Reported Invalid Traffic (IVT) Types

Types of invalid traffic detection, as defined by Pixalate, are reported within the Analytics and Threat Intelligence product solutions.

 

IVT Class IVT Type Definition Recommendation
SIVT App Spoofing Traffic, where the app identifier (e.g. bundleId) reported to the exchange, does not match the characteristics of the app detected by Pixalate. Tends to aggregate at the source / seller ID. Usually the source can be identified using Analytics dashboard reports  
GIVT Auto Reloader Impressions with very periodic patterns cannot be generated by a human. Best addressed by Pixalate 's IP, Datacenter, or Device filtration lists  
GIVT Blank User Agent The impression has an empty User Agent field. Do not bid on inventory where a user-agent field is not available  
SIVT Click Farm An impression originating from a user who has been flagged as being associated with human click farm activity. Best addressed by Pixalate 's IP, Datacenter, or Device filtration lists  
SIVT Cookie Stuffing Activity from a cookie that has connected to the internet via a statistically significant inflated number of different IP Addresses. Best addressed by Pixalate 's IP filtration list.  
GIVT Datacenter The User’s IP has a match in the Pixalate known Datacenter list. Best addressed by Pixalate 's Datacenter filtration list.  
SIVT Datacenter Proxy The impression is from an intermediary proxy device, running in a datacenter, that exists to manipulate traffic counts, pass non-human or invalid traffic or fails to comply with protocol Best addressed by Pixalate's IP risk lists and filter IPs flagged as datacenterProxy  
SIVT Defased App
Traffic sourced from mobile apps that have been delisted from their respective app stores.
Best addressed by Pixalate 's Delisted App filtration list.
 
SIVT Device Id Stuffing

Activity from a unique device id that presents itself as a statistically significant inflated number of different IP addresses, unique apps, branded platforms, and/or locations.

Best addressed by Pixalate 's Device ID filtration list.

 
SIVT Display Click Fraud Clicks that are generated from the same browser or device at a statistically significant inflated rate. Best addressed by Pixalate 's IP and Device ID filtration lists.  
SIVT Display Impression Fraud Impressions that are generated from the same browser or device at a statistically significant inflated rate. Apply frequency capping and best addressed by Pixalate 's IP and Device ID filtration lists.   
SIVT Doorway Site A user which has been flagged for accessing a given page or domain via multiple spoofed page referrers. Best addressed by Pixalate 's IP filtration lists.  
GIVT Duplicate Clicks High volumes of duplicate clicks may indicate an integration issue. Work with Pixalate Ad Ops to resolve any potential integration issues  
GIVT Duplicate Impressions High volumes of duplicate impressions may indicate an integration issue. Work with Pixalate Ad Ops to resolve any potential integration issues  
GIVT Fast Clicker Activity originating from users which generate clicks less than one second apart from their respective impression. Best addressed by IP, Datacenter, or Device filtration lists  
SIVT High CTR Traffic Traffic associated with domains or apps demonstrating high-risk CTR behavior. Best addressed by high risk domain, high risk mobile app, or IP list.  
SIVT High Risk App The impression is from an app that has been flagged for a high risk of invalid traffic. Best addressed by Pixalate's high risk app data feed. Alternatively, block inventory flagged as highRiskApp as soon as you observe such apps in your dashboard reports  
SIVT High Risk SCO Node This form of IVT is flagged when an SCO includes a High Risk SCO Node. ie, the impression has an SCO Node that has been flagged for a high risk of invalid traffic. The Supply Path Optimization Data Feed can help identify problematic nodes for pre-bid blocking. Your Customer Success Manager can also help you identify problematic nodes via SCO reports in the Analytics dashboard when applicable.  
SIVT High Risk Developer An app that belong to a developer that has created one or more blacklisted apps, and which also generates a large volume of invalid traffic. Best addressed by high risk mobile app, or high risk CTV app lists.  
SIVT High Risk Device ID The impression is from a device ID that has been flagged for a high risk of invalid traffic. Best addressed by Device filtration list  
SIVT High Risk Domain The impression is from a domain that has been flagged for a high risk of invalid traffic. Best addressed by the domain filtration list  
SIVT High Risk IP The impression is from an IP Address that has been flagged for a high risk of invalid traffic. Best addressed by IP filtration list  
SIVT Hijacked Session Activity originating from a device or browser has a statistically significant inflated number of user sessions. Best addressed by IP or Device filtration lists  
GIVT IAB Crawler

Activity originating from bots that use a User Agent string which matches a User Agent on the list of IAB known crawlers.

Self-Announced Prefetch Traffic

While Pixalate's gateway and detection logic appropriately accounts for both pre-render and pre-fetch traffic (& reports impressions via a 'begin-to-render' impression recording approach), Pixalate's 'iabCrawler' GIVT type includes any instances of self-announced pre-fetch activity (e.g., X-moz: prefetch, X-purpose: preview).

Pixalate's User-Agent data feed contains known crawlers

 
GIVT IAB Dummy Bot Activity originating from bots that use a User Agent string that does not match any existing browser. Pixalate's User-Agent data feed contains known dummybots.   
GIVT idioBots

Bots (or users) that change their User Agent string (spoofing), while keeping the same cookie.

Enhanced Illogical Placement(s) Dimensions Detection

GIVT detection logic includes mechanisms to further detect and account for illogical placement dimension, which are inappropriate for trafficked ad creatives in accordance with the Interactive Advertising Bureau's (IAB) Standard Ad Portfolio (July 2017 – VERSION 1.1). Measured traffic reflected in illogical placement dimensions (e.g., 0x0, 1x1, etc.) is now flagged and reported via Pixalate's 'idioBots' GIVT type.

Best addressed by using user-based data feeds (IP, datacenter, or device). UAs might be valid (i.e. not crawlers) but spoofed.

 
SIVT IP Obfuscation An IP that has been spoofed such that the impression is rendered to a different IP address than the one originally offered This can be a misapplication of cookie storing at the proxy level. This could be resolved by rejecting the Pixalate cookies being set at the proxy level.  
SIVT Location Obfuscation Activity originating from an IP where multiple impressions deviate from the geographic location that is reported in the advertising transaction. Usually aggregates at the publisher level, or publisher and traffic source (e.g. seller Id) level. Device Id and IP blocklist can also help.  
SIVT Malware The impression is from domains or pages known to host malware. Malware domain list can mitigate this.  
SIVT Masked IP The IP of a user does not match the IP and the associated ISP reported in the advertising transaction. Masked IP can be mitigated using publisher level identifiers that are high risk.  
SIVT Masked iCloud Relay IP The IP of a user does not match the IP and the associated ISP reported in the advertising transaction, and the reported IP was claimed to be an iCloud Private Relay IP address. Best addressed by Pixalate's high risk IP list and blocking sellers where this traffic type is aggregating.   
SIVT Phishing The impression is from domains or pages associated with phishing tactics. Phishing domain list can mitigate this.  
GIVT Private IP The IP Address associated with the ad impression is from the private network space. Indicates some kind of integration issue (e.g. server to server).  
SIVT Proxy The impression is from an intermediary proxy device that exists to manipulate traffic counts, pass non­human or invalid traffic or fails to comply with the protocol. Review proper implementation of proxy services including SSAI. This can also be addressed by Pixalate's datacenter and IP datafeeds.   
SIVT Publisher Fraud Publishers operating domains or apps which violate standard ad serving practices including, for example, stacked ads, high ad density and inflated impression counts. This can be mitigated using the publisher level blocklists.  
SIVT SCO Unauthorized Direct Seller This form of IVT is flagged when the SCO includes an Unauthorized Direct Seller; meaning the ads.txt or app-ads.txt file does not list the seller in the first node of the SCO as DIRECT. Ensure that the seller on the first node is identified as a DIRECT seller via the publisher’s ads.txt or app-ads.txt  
SIVT SCO Unauthorized Direct Seller Publisher Missing This form of IVT is flagged when the first node of the SCO does not point to a publisher.  Work with the seller to check they are passing the correct info, and that their sellers.json correctly identifies their relationship with the publisher as direct.   
SIVT Smartbot Bots (or users) that change their browser agent string (spoofing) and cookies very often under the same IP, creating low volume traffic or high-volume traffic under configuration that looks like a busy enterprise network. Best addressed by Pixalate's IP and device ID data feeds.   
GIVT TOR Traffic originating from a TOR network node. Best addressed by Pixalate's IP data feed.   
SIVT Video Click Fraud Video ad clicks that are generated from the same browser or device at a statistically significant inflated rate. Best addressed by Pixalate's IP and device ID data feeds.   
SIVT Video Impression Fraud Video ad impressions that are generated from the same browser or device at a statistically significant inflated rate. Best addressed by Pixalate's IP and device ID data feeds. Frequency capping can also be applied.