A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page.
Affiliate Tracking Replaced With Pop-Up Ads
The script loads an advertisement landing page commonly found on domain parking services like ParkingCrew.
It’s not clear if some of their users are purposely targeting domains like the expired one in this example or if they just register so many expired domains that it’s purely coincidental.
Domain Parking Services Linked to Pop-Up Ad Traffic
One noticeable thing is that the domain service ParkingCrew claims to use various tracking features to identify suspicious traffic from users trying to generate higher advertising traffic payouts.
Unfortunately, it looks as if Team Internet AG is the parent company to ParkingCrew. They also happen to own a traffic marketplace operating under the name TONIC. On TONIC’s website, potential users receive heavily advertised pop-up ad traffic.
While many site owners dedicate endless resources to promoting their products and services or attracting leads, this particular incident highlights the importance of also monitoring site components and overall functionality.
Each third-party element loaded onto your website decreases your website’s security. If the domain falls into the wrong hands, you may be at risk of serving unwanted ads, malicious redirects, or malware injections to site visitors.
To mitigate security risks, we always encourage website owners to keep all software (including third-party themes, plugins, and components) up to date. Also, perform audits on a regular basis.
In addition, you can use free monitoring services like Google Search Console to receive alerts whenever crawlers detect security issues. However, most free services are unable to access your web server and can miss malware at the server level. We recommend looking into professional website monitoring and alerting solutions to detect and mitigate all threats against your site.