Real-time threat monitoring

Watch fake clicks live, stop them instantly

DubixGuard analyzes every click in milliseconds; blocks bots, syncs to Google Ads, and lets you track saved budget from a single dashboard.

No credit card required · Setup in minutes

dubixguard · liveLIVE
Activity stream
14:32:00BLOCK
185.22.44.91 blockedDATACENTER_IP · risk 0.92
+1 IP
14:32:01ANOMALY
WEBDRIVER_DETECTEDplumber-nyc.com · fingerprint hash
CRITICAL
14:32:02SYNC
Google Ads IP exclusionCampaign #8821041 · 3 IPs added
SUCCESS
14:32:03CLICK
78.180.12.44 verifiedgclid verified · mouse: 847 · 1.2s
OK

centralgads-sync.workerbatch 50 · exponential backoff · job SUCCEEDED

%30+
Average budget savings
<50ms
Hot-path analysis time
4
Campaign defense layers
%99.9
Service availability
Campaign Shield

4-layer defense against parameter attacks

gclid replay, campaign spoofing, and ghost clicks — caught on the hot path and by async workers.

01

Landing Beacon Requirement

The SDK sends a landing beacon on page load. Attribution-bearing interactions without a prior landing are instantly 403'd with MISSING_LANDING_BEACON.

02

Atomic gclid Sealing

Each gclid is sealed in Redis with its first IP and fingerprint. Replay from different IP or device → GCLID_IP_MISMATCH / GCLID_FINGERPRINT_MISMATCH.

03

Campaign Cross-Check

utm_campaign claims are compared to Google Ads' campaign.id for that gclid. Alias map supports label→ID mapping.

04

Async Reconciliation Worker

Google Ads click_view is scanned periodically. Ghost clicks, delayed mismatches, and missing landings hit the Attack Monitor.

hot-path · click-pipeline.service.ts

POST /api/v1/click

→ rate limit → block list → assessRisk()

evaluateGclidHotPath() [Layer 2b]

evaluateCampaignCrossCheck() [Layer 3]

→ security drop? → 403 (Click INSERT skipped)

→ else persistClick + Google Ads sync queue

Features

Protection at every layer

End-to-end click fraud defense from hot-path analysis to Google Ads sync.

Featured

Parameter Campaign Attack Shield

Blocks replay of stolen or valid gclid parameters from different IPs, devices, or fake utm_campaign values via atomic sealing. Campaign cross-check compares utm claims against Google Ads reality.

Real-Time Threat Engine

Every click analyzed in under 50 ms. WebDriver, headless UA, datacenter IP, and behavior signals are instantly dropped with 403 — fake traffic never hits the database.

Device & Cross-Browser Profiling

Canvas, WebGL, and hardware entropy match profiles across browsers. Catches same-device attacks rotating browsers or IPs.

Automatic IP & Device Exclusion

Fraud IPs sync to Google Ads negative criteria. LRU rotation keeps your account current at the 500 IP limit.

Ghost Click & gclid Reconciliation

Compares Google Ads click_view with local beacons. Clicks visible in Ads but missing on your site are auto-detected.

Google Ads Feedback Loop

Secure OAuth2 connection. IP exclusion, device CRM blacklist, and Customer Match positive lists are auto-queued.

Mobile-Only Defense

Detects desktop emulation for local service campaigns. Blocks fake mobile traffic via touch entropy and portrait signals.

Attack Monitor & Live Logs

Ghost gclid, hot-path 403, campaign mismatch metrics, and a 3-second live activity stream for full visibility.

Customer Match & Consent

GDPR-compliant consent layer. Approved conversion data is hashed and uploaded to Google Ads as positive audience seed.

Enterprise Tenant Isolation

Each customer gets isolated API keys, Redis namespaces, and encrypted OAuth token storage for full data separation.

Evidence-Based Refund Reports

Fraud evidence exported as JSON/CSV ready for Google's Invalid Click Investigation process.

Setup

Protection in three steps

No complex setup. Go live in minutes.

01

Add the Snippet

Add a one-line DubixGuard script to your site. Setup takes a few minutes — no coding required.

02

Connect Google Ads

Link your Google Ads account via secure OAuth2. Fraud IPs are automatically added to exclusion lists.

03

Monitor & Protect Live

Track threats with the Attack Monitor and live logs. Parameter attacks are stopped instantly on the hot path.

FAQ

Frequently asked questions

Everything you need to know about DubixGuard — from setup to parameter attack defense.

GeneralParameter AttackSetupGoogle AdsSecurityPerformancePricingGEOSupport

DubixGuard is a cloud-based SaaS platform that protects your Google Ads campaigns from click fraud, bot traffic, and parameter-based attacks. A lightweight JavaScript snippet analyzes every visitor; suspicious traffic is blocked before it hits your ad budget and is automatically synced to your Google Ads account.

Start protecting your ad budget today

Stop parameter attacks and fake clicks with plans starting at $69/month. Turkish customers pay in TRY at the current exchange rate.