Cookie-Stuffing Targeting toshiba.com
Cookie-Stuffing Targeting Major Affiliate
Merchants - Ben Edelman
This page reports cookie-stuffing by consumernow.com, targeting toshiba.com. In my testing, this is but one of many affiilate web sites targeting this and other merchants.
As of November 4, the http://consumernow.com/Toshiba_coupon page was #5 in Google results for "toshiba coupon" (without quotes). The specified URL included the following JavaScript code, which opened a CJ tracking link in a new window:
<script language="javascript">
<!--
w=window.open('http://www.consumernow.com/coupon/Toshiba','Toshiba_coupon');w.blur();
//-->
</script>
The /coupon/Toshiba URL performed a HTTP 302 redirect to a QKSRV affiliate link:
GET /coupon/Toshiba HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
Host: www.consumernow.com
Connection: Keep-Alive
HTTP/1.1 302 Found
Date: Thu, 04 Nov 2004 15:39:15 GMT
Server: Apache/1.3.31 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4
PHP/4.3.9 FrontPage/5.0.2.2634a mod_ssl/2.8.19 OpenSSL/0.9.7a
X-Powered-By: PHP/4.3.9
Location: http://www.qksrv.net/click-517038-10301412
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
12
<h1>Link Sent</h1>
0
I captured the resulting on-screen display in a video (WindowsMedia format, view in Full Screen mode). I also preserved a full packet log of these findings.