2nd Domain Discovery

**Dark Lord** · 12-20-2009, 09:38 AM

OK, maybe someone can shed some light on this. I will try to explain it the best I can...

Easy enough to redirect to the aff site from one domain and the referrer will show as coming from that domain. But the aff site would know that domain by looking in the referrer and therefore would be a simple task to check the links pointing to that domain and thereby discover where your ads are placed/linked from or whatever.

I use the two domain approach. All my ads will point to domain A, which redirects to domain B, which then redirects to the aff site. So the aff site only sees domain B as the referrer. All of this is done in php and uses javascript redirects (using auto-POSTS, no Location: redirects). It is verified that the aff site only sees domain B.

But SOMEHOW, they have discovered DOMAIN A as I can see from my logs they have visited domain A.

How can this be? How are they finding a link between domain A and domain B? Both domains have private registration. Both domains are on separate IPs. And to top it off, this has just been setup as a test, no real traffic has been sent through this setup except for several tests.

I just don't understand YET, how they discovered domain A. Neither domain is in quantcast or any other backlink discovery service that I can find, as neither domain has had any traffic to speak of, as of yet. On domain B, the only reference to domain A , is inside a php script that checks the referrer to verifiy if traffic is coming from domain A. That would not be seen to the outside world.

Anyone got a clue? Please enlighten me.

Thanks...

**deign23** · 12-20-2009, 11:35 AM

do you think that it could only be coincidence the the AM happens to visit your domain A site?

**Dark Lord** · 12-20-2009, 12:02 PM

Originally Posted by deign23

do you think that it could only be coincidence the the AM happens to visit your domain A site?

No coincidence, I know better. When the AM was given our pixel code, that is pointed to domain B, they visited domain B that same day. Within 9 days thereafter, they have visited domain A. They are snooping and I really would like to know how they discovered domain A.

If its that easy to find domain A, then there is no point in using a domain A to hide (supposedly) where our ads link to. If they know domain A, they can simply investigate the backlinks that point to domain A and discover where our ads are placed.

Thanks...

**Dark Lord** · 12-21-2009, 08:06 PM

All these brilliant minds on BHW and no one has any input on this?

Thanks,

DL

**vysniukas** · 12-21-2009, 08:50 PM

my guesses:
1. images, did you hotlinked any images?
2. cookies, does site A sets any cookies that is extraded at AFF
3. shitty redirect, check your redirect script
4. maybe site B links to site A ?

**Dark Lord** · 12-22-2009, 01:01 PM

Originally Posted by vysniukas

my guesses:
1. images, did you hotlinked any images?
2. cookies, does site A sets any cookies that is extraded at AFF
3. shitty redirect, check your redirect script
4. maybe site B links to site A ?

1. No Images

2. No Cookies

3. Perfect redirect script. Domain A accepts traffic from the ads and using a javascript POST, it redirects to Domain B. Domain B verifies the traffic is coming from Domain A, and if it is, decrypts the ad code, looks that up and redirects via a javacript POST to the appropriate aff offer. The aff offer only sees a referrer of Domain B. It works flawlessly and has been tested hundreds of times.

4. On Domain B, the only reference to Domain A is within a php script that checks to see if the referrer of incoming traffic is Domain A.

Both of the domains are hosted with the same hosting service, but are on separate servers with diff ips, so no connection there. Both domains have whois privacy, so no connection there. Both domains were registered about a month apart, so no connection there.

The only thing I can think of is that one of these traffic reporting services like Compete or Quantcast has recorded traffic going from Domain A to Domain B, but the kicker is, none of those sites report anything for either of the domains, as there has been no traffic to either domain to speak of, cept for testing.

The only purpose of using a Domain A was to hide inbound links from ads. If the ads pointed directly to Domain B and the aff offer knows Domain B from its referrer logs, they could just do a backlink discovery on Domain B and find all the sites where our ads are placed.

A lot of people think that just because they hide/blank/obscure the referrer that they are hiding their traffic sources, especially for media buys. Not so. If your traffic is pointing to the same domain that then refers to the aff site, the aff site can easily find your traffic sources.

In fact, one 'expert' told me at an event, that he can tell me anything about any campaign I do, although he wouldn't elaborate.

If we don't figure it out, we're simply going to tell the network either tell us how you found Domain A or we're not dropping 50K in ads for your network.

Go figure...

**44blackhatters** · 01-04-2010, 05:31 AM

This is a great question. Why don't you try reposting it in the general forum with a different title -- maybe something like "How did network discover my (hidden) traffic source?" There is a lot of expertise here and someone will have the answer. I'm just not sure the title caught people's attn, plus it was posted during holiday time, etc.

**lclynnch185** · 01-04-2010, 05:34 AM

complex problems, interested to know how to solve this too?

**Megalomaniac Midget** · 01-04-2010, 06:06 AM

Originally Posted by Dark Lord

1. No Images

2. No Cookies

3. Perfect redirect script. Domain A accepts traffic from the ads and using a javascript POST, it redirects to Domain B. Domain B verifies the traffic is coming from Domain A, and if it is, decrypts the ad code, looks that up and redirects via a javacript POST to the appropriate aff offer. The aff offer only sees a referrer of Domain B. It works flawlessly and has been tested hundreds of times.

4. On Domain B, the only reference to Domain A is within a php script that checks to see if the referrer of incoming traffic is Domain A.

Both of the domains are hosted with the same hosting service, but are on separate servers with diff ips, so no connection there. Both domains have whois privacy, so no connection there. Both domains were registered about a month apart, so no connection there.

The only thing I can think of is that one of these traffic reporting services like Compete or Quantcast has recorded traffic going from Domain A to Domain B, but the kicker is, none of those sites report anything for either of the domains, as there has been no traffic to either domain to speak of, cept for testing.

The only purpose of using a Domain A was to hide inbound links from ads. If the ads pointed directly to Domain B and the aff offer knows Domain B from its referrer logs, they could just do a backlink discovery on Domain B and find all the sites where our ads are placed.

A lot of people think that just because they hide/blank/obscure the referrer that they are hiding their traffic sources, especially for media buys. Not so. If your traffic is pointing to the same domain that then refers to the aff site, the aff site can easily find your traffic sources.

In fact, one 'expert' told me at an event, that he can tell me anything about any campaign I do, although he wouldn't elaborate.

If we don't figure it out, we're simply going to tell the network either tell us how you found Domain A or we're not dropping 50K in ads for your network.

Go figure...

Are you filtering out google chrome users?

**appleman** · 01-04-2010, 07:06 AM

did they google domain B and domain a showed up?

**Dark Lord** · 01-08-2010, 12:31 AM

Originally Posted by Megalomaniac Midget

Are you filtering out google chrome users?

Well, actually I'm not sure why. Is there something about Chrome we should know? But even if there is, the only traffic sent through the system for testing was from us, and we only used FF and IE. In fact, I don't think FF was used on any of the test runs that actually landed on the networks landing page. Most were sent to another testing/logging domain for analysis.

Thanks.

**Dark Lord** · 01-08-2010, 12:37 AM

Originally Posted by appleman

did they google domain B and domain a showed up?

No. There are no links pointing from one domain to the other.

Thanks!

**shadowguy** · 01-08-2010, 06:44 AM

Post domains in PM maybe?

Btw are you using a script like the one i posted the other day (no bullshit set your own referer) ?

**Spud Jr** · 01-08-2010, 07:31 PM

As an AM, there are many tools that can be used to detect whether or not a domain is being redirected. It can be hard but it will be done.

**theWombat** · 01-08-2010, 10:28 PM

Originally Posted by Spud Jr

As an AM, there are many tools that can be used to detect whether or not a domain is being redirected. It can be hard but it will be done.

could you elaborate? im sort of a newb to this but have 2 accts with one comp (one personal one llc) i send traffic at both offers and double redirect to their perspective landers.

this can be tracked?

Im using cparedirector on wordpress blogs

**AgentOrange_MkUltra** · 01-09-2010, 12:47 AM

You have not demonstrated that they have visited your DOMAiN_A knowing it is related to DOMAIN_B though. They may have visited your "secret domain" just checking resources that quote their products and/or navigating resources in your vertical. It may well be a robot that scours all resources in the sector.

You think that they knock at your door because they know you hide a smoking gun... perhaps they just want to congratulate you for the roof style...