Home > Paid Traffic Sources > POP / PPV / Redirect

---

Help - Got an 'Abuse Report' from Voluum (17)

---

Hi Guys,
I was running some Pop Sweep Campaigns in Switzerland (both desktop and mobile) and after about 1 day my Domain Got Flagged by Google



I thought I might need just to replace the domain and restart BUT then I got the email below from Voluum and things felt much more serious.

I've sent an email back to codewise (Voluum) support asking for clarification on what was actually wrong (and a copy of the legal notice if they are allowed to send it to me) so that I can try to figure out what went wrong ...

But I was wondering if:
1). Anyone had gotten something similar and has advice
2). Anyone has advice on what needs to be checked/changed before I restart the campaign.

I really don't want to restart the campaign until I figure out what just happened and how to stop it happening in the future.
Any help would be really appreciated !

Email From Voluum Below

Hello,

We have received a legal notice stating that we're taking part in fraudulent actions concerning malicious content.
The URL provided leads to your account in Voluum.
The materials you're using are not in compliance with our terms and conditions and can't be further used to promote pages that have malicious content.

The fraudulent campaign:

<Name of Campaign in Voluum>

Campaign ID: <Campaign ID in Voluum>

Please review your campaigns and stop the traffic to it immediately.

As mentioned, in order to protect the integrity of our system, we banned your campaign.

You can read further information regarding the type of content which is not accepted within our terms and conditions (i.e. article 4:4).
If you have any further queries, don't hesitate to ask."


Article 4:4 in Voluum terms are:

4.4 Client shall not use Voluum in any manner, or in connection with any content, data, hardware, software or other materials, that (A) infringes upon or violates any patent, copyright, trade secret, trademark, or other intellectual property right of any third party, (B) constitutes a defamation, libel, invasion of privacy, or violation of any right of publicity or other third-party right or is threatening, harassing or malicious, (C) constitutes phishing, pharming or impersonates any other person or entity, or steals or assumes any person’s identity (whether a real identity or online nickname or alias), (D) violates any applicable law, ordinance, rule, regulation or treaty.

---

You need to findo out what caused the problem.

Was it the LP ... high profile companies logos, some nasty scripts installing something without consent ...
Was it the offer ... was it just a regular sweeps offer (leagen) or was it some kind of an aggressive offer ... mallware/adware installs for example.
Was it a fallback offer ... many networks have fallback funnels prepared for traffic that doesn't match the required targeting ... out of GEO, wrong device, wrong carrier ... and these clicks are often sent to smartlinks that rotate all kinds of crap.

My bet would be a fallback or an advertiser who redirected the traffic on their end. Try to talk with your AM at the affiliate network and ask them to disable fallback redirects for you, that often helps.

---

Thanks Matuloo !

What I've Done So Far -

1. Deleted the Sites to be safe while trying to work this out
2. Following up to find out the contents of the 'legal notice'
3. Setup a Search Console account to find out more about Google's reason for flagging the site (see image below)



Based on the 'Deceptive' pages comments and the URLs shown, I think the big issue was inserting the ISP name into the page content by mistake. But checking if that is the only issue.


4. Found out one of the Affiliate Networks was redirecting traffic outside the geo, to a catch all smartlink (which could have had a deceptive offer in there).

So have setup country redirect in my tracker (i.e if outside switzerland they get sent to google dot com) and also asked if the Affiliate Network can change their catch all smartlink for my account (in case there are users my trackers thinks are in Switzerland but the Affiliate Network's tracker thinks is outside Switzerland).

PLAN GOING FORWARD

[1] Waiting for more information and then trying to 'fix' the site.
[2] After the fix - reload the site and then ask Google to re-review the site (through the search console) and say if it is fixed.

---

This can help yes, I've been using this trick too, with networks that didn't want to turn the fallbacks off.

Never had an issues with this myself and I've been doing all kinds of user detection tricks to make the LPs more appealing ...

I still think the smartlink caused this

---

I hope it is just the smartlink

I finally chased up the 'legal notice' and I think it was from Amazon.
They did not like that a Spam complaint was made about a site they were hosting

So I'm wondering if that means that they changed policy and will send me something like this every time google flags a site (since they never have before)
OR whether there was something extra bad about this flagging.

** EMAIL BELOW **

AWS ID: <Account Number>

Hello,

We’ve received a report of Spam Website on one or more of your Amazon S3 resources. A copy of the complaints are included below.

URL: <UL>
Bucket Name: <Bucket Name>
Object: <File Name>

Please investigate the reported URLs and remove any spam content that may be present. If you don’t remove the content, we may take steps to disable access to the content, up to and including suspending your account.

If you believe the content referenced in the complaint is not a violation of the AWS Customer Agreement (aws.amazon.com/agreement) or the AWS Acceptable Use Policy (aws.amazon.com/aup), please email our abuse team at abuse@amazonaws.com.

AWS Internal Reference #########

---

It sucks that their reports are not clear enough ... someone might have complained about some offer and they thought it was the same url as your LP ... or maybe there was something with the LP itself, hard to say since I didn't see it.

---

Ooops forgot to include the 'report' which was at the end of the email
It seemed to show a trail that ended on my site (i.e. they did not click and go onwards).

That and the 'deceptive site' tag from google search console ... is making me start to think they just do not like the page :-)


************** Original Complaint **************

On Tuesday, September 11, 2018 we were informed about a deceptive site hosted at an IP address under your control. The following IP addresses and domains are involved in the forwarding chain:

52.22.45.159http://sp.popcash.net/go/12850/273569

52.22.45.159http://sp.popcash.net/sgo/ad?p=12850&w=273569&t=91c8c68552aecfbd&r=&vw=1050& vh=6...

173.0.146.148http://us.digitaldsp.com/api/submit_form_request?p=04c8a4be-f33f-431f-b3fd-3b285...

173.0.146.148http://us.digitaldsp.com/api/win_request?sw=1280&sh=800&ww=1050&wh=780&wiw=1050 &...

18.153.1.124http://<my tracker>

13.32.176.114<my site>

Please URGENTLY remove the pages hosted in environments under your responsibility.

********************************************

Regards,
The AWS Abuse Team
--------------------------------------------------------

---

Ok, looks like a problem with the LP then ... maybe it was to aggressive.

---

Yes, for me it also "smells" like it's your landing page which causes the problem.

Did you show the LP to a friend and asked him what he thinks about?

If you use a G! logo and tell each visitor "You are the 1,000,000th visitor and we give away XY for free for you" then well...

---

Hi Osmiumman,
Don't do either of those (Google logo or 'you have won).

But was inserting ISP names into the page (e.g. Swiss Com for Switzerland) which might be an issue.
Could also be that the page is similar to other people's pages I've seen which do have logo and 'you have won' etc

So I'll also get a friend to check the page and see what they think.

Maybe a fresh set of eyes will help me out.

---

I remember getting a similar message from AWS, or at least seeing something like this a while back for some reason. I simply moved my files to a different host and never had a problem since.

FWIW I have spoken with people running sweeps landers promoted as the ISP and they have been doing it for years with no problems like this (yet)

---

best to not use the provided Voluum domain, setup your own with the DNS on cloudflare. That way any messages will go to you, not Voluum

---

What host did you move to?

---

Hi Nickpeplow,
I actually used a domain I own as the tracking domain for Voluum (not the one provided by Voluum) - so not j????.voluumtrk2.com but my own.

Unless you meant something else?

---

Also something I noticed.

This was actually a SmartCPM campaign I setup on PropellerAds .... but the trail below seems to indicate it started at PopCash?

I know PropellerAds has the option to 'Activate Trafficboost' to get traffic from other traffic sources, but that option is not available in SmartCPM so I assumed that a SmartCPM campaign only gets traffic from PropellerAds and not its partners?

Anyone know what is happening



52.22.45.159http://sp.popcash.net/go/12850/273569

52.22.45.159http://sp.popcash.net/sgo/ad?p=12850&w=273569&t=91c8c68552aecfbd&r=&vw=1050& vh=6...

173.0.146.148http://us.digitaldsp.com/api/submit_form_request?p=04c8a4be-f33f-431f-b3fd-3b285...

173.0.146.148http://us.digitaldsp.com/api/win_request?sw=1280&sh=800&ww=1050&wh=780&wiw=1050 &...

18.153.1.124http://<my tracker>

13.32.176.114<my site>

---

It's like a wild wild west - every network cooperates with others, it's not only Propeller doing this. Buying from one of the 'big' networks will result pretty much guaranteed in rebrokering, at least that's my experience. No way to really get around it. Plus some 'publishers' get very creative in reselling traffic, so it's not uncommon to see a path like this.

---

So what was the final verdict in causing this? It sounds like this was a script or something on your landing page and not the content of the landing page itself

---

Home > Paid Traffic Sources > POP / PPV / Redirect