How ChatGPT Serves Ads: The Full Attribution Loop Revealed

Key Takeaways

• ChatGPT injects ads into conversation streams using structured single_advertiser_ad_unit objects with four encrypted tokens per ad
• Ads are contextually targeted to conversation topics. A Beijing trip discussion triggers Grubhub Chinese food ads and GetYourGuide tour promotions
• OpenAI hosts all advertiser creative assets on its own CDN and opens ad links in an in-app webview to track post-click behavior

Inside OpenAI's Two-Sided Ad Platform

OpenAI's advertising system operates on two fronts. On the ChatGPT side, the backend injects structured ad objects directly into the conversation stream while the model generates responses. On the merchant side, a tracking SDK called OAIQ runs in visitors' browsers and reports product views back to OpenAI.

The two halves connect through Fernet-encrypted click tokens. Each ad carries four of them. A researcher captured both sides of this system using what they describe as a "consented mobile-traffic research fleet." Everything documented comes from observed network traffic.

How Ads Enter the Conversation Stream

When you send a message to ChatGPT, the backend opens a Server-Sent Events (SSE) response at chatgpt.com/backend-api/f/conversation. Most events in that stream contain model output. Some are ad units.

The ad objects use a typed schema called single_advertiser_ad_unit. The naming suggests OpenAI has built or plans to build related schemas. A multi-advertiser variant seems likely based on the naming convention.

Each ad contains an advertiser_brand object with a stable per-merchant account identifier formatted as adacct_ followed by 32 hexadecimal characters. Grubhub, for example, appears with the ID adacct_6984ed0ba55481a29894bb192f7773b4.

The Four Encrypted Tokens

Each ad carries four Fernet tokens: ads_spam_integrity_payload, oppref, olref, and a base64-wrapped ad_data_token. These use AES-128-CBC encryption under a server-only key with HMAC-SHA256 integrity verification.

The encryption serves attribution. When a user clicks an ad, these tokens tie the click back to the original impression. OpenAI can verify the click is legitimate and track the full journey from ad view to merchant site.

OpenAI Controls the Creative Assets

Brand favicons and ad images load from bzrcdn.openai.com. OpenAI hosts the advertiser's creative assets rather than pulling them from merchant servers. This gives OpenAI control over load times, caching, and tracking.

The target.open_externally field is set to false in observed ads. This opens links in ChatGPT's in-app webview instead of the system browser. OpenAI can observe post-click navigation on top of any pixel signal the merchant deploys.

Contextual Targeting in Action

A single account in the research panel received six different ads across six conversations on six different topics. The targeting matched conversation content closely.

• Beijing trip planning (Great Wall, Forbidden City): Grubhub delivered "Get Chinese Food Delivered"
• Beijing tour bookings: GetYourGuide showed a Great Wall tour with ad_id=beijing003
• Beijing flights: Axel appeared with utm_term=vflight_beijing_03
• NBA playoffs: Gametime ran with utm_campaign=nba&utm_content=playoffs
• Spring fashion/trends: Aritzia used utm_campaign=chatgptpilot_trav3
• Productivity/slides: Canva appeared with a link-clicks_products campaign

Same account, different topic, different brand. The system reads conversation context and selects relevant advertisers. A Beijing travel discussion triggers both travel bookings and Chinese food delivery. Productivity chat surfaces Canva.

The Merchant-Side Tracking SDK

OAIQ runs in visitors' browsers on merchant sites. It reports product views back to OpenAI, completing the attribution loop. When someone clicks a ChatGPT ad, lands on a merchant page, and views products, OpenAI sees that journey.

The UTM parameters in observed ads follow a consistent pattern. ChatGPT campaigns use utm_source=chatgptpilot and utm_medium=paid. Campaign names reference the advertiser's vertical and target keywords.

What This Means for Advertisers

The infrastructure suggests OpenAI is building a full-stack ad platform, not just sponsorship placements. Advertisers get contextual targeting based on real-time conversation topics. They get click attribution through encrypted tokens. They get conversion tracking through the OAIQ SDK.

The in-app webview is notable. By keeping users inside ChatGPT after clicking, OpenAI maintains visibility into post-click behavior. This competes with the cross-site tracking that browsers have been restricting.

Privacy Considerations

The system reads conversation content to select ads. OpenAI has acknowledged contextual advertising in ChatGPT, but the technical details here show the depth of integration. Ads arrive in the same stream as model responses.

The researcher captured this traffic through a "consented mobile-traffic research fleet." The findings show what's technically happening, not whether OpenAI properly discloses it to users.

Frequently Asked Questions

Does ChatGPT show ads to all users?

The researcher's findings come from observed traffic in a research panel. OpenAI has acknowledged testing ads in ChatGPT, but rollout details vary by user tier and region.

How does ChatGPT target ads?

Ads are contextually targeted based on conversation topics. A discussion about Beijing travel triggered food delivery and tour booking ads. NBA playoff chat triggered ticket marketplace ads.

Can advertisers track conversions from ChatGPT ads?

Yes. OpenAI's OAIQ SDK runs on merchant sites and reports product views back to OpenAI. Combined with encrypted click tokens, this creates full attribution from ad view to conversion.

Does OpenAI host advertiser images?

Yes. Ad images and brand favicons load from bzrcdn.openai.com, not merchant servers. OpenAI controls the creative assets.

Do ChatGPT ad links open in a browser?

Observed ads had open_externally set to false, meaning links open in ChatGPT's in-app webview rather than the system browser. This lets OpenAI observe post-click navigation.

Source: Hacker News: Best