AdNauseam
AdNauseam copied to clipboard
dhowe
ChannelID cookies allowed on Ad visits
Origin Bound Certificates (aka ChannelID) are persistent self-signed certificates identifying the client to an HTTPS server, envisioned as the future of session management on the web. A separate certificate is generated for every newly encountered domain and reused for all connections initiated later on.
By design, OBCs function as unique and stable client fingerprints, essentially replicating the operation of authentication cookies; they are treated as “site and plug-in data” in Chrome, and can be removed along with cookies.
Uncharacteristically, sites can leverage OBC for user tracking without performing any actions that would be visible to the client: the ID can be derived simply by taking note of the cryptographic hash of the certificate automatically supplied by the client as a part of a legitimate SSL handshake.
ChannelID is currently suppressed in Chrome in “third-party” scenarios (e.g., for different-domain frames).
Import the following ad to reproduce:
{
"https://www.google.com.hk/?gfe_rd=cr&ei=U1ofWOWTEq7Y8ge9g4EQ#q=credit+card": {
"google.com.hk::www.hangseng.com/enjoycard::享全年折扣優惠及賺2x enJoy Dollars ,網上申請可享高達$300 enJoy Dollars::恒生enJoy卡永久免年費 - hangseng.com": {
"id": 7,
"attempts": 0,
"visitedTs": 0,
"attemptedTs": 0,
"contentData": {
"title": "恒生enJoy卡永久免年費 - hangseng.com",
"text": "享全年折扣優惠及賺2x enJoy Dollars ,網上申請可享高達$300 enJoy Dollars",
"site": "www.hangseng.com/enjoycard"
},
"contentType": "text",
"title": "恒生enJoy卡永久免年費 - hangseng.com",
"resolvedTargetUrl": null,
"foundTs": 1478449752801,
"targetUrl": "https://www.google.com.hk/aclk?sa=L&ai=DChcSEwjS0J3CxpTQAhWJALwKHWoSCQ4YABAG&sig=AOD64_1Wf4eiYqkQAYkZOixfOd_MAk7bnA&q=&ved=0ahUKEwiQ1JrCxpTQAhVIyrwKHZUZCUgQ0QwILQ&adurl=",
"pageTitle": "Google",
"pageUrl": "https://www.google.com.hk/?gfe_rd=cr&ei=U1ofWOWTEq7Y8ge9g4EQ#q=credit+card",
"errors": null,
"current": true,
"pageDomain": "google.com.hk",
"version": "2.3.83",
"targetDomain": "google.com.hk"
}
}
}
