Check here which type of violations AdSecure detects.
User Security violations
The User Security category covers violations that harm the user’s safety.
Adware is software that downloads or displays unwanted ads when a user is online, collects marketing data and other information without the user's knowledge, or redirects search requests to certain advertising websites.
Malicious URL: Google Webrisk
Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation). This detection is based on malicious URL violations reported by Google WebRisk.
Malicious URL: Sucuri
Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation). This detection is based on malicious URL violations reported by Sucuri.
Malicious URL: Virustotal
Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation). This detection is based on malicious URL violations reported by VirusTotal.
Malware is a general category of malicious code that includes viruses, worms and Trojan horse programs. It is used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising. This detection is based on malware violations reported by VirusTotal.
Phishing URL: Google Webrisk
A phishing site might trick users into revealing their personal information (for example, passwords, phone numbers, or credit cards). The content pretends to act, or looks and feels, like a trusted entity — for example, a browser, operating system, bank, or government. This detection is based on Phishing URL violations from Google WebRisk.
Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages.
Ads claiming that you have a virus and you are in need of antivirus software may, ironically, actually contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. Scammers often use the names of well-known companies that specialise in computer software to gain your trust. The pop-up advertisements aim to mimic genuine warning alerts generated by computer security software.
Ads that contain at least one unsecured item in the chain of resources (unsafe, no https, mixed content, ssl version or cipher mismatch).
Unwanted Programs: Google Webrisk
Unwanted software is an executable file or mobile application that engages in behavior that is deceptive, unexpected, or that negatively affects the user's browsing or computing experience. This detection is based on potentially unwanted program violations from Google WebRisk.
User Experience violations
The User Experience category covers non-critical violations that can provide a poor user experience, driving them away from websites over time, if left unresolved.
Ads that automatically download a file/executable/application without user interaction.
Ads that contain a script causing a web page to break out of any frames "framing" it, resulting in automatically redirecting the visitor to another website/page.
Auto-redirect app store
Ads that are automatically redirecting to the App Stores without user interaction.
Ads that automatically trigger pops (both pop-ups and tabunders) without user interaction.
Ads that automatically vibrate the user's device when reaching a landing page. Malicious use of the HTML5 vibrate API.
Back Button Hijack
Ads containing a script that allows an advertiser to manipulate the browser history. Usually it consists of inserting one or several pages in the browser history, which would prevent the user from going back to the previous page he was coming from.
JS Alert on entry
JS Alert on exit
Landing page error
You would receive an alert when the system identifies a broken/dead link (404 Error, 5xx, timeouts, etc.) in the landing page or when a broken link is identified in the path (intermediate redirect links inside the chain) between the click URL and the landing page.
A permission request to access the user’s camera.
A permission request to copy text to the clipboard.
A permission request to track the user's location.
A permission request to access the user’s microphone.
A permission request to send notifications to the user.
Normally computers use common communication protocols such as TCP/IP, DHCP, DNS, and HTTP. In some cases, communication may involve an uncommon protocol that can be used to activate undesirable actions like automatically opening an app or launching a Skype call - such actions impact the user experience.
User Advisory violations
The User Advisory category covers violations to be cautious of, as they could indicate offensive material or the potential for suspicious activity.
Heavy Ads are the ads that violates Google's heavy ad intervention policy (consume more than 4MB of network bandwidth; use CPU for 15 seconds or more within 30 second window; uses CPU for 60 seconds or more in total) and get blocked by the Chrome browser. To ensure that webpages are free of resource-intensive ads that slow down the user experience and impact the website performance, AdSecure audits all ad creatives’ size and notifies the user whenever a heavy ad is spotted.
Top-level domains frequently used by cybercriminals who are setting up hosts for spam e-mailing, scams, shady software downloads, malware distribution, botnet operations and "phishing" attacks, or other suspicious content. Please note that it may not be necessary to block all domains flagged as suspicious, but it is our policy at AdSecure to inform you of their potential relationship to malicious activity so that you can make an informed decision.
This detection is based on AdSecure’s Threat Intelligence service and reports if the URL was flagged for a violation in any AdSecure analysis in the previous 30 days.
Unsafe content: Adult
Unsafe Content: Adult is powered by Google API and is flagged when it is likely that an ad creative contains adult content. Adult content may contain elements such as nudity, pornographic images or cartoons, or sexual activities.
Unsafe content: Medical *
Unsafe Content: Medical is powered by Google API and is flagged when it is likely that an ad creative contains medical content.
Unsafe content: Racy *
Unsafe Content: Racy is powered by Google API and is flagged when it is likely that an ad creative contains racy content. Racy content may include (but is not limited to) skimpy or sheer clothing, strategically covered nudity, lewd or provocative poses, or close-ups of sensitive body areas.
Unsafe content: Spoof *
Unsafe Content: Spoof is powered by Google API and is flagged when it is likely that an ad creative contains spoof content. Spoof content indicates a modification made to the image's canonical version to make it appear funny or offensive.
Unsafe content: Violence *
Unsafe Content: Violence is powered by Google API and is flagged when it is likely that an ad creative contains violent content.
IAB: Ad Dimension **
IAB recommends certain ad dimensions that contribute to the majority of revenue and are sufficient to advertise across multiple screen sizes. This detection will flag ads that are not compliant with the IAB standards in terms of ad dimension. IAB recommends that the ad dimension should be in the range of 100x200 - 150x300.
IAB: Ad Weight **
Ad weight is the total size of all the ad assets being delivered to the browser at a given phase. This detection will flag ads that are not compliant with the IAB standards in terms of ad weight (initial load and sub-load). IAB recommends an ad size with an initial load of maximum 50KB and a sub-load of maximum 100KB.
IAB: Ad Request Count **
Ads consist of multiple resources. The number of requests made to fetch these resources has a significant impact on the load performance of the ad as well as on the page where the ad is displayed. This detection will flag ads that are not compliant with the IAB standards in terms of ad request count. IAB recommends a maximum of 10 requests.
IAB: Ad File Compression **
To optimize the file size for delivery of an ad to a browser, the assets within the ad should be delivered in compressed formats such as gzip. This detection will flag ads that are not compliant with the IAB standards within this category, which means they are not delivered in a compressed format.