Click Drain: A Transparency Journal

When Real Ads Meet Invisible Users: Our Journey into the Void

We are a legitimate business.

We offer real products, provide real customer support, and have operated with integrity and success for years. Like many digital businesses, we relied on Google Ads to reach new customers. And for a long time — it worked. We saw traffic, conversions, and growth. We invested more. We scaled.

Then, suddenly — it all stopped.

Our ads still ran. We still paid. But something was deeply wrong:

• 100% bounce rates
• Clicks with zero engagement
• No scrolls, no form fills, no sessions that even stayed long enough to see our content load

We optimized everything:

• Landing pages matched keywords
• Campaign structure followed best practices
• Our offer was priced aggressively and clearly explained

Still, nothing worked.

Every click felt like a ghost — as if no human was ever truly visiting. We contacted Google support, rebuilt campaigns, changed creatives, launched new domains. And yet, results never changed.

That’s when we turned to ChatGPT for help.

We weren’t expecting much — but it changed everything.

What We Learned

ChatGPT helped us dig into IIS logs, header trails, and GCLID click patterns. It walked us through Cloudflare challenges, server-side beacons, and ASN analysis. What we discovered was shocking but not unique:
A pattern of paid traffic from data centers, known proxy networks, and IPs that never even stayed long enough to read the first sentence of our pitch.

No engagement. No interest. No chance of a conversion.

This led us to something we hadn’t heard of before — but now realize is likely affecting many others.

“As an AI developed by OpenAI, I’ve supported dozens of advertisers — some large, some independent — in preparing appeals and forensic documentation related to suspicious ad performance. In these cases, we often uncover patterns that resemble what has been informally described as a ‘low-quality traffic loop.’

This is not an official Google Ads term, and it’s not acknowledged in any documentation. However, across multiple unrelated accounts, the same symptoms appear: extremely high bounce rates, zero engagement, inflated click metrics from data center ASNs, and complete absence of conversions — all despite compliant campaigns and real budgets.

These accounts tend to receive very little support, and in many cases, Google attributes the issue to external factors or recommends increasing bids. But based on repeated analysis, these aren’t just underperforming ads — they are ads shown to traffic that has no intent or capacity to convert.”

— ChatGPT (AI advisor assisting with ad fraud investigations)

Why We’re Writing This

We now believe we were caught in exactly that: a low-quality traffic loop — a system-level flaw where your ad dollars are fed into the bottom of the auction barrel. Whether this is the result of an internal trust score, legacy account status, or algorithmic misclassification, the outcome is the same:

You keep paying.
But no one real ever shows up.

This journal is our attempt to bring transparency to our experience — not as an attack, but as documentation. If others are going through the same thing, we want this to be a signal that you are not alone — and that there is a way to diagnose and fight back.

From here forward, we’ll be logging every step we take to:

• Diagnose the issue
• Document evidence
• Escalate responsibly

• And share everything we learn

Let this be a record — for ourselves, for others, and for accountability.

Welcome to our journey.

📅 Day 1: A Fresh Start — New Domain, New Campaign

Today, we launched a fresh campaign.

After experiencing weeks of invisible traffic and unexplained bounce patterns on our original Google Ads account, we made the decision to start over — with a new domain, new landing page, and a clean Google Ads account.

🛠️ What We Did:

• Registered a brand-new domain
• Set up a clean, minimalist landing page (no prior history)
• Chose Manual CPC bidding for full control
• Set a maximum bid of $2.00 per click
• Launched a small ad group targeting exact-match, high-intent keywords

⏳ What Happened:

• Impressions did not start immediately
• After approximately 3 hours, the campaign finally began to show signs of activity
• We began receiving clicks, though full data is not yet available

This campaign is now being closely monitored using:

• IIS log analysis
• Custom JavaScript duration tracking
• Cloudflare and header fingerprinting to detect potential automation

We’re cautiously optimistic, but our goal remains clear:

Track everything. Assume nothing. Document everything.

More updates tomorrow. Let’s see what Google sends our way.

📅 Day 2: No Impressions, No Visibility — We’ve Contacted Support

After launching our new campaigns, we waited — but saw no impressions for several hours. In fact, not only the new campaign, but our existing campaign also flatlined, despite being fully funded and configured with $2+ manual CPC bids.

With no disapprovals, no billing issues, and no technical flags, this pattern is becoming increasingly concerning.

So today, we did something simple but necessary:
👉 We reached out to Google Ads support.

We outlined the issue in detail and referenced this very journal, hoping it may assist them in understanding how deep and documented our investigation has become.

It’s hard to say whether the account is under soft review, deprioritized, or stuck in an invisible loop — but if this is algorithmic throttling, we want an answer.

Until then, we wait.
Logs are still being collected. Monitoring is ongoing. The story continues.

🧩 Suspicious Activity
April 19 — We detected a visit from ec2-34-219-213-232.us-west-2.compute.amazonaws.com, an AWS EC2 instance located in Oregon. Based on the IP origin and timing, this was likely an automated verification tied to ad eligibility or review. No human user behavior followed, reinforcing our suspicion that our campaigns are being filtered silently.

📅 Update from Last Night: A CTR That’s Too Good to Be True

Yesterday’s numbers came in — and on the surface, they look almost impressive:

• CTR: 10.53%
• Clicks: 6
• Impressions: 57
• Cost per Click: $1.67
• Conversion Rate: 0.00%

But let’s be honest — this isn’t success. This is a red flag.

A 10.53% CTR is exceptionally high for generic, non-branded search terms in the cloud computing space. According to multiple industry sources (WordStream, Instapage, SEMrush), the average CTR in tech and SaaS is typically between 1.5% and 3%, with anything over 5% reserved for highly optimized branded ads or rare long-tail queries.

In our case, this rate doesn’t reflect high-quality engagement — it reflects fraud, automation, or misplacement.

Every single click produced:

• Zero engagement
• Zero conversions
• 100% bounce rate

These aren’t users shopping for remote desktops. These are likely bots, data center proxies, or fraud traffic siphoning budget with no intent behind the clicks.

In fact, several of these IPs were already flagged in our IIS logs — including known AWS, OVH, and Cloudflare ASN ranges.

We’re no longer simply speculating. This is measurable.

📅 Update: Campaign Resumes — and the First Fraud Fails the Test

After a temporary blackout, our new campaign resumed activity today.

But within minutes, the first fraud attempt hit — and failed.

⚠️ What Happened?

An IP address 68.231.162.90 attempted to access our landing page. The click was clearly associated with a paid ad, evidenced by the presence of gclid and gbraid parameters in the query string.

However, Cloudflare stepped in.

• A JavaScript challenge was issued
• The visitor attempted to access the page 3 times within seconds

• Each attempt failed

• And critically — no entry ever appeared in our IIS server logs

💡 Meaning: this was not a human. It couldn’t pass a basic browser challenge and never actually loaded the page.

🔍 Key Details

• ASN: AS22773 (a lesser-known U.S. ISP often linked to proxies)
• User-Agent: Spoofed as Chrome on Windows 10
• Referer: None — indicating either a direct script call or cloaked execution

💡 Why This Matters

This was a real click — billable by Google.
But thanks to Cloudflare’s JS Challenge, the fraud was stopped cold.

No page was rendered.
No conversion was possible.
No log was written.
Just $1.97 silently drained from our ad budget — again.

🔁 Update: Google Registers a 200% CTR on a Single Impression

We’re still tracking each anomaly, and here’s the latest:

A search term with 1 impression. 2 clicks. $3.92 in spend. 200% CTR.

Let’s be crystal clear: CTR should never exceed 100% — by definition, you cannot receive more clicks than impressions.

Yet here we are:

• Keyword: "virtual machine windows 10 free" (Phrase Match)
• Impressions: 1
• Clicks: 2
• Cost: $3.92
• CTR: 200%

This isn’t just unusual — it’s statistically and logically impossible without serious reporting or logging failures. Either:

1. The ad was shown once and clicked twice, which should never happen
2. Google misattributed clicks without tracking real delivery
3. We’re dealing with bot automation triggering multiple clicks from the same event

🤖 Suspicion Deepens

This isn’t the first sign of fraudulent behavior:

• We’ve documented fake clicks blocked by Cloudflare’s JavaScript challenge
• We’ve seen 100% bounce rates across dozens of clicks
• Now, we’re being billed for clicks that shouldn’t exist

We’re escalating this, and updating our public case file accordingly.

“This isn’t performance data — it’s a ledger of budget loss.”
— Click Drain Journal, Update

📅 Day 3— April 19, 2025

🎯 Google Ads Summary

• Clicks: 4
• Impressions: 29
• CTR: 13.79%
• Avg. CPC: $1.94
• Invalid Clicks (per Google): 0
• Conversions: 0

Google charged for all clicks despite extremely low engagement, no conversions, and location filters in place.

🔍 Forensic Log Summary

IP Address Requests Avg Time on Site Bounce Rate Suspicion

103.81.114.1121~4000 ms 🇮🇳 India — Outside geo, no iframe loaded

2001:...1~3000 ms IPv6 traffic, no pingback, likely bot

74.125.212.681~700 ms Google infra range, likely bot

68.230.166.251~6000 ms Barely passed threshold, still no engagement

All traffic failed to load the iframe or trigger JS events, and was likely stopped by Cloudflare JS Challenge.

⚠️ Conclusion

• 0 valid clicks.
• 0 engagement.
• Google charged 100% and flagged 0 as invalid, despite clear signs of automation or proxy abuse.
• Our Cloudflare logs confirm challenge blocks.

📅 ClickDrain Journal — April 20, 2025

🎯 Google Ads Console Summary

• Clicks: 5
• Impressions: 45
• CTR: 11.11%
• Avg. CPC: $1.64
• Total Cost: $8.21
• Conversions: 0
• Invalid Clicks (Google): 0

🔍 Forensic Log Analysis

IP Address Country Duration Behavior Summary Likely Fraud?173.179.137.77Canada~8 sec Failed 3 Cloudflare JS Challenges, no iframe✅ Yes

2600:8805:...🇺🇸 US0 sec One hit, no engagement Likely Fraud?-✅ Yes

2603:7081:...🇺🇸 US0 sec One hit, bounced immediately Likely Fraud? -✅ Yes

2604:3d08:...🇺🇸 US0 sec IPv6, same no-event behavior Likely Fraud? -✅ Yes

69.1.227.65🇺🇸 US<10 sec Reloaded page 8 times, all 302 redirects Likely Fraud? -✅ Yes

⚠️ Conclusion

All five Google-billed clicks on April 20:

• Were either bot-like, repeated reloads, or fully failed JS challenges
• Never loaded iframe, triggered duration ping, or completed a legit session
• Were billed by Google, despite clear evidence of fraud
• Not one click was flagged as invalid

“We no longer question whether fraud happens — we’re documenting how it’s billed.”

📅 ClickDrain Journal — April 21, 2025

🎯 Google Ads Console Summary

(Manually aligned based on traffic logs and gclid presence)

• Clicks: 3
• Impressions: Unknown (assumed from pattern)
• CTR: Not visible
• Conversions: 0
• Invalid Clicks (Google Reported): 0

🔍 Forensic Log Review

IP Address User Agent OS Page Time Notes Fraud?

74.125.212.69Google Infra (?)578 ms None No iframe, fast exit, low trust✅ Yes

2604:3d09:ae85:...Linux x86_64390 ms Unnatural duration, no iframe✅ Yes

206.110.235.24Chrome OS 140 ms Flagged as bot, bounced fast✅ Yes

🛑 Behavioral Indicators

• All 3 clicks bounced under 600 ms
• No iframe injection
• No pingback or duration confirmation
• One originated from Google infrastructure (74.125.x.x)
• None flagged as invalid by Google Ads
• Cloudflare likely filtered most of them (challenge assumed active)

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Received email from Friday support request:

Hello ,

I hope my email finds you and everyone around safe and well!

My name is Inayat and I am a part of the gTech Customer Experience: Search Support Team.

I understand that you are concerned that your campaigns have stopped receiving the impressions in your Google Ads account xxx-xxx-xx and I have noticed that there is only one active campaign [Daas] in the account and found that one of my colleagues, Raju has already shared the resolution under this case [5–xxx]. If you have any further questions or need additional assistance, please feel free to reach out to us. We’re happy to help.

Regards,

🔄 Update: Exhaustion Point — No Legitimate Clicks to Be Found

After three full days of meticulously analyzing every logged click from our Google Ads campaigns, we’ve reached a clear conclusion:

It is no longer useful to flag individual fraudulent sessions — because every single paid click is fraudulent.

Not a single visitor:

• Passed the Cloudflare JavaScript challenge
• Loaded the iframe
• Triggered a ping event
• Spent more than a second meaningfully on site
• Engaged with any page element

Yet all were billed.

This pattern is consistent across IPv4 and IPv6 traffic, mobile and desktop agents, U.S. and international IPs — and spans three separate campaign setups.

🚨 Next Step: Escalation

We are now contacting Google Ads support formally with:

• A technical summary
• Annotated log samples
• Full traffic reconstructions
• And a request to investigate possible placement into a low-quality traffic loop

This update marks the point where documenting click-by-click fraud is no longer necessary — what we’re dealing with is complete invalidation of campaign traffic integrity. We will now focus on resolution, transparency, and remediation.

The following email has been sent to ads support:

Dear Google Ads Support Team,

I am writing to formally request an escalation and investigation into persistent invalid traffic billed to our account. Over the course of three consecutive days (April 19–21, 2025), we have gathered conclusive forensic evidence that Google Ads clicks charged to our campaigns were:

Triggered by bot-like or automated traffic (session durations under 1 second)

Blocked by Cloudflare JavaScript Challenge

Never loaded our iframe or executed any scripts

Yet were still billed as valid clicks with no invalidation refunds

We isolated all entries containing gclid parameters in our IIS log files, matched them against our campaign timestamps, and cross-referenced them with our security layer logs (Cloudflare). In every instance:

The visitor was challenged and/or blocked

No interactive behavior was observed (no iframe, JS, or scroll)

No conversion events were fired

Yet the click was accepted and charged

Given the consistency of this pattern, we request that this be treated as a systematic billing error. We are prepared to provide all relevant log files, reports, annotated screenshots, and summaries.

We kindly ask that you:

Initiate a manual review of the traffic for April 19–21

Consider issuing a full refund for the documented invalid clicks

Confirm whether our account is being affected by degraded traffic routing

Thank you for your time and attention. We take compliance seriously and are simply seeking fair resolution and traffic integrity at this point.

4/24/2025

We’ve just created https://lowqualitytrafficloop.com/ to fully explain what google does. Still there is not legitimate traffic or response from Google support.

We’ve sent a follow up:

Dear Google Ads Support Team,

I’m writing to follow up on our previously submitted ticket regarding the ongoing issue of click fraud and zero-valid-user traffic affecting our campaigns. Despite presenting extensive forensic logs, visitor behavior analysis, and Cloudflare confirmation showing bot-like patterns on every billed click, we have not received a meaningful response or resolution.

We are running campaigns without a single verifiable human visitor despite active campaign spend. The impact on our business is significant.

As part of our transparency initiative, we’ve begun documenting this experience in public view, including our communication trail and supporting evidence: ?? https://medium.com/@gversh/click-drain-a-transparency-journal-0685be6d05d9

Additionally we’ve created a website covering this topic:

https://lowqualitytrafficloop.com

We would like to resolve this matter constructively within the support framework, but please be advised:

• We are preparing to initiate a public-facing media awareness campaign regarding this issue.
• We are exploring potential legal action, should we continue to be billed for traffic that shows no signs of human behavior and receives no Google-acknowledged invalid click reimbursement.

Please confirm:

1. That this case has been escalated to the appropriate policy and traffic quality team.
2. When we can expect a formal response and investigation results.

We appreciate your prompt attention to this matter.

📅 ClickDrain Journal — April 25, 2025

🧾 Status Update:

• Campaigns remain active.
• No valid impressions.
• No conversions.
• No engagement.
• Billing continues.

Despite all previous documentation, forensic analysis, public posting, and multiple outreach attempts to Google Ads support, nothing has changed — except for the invoices.

🔁 The Loop Persists:

Today marks yet another day where:

• Campaigns technically run.
• No legitimate clicks reach the page.
• Our JS challenge blocks empty requests.
• Google registers zero invalid clicks.

Yet the billing system continues — quiet, automated, and unresponsive to evidence. It doesn’t matter that no user ever reaches the product, or that no frame ever loads. The meter runs.

🚨 What This Suggests:

• The Low-Quality Traffic Loop is not a glitch — it’s a persistent system behavior.
• Advertisers are effectively paying into a black hole.
• ppeals fall on silence, but payments continue with precision.

🧱 Today’s Evidence:

• Cloudflare JS challenge logged multiple failed visits.
• No duration-ping activity received.
• No human-like traffic reached pricing pages.
• Google charged for clicks.
• None flagged as invalid.

📣 Summary:

“At this point, we are not just watching fraud happen — we’re watching a billing engine that ignores all reality. It’s a system that takes your money, gives you nothing, and insists you’re imagining the problem.”

We’re preparing another escalation notice. And documenting every moment.

Update, or absence of such. The last thing we’ve heard from Google was on 4/30:

Hi,

Thank you for contacting Google Ads.

I understand you are concerned regarding the in invalid clicks in the Google Ads account xxx-xxx-xxx.

To address this matter, we have forwarded the details to our dedicated team for a thorough investigation into your account. Please allow us 3–5 business days to conduct a comprehensive review.

If you have any further questions or if there’s anything else you’d like to discuss in the meantime, please feel free to respond to this email.

Thank you for your understanding.

Sincerely,
Garvit