Retargeting within BHW - Will this get me banned?

  • Thread starter Thread starter Banned member 185991
  • Start date Start date
B

Banned member 185991

Guest
For the last month or so people have been telling me my signature was broken, no its not. My signature is doing exactly what I wanted it to do. This explains that...

signature.gif


The broken image you saw was me cookie stuffing you so I can retarget you later on (with this thread in mind). If you refreshed my signature or saw it on another page you would see my @UnGagged.com banner (click for discount) like normal and you would not know the difference.

So what is retargeting?

setcookie.gif

Retargeting is the idea of leaving a cookie on your computer so that advertisers can bombard you with more adverts and follow you around the internet until you do the thing they want you to do (buy, sign up or download some shit).

The image above demonstrates this. This is an image hosted on the internet, but if you check the source code it runs through my own website first (cashgrabkeywords.com/setcookie.gif). It runs a script and then you are redirected to where the image is hosted. If you want to see this in action now, take note of the image below and then refresh the page.

signature.gif


You should have seen the image change from my UnGagged strippers and hoes banner, to a you got my cookie sucker banner... Cool right?

So I'm not going to spend the next hour of my life showing you what you can do with this shit... if you are not creative enough to work it out yourself then I'm not willing to hold your hand and talk you through it, but here are some possibilities:
  • re-target users who viewed your BST or certain threads
  • show individual users different banners, just PM them something with the image referenced within it.
  • add extra banners on your own website so you can show a different landing page for BHW users compared to the rest of the internet.
  • or change your signature banner depending on if they have visited your own website or not
And of course, it's not just BHW you can do this on. Any website that will let you post your own self hosted image is susceptible to this... which includes most forums on the internet, web 2.0's and some blogs even. In fact next time you send out your infographic to 1000's of blogs, why not cookie stuff the shit out of them and see what happens. As explained at the end this is not only good for retargeting, but these methods can also be used to pull analytics data from other peoples websites also.

So how the fuck am I doing this magic?
All together we can do this with 3 very simple scripts and a few .htaccess lines.

.htaccess
So for the htaccess file we need to do two things...
  1. set a redirect from a image we use to set the cookie
  2. set a redirect for the signature image
Here is my full .htaccess file
Code:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
Options +FollowSymLinks

RewriteRule ^signature.gif$ https://www.cashgrabkeywords.com/retarget.php [L,R=301]
RewriteRule ^setcookie.gif$ https://www.cashgrabkeywords.com/setcookie.php [L,R=301]
</IfModule>

So basically, its redirecting all requests for signature.gif and setcookie.gif to php scripts elsewhere. Signature.gif and setcookie.gif do not exist, they are there to set your browser up to request files from my server, instead of doing this I run scripts and then forward your request to images hosted elsewhere so you don't see the stupid broken image x.

setcookie.php
For the next bit lets begin with setcookie.php, which we call when setcookie.gif is requested, you can do this just like any other image...
Code:
[IMG]http://www.cashgrabkeywords.com/setcookie.gif[/IMG]

OR

<img src="http://www.cashgrabkeywords.com/setcookie.gif"/>

As saw the .htaccess file will redirect us to setcookie.php, which is below:
Code:
<?php
//check if cookie has been set
if($_COOKIE["retarget"] !== 1){
  //if cookie has not been set, set cookie
  setcookie("retarget", 1, time()+604800);
}
header("Location: https://qph.ec.quoracdn.net/main-qimg-3c45af619b25983ecc56d3bbe64e05a6?convert_to_webp=true");
exit;
?>

This is a super simple script which does the following:
  • checks if the cookie (retarget) has already been set
  • if it hasn't been set, it sets the cookie
  • it then redirects the request to the re-targeting diagram image I posted above so that you see an image and you don't suspect a thing...
So once this runs the cookie we use will be set, and we're free to retarget them whenever we want... In this case I run my cookie for 1 week, to alter this just swap 604800 for the number of seconds you want to use instead.

retarget.php
So just like above, when we call signature.gif we are taken to this script.

This is just a simple if statement, if the cookie value (1) is set it takes you to one place, if it's not set it takes you to another.

Code:
<?php
if($_COOKIE["retarget"] == 1){
  //this user needs retargeting
  header("Location: http://i.imgur.com/udRugJK.png");
} else {
  //this user is not being retargeted
  header("Location: http://i.imgur.com/nTZq6HE.gif");
}
?>

signature.php
But what use is updating the image if you can't update the link location... this script handles the link I put on the banner in my signature. It works in the exact same way as retarget.php

Code:
<?php
if($_COOKIE["retarget"] == 1){
  //this user needs retargeting
  header("Location: https://www.youtube.com/watch?v=dQw4w9WgXcQ");
} else {
  //this user is not being retargeted
  header("Location: https://www.eventbrite.com/e/ungagged-las-vegas-2016-tickets-21310002792?discount=STE");
}
?>

So what's next?
So you can take this and do what you want but this is just the beginning, now you can see how simple it is to run scripts when images are called you should be able to see that you can do almost anything... including monitoring things like CTR, mining user data, monitoring impressions and before @Diamond Damien enabled https, you could pull referrer data and see what pages generated the most impressions/clicks or monitor which pages certain users saw our signature on with a combination of their IP and page referrals and cookies... But you can still run this on forums which haven't moved to https yet.

The limit is endless, and unless this gets me banned for cookie stuffing BHW users I'll keep playing with it and seeing what I can do.

Note: You will see @mickyfu runs the same signature as me, his is not cookie stuffing (unless he did this himself?)...
 
Last edited by a moderator:
Cookie stuffing related discussion isn't allowed on BHW i think .......
 
This is retargeting not cookie stuffing.

Cookie stuffing = fraud.

This is just a neat little trick to push different banners to different people.

I know it's retargeting ... but you started it as cookies stuffing related discussions ...i have np if mods kept your post ... it's nice post btw ...
 
Interesting share, I clicked you banner a few times and didn't notice anything.

Not sure why this wouldn't be allowed on an international forum, seems like an incredible marketing strategy to me!
 
It becomes even more powerful when you re-target users who have already seen your video :)
 
This is a powerful tool man. A few scripts and some ingenuity goes a long way.
 
hahaha the most blackhat thing been posted on blackhatworld in a long long time and it was a @Ste Fishkin post.
 
Actually there was a meteorite cookie stuffer in Stonehenge, but someone stole it.
 
A great read, I cant' believe how easy this is :D damn...
 
Back
Top