my ads are getting hammered by 1 IP

Not 100% sure if this is cause for concern or not. I'm pretty new to this stuff ... I'm seeing a ton of clicks from 1 IP (different keywords).

I got on the phone with AdCenter about it and they requested logs from me to investigate which I'm sending shortly.

I started my campaign last night but no statistics are showing up yet on AdCenter's site for me to investigate from that end.

I guess I was hoping AdCenter would tell me a few things that they didn't:

1. How can I know for sure this isn't an AdCenter human/bot (I'm pretty sure it isn't). Currently I'm filtering AdCenter with 4 different 65.54.236.xxx IPs but would like a more fool-proof method - is substr($http_user_agnet,0,6) != 'MSNPTC' enough?

2. how can I block known problem IPs from seeing my ads?

 

Let us know what MSN says about this. Getting hit by 1 IP has to be either so sort of bot or an error.

 

It happened to me once in AdWords and I was refunded from those clicks. I guess AdCenter as well have an automated system to detect click fraud.

Please post back how they handled it. It's important that everyone will be aware of such things.

 

Here's the summary of my results...

The guy I initially spoke to was very nice but it sounded like it was his first day. He initiated an investigation and asked me for some data to back up my claims. I sent some (ugly) log output from my homebrew click-tracking code.

I called back a few days later to get an update and spoke to someone who sounded like they knew what they were talking about. They reassured me their own software does thorough click fraud detection and that I should not be charged for multiple clicks from the same IP in this circumstance. Had I gotten this response the first time I called I would have thought "lesson learned" and probably not worried about this scenario again.

Yesterday, the first guy calls back to tell me the results of the investigation. They saw no suspicious activity on my account. He told me that clicks from the same IP could be coming from many different users since their ISP could be reusing IPs. Either I'm really missing something or this statement is ridiculous -- given the quantity of clicks I get per day and the fact that my ads were being clicked maybe 20 times over 2-3 minutess from the same IP.

He told me I could send more data (and specified a particular format I should send the data in) but at this point I think I'll just keep watching my logs unless there is another big spike.

 

I would send in the data they want and get the money back. That is BS on MSN's part.

 

Definate click fraud....keep hammering MSN until the fix this issue the right way. Disappointing to here they didn't handle this better...

 

It's not click fraud. 65.54.236.xxx is a Microsoft IP block. Nothing to worry about, it obviously will not count towards your daily clicks.

OrgName: Microsoft Corp
OrgID: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US

NetRange: 65.52.0.0 - 65.55.255.255
CIDR: 65.52.0.0/14
NetName: MICROSOFT-1BLK
NetHandle: NET-65-52-0-0-1
Parent: NET-65-0-0-0-0
NetType: Direct Assignment

 

Maybe what you're experiencing is the same as what I've seen on one of my sites...

I signed up for adCenter a couple of months ago, and one of the first ads I put up had display URL www.mydomain.com/trial ... ever since then, I've been getting spam bot traffic to that URL. It looks like it could be referer spamming, judging by the HTTP referer and the number of times the bot is hitting my site. This is what one of the hits looks like in my Apache access log:

(My ad campaign was for an online fax service, so maybe that's why the bot includes the "contact OR mail OR email OR phone OR fax OR tel" part in the referer.)

The bot uses a new IP address every few hours, and frequently changes the domain referenced in the site:_______ portion of the referer.

Anyway, I've been getting these hits even though my campaign was paused a long time ago. And these hits have never affected my clicks on adCenter...the only connection to adCenter is that the URL was taken from my ad I put there.

 

I had said this is an IP I'm filtering, not the IP that had generated the multiple clicks.