This chapter provides recipes for the most frequent use cases, based on the best collective experience of Adspect customers.


For cloaking, you will need to subscribe to the Cloaking plan. Please do not try to cloak with the Anti-fraud plan subscription–it does not include cloaking-specific filters, so you’ll only waste your time, nerves, and accounts!

Cloaking Google Ads

  1. Create a stream by selecting the Google Ads preset;
  2. Perform JavaScript integration;
  3. Follow all the basic best practices.

Cloaking Facebook

  1. Create a stream by selecting the Facebook preset;
  2. Safe page must be displayed without redirect;
  3. It is strongly advised to display money page without redirect: Facebook mobile app is suspected to spy on its users by sharing browsing history with Meta Platforms, so they may discover redirects to money page without having to break through cloaking;
  4. Perform PHP integration, preferably directly into your money page;
  5. Follow all the basic best practices.

Cloaking TikTok

  1. Create a stream by selecting the TikTok preset;
  2. While not strict, it is advised to display both money and safe pages without redirect;
  3. In TikTok Ads campaign, add all of the available URL macros (__CAMPAIGN_ID__, __PLACEMENT__, etc.) to your advertised URL;
  4. Perform PHP integration, preferably directly into your money page;
  5. Follow all the basic best practices.

Cloaking WebView Apps

Cloaking WebView apps is essentially the same as cloaking regular web pages.

  1. Create a stream by selecting the WebView preset;
  2. Perform PHP integration;
  3. In your app, open the cloaked link with WebView;
  4. Follow all the basic best practices.

In-app Cloaking

Adspect provides an easy way to do in-app cloaking, i.e. choosing which app elements (paywalls, prices, rebill conditions, WebView, etc.) to display to legitimate users or moderators.

  1. Create a stream by selecting the Apps API preset;
  2. Perform forward PHP integration by uploading the index.php file to your domain–the URL of this file will be your simple HTTP API that responds 200 OK to legitimate users and 403 Forbidden to moderators;
  3. In your app, make a simple GET HTTP request to the API URL and decide what do to based on response code:
    • 200 – the user is legitimate, display sensitive content;
    • any other code or error – assume the user is a moderator, don’t display anything sensitive.

You may customize API responses by selecting different actions for the money and safe pages in stream settings. For example, return some JSON instead of empty 200 response for valid users:

  • Action: execute PHP code
  • Page field: echo json_encode(['user_is_legit' => true]);

Blacklist Bot Zones

Popular advertising formats like banners, teasers, native ads, and popunders all suffer from ubiquitous click fraud. Adspect detects all of that with ease, so you can quickly build blacklists of bot-ridden publishers/placements/sites/spots (hereafter referred to as “zones”):

  1. In stream settings, set the Sub ID field to the name of the URL parameter that will contain zone identifier, e.g. subid;
  2. In ads campaign, add that parameter to your advertised URL with any appropriate macro supported by your particular ad network, e.g. subid={zoneid} or subid=__PLACEMENT__ (contact ad network support if unsure which macro to use);
  3. In the Reporting section, select funnel grouping by Sub ID;
  4. Inspect the Quality column for different zones and decide which zones to blacklist based on that, e.g. zones with quality 75% or lower (that is, zones with at least ¼ of all traffic being bots.)

Blacklist fraudulent zones first (and save a fortune on paying for their bots), then proceed to single out best converting zones by CR or ROI as you would normally do.

Hide Traffic Source

Traffic source may often be discovered by examining a click’s Referer HTTP header. If you’d like to hide it from those who receive your traffic, then add the following code after the <head> tag inside your Adspect PHP file (index.php or filter.php):

<meta name="referrer" content="no-referrer">

Note: this is relevant only for PHP integration with enabled JavaScript fingerprinting.