The Most Active and Friendliest
Affiliate Marketing Community Online!

“Adavice”/  “RollerAds”/

Proxy Prevention?

nealshaunllc

New Member
affiliate
Hi,

Currently starting up a incentivized based Get Paid To site. Previously ran a successful one but due to heavy proxy fraud we dealt with so many reversals it was such a hassle and had to shut down. Nowadays, noticing the traffic is shifting to completing surveys more often.

My question is for you affiliate networks, and affiliates, what is the best way to prevent proxy fraud? I've heard of things like "Proxstop" but that was common for people to use like back in 2016! Whats the new for people? Working with the affiliate manager and ensuring they post their reversals prior to payout would be an ideal situation.

Also looking for some networks to partner with who could help me run a legit, well oiled up website and could provide advice, and guidance to preventing fraud.
 
1648841429863.png



You need to program the api for your checks and the logic as to what % is acceptable for your use scenario ...
 
You need to program the api for your checks and the logic as to what % is acceptable for your use scenario ...
I see, I guess affiliate networks don't already include this on their campaigns so its up to me...I'm assuming I would have to get this added for EVERY campaign.
 
It resides as an application/script on your server.
So, it (your api) is used as an include on a dynamic landing page (PHP, py other).
When the referral gets to the end of your funnel and is going to click out to the offer he has to pass the checks on this script to be redirected out. We are talking 100ms so there is no noticeable delay.

This is mainly YOUR reputation management with the network or offer owner ... not getting charge backs etc
Makes sense! Thank you so much.
 
It resides as an application/script on your server.
So, it (your api) is used as an include on a dynamic landing page (PHP, py other).
When the referral gets to the end of your funnel and is going to click out to the offer he has to pass the checks on this script to be redirected out. We are talking 100ms so there is no noticeable delay.

This is mainly YOUR reputation management with the network or offer owner ... not getting charge backs etc
 
I guess affiliate networks don't already include this

The traffic sources do have prevention and filtering, but because of the newer AI elements employed it has become near impossible for many of them too.

So much of prevention will reside in where and how you generate traffic as well as controlling the traffic from shared links by bots. I had a banner on one of my sites that the bots hammered and it took me a week to properly isolate them for prevention.

The thing about the proxies is you can end up filtering out loads of good and viable traffic. We have that issue here with member signups as well. Our system has loads of various bot, proxy, and fraud prevention elements employed and I still get 50 to 150 member signup attempts from the bots employing AI. If I filter out too many of the IP's, especially using any known proxy IP lists, I end up preventing legitimate people from joining. This is a huge issue for all of us with most everything we do!

Fraud is the enemy and you can blame most of it having roots in the black hat community. All it does is create fraud and at the expense of all of us!
 
something to consider:

I studied some queries and they are naming server farms as proxies when that are not they are web-servers an not proxies.
My own server IPs are named as
"proxy": "yes",
"type": "Compromised Server"

  1. they are not open proxies nor compromised!
  2. They are webservers and their IP is not a residential IP with a hostname.
  3. They could be a bot or a scraper if I tell them to do that mission <<so in that aspect they are not a legitimate click.
I don't expect a user who is willing to earn some beer money to be connected from a web-server of a cloud/VPS provider, so for me, this makes sense.
 
Mini fraud isn't 100% effective either.
We used it for transaction fraud prior to processing to avoid fraud transactions.
Real people using proxies to conceal their true intentions are not the same a using a proxy primarily for privacy with no bad intentions.
Bots can be detected a lot of better ways that rely on looking for normal user interactions, like dwell times and scrolling. Or just bad networks known for abuse.

So what are you trying to ensure exactly? Real people that are not trying to cheat the platform by using a proxy --primarily?
This may be more useful for you needs?

 
Hi,

Currently starting up a incentivized based Get Paid To site. Previously ran a successful one but due to heavy proxy fraud we dealt with so many reversals it was such a hassle and had to shut down. Nowadays, noticing the traffic is shifting to completing surveys more often.

My question is for you affiliate networks, and affiliates, what is the best way to prevent proxy fraud? I've heard of things like "Proxstop" but that was common for people to use like back in 2016! Whats the new for people? Working with the affiliate manager and ensuring they post their reversals prior to payout would be an ideal situation.

Also looking for some networks to partner with who could help me run a legit, well oiled up website and could provide advice, and guidance to preventing fraud.
Use IP QualityScore or Blocked.com
 
Last edited:
Thanks --that works good added it to my script ;)

JSON:
ipinfo/ipinfo.sh
Pls enter your ip:
205.210.31.135
{
"ip": "205.210.31.135",
"city": "São Paulo",
"region": "São Paulo",
"country": "BR",
"loc": "-23.5475,-46.6361",
"org": "AS396982 Google LLC",
"postal": "01000-000",
"timezone": "America/Sao_Paulo",
"readme": "https://ipinfo.io/missingauth"
}{
"status": "ok",
"205.210.31.135": {
"proxy": "yes",
"type": "Compromised Server"
}
ipinfo/ipinfo.sh                              
Pls enter your ip:
198.235.24.146
{
"ip": "198.235.24.146",
"city": "Brussels",
"region": "Brussels Capital",
"country": "BE",
"loc": "50.8505,4.3488",
"org": "AS396982 Google LLC",
"postal": "1000",
"timezone": "Europe/Brussels",
"readme": "https://ipinfo.io/missingauth"
}{
"status": "ok",
"198.235.24.146": {
"proxy": "yes",
"type": "Compromised Server"
}
Don't start a war with me you can't finish -- I'll redirect these assholes to pornhub.com (or worse) www.truthsocial.com :D

Code:
5  xxxxxxx.com - 198.235.24.146 - 111489 - 0.001 - - [21/Apr/2022:23:20:13 +0000] -
"GET / HTTP/1.1"-"Expanse, a Palo Alto Networks company, searches across the global
IPv4 space multiple times per day to identify customers&#39; presences on the Internet.
If you would like to be excluded from our scans, please send IP addresses/domains to:
scaninfo@paloaltonetworks.com"- 200 19979 "http://xx.xxx.xx.xxx:80/""-"--

log_format main '$host - $remote_addr - $tcpinfo_rtt - $request_time - $remote_user
[$time_local] - "$request"' '-"$http_user_agent"- $status
$body_bytes_sent "$http_referer"' '"$request_body"' - "$http_x_forwarded_for";

Now here is where it gets interesting whose side is Google on?
Are they the victim or part of a conspiracy.

Anyway, whoever it is; they are a legend in their own mind ...
 
something to consider:

I studied some queries and they are naming server farms as proxies when that are not they are web-servers an not proxies.
My own server IPs are named as
"proxy": "yes",
"type": "Compromised Server"

  1. they are not open proxies nor compromised!
  2. They are webservers and their IP is not a residential IP with a hostname.
  3. They could be a bot or a scraper if I tell them to do that mission <<so in that aspect they are not a legitimate click.
 
banners
Back