Search code examples
javascriptimageipserver-side-scriptingspying

How do i monitor when and where an image from my server is loaded?

Almost all of us have heard of services like spypig . I was wondering how do they track client's IP when an image from their server get loaded. To do the same I made an aspx page with Response.ContentType = "image/png" but for this my link goes as

www.something.com/imagePage.aspx?id=rndmval

Is there any method by which whenever an image from my server say "mysite.com/images/me.gif" gets loaded on a system i get notified with the ip of that system? Its similar to monitoring an image. I like the way spypig works, it can monitor an image whenever it gets loaded on any browser. Does anybody know how do they do that???

Solution

  • You get the request, extract the IP address of the client from the request (not sure how to do that in ASP, but there certainly is a way to do that) and store it in a database / send an e-mail / whatever..

    No need to set Content-type to image/png, it's just a nicer way to tell the browser, who is expecting an image, "here it is your image", but unless you return an actual 1x1 PNG image, it doesn't make much sense.

    Update

    The IP address should be contained in:

    Request.ServerVariables("remote_addr")

    If you want a "clean" url, such as http://example.com/path/to/image.gif, you have to do something webserver-side; one common hack used in PHP is to make the web server "rewrite" a request to /path/to/non-existent/file to something like /path/to/my/script.php?path=/path/to/non-existent/file, not sure how to do that with ASP/IIS though...

    Update: How does spypig work

    They give you an "image to be put in emails", that is, an <img> tag with a src="" pointing to some page on their server, containing a unique identifier in its name, for example:

    http://example.com/track-user.asp?id=ABCD12345678

    Once the user opens the email containing the image (beware that most email programs require the user to click "load external content" before images are actually loaded -- that is, an anti-tracking measure), a request is sent to the server which stores somewhere a record containing the id, date, ip address and any other interesting information.

    Knowing who you sent a certain id to, you can track which is the e-mail that got opened.

    (one common trick to get the user click on "load external images", is to send an e-mail that heavily require images to display properly, so the user is encouraged to load them -- and get tracked).