A recent Ad Lightning study indicated that nearly a third —28% of all Internet ads — are ‘bad ads,’ meaning they are oversized, malicious, offensive or non-compliant with IAB standards or publisher specific ad policies. The full survey is available here.

With that said, when you lift up the hood, what, exactly, does a bad ad look like? The screenshot below is a great example of an ad gone wrong — completely unbeknownst to the advertiser — that would cause notable interruption to the user experience and become a major headache for a publisher.

So let’s break it down— below is the anatomy of this bad ad:

Ad Requests, Video Stuffing & Malware

There are a whopping 837 requests are embedded in this one ad. The IAB standard for LEAN ads, or ads that offer a “lightweight user experience to maximize initial page load performance” among other guidelines, is 10 file requests per ad. Even when factoring in more requests to enable a programmatic transaction, anything over 150 is highly suspicious.

In this case, when looking more closely at these requests it appears that one of the calls is actually loading a video player.

Within the video player, we can then see that a secondary pre-roll auction is taking place behind the static ad that was displayed on page load. The auction is driving up the number of requests fired from the ad. You can see that a lot of legitimate players are unknowningly getting caught up in the mix!

Ad Lightning has extracted a specific signature (unique ad identifier) that is responsible for this behavior. That signature, b=e97530f114336b11bsw, was categorized as malware in a previous scan and is being flagged as known in this report.

File Size & Ad Payload

With all of the resources it's taking to load this particular creative, the ad payload has exceeded the recommended IAB spec for initial load and total load. At 1.61MB, the user experience is likely to be impacted significantly. The ad image itself isn't too far out of spec, however — with the addition of the player alone — the file size is doubled.

Data Collection

With multiple video auctions taking place within the ad, it's no surprise that over 564 cookies were dropped from over 35 data collectors. In addition to driving latency, this can be problematic for two reasons:

• Data leakage: Unknown or unapproved entities can steal valuable audience data and use that to build audiences that are off property.
• GDPR & other data regulations: It's critical that users in the EU consent to each entity collecting data. If unapproved collectors are identified, there are significant financial consequences for the publisher.

This deep dive into one bad ad illustrates how easy it is for the user experience to go off the rails and why advertisers, publishers and users alike are fed up. It’s time to take a scalpel to the influx of bad ads that are the scourge of every digital publisher trying to provide quality journalism and other important content to their loyal readers. Let Ad Lightning help you identify and block nefarious ads on your properties — give us a call today.