A 180solutions ad for Hawaiian Airlines, covering substantially all of Delta.com.
A 180solutions drive-by installation. If the user presses "yes," then 180 software will be installed. Note absence of any reference to a license agreement.
A 180solutions double display -- of the original HSN site plus HSN reached through an affiliate link directing commissions to 180.
A partner bundling 180solutions software without prominent disclosure.
A partner bundling 180solutions software without prominent disclosure. This is the first of 54 pages of End User License Agreement text.
A partner bundling 180solutions software without prominent disclosure. This is approximately the 16th of 54 pages of End User License Agreement text.
A 180solutions double display -- of the original gateway.com site, plus gateway.com reached through an affiliate link.
A 180solutions double display -- of the original store.apple.com site, plus store.apple.com reached through an affiliate link.
A 180solutions double display -- of the original tgw.com site, plus tgw.com reached through a 180 advertiser affiliate link.
A 180solutions double display -- of the original valuemags.com site, plus valuemags reached through a 180 advertiser affiliate link.
A 180solutions double display -- of the original fogdog.com site, plus fogdog reached through a 180 advertiser affiliate link.
A 180solutions double display -- of the original freshpair.com site, plus freshpair reached through a 180 affiliate link.
A 180solutions double display -- of the original lillianvernon.com site, plus lillianvernon reached through a 180 affiliate link.
A 180solutions double display -- of the original motherwear.com site, plus motherwear reached through a 180 affiliate link.
A 180solutions obfuscated decoy display -- of the original crucial.com site, plus etronics reached through an affiliate link within a hidden frameset.
This page shows specific network transmissions that implement 180's double-popup
cookie-stuffing, targeting a request for valuemags.com made at approximately
4pm (Eastern) on July 24, 2004. See also a video (WMV
format, view in full-screen mode, warning: >1MB) confirming what took
place, including showing my Cookies folder before and after receiving the 180solutions
popup. The thumbnail at right shows the final on-screen display -- the valuemags.com
site, covered in part by the double popup that reached valuemags.com through
an affiliate link.
Other Targeted
Merchants: Double and Silent
Popups
In this example, I sought to document how 180 (and its advertisers) can overwrite
cookies set by other affiliates. My testing proceeded in the following way:
I cleared my cookies, such that any cookies set on my PC were set in the
course of the testing shown in my video.
I browsed to dealhunting.com, an ordinary affiliate site that links to valuemags.com
via an affiliate link. I clicked through that affiliate link, yielding the
two HTTP communications shown in HTTP Transaction 1 (with
original affiliate link shown in red highlighting), setting the "2vRI"
and "2viJ" cookies shown in blue highlighting.
I briefly browsed the valuemags.com site. (Network logs omitted for brevity.)
In HTTP Transaction 2, Zango (installed on my PC) asked
180solutions' web servers for an ad to be shown -- sending the valuemags.com
trigger (as shown in yellow highlighting), and receiving a URL to dealsavings.com
in response (purple highlighting).
In HTTP Transaction 3, Zango loaded the specified dealsavings.com
page in a new window. Via a META REFRESH tag (orange highlighting), the page
redirected the new window to a Performics affiliate link which in turn sets
a "2vd9" Performics cookie (HTTP Transaction 4)
(cookie in blue highlighting).
Observing my cookies (cookie listing), I see that at the
end of the events described above, my Performics cookie (blue highlighting)
included a reference to the "2vd9" affiliate cookie set by the redirect
link from the dealsavings page. However, I see no surviving reference to the
"2vRI" or "2viJ" affiliate cookies set from the original
dealhunting.com page.
Consistent with the rest of my site, the network logs below omit my DUID (my
unique 180solutions user ID number).
In my testing of July 24, 2004, valuemags.com is but one of many merchants
that remain targeted by 180solutions double popups. Some targeted merchants
use affiliate networks; others run in-house affiliate programs. Some double
popups (including this one) reach affiliate links through redirect servers,
while others entail 180solutions sending users directly to an affiliate link
via no other intermediaries.
GET /showme.aspx?keyword=valuemags.com&did=762&ver=5.11&duid=531byhiprtvdgvadrfmfcgtxxyrjmg
&partner_id=195252523&product_id=762&browser_ok=y&rnd=24&basename=zango
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</HEAD>
<body>
<SPAN class="957085619-06032003"><FONT face="Arial"
color="#ff0000" size="5">Thank you
for your patience. You will be redirected to your destination site
in a
few seconds.</FONT></SPAN>
</body>
</HTML>