Display advertisements mostly gets served thru iframes. Per comScore study , 61% of iframed ads are delivered via cross-domain or unfriendly nested iframes. Due to the complex chain of online ad delivery thru ad networks and exchanges, it is not always clear where an ad will appear. But it is important for advertisers to know where their ad is being served
Publisher’s adapt iframes to serve display ads to
- Play safe – protect the publisher page
- Hide things that are not legitimate business practices – categorized as ‘not brand safe’ by comScore due to 
In order to safeguard guanine publishers (case 1) and to not to serve the ads in ‘not brand safe’ sites (case 2), I was exploring various options:
One approach could be to, introduce a additional http request header say ‘root-referer’ which carries the value of actual page’s URI.
This would solve the display advertising industry’s problem to large extent.
It would be nice to get this added into the http request header list? or other approach is to enhance ‘Referer’ to include both caller URI and the root URI.
 piracy and copyright theft, child abuse, phishing, fraud, hate speech, nudity etc
In a webpage kat.ph, there is a iframe that refers to http://optimized.by.vitalads.net/serve/9ef7452f573faa349de1726463a9b756/?type=2
And optimized.by.vitalads.net makes the actual ad call to ad.yieldmanager.com like this:
with following http request headers:
here, ad.yeildmanager.com doesn’t know on which page the ad is going to get served(kat.ph). So, browser need to either include it as part of ‘Referer’ or introduce new header say Root-Referer to contain kat.ph.