I just found something sketchy with ngrok.io link for my wordpress site.
When i visit my wordpress site via ngrok.io, I notice that a sketchy JS file is getting injected from 22.214.171.124 when the site loads.
On Desktop browsers, the JS files get injected but no ads seems to appear, probably because the response is “No Ads available”. ( see the screenshot )
However, on mobile browsers like Android Chrome or iOS Safari, pop under ads are getting injected and when I tap somewhere on my wordpress site, it is loading them on a new tab.
The ads are like typical scammy ads targeted to mobile users, like the typical “Congratulations, you won iPhone” etc.
From Google Search I find that the 126.96.36.199 is the IP Address of my ISP.
The HTTPS version of ngrok does not load the stylesheets and other important files due to mixed content error.
There should be a solution to this.
Please see the screenshots: