Bing PPC Bots pageviews crawl various pages in website

After few of our customers complaint about Bing PPC bot invalidating their pageviews and keep visiting their websites, we have started to find a way to block this. It messed up their analytics data by generating fake pageviews that look like a real user.

We had setup a monitor to identify pattern of this visitor in your analytics and we needed some time until we can acquire sufficient amount of data to analyze this.

They come randomly and at different IP addresses so we could not simply block IP addresses, however all of those IP addresses origin were from Microsoft Azure servers which allows us to backtrace and identify them this way. We have used data set from our database using Hitsteps too and we identified Microsoft Azure hits to be bot, and in Hitsteps, we only count real human visits. We have forbidden our tracker to track Microsoft Azure from now on, and it should not re-appear in your list of visitors anymore.

Interestingly, Microsoft use real world browser useragents which belong to his competitors. We identified useragents that belong to Safari 53 on Windows 7. Safari 7 on iOS 7 and Firefox 23 on Windows 8! We could not simply block it from user-agents due to variety.

As a reddit user put it out this way, During the editorial verification process in Bing Ads, your site may receive traffic from the Bing Ads crawler, which shows as Microsoft Azure. This crawler searches and determines the content of your website by following all of the links and branches throughout your site and pulling relevant keywords from the pages. The depth and frequency of the crawl is related to the number of ads and keywords in your ad groups. The Bing Ads crawler visits sites that it is checking in a very controlled manner. This activity should not affect servers or cause “inaccessible website” errors. (They represent a real browser, therefor made it hard for us to differentiate them from a bot at beginning.)

Bing Ads crawls your site(s) by using the destination URLs that you specify for each keyword-ad combination in your ad group. If you have large keyword lists, your destination URLs may receive hundred of clicks or more. Because this traffic can occur during a very short time, sometimes within only one or two hours, this activity may appear to be invalid activity.

Note that you are not charged by Bing Ads for this traffic, and this activity is not reported on any Bing Ads reports.

This behaviour now can be detected by Hitsteps Analytics and blocked from our users view unless they disable bot protection in their analytics setting.

Introducing Uptime Monitoring System featuring Auto-Recovery feature

We are introducing Smart Uptime Monitoring system, bundled into your Hitsteps dashboard.

Let your servers recover automatically. Know about downtimes instantly, do not let your visitors be the one who notify you about your website downtime.

By activating this service, we scan your servers and websites every minute and notify you instantly if we find out they are down. we verify each downtime from multiple countries to remove false alarms.

Upon downtime, we can notify you via Call, SMS or Email.

Additionally, you can define DNS Failover using Cloudflare or setup SSH commands to recover your failed website automatically.

This feature is available from Pro plan onward. You can find Uptime Monitoring in left sidebar of your Hitsteps Dashboard.

LastPass Security Vulnerability for 2nd Factor Authentication Login

We’ve detected a vulnerability in LastPass which allow autofill of password into web login form right after login and right before 2nd factor authentication login.

This issue is rare and does not affect majority of LastPass users, however  issue could be re-created by our team on Google Chrome running on MacOS when following environment is set:

  1. Make sure LastPass is logged out.
  2. Open a website that you have LastPass to fill up login form automatically.
  3. Login to LastPass and don’t check “Remember Password” (so password expire after closing chrome)
  4. When entering 2nd Factor code, don’t check “Remember” checkbox either (so 2nd factor login expire too. otherwise you need to wait 30 days for it to expire which you will get same vulnerability result)
  5. Upon successful login, you will see LastPass autofilled login form. It is all correct until here right? Yes. next steps is where issue come up.
  6. Completely quit Chrome browser, make sure all processes are closed.
  7. Open Chrome again and open that website (or any other website that have autofill for login form)
  8. Click on LastPass icon and login with your password.
  9. HERE is where problem happen!
  10. You are redirected to 2nd Authentication login form. but if you switch back to the website you just opened, you will see your password is autofilled. Autofilled before you login 2nd Factor Authentication form.

So here is the catch. It will only work on 1st login after a successful full login. If you don’t proceed with 2nd Factor authentication login now and close chrome again. and then re-open chrome and repeat step 7 and 8, it would not auto populate your password into web form.

We’ve reached to LastPass and hoping they react fast regarding this issue.

Update:
LastPass replied
I just want to clarify that this is not a bug. This could be because of the Offline Cache. You may read more about here https://lastpass.com/support.php?cmd=showfaq&id=2775

But… Should not offline cache be secured via 2nd factor authentication too?
And if it is not a bug, why it happen only and only in first login after a successful login, then quitting browser and re-opening it?
If it is expected behaviour, it should always populate login form right after entering login information and before entering 2nd factor code, but now it only auto populate on first try.
Even closing and re-opening browser won’t trigger auto populate anymore.

Updated OS & Browser detection plus Tor Browser detection

Did you know Facebook secretly and slowly became one of the major browsers in mobile world? Yes, Facebook Web Browser that nobody ever talk about! and we can detect it for you.

When a visitor click on your link in Facebook or Facebook Messenger, It does not open your website in a separate web browser (unless user has opted out from Facebook In-App Browser), It open your website inside of Facebook Apps. And most analytics softwares are simply pointing this as Chrome, or Safari.

We’ve went one step ahead, and we can detect Google Search App Browser on iOS, and even Instagram Browser. We will extend this In-App browser detection for common apps as we find them.

We are trying out best to show most accurate view of your visitors, removing non-human and bots from your stats. However, certain anonymity programs are known to pass out wrong information in order to mis-guide tracking apps. They are doing it for good reasons of course which is to protect users privacy, and we are not trying to decode and reveal what is being hidden, instead, Hitsteps would not show wrong browser or OS for Tor browser users.

Tor Browser pass out information saying it is a Firefox on Windows 7. Try it on Linux or macOS, still it report Windows 7! In order to provide accurate view for our customers, now we can detect if a user is using Tor Browser and show Tor browser icon (instead of Firefox) and show Unknown OS (instead of Windows 7)

We are not decoding what is real OS, but at least, we are not blindly passing wrong information to our users.

Following up on Apple’s WWDC17 event few days ago, Hitsteps updated OS and Browser list can now detect Safari 11 on macOS High Sierra as well as older versions of macOS, with appropriate OS Icon tailored for each OS X. Same goes for Linux distributions (such as Ubuntu, Fedora, Mint, …) and Android versions (such as KitKat, Nougat, Marshmallow and Android O)

With release of Samsung Galaxy S8, Samsung has released Samsung Browser 5 which we can detect it as well as Samsung Smart TV browsers.

Human Psychology and Device’s Battery Life

Website Visitors Battery life tracking

Perhaps you noticed battery indicator level of 100% stay much longer than usual in your mobile devices and this percentage get reduced faster and faster as time goes by. You’re not alone. Your phone might show 100% battery when it is actually 90%. Why is it this way?

Users behaviour varies and it depend on battery life!

Imagine you are sitting on your desk, with your laptop connected to a wired adaptor and battery is 100% full. It means you are sitting on this desk for quite sometime.

Sitting on same desk with 10% battery life while plugged in to adaptor, means you are just back to your desk.

Likewise, being on a battery of 95% and unplugged to adaptor, means you’ve just left your desk, and 10% of battery life on a battery, means you’ve had a long day and still not back to your comfort place, your desk, where you can charge your device.

This is same difference that play a strong role for differences between desktop and mobile users behaviours.

You get the idea? How likely it is for a user to purchase your product when on just 5% battery left if your product is Food? or if your product is a Laptop?
If you’re selling time-sensitive product like Food, your conversion rate goes higher. If you’re selling more expensive product like Laptop, your sale chance is lower.
Uber reported that their customers are more likely to accept surcharge and get a ride when their users battery life is low, so should you treat users with 5% battery left and those who are on 100% battery and plugged in, same?

Hitsteps provide you with a tool that you can monitor each individual visitors in your website and see their current device battery life, remaining time to finish their battery to help you address them better. Be it get used for conversion monitoring, or by a live chat agent, who see customer battery is low and time to address the user before he ran out of battery is running out! Hitsteps website visitors battery life tracking tool support those visitors who are using a compatible browser and device.

Company Information from Business Visitors

We’re proud to announce a new feature (currently in BETA, but available for all members) which detect type of your visitors and detect if they are a business or residential visitor. Additionally it can detect if visitors is from a government firm or from a university or school.

This feature is currently in BETA as there is not a single source of valid data. we verify information from more than 3 sources to make sure all of them report a visitor as business and then marking visitor as a business user. There are times each of our sources report a different data and we are enhancing our algorithm over time to be able detect user type more accurately as we go on.

We match your visitors data with our companies data and provide information such as IP Address, business full address, contact number, email address, employees size and website address.

You can access this feature by looking at user type icon next to their country flag (business users are marked with a suitcase) and you can see list of all business users by looking at “Companies” sub-menu under “Visitors” menu.
You will see information for each of businesses by clicking on their profile.

Tracking Videos your visitors watch in your website

More and more websites are using videos in their homepage, product pages and other pages.
Previously, tracking videos required lot of tweaks and configuration on developers behalf for each video that is going to be tracked, well… it doesn’t have to be like that!

We are happy to announce one more new feature today, Automatic detection of vidoes in your website.
Our tracking script is now enhanced with a video detection tool which scan your website for any HTML5, YouTube or JW Player videos or audio, and it require zero coding from your site to enable it.

Now when a visitor open your website and click on a video, once they watch half of the video and when watch the video until the end, you will be updated about it in main dashboard view.
You can see this actions in visitor activity list if you click on a user too.

It might take up to one week until previous tracking code get removed from your browser cache, in case you want to test this feature by yourself. so you need to clear your browser cache and enjoy viewing how it works!

 

Two Prestigious BI Software Awards From FinancesOnline Now Belong To Hitsteps Analytics

Since 2013, Hitsteps Analytics worked on bringing visitor management and monitoring to a new level of efficiency, tracking every move, activity, or function of relevance to your business, and analyzing data in an industry-specific manner. Our product’s beneficial effect on productivity has once again been officially acknowledged by one of popular B2B software review platforms FinancesOnline, which awarded Hitsteps with two of its prestigious quality awards and listed it among popular business intelligence solutions according to their team.

Their team of B2B experts examined how different business intelligence systems meet customers’ expectations, using a standardized evaluation procedure to award and distinguish products that come closest to how an ideal BI system should perform. They were really impressed with the appearance and functionality of our software, and in their Hitsteps review they analyzed its key functions, compared it to several similar systems, and ultimately decided to distinguish it with the 2016 Great User Experience and the Expert’s Choice Award for the current year. As the experts explained, the first of these awards is usually given to vendors who ensure customers will have an enjoyable and easy-to-use system to facilitate business workflows, while the second distinguishes only top performers in the FinancesOnline.com business intelligence software reviews category who are able to offer all vital features expected from an optimal BI solution.

What the team liked the most about Hitsteps is how it tracks each and every move upon the visitor’s arrival, and how it converts those insights into valuable business hints for intelligent decision making. According to them, Hitsteps is one of the rare systems that can track, analyze, and engage visitors at the same time, making it possible for a company to close deals while collecting customer information. In such way, they believe, Hitsteps can handle a dramatic increase in the number of visitors, in a process where all risk of redirecting customers on wrong pages will be eliminated. Among other things they liked, they mentioned reporting as the strongest asset of our system, and praised the idea of including downloadable entry/exit page analysis and reports that help companies retain 100% control of their operations.

Signed In Clients Tracking Across Multiple Devices

It is vital for SME and startups to know each single visitors requirment better. We make watching steps fun again!

It used to be a dream in classic analytics era. You never knew if same user is now browsing your website via another computer. Nowadays, mobile devices such as tablets and phones (and separate office and home computers) it is vital for businesses to be able track same user behaviour in their website no matter which device they are using.

Hitsteps create a nice timeline of your visitors sessions from different devices. Your plugin will send us your signed In user ID and we will use that to match if same user sign in using another device.

Once we found same user, profiles will be merged together to make a unified experience for you. If you send a message to your customer (or if he send message to you via Hitsteps Chat feature) you will be receiving all chat history under same user profile, and looking at visitor pageview path, you will exactly know what this customer has used/visited so far.

If you are using our CMS plugins, this feature is automatically enabled for you. but if you are using our tracking code manually, you need to let your programmer know about this feature and integrate hitsteps user ID tracking

It is very easy. All you need to do is to put this code on header of signed in pages and replace YOUR_DEFINED_UNIQUE_ID with visitor’s ID (you need a programmer to do it for you):

<script>
_hs_uniqueid=”YOUR_DEFINED_UNIQUE_ID”;
</script>

Enjoy watching steps!

Enhanced Chat Reports

Have you ever received an email from your visitors and you wish that you could instantly see which pages they look at period to sending email to you, so that you can understand the problem from their point of view and answer their question more efficiently? Hitsteps is here to help you!

Hitsteps contact form visitor views analytics is no longer limited to our WordPress plugin and now has been extended to our live chat support system.

This change has been applied to all of our customers account and now you will receive an email report with visitor full detail, each time a visitor have conversation with you via our chat system.

Keep up the good support for your website!

ss