Snowflake Data Fields

After you've imported your HUMAN data into Snowflake, you'll be able to view any of the following data fields that correspond to the product(s) you're using.

MediaGuard

There are three MediaGuard views available: mediaguard_prebid and mediaguard_prebid_sampled, which include pre-bid data, and mediguard_postbid, which includes post-bid data.

note

The mediaguard_prebid review pulls data from all MediaGuard requests during the selected time period, but the mediaguard_prebid_sampled view pulls data from a smaller subset of MediaGuard requests to provide more detailed information about a limited data pool. Certain pre-bid fields are only available for sampled data.

MediaGuard (pre-bid) fields

• App ID (app_id): (sampled data only) The app bundle where the ad was intended to be delivered, as provided by the publisher (for in-app mobile environments only).
• Bots (ivt_bots): The number of requests that were identified as invalid traffic (IVT).
• Bots Revoked (bots_revoked): The number of requests that were initially categorized as invalid but were recategorized as valid based on an allowlist.
• Customer ID (customer_id): The unique identifier associated with your HUMAN account.
• Device Type (device_type): The device type, as provided in your request to MediaGuard.
• Domain (domain): (sampled data only) The domain where the ad is intended to be delivered.
• GIVT (givt_bots): The number of requests that were categorized as General IVT (GIVT).
• IVT - Automated Browsing (ivt_bot_category_ab): The number of invalid requests that were driven by automated programs or scripts that did not declare themselves as crawlers.
• IVT - Data Center (ivt_bot_category_dc): The number of invalid requests that originated from servers in data centers whose IP addresses are linked to invalid activity.
• IVT - False Representation (ivt_bot_category_fr): The number of invalid requests that requested content that differed from the actual content that was supplied.
• IVT - Irregular Pattern (ivt_bot_category_fr): The number of invalid requests that were associated with patterns of irregular, nonhuman behavior.
• IVT - Known Crawler (ivt_bot_category_kc): The number of invalid requests that were driven by non-malicious automated scripts that declare themselves as nonhuman through a variety of standard identification mechanisms.
• IVT - Manipulated Behavior (ivt_bot_category_mb): The number of invalid requests that were driven by a browser, application, or other program that triggers ad interactions without a user’s consent.
• IVT - Misleading User Interface (ivt_bot_category_mui):The number of invalid requests that resulted from a webpage, application, or other interface that was modified to falsely include one or more ads in an unintended location.
• IVT - Undisclosed Classification (ivt_bot_category_uc):The number of invalid requests that could not be classified as any other categories listed here, or any invalid requests discovered used sensitive techniques that HUMAN cannot disclose.
• IVT Categories (ivt_bot_category, ivt_bot_category_str): The IVT categories associated with the request.
• Media Type (media_type): The media type, as provided in the request to MediaGuard.
• Publisher ID (publisher_id): The publisher ID, as provided in your request to MediaGuard.
• SIVT (sivt_bots): The number of requests that were identified as Sophisticated IVT (SIVT).
• Supplier ID (supplier_id): The supplier ID, as provided in your request to MediaGuard.
• Timestamp (timestamp): The date and time that HUMAN recorded the request.
• Total Requests (requests): The total number of requests.
• Valid Requests (valid_requests): The number of valid requests.

FraudSensor (post-bid) fields

• App Mismatch (app_mismatch): A Boolean value that, when true, indicates a mismatch between the app ID reported by the device where the impression occurred and the actual app ID detected by HUMAN (for in-app mobile environments only).
• Bot (bot): A Boolean value that, when true, indicates that the impression was identified as invalid traffic (IVT).
• Context (st_ad_context): The context in which the ad was delivered (web, in-app, *etc.*).
• Country (country): The country where the impression originated.
• Customer ID (customer_id): The unique identifier associated with your HUMAN account.
• Customer Tag (ct): A list of the parameters that you passed to HUMAN’s detection tag. These parameters include:
• Ad ID/Placement ID (pi): The unique identifier for the digital advertisement.
• Advertiser (ai): The advertiser or brand that ran the ad campaign associated with the impression.
• Buy Type (bt): Whether the ad was purchased through programmatic or direct buying.
• Campaign ID (ac): The unique identifier for tracking the advertising campaign associated with the impression.
• Custom Fields (c1 - c10): Any custom parameters that you passed to HUMAN’s tag.
• Dimensions (dm): The width and height of the ad creative, measured in pixels.
• Domain Intended (di): The domain where the ad was intended to be delivered.
• Prevention ID (pv): The impression’s corresponding MediaGuard prevention ID.
• Publisher ID (pp): The publisher of the traffic source.
• Reporting Fields (r1 - r10): Any data-rich parameters that you’d like to make accessible through HUMAN’s Reporting API.
• Supplier ID (sr): The domain of the supplier of the traffic source.
• Tag ID (dt): The identifier of the detection tag that detected the impression.
• Transaction ID (ti): A unique identifier that HUMAN uses to identify each impression.
• Detected App ID (detected_app_id): The app bundle in which the ad was delivered, as detected by HUMAN (for in-app mobile environments only).
• Device Type (st_device): The software and device type where the ad was delivered (Android mobile, Roku CTV, *etc.*).
• Domains (domains): Various domains associated with the impression, including:
• Domain Mismatch (mismatch): A Boolean value that, when true, indicates a mismatch between the Intended Domain field and the True Domain field.
• Href Domain (href_domain): The domain of the page or iframe where the impression occurred.
• Href URL Parameters (href_fields): Any URL query parameters (such as UTM fields) attached to the URL of the page where the impression occurred.
• Page (page): The webpage where the impression occurred.
• Referring Domain (ref_domain): The domain that referred the user to the site of the impression.
• True Domain (true_domain): The domain of the page where HUMAN’s detection tag was attached. If HUMAN’s detection tag was attached inside an iframe, this field may not be populated.
• Environment (environment): The type of environment where the ad was delivered (mobile web, desktop, *etc.*), as detected by HUMAN.
• Event Type (event_type_str): The type of event detected (either an impression or a click).
• GIVT (givt): A Boolean value that, when true, indicates that the impression was identified as General IVT (GIVT).
• Href URL (href_url): The full URL of the page or iframe where the impression occurred.
• IVT Categories (ivt_bot_category_str): The IVT categories associated with the impression.
• Media Type (st_media_type): The media type of the inventory (banner, video, *etc.*).
• OS Name (ua_os_name): The operating system of the device where the ad was delivered, as reported by the device’s user agent.
• Platform Type (platform): The type of platform where the ad was delivered (desktop, mobile, CTV, *etc.*), as detected by HUMAN.
• Session ID (session_id): A unique identifier that HUMAN uses to identify each event.
• SIVT (sivt): A Boolean value that, when true, indicates that the impression was identified as Sophisticated IVT (SIVT).
• SSAI (is_ssai): A Boolean value that, when true, indicates that the ad was delivered via server-side ad insertion.
• Surface (st_surface): The category of device where the ad was delivered (mobile, desktop, tablet, *etc.*).
• Tag Type (tag_type): The type of FraudSensor tag that detected the event.
• Timestamp (timestamp): The date and time that HUMAN recorded the impression.
• UTM Campaign (utm_campaign): The utm_campaign parameter, as detected from the impression's Href URL.
• UTM Content (utm_content): The utm_content parameter, as detected from the impression's Href URL.
• UTM Medium (utm_medium): The utm_medium parameter, as detected from the impression's Href URL.
• UTM Source (utm_source): The utm_source parameter, as detected from the impression's Href URL.
• UTM Term (utm_term): The utm_term parameter, as detected from the impression's Href URL.

BotGuard for Growth Marketing

A transaction-level view is available for BotGuard for Growth Marketing. This view includes the following data fields:

• App Mismatch (app_mismatch): A Boolean value that, when true, indicates a mismatch between the app ID reported by the device where the pageview/session occurred and the actual app ID detected by HUMAN (for in-app mobile environments only).
• ASN (asn): The ID of the autonomous system through which the pageview/session was routed.
• ASN Name (asn_name): The name of the autonomous system through which the pageview/session was routed.
• Bot (bot): A Boolean value that, when true, indicates that the pageview/session was identified as invalid traffic (IVT).
• Browser Name (ua_browser_name): The name of the browser where the pageview/session occurred.
• Browser Version (ua_browser_ver): The version of the browser where the pageview/session occurred.
• Country (country): The country where the pageview/session originated.
• Customer ID (customer_id):The unique identifier associated with your HUMAN account.
• Customer Tag (ct): A list of the parameters that you passed to HUMAN’s detection tag. These parameters include:
  • Custom Fields (c1 - c10): Any custom parameters that you passed to HUMAN’s tag.
  • Tag ID (dt): The identifier of the detection tag that detected the pageview/session.
• Detected App ID (detected_app_id): The app bundle in which the pageview/session occurred, as detected by HUMAN (for in-app mobile environments only).
• DLICD (dclid): The DoubleClick Click ID associated with the pageview/session.
• Domains (domains): Various domains associated with the pageview/session, including:
  • Domain Mismatch (mismatch): A Boolean value that, when true, indicates a mismatch between the Intended Domain field and the True Domain field.
  • Href Domain (href_domain): The domain of the page or iframe where the pageview/session occurred.
  • Href URL Parameters (href_fields): Any URL query parameters (such as UTM fields) attached to the URL of the page where the pageview/session occurred.
  • Page (page): The webpage where the pageview/session occurred.
  • Referring Domain (ref_domain): The domain that referred the user to the site of the pageview/session.
  • True Domain (true_domain): The domain of the page where HUMAN’s detection tag was attached. If HUMAN’s detection tag was attached inside an iframe, this field may not be populated.
• Environment (environment): The type of environment where the pageview/session occurred (mobile web, desktop, etc.), as detected by HUMAN.
• Event Type (event_name): The type of event detected.
• FBCLID (fbclid): The Facebook Click ID parameter associated with the pageview/session.
• GCLID (gclid): The Google Click ID associated with the pageview/session.
• GIVT (givt): A Boolean value that, when true, indicates that the pageview/session was identified as General IVT (GIVT).
• Href URL (href_url): The full URL of the page where the pageview occurred. For session-level data, this field uses the value of the first pageview of that session.
• ISP (isp): The internet service provider that drove the pageview/session.
• IVT Categories (ivt_bot_category_str): The IVT categories associated with the pageview/session.
• OS Name (ua_os_name): The name of the operating system of the device where the pageview/session occurred, as reported by the device’s user agent.
• OS Version (ua_os_ver): The version of the operating system of the device where the pageview/session occurred, as reported by the device’s user agent.
• Page (page): The page where a pageview/session occurred.
• Pageview ID (pageview_id): A unique identifier that HUMAN uses to identify each pageview.
• Session ID (mkt_session_id): A unique identifier that HUMAN uses to identify each session.
• SIVT (sivt): A Boolean value that, when true, indicates that the pageview/session was identified as Sophisticated IVT (SIVT).
• Timestamp (timestamp): The date and time that HUMAN recorded the pageview/session.
• UTM Campaign (utm_campaign): The utm_campaign parameter, as detected from the user's referring URL.
• UTM Content (utm_content): The utm_content parameter, as detected from the user's referring URL.
• UTM Medium (utm_medium): The utm_medium parameter, as detected from the user's referring URL.
• UTM Source (utm_source): The utm_source parameter, as detected from the user's referring URL.
• UTM Term (utm_term): The utm_term parameter, as detected from the user's referring URL.

BotGuard for Applications

A transaction-level view is available for BotGuard for Applications. This view includes the following data fields:

• Action (action): The suggested action returned by the Mitigation API (e.g., block, allow, verify) for that event.
• API Request (api_request): A Boolean value that, when true, indicates that you made a request to the Mitigation API for the event.
• App ID (app_id): The app bundle where the event occurred, as reported by the app itself (for in-app mobile environments only) (available only for events detected by BotGuard for Application’s Interactive Mode).
• App Mismatch (app_mismatch): A Boolean value that, when true, indicates a mismatch between the app ID reported by the device where the impression occurred and the actual app ID detected by HUMAN (for in-app mobile environments only).
• ASN (asn): The ID of the autonomous system through which the event was routed.
• ASN Name (asn_name): The name of the autonomous system through which the event was routed.
• Bot (bot): A Boolean value that, when true, indicates that the impression was identified as invalid traffic (IVT).
• Browser Name (ua_browser_name): The name of the browser where the pageview/session occurred.
• Browser Version (ua_broswer_ver): The version of the browser where the pageview/session occurred.
• Client Error (client_error): A Boolean value that, when true, indicates that the request to the Mitigation API was malformed or invalid, usually corresponding to a 400-level HTTP status code (available only for events detected by BotGuard for Application’s Interactive Mode).
• Cookie ID (cookie_id): The unique identifier for the cookie associated with the event (available only for events detected by BotGuard for Application’s Interactive Mode).
• Country (country): The country where the event originated.
• Customer ID (customer_id): The unique identifier associated with your HUMAN account.
• Customer Tag (ct): A list of the parameters that you passed to HUMAN’s detection tag. These parameters include:
  • Custom Fields (c1 - c10): Any custom parameters that you passed to HUMAN’s tag.
  • Form ID (fi): The unique identifier for the form where the event occurred.
  • Product Key (pd): The HUMAN product associated with the detection tag. For BotGuard for Applications, this will always have the value acc.
  • Reporting Fields (r1 - r10): Any data-rich parameters that you’d like to make accessible through HUMAN’s Reporting API.
  • Site ID (si): The unique identifier for your website.
  • Tag ID (dt): The identifier of the detection tag that detected the event.
  • Tag Mode (mo): The mode in which the detection tag was deployed (possible values: 0 = Pageview Monitoring, 1 = Event Monitoring, 2 = Event Mitigation).
  • Transaction ID (ti): The unique identifier that HUMAN uses to identify each event.
  • User ID (ui): A unique identifier that HUMAN uses to identify the user driving each event.
• Device ID (device_id): The unique ID of the user’s device, as designated by their IDFA or AAID (for in-app mobile environments only) (available only for events detected by BotGuard for Application’s Interactive Mode).
• Device Type (device): The type of device where the event occurred (mobile web, desktop, etc.).
• Domains (domains): Various domains associated with the pageview/session, including:
  • Domain Mismatch (mismatch): A Boolean value that, when true, indicates a mismatch between the Intended Domain field and the True Domain field.
  • Href Domain (href_domain): The domain of the page or iframe where the event occurred.
  • Href URL Parameters (href_fields): Any URL query parameters (such as UTM fields) attached to the URL of the page where the event occurred.
  • Page (page): The webpage where the event occurred.
  • Referring Domain (ref_domain): The domain that referred the user to the site of the event.
  • True Domain (true_domain): The domain of the page where HUMAN’s detection tag was attached. If HUMAN’s detection tag was attached inside an iframe, this field may not be populated.
• Endpoint (endpoint): The URL of your API endpoint or server to which HUMAN-protected events will be sent.
• Event Success (event_success): A Boolean value that, when true, indicates that the user's interaction with the protected surface was successful (available only for events detected by BotGuard for Application’s Interactive Mode).
• Event Type (event_name): The specific type of user event being monitored (account login, password reset, etc.), as configured by your HUMAN tag.
• IAB Spider (iab_spider): A Boolean value that, when true, indicates that the event was driven by a crawler listed on the IAB Spiders and Bots List.
• IP (ip): The IP address of the user who drove the event.
• ISP (isp): The ISP through which the event was routed.
• OS Name (ua_os_name): The name of the operating system of the device where the pageview/session occurred, as reported by the device’s user agent.
• OS Version (ua_os_ver): The version of the operating system of the device where the pageview/session occurred, as reported by the device’s user agent.
• Password Match (pw_match): A Boolean value that, when true, indicates that the user's inputted password was correct (available only for events detected by BotGuard for Application’s Interactive Mode).
• Platform Type (platform): The type of platform where the event occurred (desktop, mobile, CTV, etc.), as detected by HUMAN.
• Policy Name (policy_name): The name of the custom Policy Engine policy that HUMAN applied to the request (available only for events detected by BotGuard for Application’s Interactive Mode).
• Rule Label (rule_label): The policy rule that was executed through the Policy Engine for the request (available only for events detected by BotGuard for Application’s Interactive Mode).
• Server Error (server_error): A Boolean value that, when true, indicates that the request to the Mitigation API resulted in an error code during the API response, usually corresponding to a 500-level HTTP status code (available only for events detected by BotGuard for Application’s Interactive Mode).
• Threat Categories (threat_categories, threat_categories_str): The specific threat categories associated with the event.
• Threat Profile (threat_profile, threat_profile_str): HUMAN’s designation of whether the event was a bot (BOT), nonstandard (NSD), or valid (VAL).
• Timestamp (timestamp): The date and time that HUMAN recorded the event.
• URL (url): The URL of the page or iframe where the event occurred.
• User Agent (ua): The user agent of the user who drove the event.
• User Exists (user_exists): A Boolean value that, when true, indicates that the user has provided a username that actually exists in the case of a login event (available only for events detected by BotGuard for Application’s Interactive Mode).
• Username (username): The SHA1-hashed value of the username associated with the event (available only for events detected by BotGuard for Application’s Interactive Mode).
• Validation Error (validation_error): A Boolean value that, when true, means that the request to the Mitigation API contained data that failed logic validation, usually corresponding to a 400-level HTTP status code (available only for events detected by BotGuard for Application’s Interactive Mode).