In July 2009, two companies separately encountered a large-scale impressions fraud that involved two websites, MyProfilePimp.com and MyWackoSpace.com

The two sites appear related, as a reverse-IP lookup on MyWackoSpace.com led to a list of sites hosted on the same server that included MyProfilePimp.com. Update:  Note that MyProfilePimp was mentioned in an article in the Wall Street Journal in October 2009 called “Web Ads Hidden under Cloak of Invisibility”, as follows:

Mr. Edelman, who trolls the Web for examples of invisible ads, says ads for Kraft Foods and Greyhound Lines recently ended up buried on invisible pages on a site called MyProfilePimp.com, which offers games, photos and other ways for consumers to personalizetheir profile pages on social-networking sites like Facebook. Mr. Edelman says a visit to the site in June opened a series of invisible pages on the visitor’s computer with as many as 46 ads. He says none of those ads could be seen.

MyProfilePimp.com declined to comment.

It appears that a company or companies associated with MyProfilePimp.com and MyWackoSpace.com would go out and purchase media from online advertising companies in order to drive traffic to their nested iframe ads, which in turn would contain advertising tags from dozens of different advertising networks including video advertising networks. Here is the reverse-IP list of sites on the same server as MyWackoSpace.com:

The scenario of hundreds of ad calls resulting from a single purchased impression occurred on at least 5 different occasions between July 12 and August 1st. Many if not all of the individual ad networks involved were contacted about the situation and many of them removed the offending publisher(s) from their networks. When the company who had first discovered the issue asked the individual firms to provide the name of the publisher, or contact or payment information for the publisher, they all declined stating confidentiality that they had with these publishers. What seems really ridiculous is that any kind of confidentiality could persist in the face of strong evidence of fraudulent contact such as this.

The activity was initiated by an ad purchased by Bootcamp Media on AdECN, the ad network platform now owned by Microsoft. Bootcamp Media‘s adserving was the serving URL (ads.bootcampmedia.com – a CNAME for an implementation of AdJuggler given the url formation, in this case http://ads.bootcampmedia.com/servlet/ajrotator/738508/0/vj?z=BootCamp&dim=337128&pos=1&pv=4184997196649422&nc=835224451) – the fraudulent company was likely buying ads from Bootcamp, who when contacted by would not provide any information about the identity of the buyer of the media.

The attachment below is the full URL capture from this incident consisting of over 1450 HTML calls, captured on August 1st, 2009 – this originated from a single ad call (Beware! the only reason this log ended was because the last two URLs lead to spyware which attempted to infect the capturing computer, and thus the stream was stopped). There are dozens of networks, adservers, ad exchanges and companies in this list, including CPX Interactive, Fox Networks, AdBrite, Pubmatic, Google/Doubleclick, AdNexus, Right Media, Zedo, AdJuggler, Collective Media, RealMedia, Burst Media, Traffic Marketplace, Aqua Media Direct, Media6Degrees, AdBuyer.com, AdNet Interactive, Rubicon Project, Adtegrity and more.

Here is the file: fraud-0801-log (CSV)

Many of the above companies were able to be contacted and took swift action to shut down these publisher(s) to prevent them from continuing what they are doing. The companies who discovered the above issue had no revenue connection to the above situation but were unsuccessful in endeavoring to confirming the identity of the publisher/advertiser that had initiated this fraud. They did have their suspicions, however…

advertising, fraud, impressions Hide