Hi malware fighters,
You can test Fx here. You need to refresh the page twice to see the third party cookies.
» www.grc.com/cookies/forensics.htm
-
Delete any cookie on your machine associated with the clickserve.cc-dt.com domain (in IE, the cookie will be named “link”, in Firefox you should be able to find it by the domain).
-
Instruct your browser to block third party cookies
a. In IE, Tools → Options → Privacy, override default settings, block third party cookies
b. In Firefox, open preferences, view the privacy tab, check “for the originating site only”
-
Point your browser at this page: http://lea.freeshell.org/revenews-example.html - the page has an IFrame that is a reference to the Performics tracking server.
-
Check for the cc-dt.com cookie. It should not be there. The IFrame is third party content since the page is hosted at lea.freeshell.org.
-
Now, click this link: http://clickserve.cc-dt.com/link/click?lid=41000000009104360 (This is a live link from Performics’ network associated with a test account used for troubleshooting so no-one is making any money off this in case you were wondering).
-
Go back and look for a cookie from cc-dt.com (in IE, the cookie is named “link”).
I’m willing to bet that it’s there. The first example attempts to set a cookie from a third party context, the second sets the cookie from the first party context. The user is in fact requesting to visit Performics’ server directly (cc-dt.com) prior to being redirected to the merchant site.
Thank you for testing, know with No-Script installed there is no issue…
polonus