May 9, 2019 | by Ralph

Rule Of The Week #6 Block IP ranges that bring no-fingerprint traffic

Category: No-fingerprint

What does it do: Eliminates repeated clicks from unknown devices coming from IP ranges

Why is it effective: Because it automatically blocks all IP ranges that bring traffic from devices that lack a digital fingerprint

Here is the overview of the protection rule

click fraud protection rule

ClickGUARD protection rule that blocks IP ranges bringing traffic from devices without a digital fingerprint

The process behind the rule

If there is one method that indicates an organized attack, then it is a burst of clicks coming from an IP range. Fraudsters usually set up a virtual machine on a certain data center and run a script that clicks on your ads. Often times our systems will indicate that clicks are coming from devices that do not broadcast any information that could be used to form a browser or digital fingerprint.

click fraud protection rule

Each device sends a unique fingerprint. It is very suspicious if you are not able to determine the operating system, browser, screen resolution, or other unique properties. The most common visits that do not have a fingerprint are those coming from data centers.

For example a browser on your computer (let’s assume it is the Chrome browser) has a unique set of extensions, language settings, window size properties. At the same time, your computer has an operating system and other unique characteristics. All that combined helps us determine a digital signature. It is quite rare to encounter a device that does not send these kinds of information.

"If there is one method that indicates an organized attack, then it is a burst of clicks coming from an IP range."

Some users are utilizing ad-blockers or they have JavaScript disabled in their browser settings. In this case, our tracking pixel also sees these devices as ones without a digital fingerprint.

And finally, there were sporadic cases where fraudsters intentionally blocked our tracking pixel and tried to avoid being caught in illegal activities.

All these situations could be put under control using the protection rule we are showcasing today.

We put a limit to five clicks per two days, but of course, you are free to modify the rule to your specific needs.


The digital fingerprint is just one layer of protection against a click-fraud. Unfortunately, it is not uncommon to receive lots of clicks from devices that do not send any info about the browser or the device. But if you see clicks coming from an IP range than possible fraudulent activity starts to be too obvious and it is better to be safe than sorry. Block those IP ranges and be assured fraudsters are avoiding your ads.