Anti-Bypass Policy

This page explains how Luarmor detects bypassed completions and how it handles them.

Luarmor utilizes active & passive detections against bypassed redirections and puts the user on a cooldown, although most of the time, we are limited to the APIs provided by advertiser platforms (like Linkvertise hash, work.ink token callback etc...) and some browser headers.

However, on 20th of August, we began detecting the presence of certain "userscripts", known to be undetectable even by the advertiser platforms, which shouldn't be a challenge for them considering that the userscript is literally running on their page.

From now on, Luarmor detects some of these "premium" userscripts with high accuracy and blacklists the user. Between 23/08 - 27/08, more than 1050 sessions have been blacklisted and 900+ discord IDs flagged for bypassing the ad steps.

You can see the effectiveness of these new mitigations below:

What does this mean for you?

If you are using the ad system, it is possible that some users might get prompted with "Connect Discord" prompt. It is there to detect blacklisted discord IDs, and force bypassers to find another aged discord account.

When does this "connect discord" prompt pop up?

  • If your visitor is visiting the site with an abusive IP address (e.g Mullvad, M247 EU, Datacamp, some datacenter ASNs), they will be prompted with Discord linking screen.,

  • If visitor is triggering certain soft detections, they will be prompted with a discord connection screen.

Statistics: - Bypassed completions are less than 2% of the overall Luarmor ad traffic in most cases, and it does not have a noticeable impact on your revenue. In fact, these bypass mitigations will result in more authentic conversions, a.k.a higher CPM.

- VPN users only have to link their discord accounts once, and they will never be prompted again. This process is frictionless, and only a very small % of total visitors are prompted to connect their discord. - Not every userscript is detected, some of them can't be detected due to their nature. However, we are currently working with the Lootlabs and Linkvertise team to give us access to certain APIs that will allow us to see more than just the callback headers. - In some cases, Luarmor might not blacklist the user right away, but let them complete a few more times. This might be needed to make sure that there's no room for false detections.

Are you aware of a bypass method? Share it with us in our discord server and we will reverse engineer it to see what can be done.

PreviousAd System (Rewards)NextInsane Optimization Tricks & LPH Macro Usage

Last updated