: Quantcast http://pixel.quantserve.com/pixel request 302 redirects to Facebook and other ad networks I just spent a few hours investigating what I thought might be a malicious Chrome extension (using

@BetL925

Posted in: #302Redirect #Analytics #Quantcast #Tracking

I just spent a few hours investigating what I thought might be a malicious Chrome extension (using developer tool to audit them, highly recommended!), an ISP/DNS injection issue, or a malware infection, but best I can tell this is occurring as a legitimate response from Quancast's pixel servers. I have now been able to reproduce the issue on multiple computers, browsers, and ISPs, and am fairly confident that the responses are coming from their servers; I just don't know why. After checking their FAQ and Privacy Policy I don't see see any details about this type of activity, and am very concerned about why these redirects to 3rd party trackers are being occasionally injected into our web site and what information is being gathered on our users.

While visiting area51.stackexchange.com one of our employees noticed an odd request to ad.360yield.com, which appears to be an analytics company called Improved Digital. While investigating I found that requests to pixel.quantserve.com/pixel were occasionally getting 302 redirect responses to various ad networks and analytics companies. Easiest way to test this was visiting a Quantcast directly measured site like SO/SF/SE and using the network tab of the F12 developer tools (with "Disable cache" checked) to check for suspicious domains (right click header to add this column) or unexpected 302 responses from the pixel request. So far I have been able to see the following 302 responses occur:

ad.360yield.com/match?publisher_dsp_id=... (this one captured in IE)


and another 360yield when visiting Stack Overflow homepage:

facebook.com/tr?id=....&cd[prospecting]=T-.... (WHY IS THIS ON AREA51?)


stags.bluekai.com/...?id=... (analytics company acquired by Oracle)


bh.contextweb.com/bh/rtset?do=add... (this one captured using fiddler proxy)


tap.rubiconproject.com/oz/feeds/quantcast-pmp/tokens?afu=...


I also saw redirects to: analytics.twitter.com, ads.yahoo.com, e.nexac.com/e/quantcast_sync.xgi, ce.lijit.com, x.bidswitch.net, delivery.swid.switchads.com, rtb-csync.smartadserver.com, and soma.smaato.net

It appears this has been happening at least since December 2014, but I haven't been able to find any information about why Quantcast redirects to 3rd party trackers other than this short blurb from Ghostery (bonus that link also has opt-out and privacy contact details):


We believe this company facilitates or engages in 3rd party interest-based targeting.


So my question is: By opting in to Quantcast's "Measurement & Insight" services, which shouldn't require them linking to multiple 3rd party trackers, to what else have we exposed our users?



Dec 16 2015 Quick update: We just had a great meeting with Quantcast about how their beacon works. They gave a high level explanation of the process and plan on providing more technical details as an answer here once they have some time to write up a response. If any webmasters have further questions I recommend contacting your account representative or using their contact form.

They also indicated that the beacon can be disabled via the settings section of our Quantcast profile and that turning it off will not impact our use of the Quantcast Measure service. We feel confident that there is nothing nefarious occurring as they do have safeguards in place to protect user privacy and do not explicitly use SO/SE (or any specific site) user traffic directly in any targeting algorithms. But we appreciate the ability to opt out of the beacon and plan on turning it off.

Vote Up Vote Down

Login to post a comment!