the site freezes for a whole minute, sometimes more, and on occasion crashes and must reload.
I reported it but I don't know how effective that is so I thought I'd bring it up here.
edited 30th Aug '16 3:41:46 PM by Anomalocaris20
You cannot firmly grasp the true form of Squidward's technique!
Fear me
https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv434bOdJpiAm-wmbKRilmHwV7gxy8CTY6S1WkzfGCAvSfD0ADqB8w2_zB3oBtYhPMWXx30NBzK7fpmPToG3e3mq_BYWgRaEXjhl_FWmDLS8xFTgLz2IQ&sig=Cg0ArKJSzOIk18R6iN8v&urlfix=1&adurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXWtrXerOV_CJAY_wbIqClzjMjPOURtDI2s-PAcCNtwEQASAAYPvhhIOYCoIBF2NhLXB1Yi02ODk3OTAyMTkxNzE0ODMzyAEJqQIXydAR9na2PqgDAaoEqQFP0NW6Zw52Jokt3FWW_XDHS1E2q0sIW5Kc8tP1uL0qvNSVJChShLJNsbeGwg3iBn1LUR7A3Q7KK8QpRQASpBkrIKlGrxTAsB9JAlnose1p_UishPqp8xMf3BKz4RO3jJsBGEgO5tauX1Ok-CA7A74D4pnLXz5R85Lfga3vI12qY_3Uzpp2eI9purN2mkTQISRsU33V7uz4YrdclDs5YcV06PzfPS5uq2c6gAa36ZbT9OHr6EqgBiGoB6a-G9gHANIIBQiAYRAB%26num%3D1%26sig%3DAOD64_2Uq7TNKxr5lPUxPBuZo5f-kqxsWQ%26client%3Dca-pub-6897902191714833%26adurl%3Dhttp://pix.impdesk.com/click%3Fa%3D-iYzi8c4gZhdNghaYFNj0jgimwHJXw2YiChojqJI96KqYfzuW89WYkUS8y8eQlk4ZQg%26redirect%3Dhttps://www.expedia.fr/%253FBRANDCID%253DFR.OLA.INFECTIOUS.GENERIC-PROSPECTING.GENERIC
Creates a "Do you really want to leave this page" popup.
I've been away for a month so I figured I'd drop in and note that I'm still having this issue, which sounds the same as this issue.
When I browse the site on my iPad, I sometimes get a popup saying something to the effect of "Congratulations Customer! Your iPad was randomly selected to win a $1000 gift card!" Once you close the popup, you get redirected to a shady site where you're supposed to claim a gift card by putting in some personal info.
The domain name of the site it redirects me to changes frequently despite the page looking identical, but if it helps, last time it was http://erewards.mobi/kiki.php?c=giftcard.en&p=771a517c247b407cb5720e647de3e751&subid=E12756374041473746135139995&t=1473746135
Another URL: http://simplegirls.net/try.php?c=giftcard.en&p=5ad8c19ee86fccd026393b1ba4edde71&subid=F12756368871473837932673573&t=1473837932
edited 14th Sep '16 12:28:34 AM by FingerPuppet
For the Horde!
I've been having this exact same issue.
How sweet it is
Got the simplegirls URL on my iPhone just recently:
However, the one I got was http://simplegirls.net/try.php?c=giftcard.en&p=d860acd2fe8b935fe041a2a80b413ecd&subid=F12871560041474062759377856&t=1474062759
Edit: Got another one. Different URL this time.
edited 21st Sep '16 6:35:55 AM by Berrenta
she/her | TRS needs your help! | Contributor of Trope Report
I keep getting the same redirect on my iPhone
I think those redirect ads are only an issue on iOS devices running Safari. Out of curiosity, I decided to see if another browser would have better luck and so far on Chrome, I haven't gotten one of those ads, so that's a potential temporary fix although it'd be nice to not have to switch browsers just to avoid obtrusive ads.
Edit: Actually, clearing my Safari history and website data might have taken care of the problem. It's only been about 30 minutes so it might be too early to make the call, but I feel like I would have gotten one of those ads by now.
edited 24th Sep '16 12:17:48 PM by FingerPuppet
Whenever an AT&T ad loads, all the bluelinks on the entire page disappear. Usernames, potholes, links to threads, and pretty much anything clickable. Even the "Report Advertisement" button disappears, like some perverse self-aware ad trying to preserve its own existence.
I'm using Google Chrome, for what it's worth, and this ONLY seems to happen whenever one of AT&T's ads is on the page (Which is almost all the time, making navigating the forum or reading a trope page nigh-impossible).
You cannot firmly grasp the true form of Squidward's technique!