Adtech Analysis

Advertisements on the internet are ever evolving. The ads I used to see were nothing compared to what I see now. I remember seeing the same generic ads on every webpage. They were hardly tailored to what I was interested. Now I feel as if they know too much of what I’m interested in. I’ve noticed that if I browse a website and click on an item, that item will appear in my ads.

Using Bill Fitzgerald’s guide to intercepting internet proxy, I investigated what exactly was being collected while browsing. I took a look using OWASP ZAP at Reddit and Twitter. These are my typical most looked at sites.

Right off the bat, I noticed in the 3rd ID that Reddit had known I was using a Mac with OS X 10.11. I previously mentioned in my advertiser profile post about how I noticed it that Facebook knew as well. I can see now exactly where they get that information from.

 I also noticed I got a request from ad.doubleclick.net who Fitzgerald had also mentioned in a article of his. as well as googlesyndication.

From Twitter, I found similar results on them being able to find out the type of machine I was using. I also found out that twitter uses twimg.com for their ad tech. That popped up a lot more than anything else when it was collecting.

After taking a slight look into this, I am well creeped out. I had previously done packet sniffing but I wasn’t exactly looking for ad information. The fact that this is all happening behind the scenes is what scares me the most. I would’ve probably been blind to this my entire life until someone had told me about it. Knowing this is that we’re not always private. You may think you’re doing harmless browsing but this could bite you in the butt eventually. Be wary. Be informed.

 

You may also like

1 Comment

  1. Hey – this is awesome! I am so glad to see the infosec primer getting used like this!

    If you want to have some extra fun, log into some school-provided services and see what trackers are in place there. While not all trackers are intrusive, it’s always a good idea to get a sense of what third parties are collecting information on you.

    Also, because you mention the fact that user agent and OS info are passed in the headers (ie, Mac OSX 10.11, with this version of your browser, etc): have you checked out https://amiunique.org/ ? It gives some details on browser fingerprinting, another method used to track us online.

    Cheers,

    Bill

Leave a Reply

Your email address will not be published. Required fields are marked *