Detections · Docs

Check here which type of violations AdSecure detects.

User Security violations

The User Security category covers violations that harm the user’s safety.

Adware

Adware is software that downloads or displays unwanted ads when a user is online, collects marketing data and other information without the user's knowledge, or redirects search requests to certain advertising websites.

Browser Locker

The script runs in the web browser and its main purpose is to disable any form of action that can close the browser – such as clicking the close button and pressing certain shortcut keys. All attempts to close the browser will result in a warning message box (Javascript alerts).

Drive-by mining

Ads that consist in using a piece of javascript code to mine different cryptocurrencies directly through the visitor's browser.

Malicious URL: Google Webrisk

Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation). This detection is based on malicious URL violations reported by Google WebRisk.

Malicious URL: Sucuri

Malicious URL: Virustotal

Malware

Malware is a general category of malicious code that includes viruses, worms and Trojan horse programs. It is used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising. This detection is based on malware violations reported by VirusTotal.

Phishing URL: Google Webrisk

A phishing site might trick users into revealing their personal information (for example, passwords, phone numbers, or credit cards). The content pretends to act, or looks and feels, like a trusted entity — for example, a browser, operating system, bank, or government. This detection is based on Phishing URL violations from Google WebRisk.

Ransomware

Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages.

Scareware

Ads claiming that you have a virus and you are in need of antivirus software may, ironically, actually contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. Scammers often use the names of well-known companies that specialise in computer software to gain your trust. The pop-up advertisements aim to mimic genuine warning alerts generated by computer security software.

SSL non-compliant

Ads that contain at least one unsecured item in the chain of resources (unsafe, no https, mixed content, ssl version or cipher mismatch).

Unwanted Programs: Google Webrisk

Unwanted software is an executable file or mobile application that engages in behavior that is deceptive, unexpected, or that negatively affects the user's browsing or computing experience. This detection is based on potentially unwanted program violations from Google WebRisk.

User Experience violations

The User Experience category covers non-critical violations that can provide a poor user experience, driving them away from websites over time, if left unresolved.

Auto-download

Ads that automatically download a file/executable/application without user interaction.

Auto-redirect

Ads that contain a script causing a web page to break out of any frames "framing" it, resulting in automatically redirecting the visitor to another website/page.

Auto-redirect app store

Ads that are automatically redirecting to the App Stores without user interaction.

Auto-pop (beta)

Ads that automatically trigger pops (both pop-ups and tabunders) without user interaction.

Auto-vibrate

Ads that automatically vibrate the user's device when reaching a landing page. Malicious use of the HTML5 vibrate API.

Back Button Hijack

Ads containing a script that allows an advertiser to manipulate the browser history. Usually it consists of inserting one or several pages in the browser history, which would prevent the user from going back to the previous page he was coming from.

JS Alert on entry

Javascript alert that pops up without user interaction when entering on a website.

JS Alert on exit

Javascript alert that pops up when the user wants to close the active tab.

Landing page error

You would receive an alert when the system identifies a broken/dead link (404 Error, 5xx, timeouts, etc.) in the landing page or when a broken link is identified in the path (intermediate redirect links inside the chain) between the click URL and the landing page.

Permission: Camera

A permission request to access the user’s camera.

Permission: Clipboard

A permission request to copy text to the clipboard.

Permission: Geolocation

A permission request to track the user's location.

Permission: Microphone

A permission request to access the user’s microphone.

Permission: Notification

A permission request to send notifications to the user.

Uncommon Protocols

Normally computers use common communication protocols such as TCP/IP, DHCP, DNS, and HTTP. In some cases, communication may involve an uncommon protocol that can be used to activate undesirable actions like automatically opening an app or launching a Skype call - such actions impact the user experience.

User Advisory violations

The User Advisory category covers violations to be cautious of, as they could indicate offensive material or the potential for suspicious activity.

Heavy Ad

Heavy Ads are the ads that violates Google's heavy ad intervention policy (consume more than 4MB of network bandwidth; use CPU for 15 seconds or more within 30 second window; uses CPU for 60 seconds or more in total) and get blocked by the Chrome browser. To ensure that webpages are free of resource-intensive ads that slow down the user experience and impact the website performance, AdSecure audits all ad creatives’ size and notifies the user whenever a heavy ad is spotted.

Suspicious TLD

Top-level domains frequently used by cybercriminals who are setting up hosts for spam e-mailing, scams, shady software downloads, malware distribution, botnet operations and "phishing" attacks, or other suspicious content. Please note that it may not be necessary to block all domains flagged as suspicious, but it is our policy at AdSecure to inform you of their potential relationship to malicious activity so that you can make an informed decision.

Threat Intelligence

This detection is based on AdSecure’s Threat Intelligence service and reports if the URL was flagged for a violation in any AdSecure analysis in the previous 30 days.

Crypto Ads

As cryptocurrency advertising has been regulated by more and more countries, AdSecure wants to keep up with the industry standard and protect end users from being exposed to misleading or non-compliant cryptocurrency promotions. When there are crypto ads detected on ad creatives or landing pages, the ads will be flagged and AdSecure's users will be informed in real-time so they can proceed with caution of these ads. Please note that the Ad Discovery feature needs to be enabled if the whole website is scanned for crypto ads detection.

Unsafe content: Adult

Unsafe Content: Adult is powered by Google API and is flagged when it is likely that an ad creative contains adult content. Adult content may contain elements such as nudity, pornographic images or cartoons, or sexual activities.

Unsafe content: Medical *

Unsafe Content: Medical is powered by Google API and is flagged when it is likely that an ad creative contains medical content.

Unsafe content: Racy *

Unsafe Content: Racy is powered by Google API and is flagged when it is likely that an ad creative contains racy content. Racy content may include (but is not limited to) skimpy or sheer clothing, strategically covered nudity, lewd or provocative poses, or close-ups of sensitive body areas.

Unsafe content: Spoof *

Unsafe Content: Spoof is powered by Google API and is flagged when it is likely that an ad creative contains spoof content. Spoof content indicates a modification made to the image's canonical version to make it appear funny or offensive.

Unsafe content: Violence *

Unsafe Content: Violence is powered by Google API and is flagged when it is likely that an ad creative contains violent content.

IAB: Ad Dimension **

IAB recommends certain ad dimensions that contribute to the majority of revenue and are sufficient to advertise across multiple screen sizes. This detection will flag ads that are not compliant with the IAB standards in terms of ad dimension. IAB recommends that the ad dimension should be in the range of 100x200 - 150x300.

IAB: Ad Weight **

Ad weight is the total size of all the ad assets being delivered to the browser at a given phase. This detection will flag ads that are not compliant with the IAB standards in terms of ad weight (initial load and sub-load). IAB recommends an ad size with an initial load of maximum 50KB and a sub-load of maximum 100KB.

IAB: Ad Request Count **

Ads consist of multiple resources. The number of requests made to fetch these resources has a significant impact on the load performance of the ad as well as on the page where the ad is displayed. This detection will flag ads that are not compliant with the IAB standards in terms of ad request count. IAB recommends a maximum of 10 requests.

IAB: Ad File Compression **

To optimize the file size for delivery of an ad to a browser, the assets within the ad should be delivered in compressed formats such as gzip. This detection will flag ads that are not compliant with the IAB standards within this category, which means they are not delivered in a compressed format.

*: Only available upon Content Classification feature enablement
**: Only available upon IAB Standards feature enablement