Cookie-Stuffing Targeting oreck.com
Cookie-Stuffing Targeting Major Affiliate Merchants - Ben Edelman
This page reports cookie-stuffing by 1couponstop.com, targeting oreck.com. In my testing, this is but one of many affiilate web sites targeting this and other merchants.
The /store/Oreck URL performed a HTTP 302 redirect to a QKSRV affiliate link:
GET /store/Oreck HTTP/1.1
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
HTTP/1.1 302 Found
Date: Thu, 04 Nov 2004 23:33:17 GMT
Server: Apache/1.3.31 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 FrontPage/188.8.131.5234a mod_ssl/2.8.19 OpenSSL/0.9.7a
Keep-Alive: timeout=15, max=96
I captured the resulting on-screen display in a video (WindowsMedia format, view in Full Screen mode). I also preserved a full packet log of these findings.