- This topic has 8 replies, 4 voices, and was last updated 18 years, 10 months ago by
.
-
Posts
-
First of all, let me just say that I’m relatively new to AIM. So please excuse me.
First let me explain the scenario: I signed in to AIM, and saw that my ex-gf was online. I was going to IM her, but lost my nerve. So clicked that little (i) beside her screenname. This brought up her “Buddy Profile”. To the right was ‘buddy updates’ and to the left was what looked like an HTML version of her profile. Me, being as curious as a cat, clicked the “View Aim Page” link at the top right of the buddy profile box. So this brought up her profile. She has an AimPages.com profile. So I poked around there for a little while. Then I lost interest and got off.
But about an hour later, I get a random IM on MSN from here. And we haven’t spoken in literally aaaages. This was -very- awkward for me. So then I suspected that she must have know somehow that I was looking at her profile.
Now, I’ve been doing some research and it looks like you have to click something in the profile in order to be tracked. I clicked the “View AIM page” in the “Buddy Profile”. Does this mean that I was tracked??
Thanks in advance, pleeeease help me!!
PS.
Is it possible they’ve included a tracker of some sort in their profile?? I can give you the source and you can look, or you can tell me what to look for… Thanks alot giuys.The URL looked something like this in my browser.
https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=www.aim.com&siteState=OrigUrl%3dhttp%3A%2F%2Faimpages%2Ecom%2F{{{insert their sn here}}}%2Fprofile%2Ehtml&mcState=doAAMAuth&authToken={{{Token}}}
Josh
Most of the time, people ask if they’ve been tracked just by looking at the default AIM profile, and the answer is always a resounding no. The default AIM profile doesn’t support the kind of code necessary to track anyone.
But… if you clicked a link to view some alternate version of the profile, it’s possible that you were tracked. AIMPages is basically the AIM equivalent of MySpace (from what I can tell). I’m not familiar with AIMPages, but it is definitely possible that she’s able to see who views her AP profile.
Would it be the clicking of the “View Profile” that I was possibly tracked? Is there any particular code that I should look for in the source that would tell me if I was tracked? There are no references to off-site scripts that I could find (like .js etc.) only refs of ones from AOL.
The link that said “View AIM Page” is the one that mattered. Just viewing her regular profile (the one you see from inside AIM) won’t do it. If you view a profile in a browser, though, it’s possible that the view was logged.
I’m not sure how the AIM Pages profiles track visitors. There’s lots of ways to do it — javascript (.js) like you suspected, but you could also track through PHP or ASP, neither of which would have “scripts” that you would be able to see in the source.
I’m not sure how it would trace the view to you though, since I don’t see any other screennames in that URL you provided. I wonder if it’s just a referral tracker of sorts. Like I said, I’m not familiar with AIM Pages at all, so I’m just guessing here.
oh, and welcome to BBB!
Hmmm… I’m starting to think that it was just a coincidence. The link has no screen name in it, so there would be no way of knowing. I don’t think AIM Profiles allow PHP editing, or anything but HTML (correct me if I’m wrong, though, as I’m new to AIM). And I can’t see a tracker in the source.. (looking for ones similar to the myspace trackers, in and
etc.)
Probably just a coincidence.
Thanks,
Josh
bear in mind though, not all tracking requires an object or embed or anything like that. a while ago i had a tracker on my own site that i wrote myself in PHP — it didn’t show up if you looked at the source, it was just there.
and she wouldn’t necessarily need to know how to write it herself; it might just be part of the aim pages.
or it could be a coincidence.
Tigerblade, im trying to understand what ur saying in this post, are u saying u made an invisible counter/tracker? whats php? what do mean by writing? b/c me and you have gone a few rounds on this topic of viewing profiles and the possibility of being secretly tracked, and i was feeling good about the resounding no’s, but this post, (hopefully im misunderstanding it) sounds like embedded secret trackers are out there?
PHP is a fairly predominant web scripting/programming language. You can learn about it on PHP.net or at Wikipedia.
It’s server-side, meaning it runs on the server before anything is sent to your browser. As opposed to something like Javascript, which is client-side and runs on your computer; Javascript is embedded in the HTML and runs after the server sends your browser information. PHP can be used to generate the page content itself. For example, my personal site is built in PHP — anytime I post an entry, anytime someone comments, etc, it triggers PHP scripts that save the entry/comments to a database, update the RSS feed, etc.
The tracker I wrote for my site was simple — anytime someone accessed my site, it opened a text file and added a line with the person’s IP address (just so I could tell visitors apart — meaning, I recognized my own visits versus visits by other people), time of access, the page they were at, etc. It never sent any information to the browser to display, so effectively yes it was “secret.”
However, what I was trying to say in my above post was that the AIM Pages may have been designed with a tracker like this. It’s unlikely, but possible. I don’t know what language the AIM Pages software was written with, but it’s possible that they did include some way of tracking views, especially if you followed a link from someone’s profile.
I highly doubt she would have been able to add one, since MOST if not all online services like this would never allow users to input their own scripts. It could be a disaster if someone felt like being devious.
Gah. Long story short, it’s possible (but not likely) that there’s something going on server-side that could track views, but since the link you provided above doesn’t include your own screenname, it’s likely that it was just a coincidence.
As an appendage to TigerBlade’s post, there are HTTP headers able to be requested using PHP. You can grab their IP, screen name, version of AIM (and I can’t remember what else) just by the person clicking on a link that opens up in the AIM Today window…the link itself contains nothing that can identify you; PHP is what does that work, and pages embedded with PHP look just like a normal webpage.
It looks harmless when it’s opened up through the AIM TOday window, but if the person is sent to a website, they’re less likely to go again from fear of being tracked. It’s more comforting for the subprofile (in your case the aimpages.com profile) to open as part of AIM, and without any uniquely identifiable information…like those links that have your screen name at the end.
I think that person might be using the HTTP header request in the page you went to, but you won’t be able to view it as part of the html of the page, because PHP code is all hidden and processed on the server’s side, then sent to you as a standard-looking webpage.
It’s a bit late, so I don’t know how much of that is rambling versus how much is understandable. You follow me, Slick?
- You must be logged in to reply to this topic.