Ad platforms like Facebook, Google, and TikTok use sophisticated bot networks to review landing pages. When these bots detect content that violates policies, your ad account gets banned — sometimes permanently.
This article breaks down a production-grade three-layer detection architecture that filters bot traffic from real human visitors with 99.7%+ accuracy.
The Problem
Every ad platform sends automated reviewers to check your landing pages:
- Google Ads uses Googlebot and specialized ad review crawlers
- Facebook deploys headless browsers from known IP ranges
- TikTok uses both server-side and client-side verification
These bots check for policy compliance. Understanding how they work is essential for building robust traffic quality systems.
Architecture Overview
Our system uses three independent detection layers, each catching what the others miss:
Request → [Layer 1: IP Intelligence] → [Layer 2: Browser Fingerprint] → [Layer 3: Behavior AI] → Decision
Layer 1: IP Intelligence (< 5ms)
The fastest check. We maintain a database of 2,000+ known bot IPs, updated daily from multiple proprietary threat intelligence feeds.
class IPChecker:
def check(self, ip: str) -> dict:
if ip in self.bot_database:
return {"is_bot": True, "confidence": 0.95}
asn = self.lookup_asn(ip)
if asn in DATACENTER_ASNS:
return {"is_bot": True, "confidence": 0.80}
return {"is_bot": False, "geo": self.geolocate(ip)}
Catches: Known crawlers, datacenter bots, VPN/proxy traffic
Misses: Residential proxy networks, mobile carrier IPs
Layer 2: Browser Fingerprinting (< 20ms)
Analyzes browser environment for automation traces. Real browsers have consistent, complex fingerprints.
class FingerprintChecker:
BOT_SIGNATURES = [
"HeadlessChrome", "PhantomJS", "Selenium",
"WebDriver", "Puppeteer", "Playwright"
]
def check(self, user_agent, headers):
score = 100
for sig in self.BOT_SIGNATURES:
if sig.lower() in user_agent.lower():
return {"is_bot": True, "reason": sig}
if not headers.get("Accept-Language"):
score -= 30
return {"is_bot": score < 50, "score": score}
Key signals: Canvas hash, WebGL renderer, WebRTC leak, audio fingerprint, navigator properties.
Layer 3: Behavior Analysis (< 50ms)
The most sophisticated layer. Humans interact organically; bots produce unnaturally perfect movements.
class BehaviorChecker:
def check(self, events):
score = 100
if events.get("mouse_events", 0) < 3:
score -= 40
if self.linear_ratio(events) > 0.9:
score -= 50 # Humans don't move in straight lines
if events.get("time_seconds", 0) < 2:
score -= 30
return {"is_bot": score < 50, "score": score}
Combining Layers
Weighted voting with override capability:
combined = (
ip_score * 0.20 +
fp_score * 0.30 +
behavior_score * 0.50
)
Production Performance
| Metric | Value |
|---|---|
| Average latency | 28ms |
| Detection rate | 99.7% |
| False positive rate | 0.1% |
| Capacity | 10,000+ req/sec |
Security
- HMAC-SHA256 tamper-proof redirect tokens
- 300s token TTL prevents replay attacks
- Server-side CAPI fires only for verified humans
Open Source
Full implementation available:
Built with WuXiang Shield — enterprise-grade ad traffic security.
Top comments (0)