AdvertisingGuy
Junior Member
- May 8, 2019
- 149
- 170
Hi all! Long-time lurker, short-time poster.
There are a lot of BHW users that want to do arbitrage--meaning buying traffic to a site on a CPC basis and getting paid from ad networks on a CPM or CPA/CPI basis. If you do this, it is essential that the traffic that you buy is human, or else that, not identified as a bot. If you send bot traffic to the ads that your ad network displays, the ad network is well within their rights to ban you and withhold your payment, and since you mostly likely paid for the traffic upfront, then that means all of your traffic buying is wasted and money gone forever.
I've been in digital advertising a long time and I've worked with every major ad verification provider. I've also built my own "home rolled" ad verification tools. So while I certainly don't know everything, I know enough to (at least try!) to let you know how to protect yourself against bot traffic. The idea here is to go very in-depth with data, screenshots and the works so that you know exactly what you're dealing with.
Note that I've been posting bits of this in various other threads but having all the information in one place makes it easier to digest, so I've created this thread. I hope this is the appropriate place for the thread--any mods please move it at your discretion.
More content will follow below!
Mod Updates -- Bot Flags:
BOT FLAG #1 -- Automated Browsers
https://www.blackhatworld.com/seo/guide-how-ad-networks-and-everyone-else-knows-youre-a-bot.1119582/
BOT FLAG #2 -- DATA CENTER IP ADDRESSES
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-2#post-12057559
BOT FLAG #3 -- Invalid Graphics Processing Units (GPUs)
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-3#post-12060921
BOT FLAG #4 -- Missing / Invalid Plugins Media + Devices
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-4#post-12066141
BOT FLAG # 5 -- Browser Spoofing / Incongruous Browsers
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-4#post-12069251
BOT FLAG #6 -- BAD / NO / IMPROPER Referrer URLs
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-4#post-12089635
---
BOT FLAG #1 -- Automated Browsers
As can be deduced, browser automation tools (or WebDrivers) automate actions in a web browser. Anything that can be done in a web browser, such as visiting websites, moving the mouse, moving back or forward, or clicking on links, a browser automation tool can do. Automation is often done using frameworks such as Selenium (using Java or Python) or Puppeteer (using JavaScript). These frameworks are primarily used for website testing, but they can be used for scraping data, filling out forms, and taking screenshots.
An automated browser will open up a full web browser and load all content on a web site. Chrome, Firefox, and even Safari have their own WebDrivers used for automated testing. Loading the full website, which includes JavaScript and images, will necessarily load ads as well. Because the browser is being operated by a computer program, and not by a human user interested in the content of a site, automated browsers are and should be flagged as invalid traffic for advertising 100% of the time. If you think about it, every bot that visits websites an automated browser in one way or another.
Automated browsers are identified using the webdriver parameter of the navigator WebAPI.
To see this in action, open up your browser, and open up developer tools (CTRL+SHIFT+i on your keyboard). From there, go to the (JavaScript) "Console."
If you type in 'navigator.webdriver' and hit enter in Safari or Firefox (screenshot below), the response will be 'false'. If do it in Chrome, it will be undefined / null. That's because you, as a normal browser user, are not using an a automated browser.
Below is a ultra-lite Python script that will open up a automated browser and will send it to Google. Python comes pre-installed with Mac computers if you want to try it for yourself, but you will have to download the Chrome WebDriver to get it to work.
If you were using an automated browser, then open up developer tools / console and type in "navigator.webdriver", the response will be true.
There are bot-blocking tools such as Encapsula, Distil Networks and PerimeterX which will prevent bad bots from websites. If you visit a site using these tools using a normal web browser, such as twentytwowords.com or streeteasy.com, you should be able to view the site’s content without issue. However, if you point your automated browser towards that same site (screenshot below), the browser will get blocked from entering. Even if the same computer, ip address, and browser are used.
Why? Because bot-blockers are identifying the browser as a bot from that navigator.webdriver parameter.
There are a lot of BHW users that want to do arbitrage--meaning buying traffic to a site on a CPC basis and getting paid from ad networks on a CPM or CPA/CPI basis. If you do this, it is essential that the traffic that you buy is human, or else that, not identified as a bot. If you send bot traffic to the ads that your ad network displays, the ad network is well within their rights to ban you and withhold your payment, and since you mostly likely paid for the traffic upfront, then that means all of your traffic buying is wasted and money gone forever.
I've been in digital advertising a long time and I've worked with every major ad verification provider. I've also built my own "home rolled" ad verification tools. So while I certainly don't know everything, I know enough to (at least try!) to let you know how to protect yourself against bot traffic. The idea here is to go very in-depth with data, screenshots and the works so that you know exactly what you're dealing with.
Note that I've been posting bits of this in various other threads but having all the information in one place makes it easier to digest, so I've created this thread. I hope this is the appropriate place for the thread--any mods please move it at your discretion.
More content will follow below!
Mod Updates -- Bot Flags:
BOT FLAG #1 -- Automated Browsers
https://www.blackhatworld.com/seo/guide-how-ad-networks-and-everyone-else-knows-youre-a-bot.1119582/
BOT FLAG #2 -- DATA CENTER IP ADDRESSES
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-2#post-12057559
BOT FLAG #3 -- Invalid Graphics Processing Units (GPUs)
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-3#post-12060921
BOT FLAG #4 -- Missing / Invalid Plugins Media + Devices
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-4#post-12066141
BOT FLAG # 5 -- Browser Spoofing / Incongruous Browsers
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-4#post-12069251
BOT FLAG #6 -- BAD / NO / IMPROPER Referrer URLs
https://www.blackhatworld.com/seo/g...nows-youre-a-bot.1119582/page-4#post-12089635
---
BOT FLAG #1 -- Automated Browsers
As can be deduced, browser automation tools (or WebDrivers) automate actions in a web browser. Anything that can be done in a web browser, such as visiting websites, moving the mouse, moving back or forward, or clicking on links, a browser automation tool can do. Automation is often done using frameworks such as Selenium (using Java or Python) or Puppeteer (using JavaScript). These frameworks are primarily used for website testing, but they can be used for scraping data, filling out forms, and taking screenshots.
An automated browser will open up a full web browser and load all content on a web site. Chrome, Firefox, and even Safari have their own WebDrivers used for automated testing. Loading the full website, which includes JavaScript and images, will necessarily load ads as well. Because the browser is being operated by a computer program, and not by a human user interested in the content of a site, automated browsers are and should be flagged as invalid traffic for advertising 100% of the time. If you think about it, every bot that visits websites an automated browser in one way or another.
Automated browsers are identified using the webdriver parameter of the navigator WebAPI.
To see this in action, open up your browser, and open up developer tools (CTRL+SHIFT+i on your keyboard). From there, go to the (JavaScript) "Console."
If you type in 'navigator.webdriver' and hit enter in Safari or Firefox (screenshot below), the response will be 'false'. If do it in Chrome, it will be undefined / null. That's because you, as a normal browser user, are not using an a automated browser.
Below is a ultra-lite Python script that will open up a automated browser and will send it to Google. Python comes pre-installed with Mac computers if you want to try it for yourself, but you will have to download the Chrome WebDriver to get it to work.
from selenium import webdriver
browser = webdriver.Chrome(executable_path='chromedriver.exe')
brower.get('http://www.google.com')
browser = webdriver.Chrome(executable_path='chromedriver.exe')
brower.get('http://www.google.com')
If you were using an automated browser, then open up developer tools / console and type in "navigator.webdriver", the response will be true.
There are bot-blocking tools such as Encapsula, Distil Networks and PerimeterX which will prevent bad bots from websites. If you visit a site using these tools using a normal web browser, such as twentytwowords.com or streeteasy.com, you should be able to view the site’s content without issue. However, if you point your automated browser towards that same site (screenshot below), the browser will get blocked from entering. Even if the same computer, ip address, and browser are used.
from selenium import webdriver
browser = webdriver.Chrome(executable_path='chromedriver.exe')
brower.get('http://www.streeteasy.com')
browser = webdriver.Chrome(executable_path='chromedriver.exe')
brower.get('http://www.streeteasy.com')
Why? Because bot-blockers are identifying the browser as a bot from that navigator.webdriver parameter.
Last edited by a moderator:
