It is ABSOLUTELY about sites that show an ad that does a browser redirect. And even "respectable" sites can do it, because sites do not choose the ads that appear on them; they contract with one or more of dozens of ad display services. The sites (even CNN, Fox, etc) have no idea what ads are being shown on their sites. Twice now Forbes has shown ads that actually hack Windows if you click on them. which is why I never visit forbes.com.
It also has nothing to do with Apple, with iOS, or with any browser. These ads have been reported on virtually every computing platform and browser: Windows, Mac, iOS, Android, Linux; Chrome, Safari, Firefox, Opera, etc.
In addition, once you have visited a site that is infected, if you tap anywhere on the page (such as a "close" button) it runs a Javascript object that attaches the ad to any other browsing you do that uses the same ad placement service.
As far as blocking .pw and .top it would do no good, because the next day they would use .pv and .toq. And some of the ones I've seen, like 99tops.com, look like perfectly reasonable domains. The redirect can be to any domain that isn't used by someone else; there are an infinite number of unregistered domains, so they will never run out.
The solution is to use a good ad blocker. It works.
I posted instructions on the first page of this thread that worked for me, and that a lot of others have reported worked for them also. I'll repeat it here.
Do the following:
- Turn on Airplane Mode
- Go to Settings/Safari and tap Clear History and Website Data
- Open Safari and close all open pages
- double-press the HOME button, find the Safari screen image and swipe it up to close the app
- Restart your phone
- Turn Airplane Mode off
This should clear the message. And don't go back to whatever website you were on the first time it happened. If you DO see the ad again don't touch the page; just close it or tap in the address bar and overwrite it with something safe like google.com.