Home > Paid Traffic Sources > Facebook & Instagram

Facebook cookie stuffing or something BH... (8)

07-14-2016 12:12 AM #1 spartanen (Member)
Facebook cookie stuffing or something BH...

Hi Guys/girls,

So like a lot of guys i start a joint venture with someone but call me paranoid but if i met you on the internet i dont trust you!

So is it possible that if my JV partner has access to my safe page and LP that he can steal conversions/clicks from me?

I dont see a lot of clicks missing from facebook (he doesnt have access to that) to my safe page and LP but is it possible that after that something cookie stuffiing kinda thing happens that he redirects clicks from the LP to his offer and leave some for me sometimes (so i dont get suspicious).

How does this shit works?

PS i am talking about cookie stuffing because i found info on that area but maybe there are other possibilities also.

07-14-2016 01:10 AM #2 ysekse (Member)

If I understood this right:

FB traffic -> Your lander -> offer, and you wonder if he sends a % of traffic to his offer?

If he owns a step between your lander and the offer, i.e he owns the redirect link and it goes via php on, then he can set up something, and the only way to know would be to look at his php code.

Otherwise....
He has done something to your actual LP it should be pretty obvious, if you see obfuscated javascript in the code, that you didn't put there that would be a red flag. Or if it's not obfuscated, do a search for "http" or "www." or anything that might be in his url in all the files (.css, .js, .html) and see if you find something suspicious.

If he does cookie stuffing (and he can't control anything but the lander code), then the code for stuffing his cookie will be somewhere in your lander - which would be a dumb move because it's almost impossible to hide it well, unless the lander is 1M lines of code and has 50,000 outgoing links.

07-14-2016 08:56 AM #3 spartanen (Member)

Quote Originally Posted by ysekse View Post
If I understood this right:

FB traffic -> Your lander -> offer, and you wonder if he sends a % of traffic to his offer?
Correct!

Quote Originally Posted by ysekse View Post
If he owns a step between your lander and the offer, i.e he owns the redirect link and it goes via php on, then he can set up something, and the only way to know would be to look at his php code.
Its with my tracker and my cloaker so then this isnt possible right? (its his LP tho but i dont see anything strange in there)

Quote Originally Posted by ysekse View Post
Otherwise....
He has done something to your actual LP it should be pretty obvious, if you see obfuscated javascript in the code, that you didn't put there that would be a red flag. Or if it's not obfuscated, do a search for "http" or "www." or anything that might be in his url in all the files (.css, .js, .html) and see if you find something suspicious.

If he does cookie stuffing (and he can't control anything but the lander code), then the code for stuffing his cookie will be somewhere in your lander - which would be a dumb move because it's almost impossible to hide it well, unless the lander is 1M lines of code and has 50,000 outgoing links.
Thanks a lot! makes total sense and i think i worry to much!

07-14-2016 10:57 AM #4 ysekse (Member)

Yeah the only way is for him to put some code in his lander but it should be easy to find. If you're still feeling paranoid also check the external libraries that aren't publicly hosted, for example if he's using a custom jquery.min.js, the code COULD be embedded in there... Easiest way to spot stuff there is compare the file size of the jquery.min.js to the file size of the same jquery version hosted on google CDN.

Unless he's extremely clever and has put in redirect code AND removed the same amount of characters of the original code without breaking the LP, the file will be bigger. Or if he owns a domain that looks almost like google cdn linking to a malicious library, like:

https://ajax.googleapis.com/ajax/lib.../jquery.min.js
https://ajax.google-apis.com/ajax/li.../jquery.min.js
https://ajax-googleapis.com/ajax/lib.../jquery.min.js

but no matter what you do it's impossible to hide this, you could also try to do 100 manual clickthroughs with a custom token value and check if it shows up 100x on the other end

07-14-2016 11:01 AM #5 imdutch (Member)
Facebook cookie stuffing or something BH...

Thanks a lot! makes total sense and i think i worry to much!
Fact that you are worrying about wether your jv-buddy is stabbing you in the back or not, should lead to the question if this is the right partner for you.

07-14-2016 01:54 PM #6 spartanen (Member)

Quote Originally Posted by imdutch View Post
Fact that you are worrying about wether your jv-buddy is stabbing you in the back or not, should lead to the question if this is the right partner for you.
Yeah i know but i dont trust nobody so...

07-14-2016 01:54 PM #7 spartanen (Member)

Quote Originally Posted by ysekse View Post
Yeah the only way is for him to put some code in his lander but it should be easy to find. If you're still feeling paranoid also check the external libraries that aren't publicly hosted, for example if he's using a custom jquery.min.js, the code COULD be embedded in there... Easiest way to spot stuff there is compare the file size of the jquery.min.js to the file size of the same jquery version hosted on google CDN.

Unless he's extremely clever and has put in redirect code AND removed the same amount of characters of the original code without breaking the LP, the file will be bigger. Or if he owns a domain that looks almost like google cdn linking to a malicious library, like:

https://ajax.googleapis.com/ajax/lib.../jquery.min.js
https://ajax.google-apis.com/ajax/li.../jquery.min.js
https://ajax-googleapis.com/ajax/lib.../jquery.min.js

but no matter what you do it's impossible to hide this, you could also try to do 100 manual clickthroughs with a custom token value and check if it shows up 100x on the other end
Thanks! gonna look into that!

07-17-2016 09:27 PM #8 bobliu (Member)

Quote Originally Posted by spartanen View Post
Hi Guys/girls,

So like a lot of guys i start a joint venture with someone but call me paranoid but if i met you on the internet i dont trust you!

So is it possible that if my JV partner has access to my safe page and LP that he can steal conversions/clicks from me?

I dont see a lot of clicks missing from facebook (he doesnt have access to that) to my safe page and LP but is it possible that after that something cookie stuffiing kinda thing happens that he redirects clicks from the LP to his offer and leave some for me sometimes (so i dont get suspicious).

How does this shit works?

PS i am talking about cookie stuffing because i found info on that area but maybe there are other possibilities also.
The code on the LP is the only thing you should be worried about.


Has your safe page got any PHP code on it? Has it got any JavaScript you don't understand?
Isolate the CTA button and look around that for PHP code / element names. Then look at the JS code for onclick events / links / obfuscated code.

Have a programmer quickly scan the source code if it puts your paranoia to rest.

Home > Paid Traffic Sources > Facebook & Instagram