My Cloaking Isn't Cloaking

cardine

cardine

...
Jan 9, 2008
3,582
77
0
wordai.com
I am running a really profitable site/landing page, however it is almost completely necessary that referrers get blanked, and the networks I'm working with don't see where it's coming from.

I've been using Prosper202's cloaking feature, and was just assuming that I everything was hidden. However, in the past 2 weeks an advertiser found my landing page, and in another case a network found my landing page. I was pretty worried when I was talking to my AM on the phone and he says "ok, I see your landing page is -------, and your Alexa clickstream says you're receiving traffic from ----- and ------. Does this seem right?"

So obviously what I'm doing isn't working. Could my referrer info be leaking (and if so, what do I need to do? I think P202 does a double meta refresh which I thought was pretty foolproof if you make it not redirect if referrers aren't blanked). At one point a different network asked me to stop blanking referrers, which I don't think they would've done if some of my referrer info was leaking.

Also I'm wondering if they are seeing my site by viewing the clickstream on sites like Alexa. I've checked all of their sites (and the urls for their tracking links) for my links but I'm not seeing my site anywhere.

Besides them actually seeing my placement (which they haven't seen, I know this for a fact) what is causing them to know what my landing page is? The campaign is a goldmine, and it is all based on a couple traffic sources and a unique promotion method. If a network can see those things I can get really screwed. And now I'm a little unnerved that 2 different advertisers/networks have relatively easily found my landing page.

BTW I did use the search function (and I know hiding referrers has been talked about before), but I'm also wondering about them getting clickstream data, and what I can do to prevent that (I guess maybe have 50+ different prosper accounts?)
 


Hate to say it but at the end of the day it's EXTREMELY difficult to hide from a merch/nw no matter what you do.

And if it's profitable - it will be found even faster.

*Quickest basic leak is people coming to your lander, click to the main site, then returning later directly.. .. . even in free counters you'll see visitor paths/easy to match up even if you cloaked x times before hitting the main sales page..
 
also use ssl and different domains. most browsers wont pass the referrer info when going across secure sites. not 100% foolproof, but its another layer of protection.
 
The easiest way is a looping meta refresh that checks if the refer is blank and if it isn't refreshes again. You will loose some of your traffic but nothing with a refer will ever go through so your LP will be safe from that.

That's about all I'll give out. Finding your traffic sources and domain as well as preventing it is something not many people know how to do well thus I'm not about to start giving out info on it publicly.
 
  • Like
Reactions: cardine
i havent done this but i would get multiple domains (20-50) all pointing to the same prosper install and rotate them with my creatives. Much harder to get compete/quantcast/alexa data on a url then.

my attitude is still I don't have time to care about people copying me or advertisers finding my shit, its going to happen with anything that works well.

edit: you could probably also mix in subdomains too. it would be cheaper.
 
Its simple. DMRs do not clear headers for Chrome/Safari and a range of other users in specialized cases. This is why in WP Link Engine, links marked "Guaranteed Wipe" get redirected in a circle to themselves until the referrer is cleared; the technique that successfully cleared the referrer is used to refer to the other agent - if no technique successfully cleared the referrer (as in Chrome, where it is literally impossible - you have to redirect to an intermediary domain to do it, and that's still quite hard to get to work right and regularly) it redirects to an alternate URL.

This is your best solution. Either build it yourself or buy Link Engine; if you're a PHP guy and want help building it yourself, let me know and I'll post some more details here.

Joe.
 
ncmedia said:
*Quickest basic leak is people coming to your lander, click to the main site, then returning later directly.. .. . even in free counters you'll see visitor paths/easy to match up even if you cloaked x times before hitting the main sales page..
Click to expand...

This isn't a leak. How does the advertiser identify where you went after you left?
 
Refrozen said:
Its simple. DMRs do not clear headers for Chrome/Safari and a range of other users in specialized cases. This is why in WP Link Engine, links marked "Guaranteed Wipe" get redirected in a circle to themselves until the referrer is cleared; the technique that successfully cleared the referrer is used to refer to the other agent - if no technique successfully cleared the referrer (as in Chrome, where it is literally impossible - you have to redirect to an intermediary domain to do it, and that's still quite hard to get to work right and regularly) it redirects to an alternate URL.

This is your best solution. Either build it yourself or buy Link Engine; if you're a PHP guy and want help building it yourself, let me know and I'll post some more details here.

Joe.
Click to expand...

what about through a form post with chrome? has that been tested?
 
Refrozen said:
Its simple. DMRs do not clear headers for Chrome/Safari and a range of other users in specialized cases. This is why in WP Link Engine, links marked "Guaranteed Wipe" get redirected in a circle to themselves until the referrer is cleared; the technique that successfully cleared the referrer is used to refer to the other agent - if no technique successfully cleared the referrer (as in Chrome, where it is literally impossible - you have to redirect to an intermediary domain to do it, and that's still quite hard to get to work right and regularly) it redirects to an alternate URL.

This is your best solution. Either build it yourself or buy Link Engine; if you're a PHP guy and want help building it yourself, let me know and I'll post some more details here.

Joe.
Click to expand...

How about setting window.location in JavaScript? Does that clear the referrer and headers?

As far as finding your traffic sources - they might have seen your actual ad, followed to your lander, then the offer and saw your affiliate ID.

There is only so much you can hide if you have scaled and saturated the interwebz with your ads.
 
yo dawg.... I heard you like cloaking, so we put a meta refresh in your meta refresh so you can cloak while you cloak.
 
DKPMO said:
As far as finding your traffic sources - they might have seen your actual ad, followed to your lander, then the offer and saw your affiliate ID.

There is only so much you can hide if you have scaled and saturated the interwebz with your ads.
Click to expand...

I am 100% sure this is not the case.
 
conv3rsion said:
sure but if someone has alexa toolbar installed and goes to your LP, there's your clickstream, it doesnt have to be the advertiser.
Click to expand...

What I mean is that the network didn't find my landing page because they saw my ad. They might have eventually seen my ad by viewing the clickstream and going to the advertiser's page... but my landing page was not compromised due to my AM (or anybody at the network) stumbling upon one of my placements.
 
cardine said:
What I mean is that the network didn't find my landing page because they saw my ad. They might have eventually seen my ad by viewing the clickstream and going to the advertiser's page... but my landing page was not compromised due to my AM (or anybody at the network) stumbling upon one of my placements.
Click to expand...

Then what is the difference? Once you are doing scale they can find your landing page whether you cloak or not... Quantcast is another great tool to look for clickstream affinities.

Obviously I do not know the facts of your offer / traffic source / network / advertiser, but why are you 100% sure they would not know where to look for your ads? If you had an idea where to market the offer, why couldn't they think of the same thing?

If prosper cloaks 99% of your traffic you are still ahead. They'll see a few referrers to find your LP and traffic source, but won't have enough stats to swipe your targeting.
 
DKPMO said:
Then what is the difference? Once you are doing scale they can find your landing page whether you cloak or not... Quantcast is another great tool to look for clickstream affinities.

Obviously I do not know the facts of your offer / traffic source / network / advertiser, but why are you 100% sure they would not know where to look for your ads? If you had an idea where to market the offer, why couldn't they think of the same thing?

If prosper cloaks 99% of your traffic you are still ahead. They'll see a few referrers to find your LP and traffic source, but won't have enough stats to swipe your targeting.
Click to expand...

Just trust me on this one... please. The network would never find my stuff by stumbling on it. In fact, even when the network found my landing page they never found my ad.

So if I can prevent the network from finding my landing page by blanking my referrers, and hiding my clickstream data (I guess with 50+ domains that do redirection) then I will be secure enough. Even if I scale this completely out they are not going to find my placements by just poking around.


I appreciate the suggestions so far. I'm probably going to ditch prosper202 altogether and just do a lot of testing with the different recommended methods until I find something that works across all browsers all the time. And my ROI is high enough that I'd much rather lose a visitor than let his referrer info get leaked.
 
cardine said:
Just trust me on this one... please. The network would never find my stuff by stumbling on it. In fact, even when the network found my landing page they never found my ad.

So if I can prevent the network from finding my landing page by blanking my referrers, and hiding my clickstream data (I guess with 50+ domains that do redirection) then I will be secure enough. Even if I scale this completely out they are not going to find my placements by just poking around.


I appreciate the suggestions so far. I'm probably going to ditch prosper202 altogether and just do a lot of testing with the different recommended methods until I find something that works across all browsers all the time. And my ROI is high enough that I'd much rather lose a visitor than let his referrer info get leaked.
Click to expand...

Even if you rotate 50+ redirection domains, as long as you use the same LP domain its affinity with the offer domain will register in Quantcast / Alexa. Supposedly you could set up 50 LP domains, but this is going to get complicated real fast. Besides, LP domain URL might be a factor in your conversions.

Prosper still seems like a decent way to implement DMR and it is unclear to me why a custom DMR script will be any better. If DMR breaks down because of browser behavior and you can find a fix or yet another alternative way to cloak, it can still be integrated back into prosper...
 
You must log in or register to reply here.
Top Bottom