Cookie-Stuffing Targeting priceline.com
Cookie-Stuffing Targeting Major Affiliate Merchants - Ben Edelman

This page reports cookie-stuffing by findsavings.com, targeting priceline.com. In my testing, this is but one of many affiilate web sites targeting this and other merchants.

As of November 7, the http://www.findsavings.com/Priceline-Coupons.asp page was #9 in Google results for "priceline coupon" (without quotes). This latter URL included the following JavaScript code, which opened a CJ BFAST tracking link in a new window:

<script language="javascript">
//<!--
function Popup2()
{
width=350;
height=200;
winName="Popup";
pageToLoad="http://service.bfast.com/bfast/click?bfmid=37923709&siteid=40001021&bfpage=vacation3&bfinfo=FS_";
xposition=(self.screen.width-width)/2;
yposition=(self.screen.height-height)/2;
args="width="+width+","+"height="+height+","+"location=1,"+"menubar=1,"+"resizable=1,"+"scrollbars=1,"+"status=1,"+"titlebar=1,"+"toolbar=1,"+"hotkeys=1,"+"screenx="+xposition+","+"screeny="+yposition+","+"left="+xposition+","+"top="+yposition; wh=open(pageToLoad,winName,args);
//wh.blur();
window.focus()
}
timer=1;
setTimeout("Popup2();",timer*1000);
//-->
</script>

I captured the resulting on-screen display in a video (WindowsMedia format, view in Full Screen mode). I also preserved a full packet log of these findings.