Web cookie and tracking methods supported by WebCookies.org engine
WebCookes.org uses a number of advanced techniques to capture as many cookie storage methods as possible. At this moment the following web cookie technologies are supported:
- HTTP cookies set using HTTP
Set-Cookieheader — using both direct HTTP response analysis as well as full-page rendering with DOM cookie jar check.
document.cookieproperty — using full-page rendering with DOM cookie jar check.
localStorage— using full-page rendering with DOM localStorage check.
sessionStorage— using full-page rendering with DOM
- Adobe Flash Local Shared Object (LSO) — using SWF static analysis.
- Adobe Flash Remote Shared Object (RSO) — using SWF static analysis.
- Tracking pixels — GIF and PNG images sized 1x1 pixel loaded from third-party domains
- Social media logins and SDK — code snippets from popular social media (Facebook, Twitter) that tracks users registered with these networks
- Cookie matching — technique to ensure persistence of unique identifiers assigned to users by advertising companies even if users delete cookies
In addition to these checks WebCookies.org engine performs the following checks:
- HTTP security headers checks
- SSL/TLS secure configuraton checks
- Detection of URLs known for phishing or malware distribution
- Detection of blacklisted domains
- Detection of advanced user tracking methods
- Analysis of advertising publisher identifiers and checking for ads.txt file
The Chromium project has a good Technical analysis of client identification mechanisms.