I received a few ads today from TTM for PTP pages that were designed for fraud. The automated PPC searches running via hidden iframes and scripts aren't coming from an occasional bad page in their rotators, but from the PTP pages themselves. Each of these programs offers affiliates an unreasonable CPM, which is usually a clue that there's something ugly happening.

I hope you'll stop these six ads and prevent the millions of fraudulent hits they would generate if fulfilled.




The page contains itsptp.com/promote.php?uid=782, which opens these hidden iframes:
look4bull.com/portal/index.php
feedgiver.com/portal/index.php
validxmlfeed.com/portal/index.php
goodclickz.com/portal/index.php
webclixs.com/portal/index.php




This page contains pay-ads.com/abc.js, which opens these hidden iframes:
findleap.info/a1.htm
findleap.info/b9.htm
findleap.info/m.htm

These in turn open the following hidden iframes:
feedwithus.com/p.php?ref=seo2007
mygole.com/portal.php?ref=seo2007
777seo.com/seo.php?username=seo2007
adtris.com/portal.php?ref=seo2007
akster.com/portal.php?ref=seo2007
luxemil.com/search/portal.php?username=seoppc
upperhits.com/index.php?id=cpx9999
neoffic.com/t/?id=seoppc
i-e-search.com/portal/?ref=35
cb-search.com/cpi.php
isearchmoney.com/cpi.php
findz123.com/cpi.php
nbcsearch.us/cpi.php
dxptp.com/ads.php?usr=bobois
dxptp.com/ads.php?usr=pay888
dxptp.com/ads.php?usr=opt9
dxptp.com/ads.php?usr=kkklbvcs
dxptp.com/ads.php?usr=make87
pk-ads.com/ads.php?usr=opks
top-feed.info/cpi.php
findleap.info/9.htm

And those open dozens more hidden iframes several layers deep, at least one of which often contains a Trojan.


The rest are all similar. There's probably further information on each in this forum or at WIW if you need help finding the problematic scripts and/or iframes.














Thanks.

I thought upperhits fixed their pages. Where did you learn of this?

The other 5 are gone.

I found some links in this forum from the past few months on upperhits, if this helps?

http://getpaidforum.com/forums/index.php?a...amp;pid=4799285
http://getpaidforum.com/forums/index.php?a...amp;pid=4838649
http://getpaidforum.com/forums/index.php?a...amp;pid=4781237

There's also a lot of results on the first page of a google search for upperhits.com that show it has 0 iframes and autosearches.

I tried visiting the link jlandis posted and got this on the page I went to



Firebug shows that contains these 0 iframes
First:


And inside that one are these two:



You can see a lot of that going through the status bar if you're in firefox and you can see them with the adblock addon too. I think they will only show if you're not using an ISP that uses transparent/closed proxies though.

hth

What is Firebug and how do I get it?

All totalled, that makes 6 more slots we now have for ********** advertisers. Thanks to all for finding them.

Firebug is an extension for firefox. You can download it here if you're interested in trying it out.

https://addons.mozilla.org/en-US/firefox/addon/1843

To be honest it takes at least a month of use to get used to what it can do for you. First of all I would see if you can find that first iframe just from looking at the view source on the page, and try adblock if you don't have that yet.

Sorry to jump into this thread but thanks Wagdoll, I am going to give the firebuggy thing a try. I kept on seeing itsptp on paidcpm so knew it was a nasty site but for the life of me I couldnt get the frame or source code.

Thank you.

On paidcpm promote page, click in the left frame where the skyscraper banner is, and do view source there. Then you can see the itsptp

Thank you for stopping them.

And thanks to wagdoll for all her help too!

Yes, thanks to everyone concerned. I know it was a bad thing but as most people weren't speaking "the Queen's English" I could not understand what was being said.

It sure is a lot less difficult being the admin when I have so many looking out for all. Are those the only bad ads running?

You're absolutely right, Ron -- we all have to look out for one another. What with fraud so rampant, it takes a lot of eyes, a lot of tools and a lot of skills to try to keep up. Even then, different hits produce totally different results when elements are rotating or geo-targeted. Wagdoll taught me a great deal of what I know how to spot, and I still wind up with embarrassing questions all too often.

I don't get to click as much as I'd like lately, but those were the only ones I noticed from my Inbox. I read through the list of subject lines as carefully as I could before bothering you. I can't promise I didn't miss anything, and it's been awhile since I got through all the PTCs.

Thanks again!

Whenever anyone has a query, comment, suggestion, complaint, it's never a bother, it's why I'm here. How else can I keep the site running properly if people don't come to me when there's a problem. Any time I say anything to the contrary, I'd hope y'all would know that I'm just spouting and don't mean half of it.