Sign In

First-Party Traffic Attribution Tracker

The tracker is a lightweight JavaScript file (aop-traffic-tracker.min.js) loaded on every frontend page when tracking is enabled. It runs in the visitor’s browser and performs the following automatically:

What it captures:

  • UTM parameters: utm_source, utm_medium, utm_campaign, utm_term, utm_content from the page URL
  • Click IDs: gclid (Google Ads), fbclid (Meta), ttclid (TikTok), msclkid (Microsoft Ads), srsltid (Google Shopping), li_fat_id (LinkedIn), wbraid, gbraid (Google consent mode)
  • Referrer-based detection: Identifies the traffic channel from the HTTP referrer (organic search, social media, email clients, direct)
  • First-touch and last-touch cookies: Stores both the first source a visitor came from and the most recent source, with configurable expiry

How a visit is logged:

Each visit is logged once per page per browser session using sessionStorage. The tracker sends a POST request to wp-json/aop-ta/v1/log with the session data. On the server side, the plugin:

  1. Checks the IP against the excluded IP list
  2. Checks the User Agent against the known bot list and any custom patterns
  3. Applies the per-IP rate limit
  4. Parses the User Agent for device type, browser, and operating system
  5. Generates an anonymous visitor hash (SHA-256 of IP + User Agent) — no personal data is stored
  6. Checks whether the visitor hash has been seen before to set the “new visitor” flag
  7. Inserts the record into the wp_aop_traffic_visits database table