LONDON, Nov. 25, 2025 (GLOBE NEWSWIRE) — Pixalate today launched the AdFraud IOC-Database, the ad industry's first open-source ad fraud intelligence resource. The AdFraud IOC-DB contains free, weekly-updated lists of the highest-risk ad fraud indicators of compromise (IOCs) on which Pixalate has observed invalid traffic (IVT). The AdFraud IOC-DB reveals the top 50 IOCs observed across multiple supply-path touchpoints, including IP addresses (IPv4 and IPv6), device IDs, data centers, fraudulent Bundle IDs, MFA publishers, and delisted apps. AdFraud IOC-DB is dedicated to helping combat the spread of ad fraud, invalid traffic, and abusive activity in the digital advertising supply chain. By publicly releasing a free, weekly-updated feed of the highest-risk threat indicators, Pixalate aims to arm Small to Mid-sized publishers (SMBs) and the ad-tech community with the enterprise-grade intelligence needed to safeguard the digital supply chain. “Cybersecurity relies on community and information sharing, but the ad tech sector still operates in silos,” said Jalal Nasir at Pixalate. “With AdFraud IOC-DB, we are breaking down those barriers. By identifying and sharing the highest risk threat vectors observed by Pixalate – from botnet IPs to spoofed Bundle IDs – we are empowering the ad-tech community to take immediate action against the bad actors draining the digital economy.” Enterprise-Grade Intelligence, Publicly Available AdFraud IOC-DB is powered by Pixalate's MRC-accredited ad fraud detection engine, which analyzes 183 billion global data points daily. It filters this massive dataset down to the 50 most critical threats, allowing sysadmins to easily integrate high-risk blocklists without overwhelming their infrastructure. IOC-DB Data Points The IOC Database is based on Pixalate's analysis of 183 billion global data points analyzed daily across 1.4+ billion IP addresses, 11.5+ billion CTV and mobile device IDs, 3.1+ million domains, 137K+ CTV apps, and 13.4+ million mobile apps to surface the highest-risk end-points across: Pixalate's MRC-accredited IVT detection system analyzes all data points for patterns of invalid traffic. High-risk end-points are added to Pixalate's blocklists, and the AdFraud IOC-DB reveals the top 50 (based on ad volume) IOCs in a given category on a weekly basis. AdFU IOC Categories Researchers can query across 8 IOC categories, each containing ad fraud signals and infrastructure data: The AdFraud IOC Database is accessible on Pixalate's website. About Pixalate Pixalate is a global platform specializing in privacy compliance, ad fraud prevention, and digital ad supply chain data intelligence. Founded in 2012, Pixalate is trusted by regulators, data researchers, advertisers, publishers, ad tech platforms, and financial analysts across the Connected TV (CTV), mobile app, and website ecosystems. Pixalate is accredited by the MRC for the detection and filtration of Sophisticated Invalid Traffic (SIVT). pixalate.com Disclaimer The content of this press release, and the AdFraud IOC Database (the “IOC-DB” or “Lists”), reflect Pixalate's opinions with respect to factors that Pixalate believes may be useful to the digital media industry. Pixalate is disclosing this information within the IOC-DB based on evidence suggesting that spammers and other malicious actors may be utilizing certain identifiers – including but not limited to Data Center IP addresses, IPv4 and IPv6 addresses, Connected TV (CTV) device identifiers (“IDs”), malformed CTV bundle IDs, domain names, website URLs, and other identified digital markers – to conduct harmful online activities within the digital advertising ecosystem. As such, the Lists are only intended for internal and operational use in fraud prevention, ad verification efforts, and related initiatives to protect organisations from digital advertising fraud, including proxy and video impression IVT, bot traffic, and other forms of automated abuse. Pixalate's opinions are just that, opinions, which means that they are neither facts nor guarantees. Pixalate is sharing this data not to impugn the standing or reputation of any entity, person or app, but, instead, to report findings and trends pertaining to programmatic advertising activity in the time period studied. Pixalate on behalf of itself, its suppliers and third-party licensors, expressly disclaims all representations, warranties, and conditions, whether express or implied, statutory or otherwise, including any implied warranties of merchantability, fitness for a particular purpose, satisfactory quality, and non-infringement of third party rights, to the greatest extent permitted by applicable laws. Terms of Use for The IOC-DB: The IOC-DB is provided on an as-is, where is, and as available basis, with any and all faults and without warranties of any kind, expressed or implied. Any persons or entities accessing the IOC-DB acknowledge and agree that the use of such lists, and any associated Pixalate materials, is solely at their own risk. The IOC-DB is provided for internal reference and operational use only, for ad fraud researchers and experts, security analysts, and trust and safety advisors to aid their organisations in mitigating and preventing fraudulent activities. Any person or entity is strictly prohibited from selling, reselling, or otherwise commercially exploiting this data. Any modifications of the IOC-DB and data contained therein is also prohibited. Republication of the data in its original form is permitted only with prior written consent and must include proper attribution to Pixalate as the source. The IOC-DB shall not be utilised for unlawful discrimination, harassment, or any other purposes except for ad fraud prevention and cybersecurity. Complaints: If you believe that any information shared within the IOC-DB is no longer associated with fraudulent activity, you may submit a request with evidence and sufficient information to help@pixalate.com with additional information to provide a basis in identifying and reclassifying/removing the specific entry. Pixalate does not warrant the accuracy and completeness of the content shared within the IOC-DB and reserves the right to review, update, remove, or retain any information at its sole discretion, with or without notice. Nina Talcott
Category
Example IOC
Description
Available Data Fields
IPv4
150.136.126.249
IPv4 addresses associated with high-risk activity
IPv4 identifier, Primary Ad Fraud Type, ISP
IPv6
2601:8c:4b7f:1ba0:c4a5:a3b:eae7:e32d
IPv6 addresses associated with high-risk activity
IPv6 identifier, Primary Ad Fraud Type, ISP
Data Center IP
3.129.46.191
Data center IPs that frequently source non-human traffic, including botnets and crawlers
Identifier, Primary Ad Fraud Type Observed, ISP
CTV Device ID
f562ff29-3b7a-4846-8535-f92e94b337f6
CTV device IDs linked to high IVT volumes
Device ID, Primary Ad Fraud Type, Operating System
Mobile Device ID
e129f27c5103bc5cc44bcdf0a15e160d445066ff
Mobile device IDs linked to high IVT volumes
Device ID, Primary Ad Fraud Type, Operating System
Fraudulent CTV Bundle ID
820731
Fraudulent CTV Bundle IDs used in fraud or impersonation
Identifier, Platform Name, OS
Mobile Delisted App
happy.paint.coloring.color.number
Mobile apps delisted from stores but still active, generating ad impressions or indicating supply chain risks
App ID, App Name, Developer, OS
CTV Delisted App
2016
CTV apps delisted from stores but are still active, generating ad impressions or indicating supply chain risks
App ID, App Name, Developer, OS
Availability
ntalcott@pixalate.com
