Exploit: Knowing the Websites your Visitors visit
By Steve Poland • January 21, 2009
I’m cleaning up house and this was an idea from back in May of this year. It’s not really an idea — more of a bunch of ideas for this browser DOM exploit that was written about here on ReadWriteWeb.
It’s an exploit that can help you better understand visitors of your website; and could be powerful for a behavorial ad network. With it, you could learn more about each individual visitor – including their demographics (kind of), by knowing what sites they visit. For example, you could load up an IFRAME with 100 links in it that you already know the typical demographic classification of, check which sites the user has visited, and profile that user to be ‘18-24′, ‘male’, ..etc. If the user has visited a ton of girly websites in your list, then you can make the assumption they are female, and can likely target them better with advertising.
Primary use idea, which could be somewhat of a ‘Lookery‘ script (although they likely are doing a better job; but if they don’t have data on a particular visitor, then this script could be good):
- A website (Publisher) puts our JS snippet of code in their website; we host the JS. In the admin, the Publisher input the webpages/URLs they want to track, to see if the user has visited those webpages/URLs. If the user has visited a webpage/URL specified, they can have the experience customized to the user.
- We will also classify the user in a demographic, based on seeing whether the user has been to various websites. [i.e. 'male', '18-24', etc]
- The website can also allow advertising to occur on their site — thus, Publishers can specify webpages/URLs that users have visited in past, and if there’s a match, we display ads that do PPC or CPM of the ads to those users. We’d specify certain ads to display based on certain combinations [i.e. display ad1 if user has just been to 'match.com'; but display ad2 if user has also been to 'true.com'].
Other ideas of use:
- a JS snippet hosted by me, that blogs/websites can install that will track the users habits of where they go. The blog/website can login and then see demographic data on their users.
- a JS snippet hosted by me, that displays ads [CPA?] to a user based on their demographic data and historical site viewing habits. Could display a 300×250 that the website designates to us. If we don’t have an ad for that user, they display AdSense or something else.
- Advertisers can login to our system, specify users they want to target (those that have visited ‘match.com‘ and ‘plentyoffish.com‘), and pay on a CPM basis??? Or they bid on a PPC basis — we display the ads we feel will have higher CTR based on the profile of the user [and the sites they have visited in the past].
Advertising ideas:
- If user has been to dating websites, show them a deal on other dating websites.
- If user has been to USA Today — the NYTimes might pay to have themselves displayed to that user. [Allow websites to "steal" users]
What do websites already know about their users?
- where they are referred from.
- mybloglog — can tell you other sites your users visit.
What this hack CAN NOT tell:
- frequency of use of a website.
- last visit of a website [unless that website has our JS installed].
- webpages the visitor viewed on a website (unless you specific a specific URL to a specific webpage in the script).
Update: Scott Rafer of Lookery comments on this post.
Related posts:
- IDEA #15 – Ads on Websites Replaced This idea would really shake a few things up. Users would install a plugin to their web browser (which can be a tricky proposition — needs to be real value to user in order to...
- SHARE: Web Start-Up Idea Websites I drifted over to Techquila Shots reader Timothy Chen’s website, “Idea is Queen!” where he is writing out his ideas. What other websites do you read that are brainstorming web-based start-up ideas? Or (links for)...
- ClickJacking – ideas for this sneaky hack (Twitter, etc) Here we go with another little browser exploit/hack. It’s called ClickJacking and as Scott Jangro puts it, “like carjacking, but with clicks.” Scott has a great post with a screencast that shows how ClickJacking works....
- Web2.0forsale.com Launches – Sell Web 2.0 Websites I have launched a new website, Web2.0forsale.com, focused on the buying/selling of “Web 2.0″ websites. Feel free to also sell just programming code, prototypes, domain names, or other related products/services. You can also post ‘wanted’...
- 10 Twitter Hack Start-Up Ideas 10 Twitter application ideas — with or without their API are below. Be sure to throw some Google AdSense around any of these ideas to get a little monetization out of your project. digg interface...
Related posts brought to you by Yet Another Related Posts Plugin.
Comments
2 Responses to “Exploit: Knowing the Websites your Visitors visit”
Got something to say?
Hi Steve,
We appreciate the mention. I would like to emphasize two things:
1. The DOM exploit you mention isn’t anything that Lookery would ever do. We avoid scraping pages *completely* to avoid picking up any PII. Keeping Lookery’s system completely privacy-safe is critical to us.
2. The version of behavioral targeting in which “we can figure out your profile from where you’ve surfed” isn’t one that we like the economics of — nor should you or your readers. Your costs will outstrip the lift no matter how big you scale it. You’ll just never catch up.
[...] a cookie gets set on the user’s machine. Of course, I’d tie this script in with the DOM hack that can tell you what websites the user has visited in the past (i.e. [...]