CakeSlice Referrer Leaks! Warning for all!

Silencer · #1 (**permalink**) 04-06-2010, 03:35 AM

I learned the hard way. Lost $1,500 because MaxBounty found the cakeslice site in my referrer (although they have no actual proof of the landing pages).

Here is the referrer
http://damoviez.110mb.com/cakeslice_standalone.html

So DO NOT use CakeSlice on your webhost or anyone elses!

I am trying to help so please don't flame me.

What I am wondering is will it leak if I just run cakeslice from my PC NOT uploaded to the web?

thanks

brookshire · #2 (**permalink**) 04-06-2010, 03:41 AM

Damn, that sucks man. I'm also interested to know if this is something to worry about.

Silencer · #3 (**permalink**) 04-06-2010, 03:43 AM

Quote:

Originally Posted by brookshire

Damn, that sucks man. I'm also interested to know if this is something to worry about.

Yes it does, especially since MaxBounty had nothing on me, absolutely no proof of landing pages.

Anyways, yes this is absolutely something to worry about.

oyeah22 · #4 (**permalink**) 04-06-2010, 03:50 AM

hmmm..maybe maxsteve saw u posting on a cakeslice thread..tracked your email down and put 2 and 2 together..but im sure he has better things to do

brookshire · #5 (**permalink**) 04-06-2010, 03:52 AM

Quote:

Originally Posted by oyeah22

hmmm..maybe maxsteve saw u posting on a cakeslice thread..tracked your email down and put 2 and 2 together

Very possible...

**Grizzy** · #6 (**permalink**) 04-06-2010, 03:53 AM

Hey Silencer, what do you mean it leaks? It's just an iframe, and like any iframe it will still pass the referrer unless you take measures to prevent it from doing so. Were you DMR'ing or using cpa redirector in combination with your iframe? More info on this would be much appreciated.

Regardless, those guys at MB are sharp cookies. You gotta get up pretty early in the morning..

**Paper-Boy** · #7 (**permalink**) 04-06-2010, 03:59 AM

you need to do some research and testing before using bh tools.

the standalone doesn't support any form of blanking or faking the referrer.

the premium version is also known to leak.

so in essence, don't use cakeslice!!

Silencer · #8 (**permalink**) 04-06-2010, 05:39 AM

I mean the referer is leaked when you use the tool, when you input the CPA offer into the tool. Not when you put the iframe on your landing page.

Quote:

Originally Posted by Paper-Boy

you need to do some research and testing before using bh tools.

the standalone doesn't support any form of blanking or faking the referrer.

the premium version is also known to leak.

so in essence, don't use cakeslice!!

Posted via Mobile Device

**Grizzy** · #9 (**permalink**) 04-06-2010, 07:05 AM

Ah I see what you mean now. Wow, compliance must have gone through all of your logs and found that one entry with a cake slice url as the referrer...

When you are framing an offer, you should always find the same offer being promoted by some random person on the web (or use the landing page preview link that often is supplied), iframe that and then substitute your own link.. If your framer is running on a server/IP address that can be linked back to you, that could spell trouble as well..

**pyronaut** · #10 (**permalink**) 04-06-2010, 07:57 AM

Quote:

Originally Posted by Grizzy

Ah I see what you mean now. Wow, compliance must have gone through all of your logs and found that one entry with a cake slice url as the referrer...

That's your site isn't it silencer? You shared it in another thread (I have it bookmarked). Upload it to a new domain, and then put protection on the domain so only your IP can see the content. Maxbounty no doubt keep an eye on domains like that, tonnes of people i know use that site to iframe stuff.

But just LOL if this is a follow on for your hatethread on Maxbounty. Too funny honestly. In there you swore black and blue that you were legit and no fraud was involved. If this isn't related then I apologize, but otherwise. Infact, can't even find your thread now so I'm going to assume so.

Not even sure if you are allowed to talk about iframing aka Fraud now though..

**shadowpwner** · #11 (**permalink**) 04-06-2010, 08:02 AM

Cakeslice slices IFRAMES. It was never advertised as a referrer blocker.

Silencer · #12 (**permalink**) 04-06-2010, 11:07 PM

Quote:

Originally Posted by pyronaut

That's your site isn't it silencer? You shared it in another thread (I have it bookmarked). Upload it to a new domain, and then put protection on the domain so only your IP can see the content. Maxbounty no doubt keep an eye on domains like that, tonnes of people i know use that site to iframe stuff.

But just LOL if this is a follow on for your hatethread on Maxbounty. Too funny honestly. In there you swore black and blue that you were legit and no fraud was involved. If this isn't related then I apologize, but otherwise. Infact, can't even find your thread now so I'm going to assume so.

Not even sure if you are allowed to talk about iframing aka Fraud now though..

Well see, I was banned because they found (yes my website) my url of cakeslicestandalone.html . That is untolerable since how do they know I was iframing offers? They didn't have SHIT on me, no landing pages whatsoever. To see $1,500 taken away like that is just AWFUL. And no I am NOT saying that I iframed. How do they know, maybe I was just testing something. I know for a FACT my traffic was converting at the second page. And NO I DID NOT delete that thread.

MaxBounty is bad in my books.

Albert · #13 (**permalink**) 04-06-2010, 11:43 PM

Pyronaut, I think you may be referring to this thread?

http://www.blackhatworld.com/blackha...-referrer.html

Quote:

Originally Posted by pyronaut

That's your site isn't it silencer? You shared it in another thread (I have it bookmarked). Upload it to a new domain, and then put protection on the domain so only your IP can see the content. Maxbounty no doubt keep an eye on domains like that, tonnes of people i know use that site to iframe stuff.

But just LOL if this is a follow on for your hatethread on Maxbounty. Too funny honestly. In there you swore black and blue that you were legit and no fraud was involved. If this isn't related then I apologize, but otherwise. Infact, can't even find your thread now so I'm going to assume so.

Not even sure if you are allowed to talk about iframing aka Fraud now though..

**Paper-Boy** · #14 (**permalink**) 04-07-2010, 03:02 AM

Quote:

Originally Posted by Silencer

I mean the referer is leaked when you use the tool, when you input the CPA offer into the tool. Not when you put the iframe on your landing page.
Posted via Mobile Device

youre still leaking the referrer regardless.

kivaari · #15 (**permalink**) 04-07-2010, 11:25 AM

It's easy to detect with javascript if clicks are coming through IFRAME, blanking referrer doesn't help.
Here's my thread about it: http://www.blackhatworld.com/blackha...e-warning.html

EDIT: Now I did understand what you meant, but anyway...

**shadowpwner** · #16 (**permalink**) 04-08-2010, 04:08 AM

You guys know that you can double meta in an iframe, right?

jaredakelly · #17 (**permalink**) 04-23-2010, 10:14 PM

so is there any way around this. is iframing dead?

**booman** · #18 (**permalink**) 04-23-2010, 10:27 PM

Quote:

Originally Posted by Silencer

Well see, I was banned because they found (yes my website) my url of cakeslicestandalone.html .

Why would you run it from a website folder that was unprotected, much less run it from a website period? Personally the safest way is to use it straight from your desktop through a series of proxies in my opinion.

listenloud · #19 (**permalink**) 05-11-2010, 11:12 PM

Quote:

Originally Posted by Silencer

Well see, I was banned because they found (yes my website) my url of cakeslicestandalone.html . That is untolerable since how do they know I was iframing offers? They didn't have SHIT on me, no landing pages whatsoever. To see $1,500 taken away like that is just AWFUL. And no I am NOT saying that I iframed. How do they know, maybe I was just testing something. I know for a FACT my traffic was converting at the second page. And NO I DID NOT delete that thread.

MaxBounty is bad in my books.

They caught you red handed and you are calling them "bad"? They keep their high rates because they can catch people who cheat the system. You expect free money to be easy? C'mon bro. I know it sucks to lose 1,500$, but don't blame it on MaxBounty.

Silencer · #20 (**permalink**) 05-12-2010, 11:17 PM

Quote:

Originally Posted by listenloud

They caught you red handed and you are calling them "bad"? They keep their high rates because they can catch people who cheat the system. You expect free money to be easy? C'mon bro. I know it sucks to lose 1,500$, but don't blame it on MaxBounty.

Just because they found that in the referrer says nothing about my actual landing pages.

In fact, you can get anyone banned, just put there aff link into cakeslice and their AM will probably ban them.

**Whisker** · #21 (**permalink**) 05-12-2010, 11:40 PM

I would have thought this was known by now, that script cost me and a couple other people some accounts and mid 4 figures when it first came out a year+ ago and we took the seller's word for granted it was written right(our mistake for not testing I'll admit that).

Always check your referer if you are going to frame something, at least with
http://www.whatismyreferrer.com/

Or you can throw this in a php file on your server, little less info, but it's on your hosting.

Code:

<?php
      echo $_SERVER['HTTP_REFERER'];
      ?>

You can put that in the iframe to check.

The code I mostly use, especially in a situation like this is brad's cpa redirector 2 standalone version
http://www.blackhatworld.com/blackha...ector-2-a.html

Brad is a pioneer in digital marketing if you haven't noticed with his standalone gateways, bh seo work, and especially link protection. No one should know where your traffic is coming from that's your business and yours alone, unless you feel like sharing it to a partner you trust. I've had legit campaigns stolen from traffic sources and deals gone behind my back and that sucks.

chocolatemonkey · #22 (**permalink**) 05-13-2010, 09:53 PM

have you tested that whisker? if not ill give it a go

**royalslim** · #23 (**permalink**) 05-23-2010, 06:48 PM

Okay so I used the standalone version of cpa redirector. The offer doesn't allow social networking traffic (facebook/twitter).

The question is how do I test what the referer is and where its coming from. What link would I give someone on facebook so that I can test it?

ghprod · #24 (**permalink**) 05-26-2010, 02:18 PM

glekz..its really bad news .. just this morning i saw your thread about cakeslice and now i read you get banned

cheers for you, i hope you have more lucky with others network

regards

**00CivicEX** · #25 (**permalink**) 06-01-2010, 12:54 PM

You should do a couple things....rename the file to something else and add an exception so only your ip can see the URL. Also running it from your local machine without uplpoading with blank it

┼blackrat┼ · #26 (**permalink**) 08-29-2010, 03:52 AM

Question is. Why the hell did you run that from your server?

MikeHustle · #27 (**permalink**) 09-21-2010, 09:38 PM

I will add to this old thread that I got the boot from a network for using cakeslice. My situation is JUST like Silencer's with the exception that it was a recently opened account, so I didn't lose ANY money... just got terminated. I got lazy and decided to frame using cakeslice instead of manually framing the offer. For now own I will manually frame.

EisaG · #28 (**permalink**) 01-10-2012, 10:58 PM

so basically if I manually iframe an news website with a content locker, i will get banned ?