- Joined
- May 15, 2016
- Messages
- 4,789
- Likes
- 2,574
- Points
- 1,730
introduction
If you are using a web browser, then you have probably already collected several cookies. Cookies are used to store information about websites: your registration information, what you have in the basket, which language you prefer, etc.
They are created by websites and stored in your browser until they expire.
Some cookies are harmless, and some remain active even on sites that they do not own, collecting information about your behavior. These are called persistent third-party cookies or, in a more colloquial form, tracking cookies .
Tracking cookies can be so aggressive that many antivirus programs classify them as spyware. Despite their poor reputation, they have become so ubiquitous that they are almost impossible to avoid. In this article, we’ll look at how tracking cookies track your web activity.
Types of cookies
First, let's take a quick look at the main types of cookies: temporary cookies and persistent cookies .
Persistent cookies are divided into two types:
If you are using a web browser, then you have probably already collected several cookies. Cookies are used to store information about websites: your registration information, what you have in the basket, which language you prefer, etc.
They are created by websites and stored in your browser until they expire.
Some cookies are harmless, and some remain active even on sites that they do not own, collecting information about your behavior. These are called persistent third-party cookies or, in a more colloquial form, tracking cookies .
Tracking cookies can be so aggressive that many antivirus programs classify them as spyware. Despite their poor reputation, they have become so ubiquitous that they are almost impossible to avoid. In this article, we’ll look at how tracking cookies track your web activity.
Types of cookies
First, let's take a quick look at the main types of cookies: temporary cookies and persistent cookies .
Persistent cookies are divided into two types:
- Primary cookie (first-party) - created by one website domain. The visitor requests it when he enters the URL into the address bar of the browser or clicks on the link. This is a cookie that is created by one domain and cannot be used by another. They can be stored on a computer for several days, months or even years.
- A third-party cookie (third-party) is a cookie that is created by one domain when a user enters another domain. Vivid examples of third-party cookies are retargeting and remarketing, pixels or tracking scripts for social networks and so on.
Session cookies (temporary cookies)
The most basic type of cookie is session (temporary). Session cookies exist only in RAM and are deleted when the browser is closed. Any cookie created without an expiration date is automatically session. A simple example of the use of a temporary cookie is to store data about the filling of a basket in an online store.
The main constant, the cookies have (persistent, the cookies have first-party )
Main files "cookie"are written to the device’s hard drive and have an expiration date. They are used only by the website that created them, and can be stored for a very long time. They remain on your device even after closing the web browser. One of the main purposes of persistent cookies is to create user convenience and save time.
The DC side, the cookies have (persistent, the cookies have THIRD, party- )
Third-party files "a cookie" , also known as trackingare the main topic of this article. They are also stored in the memory of your device and have a set expiration date. Unlike basic cookies, third-party cookies are created on a foreign site using various widgets (that is, by visiting such a site you hook the cookie of the site you visited, and also catch the cookie that was created by the widgets and belongs to another site). This allows the cookie creator to collect and receive data at any time when the user visits the page with the resource belonging to him (the creator).
Where are the third-party files "cookie"?
Today sites rarely consist solely of code and content, often they use the resources of other sites to create and add functionality to their web pages. These resources are often useful and even necessary, but unfortunately these same resources are often the biggest culprits of online tracking. A few examples of resources through which you can monitor the user:
The most basic type of cookie is session (temporary). Session cookies exist only in RAM and are deleted when the browser is closed. Any cookie created without an expiration date is automatically session. A simple example of the use of a temporary cookie is to store data about the filling of a basket in an online store.
The main constant, the cookies have (persistent, the cookies have first-party )
Main files "cookie"are written to the device’s hard drive and have an expiration date. They are used only by the website that created them, and can be stored for a very long time. They remain on your device even after closing the web browser. One of the main purposes of persistent cookies is to create user convenience and save time.
The DC side, the cookies have (persistent, the cookies have THIRD, party- )
Third-party files "a cookie" , also known as trackingare the main topic of this article. They are also stored in the memory of your device and have a set expiration date. Unlike basic cookies, third-party cookies are created on a foreign site using various widgets (that is, by visiting such a site you hook the cookie of the site you visited, and also catch the cookie that was created by the widgets and belongs to another site). This allows the cookie creator to collect and receive data at any time when the user visits the page with the resource belonging to him (the creator).
Where are the third-party files "cookie"?
Today sites rarely consist solely of code and content, often they use the resources of other sites to create and add functionality to their web pages. These resources are often useful and even necessary, but unfortunately these same resources are often the biggest culprits of online tracking. A few examples of resources through which you can monitor the user:
- advertisements
- Social network widgets (Like and Share buttons, comment sections, etc.)
- Web analytics
You don’t even need to open an advertisement or press the publish button on social networks so that information about cookies is transferred back to the server. As soon as you load the page, the cookie is automatically sent to the server on which it was created. If cookies do not exist yet, the resource will create them and then send them to the server.
Here are some companies that use tracking cookies:
Here are some companies that use tracking cookies:
- Addthis
- Adnxs
- Facebook
- Google
- Quantserve
- Scorecard research
- Twitter
- Yieldmanager
- Admob
- Adsensecustomsearchads
- Adwords
- Doubleclick
- Googleadservices
- Googleapis
- Googlesyndication
- Googletagmanager
- Googletagservices
- Googletraveladservices
- Googleuserconten
- Google analytics
- Gstatic
- Urchin
- Youtube
- Ytimg
- And many, many others ...
That third-party files "cookie" know about me?
Tracking cookies are commonly used for advertising purposes, in particular for retargeting. Retargeting is a tactic that often relies on tracking cookies to serve ads to people who have previously visited a particular site or have expressed interest in a particular product. If you've ever bought or just watched a product on Amazon, and then started seeing ads for similar products on other websites, you are targeted by retargeting.
At first glance, it seems that tracking cookies are not so dangerous, but these cookies can begin to collect a lot of information about how you view web pages, which pages, how often. Google ads are everywhere, and although it is the largest advertising company in the world, there are many other companies besides it. Because of this, all advertising companies can put together the history of which websites you visit, in what order, etc.
When cookies are sent back to their servers, they often contain information about a previous site that a user visited, called URL-Referer .
The browsing history is only the beginning. Tracking cookies can record all kinds of information: search queries, purchase information, device information, location, where you visit more often, which shops / restaurants you visit, when and where you saw the previous advertisement, how many times you saw the advertisement, what links you click, etc.
All this and much more is going in the background.
What is A "cookie"?
Cookies consist of only three elements: name, value and attributes. Using the Chrome extension EditThisCookie, we can see what they consist of:
Tracking cookies are commonly used for advertising purposes, in particular for retargeting. Retargeting is a tactic that often relies on tracking cookies to serve ads to people who have previously visited a particular site or have expressed interest in a particular product. If you've ever bought or just watched a product on Amazon, and then started seeing ads for similar products on other websites, you are targeted by retargeting.
At first glance, it seems that tracking cookies are not so dangerous, but these cookies can begin to collect a lot of information about how you view web pages, which pages, how often. Google ads are everywhere, and although it is the largest advertising company in the world, there are many other companies besides it. Because of this, all advertising companies can put together the history of which websites you visit, in what order, etc.
When cookies are sent back to their servers, they often contain information about a previous site that a user visited, called URL-Referer .
The browsing history is only the beginning. Tracking cookies can record all kinds of information: search queries, purchase information, device information, location, where you visit more often, which shops / restaurants you visit, when and where you saw the previous advertisement, how many times you saw the advertisement, what links you click, etc.
All this and much more is going in the background.
What is A "cookie"?
Cookies consist of only three elements: name, value and attributes. Using the Chrome extension EditThisCookie, we can see what they consist of:
The name (.hulu.com | _ga) is used by websites and advertisers to define cookies and what they are used for.
The (Value) component stores your unique advertising identifier so that the creator of the tracker can identify you when you visit other websites. Usually it looks like a random string of numbers and numbers, but in some cases it is not random and may contain encoded information, as described above.
Attributes include cookie characteristics such as:
The (Value) component stores your unique advertising identifier so that the creator of the tracker can identify you when you visit other websites. Usually it looks like a random string of numbers and numbers, but in some cases it is not random and may contain encoded information, as described above.
Attributes include cookie characteristics such as:
- When the cookie expires. If no expiration date has been set, the cookie closes when the browser is closed. Tracking cookies always have expiration dates.
- Can cookies be used by other domains.
- Can a cookie be sent over an insecure connection.
- Is it possible to access cookies through JavaScript.
Other tracking methods
Tracking through cookies is not a new technology. They have been used for more than ten years, and little has changed in their working mechanisms. Despite this, they provide a simple and accurate way to track and record user behavior on the Internet, and they will not disappear in the near future.
This does not mean that tracking cookies is the only way that third parties can track what you do on the Internet. In addition to cookies and device fingerprints, there are:
URL-Referer
The URL Referer is the web address of the previous website on which you clicked the link to go to the current website. For example, if you found Opencard.us using Google search and clicked on the link to this article in the search results, the URL for this page will belong to Google. URL Referer can be used for several reasons, and one of them is to record browsing history.
When cookies are sent to the server that created them, they often contain referrer URLs.
(Actually, it’s because of the URL-Referer that they advise you to log in not from the search engine, but from social networks, news sites, from links in the mail.)
Web beacon
Web beacons or so-called pixels (hi arbitration), are small snippets of code on web pages that check to see if you have accessed certain content. A web beacon is actually a generic term for several similar methods.
Web beacons can be hidden inside content elements of a web page, which makes it difficult to prevent them. They can be hidden inside images and other page elements in order to register user behavior and transfer this data back to the site owner.
Web beacons are usually used to check if someone who received the letter actually read it. By embedding a pixel tag in an email, the email must download a resource from a third-party vendor. When this happens, the resource may request the recipient's IP address, timestamp, browser type and whether the owner of the resource has set cookies in this browser. Like cookies, the server can store all this information and associate it with a unique tracking identifier for the user.
Cookie sync
Most tracking cookies can only be used by the domain that created them. Advertising companies are responsible for many domains that serve third-party cookies, each of which has its own database of user profiles and audience segments used for targeting.
Apart from Google, most of these advertising companies are not active enough to reach large parts of the network, which leads to gaps in their data. Therefore, the synchronization of cookies appeared - the practice of combining advertising data sets to create more accurate and complete user profiles, naturally for subsequent tracking.
The synchronization of cookies occurs when two advertising companies merge or acquire databases from each other. This consolidation helps them compete with Google, but also has a negative impact on user privacy.
remark
Do I need to load cookies when creating fresh savers? I think yes. How to walk them up - visit the largest sites, popular social networks, popular blogs, popular regional news sites. (IMHO).
I would like to write that when you argue “Sites do not seem to receive other people's cookies” or “Not all sites take browser fingerprints” and stuff like that - you forget that Anti Fraud is not an abstract site in a vacuum, it’s a system that fights fraud, and therefore it has a lot more authority than a regular site.
Just leave this picture here:
Tracking through cookies is not a new technology. They have been used for more than ten years, and little has changed in their working mechanisms. Despite this, they provide a simple and accurate way to track and record user behavior on the Internet, and they will not disappear in the near future.
This does not mean that tracking cookies is the only way that third parties can track what you do on the Internet. In addition to cookies and device fingerprints, there are:
URL-Referer
The URL Referer is the web address of the previous website on which you clicked the link to go to the current website. For example, if you found Opencard.us using Google search and clicked on the link to this article in the search results, the URL for this page will belong to Google. URL Referer can be used for several reasons, and one of them is to record browsing history.
When cookies are sent to the server that created them, they often contain referrer URLs.
(Actually, it’s because of the URL-Referer that they advise you to log in not from the search engine, but from social networks, news sites, from links in the mail.)
Web beacon
Web beacons or so-called pixels (hi arbitration), are small snippets of code on web pages that check to see if you have accessed certain content. A web beacon is actually a generic term for several similar methods.
Web beacons can be hidden inside content elements of a web page, which makes it difficult to prevent them. They can be hidden inside images and other page elements in order to register user behavior and transfer this data back to the site owner.
Web beacons are usually used to check if someone who received the letter actually read it. By embedding a pixel tag in an email, the email must download a resource from a third-party vendor. When this happens, the resource may request the recipient's IP address, timestamp, browser type and whether the owner of the resource has set cookies in this browser. Like cookies, the server can store all this information and associate it with a unique tracking identifier for the user.
Cookie sync
Most tracking cookies can only be used by the domain that created them. Advertising companies are responsible for many domains that serve third-party cookies, each of which has its own database of user profiles and audience segments used for targeting.
Apart from Google, most of these advertising companies are not active enough to reach large parts of the network, which leads to gaps in their data. Therefore, the synchronization of cookies appeared - the practice of combining advertising data sets to create more accurate and complete user profiles, naturally for subsequent tracking.
The synchronization of cookies occurs when two advertising companies merge or acquire databases from each other. This consolidation helps them compete with Google, but also has a negative impact on user privacy.
remark
Do I need to load cookies when creating fresh savers? I think yes. How to walk them up - visit the largest sites, popular social networks, popular blogs, popular regional news sites. (IMHO).
I would like to write that when you argue “Sites do not seem to receive other people's cookies” or “Not all sites take browser fingerprints” and stuff like that - you forget that Anti Fraud is not an abstract site in a vacuum, it’s a system that fights fraud, and therefore it has a lot more authority than a regular site.
Just leave this picture here:
This is not the largest Russian AF system, I do not think that EU or USA AF systems will suddenly lag behind this in terms of scoring.
Thanks for your attention.
All of success and profit!
All of success and profit!
Last edited: