That's what I thought too, but I managed to get the malicious ad and confirmed that it's a destination mismatch in Google Ads rather than an open redirect (no requests to gimp.org in the network monitor).