# Dodgy GoogleAd redirect - invisibly spans over breadcrumb



## StuartDB (Feb 10, 2018)

I am assuming this is a dodgy Google Ad, but you cannot see anything but if you try and click on the last bit of the breadcrumb it redirects tt forum to a variety of dodgy sites..

Example invisible hyperlink redirects to immunepine dot com


```
https://redirect.viglink.com/?format=go&jsonp=vglnk_162030067418411&key=91dd979d1264adf2b3d1ec7bb9c85926&libId=koct4g0c01001qxx000MLeyfe53oc&loc=https%3A%2F%2Fwww.ttforum.co.uk%2Fforum%2Fviewtopic.php%3Ff%3D8%26t%3D2013083%26p%3D9493239%26sid%3D46fc2b78067db3295889c0381485ebdf%23p9493239&v=1&opt=true&out=http%3A%2F%2Fimmunepine.com%2Fdgfh59e8%3Fyibvj%3D12%26refer%3Dhttps%253A%252F%252Fwww.ttforum.co.uk%252Fforum%252Fviewtopic.php%253Ff%253D8%2526t%253D2013083%2526p%253D9493239%2526sid%253D46fc2b78067db3295889c0381485ebdf%2523p9493239%26kw%3D%255B%2522the%2522%252C%2522audi%2522%252C%2522tt%2522%252C%2522forum%2522%252C%2522view%2522%252C%2522topic%2522%252C%2522-%2522%252C%2522hartlepool%2522%252C%2522by-election%2522%252C%2522and%2522%252C%2522johnson%2522%255D%26key%3Da77c7f32a2e7e27c6854cbf6a708a402%26scrWidth%3D360%26scrHeight%3D800%26tz%3D1%26v%3D21.4.v.4%26res%3D12.229%26dev%3Dr%26uuid%3D7185b937-e605-4858-8c4a-536ffa40b1fe%253A1%253A1%26adb%3Dn&ref=https%3A%2F%2Fwww.ttforum.co.uk%2Fforum%2Fposting.php%3Fmode%3Dedit%26f%3D8%26p%3D9493239&title=The%20Audi%20TT%20Forum%20%3A%3A%20View%20topic%20-%20Hartlepool%20by-election%20and%20Johnson&txt=
```


----------



## TTFAdmin (Feb 1, 2012)

Hey there

Viglink is us. It's part of the safe redirecting plugin that we use when navigating from our site to another.

Was there any issue that this was causing, or are you just double checking we don't have something dangerous being served up?

Kevin


----------



## John-H (Jul 13, 2005)

I just tried copying the code and posting into a browser. This ends up in the header:


```
https://redirect.viglink.com/?format=go&jsonp=vglnk_162030067418411&key=91dd979d1264adf2b3d1ec7bb9c85926&libId=koct4g0c01001qxx000MLeyfe53oc&loc=https%3A%2F%2Fwww.ttforum.co.uk%2Fforum%2Fviewtopic.php%3Ff%3D8%26t%3D2013083%26p%3D9493239%26sid%3D46fc2b78067db3295889c0381485ebdf%23p9493239&v=1&opt=true&out=http%3A%2F%2Fimmunepine.com%2Fdgfh59e8%3Fyibvj%3D12%26refer%3Dhttps%253A%252F%252Fwww.ttforum.co.uk%252Fforum%252Fviewtopic.php%253Ff%253D8%2526t%253D2013083%2526p%253D9493239%2526sid%253D46fc2b78067db3295889c0381485ebdf%2523p9493239%26kw%3D%255B%2522the%2522%252C%2522audi%2522%252C%2522tt%2522%252C%2522forum%2522%252C%2522view%2522%252C%2522topic%2522%252C%2522-%2522%252C%2522hartlepool%2522%252C%2522by-election%2522%252C%2522and%2522%252C%2522johnson%2522%255D%26key%3Da77c7f32a2e7e27c6854cbf6a708a402%26scrWidth%3D360%26scrHeight%3D800%26tz%3D1%26v%3D21.4.v.4%26res%3D12.229%26dev%3Dr%26uuid%3D7185b937-e605-4858-8c4a-536ffa40b1fe%253A1%253A1%26adb%3Dn&ref=https%3A%2F%2Fwww.ttforum.co.u
```
A banner warning is displayed with the following:

Your Android 8.0 is severly damaged by (39) viruses
We've noticed that your Generic is 28.1% Damaged by (30) harmful viruses from recent adult sites. It will soon corrupt your Phone's SIM card and damage your contacts, photos, data, and applications.
4 minutes and! 28 seconds
If you don't remove the virus now, it will cause serious damage to your Phone. Here's what you need to do (step by step):

Step 1: Tap and install app for free on the Play Store!

Step 2: Open the application to speed up and fix your browser now!



















Backing out loads up what looks like the app store but backing out again loads up a porn site looking page which I'm not going to display! You need to close the tab to get rid of it as it's persistent and reloads - all part of the con to get you to install the app.

I presume this is a rogue Google ad that needs reporting to Google.

Did you click the Google banner Stuart or did this just pop up uninvited?


----------



## Scriptkiddiee (Sep 21, 2020)

Not sure if this is the same thread but I've been seeing all sorts of dodgy pop ups and redirects when accessing the site with mobile browser user agents (specifically iPhone but same issue on any phones I've tried) been happening for some time now. No issue with tablet or desktop. Servers been compromised??


----------



## TTFAdmin (Feb 1, 2012)

Seen these kind of popups before on other sites, and if it's the same thing then they are coming through our standard ad service. We aren't supposed to get ads like that here, but sometimes the filters break down and these come up.

I'll report this up the chain and narrow down which ad service provider needs to clean out their filters. Thanks guys

Kevin


----------

