In an effort to find out how, and how far does IG crawl, I was utterly surprised. Even though IG is supposedly using FB as backbone, i thought just plugging it to /debugger will solve my so called trick to redirect the users and leave the bot in place.
So what happened was, we know that FB does not parse javascript and there is absolutely no need to do that. I’ve used the debugger many times to confirm. So i set up a javascript redirect for an IG landing page, and in the middle i put a website that can log useragent and IP. https://grabify.link
To my surprise, they used a bot that’s a PC that visits the links and since it’s a real browser emulation, it can read javascript as well. (F**k Me, because i used my actual LP at the end of the redir chain.)
Prior to that, I mentioned a few times elsewhere that they are using a real browser to crawl, to the point i’m even suspecting they have a real human behind it visiting my links and using the site. That was most likely a co-incidednce since i am running the ads, but every link i post up, someone visits it and has a real mouse moving. Using hotjar, https://www.hotjar.com/tour you can see a human-like behaviour which is mindblowing.
I’m going to do a further test and see what the hell are they doing. I forgot to set up the site to track things using hotjar, but i’ll do that again soon with a dummy site. Lets hope my site didn’t get blacklisted. Damn shiet.
What exactly do you mean by mentioning bitly. Some people use it for hiding their links I use bizly only in purpose of following how many click I got to my main link.
As for the instagram I don’t think people get banned becouse of the bitly . I think they get banned becouse of the for example raw CPA link under the bitly. But if you have good domain wich is under bitly you will be just fine.
Anyways awesome thread. I’m curious just as you about this matter
I mean that there are many people that believe that by using bit.ly with their link they are completely hidden and Ig can’t see what they are doing, and after that they wonder why all accounts got closed…
Amazing! I was reading and wondering if you used some real time analytics until I saw Hotjar, very well thought! Lets see how far we can reach with this
I just did a hotjar test, but it’s always a hit or miss. It’s either they did not track me or that tracking is not 100%. And they only do it once.
I’ll need to keep changing links to see if it tracks.
A few things came to mind it’s either one of it :
no user is behind it (unless i’m running ads for that domain)
no user is behind it (i’m just deluded)
they don’t check every website (some authority ones like tumblr is excluded)
tracking is not 100% (due to tracker not firing)
update:
Did it on 2 domains, no user is recorded. So it’s either i was running ads at that time, or just deluded. But what remains is just their capability to parse js, so using js to redirect is out of the question. Good news though, you can use it with FB.
In order to properly cloak, you will need IP based cloaker, as of now, the IP will 99% of the time point to FB.
Someone mentioned using js cloaker to cloak based on browser size, though i don’t see how that’s even a thing. They have desktop and mobile useragent, so any identifier will not work.
There is one more thing, you can use a bait and switch method. But that will not be discussed in public for obvious reasons.
Blocking safari will block the entire Apple population so I don’t think it’s a good idea.