Home > Paid Traffic Sources > Push Traffic

---

Site Getting Flagged as Malicious (30)

---

My camp was rejected because my site was flagged.



I simply switched my lander to another site and that seemed to fix it.

I noticed this happened after I added the Propush script and the back button script from Jaybot's guide. I'm not sure if this is the issue or something else.

I am curious as to why this happened and how I can avoid this in the future.

---

I assume that you have put the script on one of your landers that you use for running sweeps. For such a case most traffic sources have no problem at all.

Your screenshot looks like it is from Propeller. They don't reject your camp for such a script. Propush actually belongs to them.

However if you use your lander ONLY for collecting push subs then that is a different story. Only few traffic sources do allow that.

Anyways...

To get an idea what the malware might be, you can check these sites:

https://www.virustotal.com/gui/home/url

https://sitecheck.sucuri.net

Most likely you have some bad scripts on your lander you have not been aware of yet.

---

Is this your LP domain or is this your tracking domain?

If it´s your tracking domain make sure that this is not flagged.

If it has to do with the Propush script it could happen for example when a user interacts with the push prompt and gets redirected then to a smartlink/offer with a banned domain or bad scripts or so.

---

Overthinking it.

It's because you're running sweeps on pops or push.

You'll get your sites flagged by all sorts of domain checkers.

Swap out the landing domain and it usually goes away. If it keeps coming back, drop the offer or the lander.

---

I agree with Jason. Yes. The only other thing I can add from experience is...these guys helped me when I was getting GSB bans. Turned out I was a moron (even though I CAN CODE, I lazily did not check very well) and left scripts in my adplexity scraped LPs. Could be that also. But if it was running fine for awhile and got banned probably what Jason said.

Split your LPs to a different server is my 2 cents. Overkill? Perhaps. Safety when things like this happen, yes. That way your tracking domain is not affected by any bans. Easy to swap LPs domains, tracking is harder. Especially with Binom etc if the main domain goes down the tubes.

---

Binom is dead simple to swap out tracking domains. In fact, you should setup a separate tracking domain just for logging in (and a separate one for postbacks), so even if one of your tracking domains goes down, you can still login without doing the long, drawn-out switch and asking support to update a bunch of shit.

I have about 8 tracking domains and use them for different geos or verticals.

You can select separate tracking domains right when editing a campaign, it has a nice little dropdown list of tracking domains you've added to binom.

Takes a few minutes to type some silly shit into a terminal, and adding them to the domains tab, but it's very worth it for protecting your setup.

I should do a video or something on that sometime...

---

Yup, that´s also how I run it.

One domain to login to Binom, separate domains for tracking/postback and then of course also separate domains for landing pages.

---

Tracking domain. It's doesn't appear to be flagged. Only the lander domain.

I'll run the same setup without Propush and see what happens.

---

I swapped out the landing domain and that domain got flagged as well. I'm dropping the lander and seeing what happens.

---

Another site bites the dust.



I cloned a camp that's been running for a while and the new camp and my site, was flagged.

I initially dropped the lander when my first site got flagged, and that helped for a short while. I don't think it's the offer because my original camp hasn't been flagged at all.

I checked the landers and don't see any unusual scripts (I'm still new to it but I know what the script code looks like) and everything looks normal.

Propeller is showing that my lander is getting flagged, but these are the same landers that I've been running no problem since I started. The only difference is the Propush script and the Back button script. Which is when I started noticing the flags.

Is there an alternative to Propush?

---

@anthonyh

One of few things is happening here...(possible propush option as well but less likely)


1. A script DOES in fact exist in your scraped page and is triggering this. Or alternatively, your JS scripts and CSS scripts are calling to Google itself. You can figure this out by searching your page code for "google" and see what lines come up.

2. The page you are running is super aggressive and has logo's etc on it which is triggering the ban. Although it shouldn't happen that fast.

3. I am running ProPush myself with 0 issues so far on ANY campaigns I have ran. I highly doubt this to be an issue but there is a small and I mean very small chance that it's a propush offer in that GEO on backlink causing it. Super duper small chance on this.

My guess is something in your page code, or references to Google etc is leading them right to you. I do know that GSB bans happen whether you like it or not. I have had 4 so far. From what I know about @jaybot he has a graveyard like the one that surrounds the haunted mansion. Part of doing business. Get bulk .xyz for $1 each and pre set them up in Binom so when this happens you can just change URLs real quick and go again.

If for some reason IT IS Propush it could be setup in such a way that users are in an infinite loop where they can't click out of the yes or no for notifications. In that case then a ban would trigger also. Sometimes GSB bans are so hard to pin down and sometimes its a just a random luck of the draw where they fired a shotgun and you were standing in the crosshairs.

---

Your original camp hasn't been flagged at all? Direct linking? Or different lander? Just a matter of time, I think.

Once GSB flags a lander, it will actively search it out and lately... it will find it eventually. Use a different lander.

Doesn't matter if it has scripts on it. I've had completely clean landers, no scripts, no backbutton, no push subs anything, and it will still get banned tomorrow if I run it.

Alternatives to Propush: Monetizer (best stats, easiest to setup). Or Pushnami (hard to get in, little competition. Or TCAds (relatively new, not many using it, can push ads to your own subscribers for free).

---

No google in sight.

I'm running a spinwheel with generic images and the copy probably isn't aggressive enough.

What exactly are GSB bans?

You know...it was automatically redirecting at first, but I fixed that way before I even ran a camp with Propush

---

Same lander. The only changes were some excluded browsers, zones, and different creatives.

Is there a way around this? Maybe tweak some images or something? This is my best performing lander.

Doesn't matter if it has scripts on it. I've had completely clean landers, no scripts, no backbutton, no push subs anything, and it will still get banned tomorrow if I run it.

Got it. Big thanks.

---

Easiest option is to find similar landers with a spy tool.

Sometimes malicious code is hidden so well that it is really difficult to find it. Then all the investigations is not worth it. Sweeps landers are not really unique anyways. There is reason why you see the same landers over and over again.

Also don't be fooled by the performance of your lander you have seen so far. Unless you don't have really significant test results you don't know how good your lander really was.

Once you have found new landers (without brand logos)....

Buy new domains and use cloudflare with proxy (is standard). Make some adjustments to your directory structure for the new lander. With this I mean the structure in the url. So instead of awesome.com/sweeps/spinner1/index.html change it to noonecanflagthisurl.com/trulla/drehscheibe/index.html --> to give you an idea.

Then you should be save.

Neither propush nor monetizer scripts cause GSB bans so you are safe with these. However such scripts as well as backbutton can lead to flagging on some virus detections services (can be problem when you run desktop).

---

So, when I buy the new doamins, do you mean point them to cloudflare?

Is there a forum explaining how to use a proxy?

---

Trulla Drehscheibe

And the German users are smiling.

---

@twinaxe

Amazing... you have sharp eyes like a hawk. And I am happy that someone found my "easter egg". Hope no one asks what "Trulla" means

Yes. You buy domain at namecheap (or others) and then point from there to cloudflare (cf) name servers.

On cf you put A recored pointing to your server. When done you see your IP address and an orange cloud. This means proxy is on. It is the standard setting that you exactly want. There are tutorials on STM which explain all the settings in detail.

So when then someone calls your lander it is served from cf and only the cf IP address is exposed.

My understanding so far is that this way your server IP is not exposed and thus cannot be flagged.

---

True, how would you explain in English what exactly a "Trulla" is

About the domains getting flagged, I am not sure if Cloudflare will help there.

In the end it´s the domain that gets flagged and not the IP that serves the files.

With Cloudflare you can "hide" the files source but the domain is still the same.

When your domain gets flagged by GSB the flow is like this:

Google visits campaign URL -> Gets redirected through tracking domain to LP -> Goes to LP domain where files are served either directly (no CDN) or through Cloudflare (with CDN) -> If there´s questionable content/scripts your domain gets flagged

It doesn´t matter if you use a CDN or not, the LP domain stays the same and this is what they flag/ban.

From Wikipedia:

"Safe Browsing protections work across Google products and are claimed to “power safer browsing experiences across the Internet”. It lists URLs for web resources that contains malware or phishing content."

To really prevent getting flagged you would need to catch GSB before it reaches your LP with the questionable content/scripts.

Correct me if I´m wrong but this is how I understand it.

---

No, Cloudflare (alone) does not help.

The logic was more like:

- dont have malicious code and logos in your lander
- get a new domain
- make sure CF proxy is on and set up properly
- change directory struture of your landing pages

--> when this is all incorporated there shouldn't be GSB bans or at least they should only occur rarely.

Is a bit like.. when you freeze: wear 3 t shirts, 5 sweaters and 2 winter coats and make sure you are not wet--> then chances that you still are freezing are pretty low

Of course you could watch weather forecast and make sure that the cold never reaches you

---

Nice example

---

Seeing it all the time.
I would ask the rep to get in additional assistance and check all domains for you.
Swapping out your tracking domain most likely will not resolve the issue, may fix it temporarily, and flag it again in a few days.
Plus you have to choose your domain carefully.
It is a big topic. Hit me up in private if still looking for additional support.

---

Tracking domain isn´t affected so there´s no need to swap it.

In what context shall he choose the domain carefully?

It´s LP domains, when it gets flagged just swap it.

Yes, there are a bit more sensitive domain endings and there are more lenient domain endings but we´re talking about push and pop traffic so I don´t see in what context he shall be careful when choosing the domain.

---

Check his post above, it's all there.

Just name the directories not that obvious

---

Got it. Thanks.

---

How would you know if your server IP has been flagged as well?

I just destroyed my old server because I was thinking since the domains that were getting flagged were hosted on there, I should destroy it.

I made a new one and setup everything up with cloudflare implemented.

---

There are some IP reputation checkers like this one: https://www.ipqualityscore.com/ip-re...n-check/lookup

Though they check more towards SPAM DB's.

What you will find out, that almost all IPs nowadays from VPS are already flagged. Sometimes you need to create like 10 servers and maybe 1 from 10 won't be flagged.

P.S. Any ideas how to get rid of Kaspersky flags? My LPs are getting flagged in 1-2 hours, in the past I tried to changed the LP's code etc, but it keeps me flagging. Changing VPS/IP/domain structure, they still flag it.

---

I know that problem with Kaspersky myself and didn't find a solutions for it yet.

Even with the best setup I still got domains flagged by Kaspersky.

Funny thing is when I checked my LPs from a Windows PC with Kaspersky installed ot happened that I didn't receive a warning or whatever.

---

Yeah, from my experience it doesn't affect the performance at all, but I feel it attracts flags from other vendors which come soon after

---

If you face any difficulties with ProPush settings you can check out this guide https://propush.me/qsg/Propush.me-Quick-Start-Guide.pdf or contact our suppоrt team via support@propush.me

---

Home > Paid Traffic Sources > Push Traffic