Follow TV Tropes

Following

Advertising and Computer Security Issues on TV Tropes

Go To

We occasionally get reports of ads that trigger antivirus warnings or infect computers that are browsing the wiki. This FAQ is an attempt to consolidate all the information about such things into one thread. Please read the below before reporting any incidents.

This thread may also be used to report ads that violate our policies in other ways, such as being too "adult" or NSFW, automatically playing audio/video, etc.

REPORTING: try to get a screenshot of the console as well as this will help identify where it's coming from.

REDIRECTS: Its very tricky to get the first URL of a redirect trigger because they are designed to hide where it came from. So you need a redirect plug-in active while the redirect happens so you can find the first URL, not the last. Where you were directed to doesn't help track down the source.


    open/close all folders 
    The basics 
  • TV Tropes, as a site, does not contain malware. We are a text-and-image wiki; viruses and malware cannot be uploaded to or embedded in the articles. As always, however, beware of any external link that you don't recognize, since we cannot automatically screen edits or posts for malicious links.
  • 99.99% of the time, any suspected malware will be related to the wiki advertising.
  • TV Tropes does not directly control the ads that are displayed. We use third-party ad providers and we determine things like the size and placement.
    • We instruct our providers not to serve ads that redirect your browser, take control of the screen from you, forcibly scroll your screen, play audio without being clicked on, install malware, "pop up" or "pop over" your screen, or in any other way interfere with your browsing experience.
    • We have custom software designed to detect ads that do these things and automatically block them.
    • Malicious entities are constantly trying to sneak ads through the providers' networks in violation of these instructions. As providers have little incentive to proactively detect and block them, it's up to websites to report these sorts of problems.
    • We rely on our users to report ads that get through these measures.
  • Just because you see a particular ad doesn't mean everyone else sees it. Ads are customized by the ad providers to your location (by IP address), the content of the page you're viewing, and your browsing profile, which is tracking data accumulated by third parties over the course of all your internet browsing.
  • Just because you get a malware warning or infection that seems related to an ad on TV Tropes does not necessarily mean that it is caused by one of our ads. Pre-existing malware on your computer can intercept ads and replace them with malicious ones.

    What can be reported to our provider 
  • Ads containing malware, obviously.
  • Misbehaving ads, such as ones that load a pop-up or pop-under, redirect your browser to another page, hijack your screen or automatically scroll it.
  • "Adult" or NSFW ads. Scantily clad women alone may or may not qualify, depending on context, but we want this site to be work-safe.
  • Ads that automatically play audio — that is, the audio starts without you clicking on the ad first. Video ads are acceptable.
  • Note: Political content is not grounds for rejecting an ad. However, an ad that contains or implies hate speech, disinformation, or outright falsehoods may be objectionable enough to be blocked.

    How to protect yourself 
  • First and foremost, maintain current, updated antivirus software, and keep your operating system and browser up to date with all patches offered by the software vendors. This includes Adobe Flash, Java, and other rich media plug-ins. Turn on your software's automatic updates if they are not already on and act immediately when prompted to install them.
  • Never click on pop-ups purporting to have detected a virus, offering to "tune up" your PC, or otherwise inducing you to click on a link that you were not expecting. Any genuine message of this nature would come from your antivirus software and not from a web page.
  • Be careful clicking on external links. These are identified with a small icon next to them. Example: Google. TV Tropes does not endorse or control the content of external links and you open them at your own risk.
  • Never respond to any email or web page that asks for personal or financial information, including passwords, unless you have verified its identity. No reputable company will ever ask you for your password(s), other than to log in.
  • You may choose to opt out of having tracking information collected by ad providers. This does not stop malware but helps you maintain your online privacy. See here for additional information.
  • TV Tropes requests that you do not use ad blocking software while visiting us, as this site depends on advertising revenue to operate. If you do run an ad blocker, please add tvtropes.org to its exception list, or consider donating to the site to have certain ads removed.

    What to do if you suspect a malicious ad 
  • We (or the ad provider) place a "Report advertisement" link next to most advertising frames. Clicking on this will generate an automatic report and is the best way to do so. If you cannot click on this link or do not see it, continue for more advice.
  • Try to identify the source URL of the suspect ad (see below). You can also use the target URL (if you are redirected), but note that this may be intentionally obfuscated by the ad provider to hide the source.
  • Identify the ad provider. Some ads have a small area that links to the ad provider's page (like Google or AOL). In other cases, you can tell from the referral URL or you can look it up in a search.
  • Go to the ad provider's contact/abuse page and fill out their form. Below are some links to common providers' abuse pages:
  • Scan your computer for viruses. If your antivirus software will not operate (many malicious programs attempt to disable your antivirus software), you can download a scanning tool on a known clean system and run it on your infected machine from a read-only CD-R or flash drive.
  • If you suspect that you've been tricked into divulging personal information to a phishing attempt or other fraud, change your passwords to affected sites immediately and contact your bank, credit card companies, and the credit bureaus to request a fraud alert.
  • Please note that TV Tropes cannot assist you with the specifics of maintaining your computer. That's your responsibility. You may request general help in the appropriate forums, but please don't post new threads in the forums dedicated to wiki operation (Wiki Talk, Frequently Asked Questions, etc.).
  • Sometimes, the wiki administration can get better results from the ad providers in dealing with malicious ads. If you can identify a malicious ad by referral URL, you can post the link in this thread, but please omit the "http" component so it doesn't create a hyperlink that someone might click on inadvertently.

    Identifying the source of an ad 
  • For image ads, right-clicking (or a long tap on mobile devices) should give you the option to view and copy the URL that clicking on it will send you to.
  • For Flash, Java, or HTML 5.0 ads, it may be difficult to identify the source or the URL by right-clicking. In these cases, you need to view the page source to identify the ad so we can report it.
  • In Internet Explorer, you can right-click in a blank or text area of any web page, and choose View Source from the context menu. Firefox also has this option. In Chrome, you can use the Inspect Element menu option, which interactively highlights the portion of the page whose code you are hovering over. You can use this to identify the ad frame and its source URL.
  • For embedded ads, there will be a "frame" element with a "src" parameter. Drill down until you get to the lowest level. All we need to identify the ad is the "src" URL from that frame.

    Ad-free subscription 
As of May 21, 2019, users have the option of purchasing a subscription to use TV Tropes without third-party ads (ads that we create and serve ourselves may still appear). Please see this thread for more information or to discuss the service.

Edited by kory on Nov 15th 2023 at 10:36:27 AM

Fighteer Lost in Space from The Time Vortex (Time Abyss) Relationship Status: TV Tropes ruined my love life
Lost in Space
#2426: Mar 22nd 2019 at 5:45:45 PM

[up] I absolutely have no information about that. What I do know is that the owners of the site are invested heavily in ad delivery technology; this (website monetization) is one of the core technologies that Proper Media (https://proper.io/) delivers to its customers. Part of that is building tools to combat malicious ads, both automatic and through user reporting. This occupies a large portion of their daily workload.

Beyond this, I know very little about the specifics of which networks are tapped to deliver ads to these sites.

"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"
mahidevrans Theon is home. Since: Mar, 2018
Theon is home.
#2427: Mar 22nd 2019 at 8:31:31 PM

[up] Thanks for the honest response. Looking over the provider's website, TVT is listed as a featured user; maybe we (as in the site admins) can reach out to them as well to try to more efficiently work through these issues.

While a lesser issue, I'd also hope they'd consider ads on the sidebar instead of smack in the middle of the article. You could probably fit three on there and they'd still be pretty visible yet not annoying.

Edited by mahidevrans on Mar 22nd 2019 at 8:48:47 AM

Berrenta How sweet it is from Texas Since: Apr, 2015 Relationship Status: Can't buy me love
How sweet it is
#2428: Mar 22nd 2019 at 8:34:58 PM

Got another bothersome one.

http://www.gifts-for-you.online/vol-gitf-crad/index.html?

Rest of it is redacted for personal reasons.

Edit: Another autoredirect!

https://www.bestreviews.guide/marketing_homepage?utm_source=BRG-Domain-Display2-Domain&utm_medium=display&traffic=p

Edited by Berrenta on Mar 22nd 2019 at 10:37:55 AM

she/her | TRS needs your help! | Contributor of Trope Report
SalFishFin Since: Jan, 2001
#2429: Mar 26th 2019 at 10:38:44 AM

I've been having popups on my phone whenever I browse the forums. Usually shows up in the topic for My Hero Academia. I thoight it was my old phone, but it's been happening on my new phone as well, so I can only assume it's an ad on this site. It's notnusually the same thing twice, but the same few pages seem to be popping up. Most recent was this page:

https://www.bestreviews.guide/marketing_homepage?utm_source=BRG-Domain-Display2-Domain&utm_medium=display&traffic=p

Lymantria Tyrannoraptoran Reptiliomorph from Toronto Since: Apr, 2015 Relationship Status: Historians will say we were good friends.
Tyrannoraptoran Reptiliomorph
FWP Since: Jan, 2013
#2432: Mar 29th 2019 at 12:05:17 PM

I have been repeatedly getting a "Have you seen a *censored* ad on this site this month? []Yes []No [Complete]"(tough in dutch language) hovering-ad which blocks access to anything on the page including the close-cross on it until I manually refresh the page and there was no "report button".

Clicking the Privacy Policy button links to www.amobee.com/trust/privacy-guidelines.

Haven't been able to find the add in the page source but could check the hover-screen, had a pretty much empty source page but the images were all linked from cache-ssl.celtra.com/

  • add wasn't censored of course but I refuse to use the name to avoid advertising it.

Superb0y03 from The Universe Since: Jun, 2018
#2433: Apr 1st 2019 at 1:31:45 PM

Another redirect - this time to an obvious spam site - free-iphone-giveaway.xyz Also sometimes the same but with samsung note 8s

Fighteer Lost in Space from The Time Vortex (Time Abyss) Relationship Status: TV Tropes ruined my love life
Midna Basically canon from way down south in the land of the traitors (Old as dirt) Relationship Status: Shipping fictional characters
Basically canon
#2435: Apr 2nd 2019 at 10:32:27 AM

Redirect to https://sclerotialsector.club/?swim=phelps&brand=Apple&model=iPhone&td=track.magneticfriends.com&cep=MqWitX_M_sTuEamlpXiqOBLKdsaUyzWEgE21k6H1EzTGXL2FnN8AiRtiV8750tbDjsPxYzSqxxTDy0VoSGBoEIe_dyxvTEju5X_coJzJPdwTF32XNDed7rEY-t9k_MXQxvCMYXJrZ7hNAn0CdKEoybhcdx9BUh2tnwplv78sAdXAOJ4CMCv6LFY07faWYHxFPi3sCXKjIrQbMs_wJrmDWa59o8OlA8KMLsOBkKcCcszhdOxZ4jq6oLtdMbe0gGg6zh2IVOIAihEU16-Lq20KHw&companyid=d10epv46tvtropes-org&pubid=d10epv46tvtropes-org&pixel=1554226229mb51879126651# on Video Games. I hate these scammers with a flaming passion.

pearlina brainrot affects millions of people worldwide. if you or a loved one are suffering from pearlina brainrot, call 1-800-GAY-NERDS
naturalironist from The Information Superhighway Since: Jul, 2016 Relationship Status: TV Tropes ruined my love life
#2437: Apr 3rd 2019 at 5:18:33 AM

Received several redirecting ads to america.google-lucker.online/america/us/walmart/vol.html?ip=[ what seems to be my ip ]&cep=qHh_338j4BLARFVnwmsW57whdt0_dnhloImvnfzymlyyrEEazqjEwNvXjvtxRBZ-v1dJufMF6-rvsCFEXmXSsd_C32mAIrUvcFm9_OLZdPcL7j7TyOJKcSW8qWlpxfy_ruqnl2UJJ52_XQojqHlJVgU9smiYUKl5zwNl4poCObZ3uMA4RPYApoyv41BuKoqhh3G3GkcXjmMjihAhGzu7mCIBAEbj80y5TkT27mYf9qlh426ADZOxBYe7kl8EWeauN1Z9Zw89t7EEtsueFSc9s72L2fLIAc-aeREOEDNKIoovTGCE5kJRZblWrB4kvJLjPNC-a9adw5oRmgEesG8snucsJ1OVxe-NfInBsTF1MjhK9ZVwFEQcHVAA1R37PG8CKh4-C_86MpABClGCAHnpOp15g90D2KFlWZWoFVq70HoB-Fa3gz7j2-EehBK95YGCKzstNbZIA0h7ACr96iyFsYsPphIZFI9NpWzoi9fhX8AHggfx1iBEUW47dZdCvPx3_SCmtb9YsCn6nIamJAK4-7dtknoVCfSdHCUGbD3WKjWwo-YgEJhfJy2Tp9R37z9M&m=200003377&creative_id=2019&ldp=pm&xp=pubmatic&s=tvtropes.org&d=tvtropes.org&fk=bd9c0a2b68cd16797e99714d9092cf4c&cacheboost=7663366889&uuid=aHR0cHM6Ly9zZWN1cmUtZHMuc2VydmluZy1zeXMuY29tfGh0dHBzOi8vdHZ0cm9wZXMub3JnfGh0dHBzOi8vdHZ0cm9wZXMub3Jn&buf=73.187.130.46&bfk=bd9c0a2b68cd16797e99714d9092cf4c&bbuf=[ip again ]&igd=5-1

On mobile, wifi. The actual ads aren’t visible on the page, this happens when I attempt to click on internal tv tropes links.

Other ads seem disturbingly location-targeted considering I don’t enable location sharing.

Edited by naturalironist on Apr 3rd 2019 at 11:46:26 AM

"It's just a show; I should really just relax"
crazysamaritan NaNo 4328 / 50,000 from Lupin III Since: Apr, 2010
NaNo 4328 / 50,000
#2438: Apr 3rd 2019 at 7:51:29 AM

If you're on Wi-Fi, they can still draw some information from the IP addresses.

Link to TRS threads in project mode here.
alphamone Since: Jan, 2001
#2439: Apr 3rd 2019 at 9:32:08 PM

I'm continually getting ads with autoplaying video/sound (and seemingly a huge memory hog) for NT Tourism. The ads disappear after playing once (which made it hard to find provider), unless you are directly examining their source in the console (in which case it constantly repeats, possibly cycling between videos). It also pauses if you go to another tab. Although this time (after examining its source) it didn't disappear after finishing.

"https://ct.tubemogul.com/web/nt_tourism_art_trails/dancer_video_brandedslate/qm6PmCFZ1_/index.html?ctx=8d374c5f6ba3a5f0cde162c65f8cdf9b" is from examing the frame info, and "https://ct.tubemogul.com/web/adbridge/release/2.6.1/adbridge-iframe-videos.min.js" is from the frame source.

Berrenta How sweet it is from Texas Since: Apr, 2015 Relationship Status: Can't buy me love
How sweet it is
#2440: Apr 5th 2019 at 8:23:10 PM

Got a popup as I was trying to post.

http://america.google-lucker.top/america/us/prize/prize.html

There was more to that URL, but it's mainly IP info plus some random letters.

she/her | TRS needs your help! | Contributor of Trope Report
insolitaparvapuella Since: May, 2018 Relationship Status: [TOP SECRET]
#2441: Apr 6th 2019 at 3:49:40 AM

One more data point for the pile: I'm using TV tropes on my phone in Chrome, mobile version of the website and everything, and on almost every page Chrome is informing it has blocked 9-20 pop-ups and prevented redirects from httphoplp.top. I couldn't tell you what it leads to, I'm not allowing those redirects, but I'm not having this problem on my laptop, even when I use Chrome to pretend to be a phone.

Edit: a pop-up and a few redirects snuck through, naturally. Got this link: http://gift19.club/lp/9b08246a-f2ad-491e-874c-e6507f622291/?cid=685&pid=445&parm5=tvtropes.org&parm1=&parm2=&parm3=&parm4=&fid=3820&clk=44443701&uid=4&ip=193.11.160.46&code=SE&city=SkB6vde&os=Android&brand=Generic&model=Smartphone&isp=SUNET%2FNORDUnet&language=en&country=Sweden#T

Still just on my phone on Chrome. Looks like httphoplp.top is what took me from here to there.

Edited by insolitaparvapuella on Apr 6th 2019 at 1:01:00 PM

Berrenta How sweet it is from Texas Since: Apr, 2015 Relationship Status: Can't buy me love
How sweet it is
#2444: Apr 7th 2019 at 7:46:19 AM

When trying to process some cutlist items:

http://america.fibgekda.top//america/us/fb-gift/vol.html

Edited to remove sensitive info.

Edited by Berrenta on Apr 7th 2019 at 12:11:23 PM

she/her | TRS needs your help! | Contributor of Trope Report
Playing_with_boy Since: Jun, 2018 Relationship Status: watch?v=dQw4w9WgXcQ
#2445: Apr 8th 2019 at 5:06:06 PM

Got an ad for congradulations.thisisnotpartoftheurl.great.xyz. Note: Second part of that url is not part of the real URL.

Berrenta How sweet it is from Texas Since: Apr, 2015 Relationship Status: Can't buy me love
How sweet it is
#2446: Apr 8th 2019 at 6:21:52 PM

Another one.

http://america.google-lucker.xyz/america/us/prize/prize2.html

Edited by Berrenta on Apr 8th 2019 at 8:22:06 AM

she/her | TRS needs your help! | Contributor of Trope Report
HalfFaust Since: Jan, 2019
#2447: Apr 10th 2019 at 1:30:46 AM

Not sure if this is 'bad enough' to report but; on mobile chrome, Disneyland ad. Takes up entire screen, does have a cross but sometimes loads in such a way that it's unclickable. Loads on every page. Can't seem to get a URL of it

Fighteer Lost in Space from The Time Vortex (Time Abyss) Relationship Status: TV Tropes ruined my love life
Lost in Space
#2449: Apr 10th 2019 at 6:29:01 AM

[up] What is "this", specifically? If the link is malicious, don't just present it to be clicked on.

"It's Occam's Shuriken! If the answer is elusive, never rule out ninjas!"
crazysamaritan NaNo 4328 / 50,000 from Lupin III Since: Apr, 2010
NaNo 4328 / 50,000
#2450: Apr 10th 2019 at 8:07:34 AM

They called it an auto-redirect, which we're expected to report here. It doesn't have to be malicious if it forces us to leave the website (although that is debatable malicious by itself).

Link to TRS threads in project mode here.

Total posts: 3,487
Top