your tracking ID is:
This is a small proof-of-concept for a revived variant of EverCookie based on a cached image.
It's a simple/typical case scenario, without any fireworks. Removing relevant origin cache will kill the tracking cookie, but you have to know which one...
Steps to reproduce (e.g. Chrome):
- Enter this website - you will get your tracking ID cookie
- Remove the 'cookieTracker' cookie and website cache - in e.g. Chrome DevTools (Application->Storage->"Clear Site Data"
- Refresh this website - you will see the previously issued tracking ID
How this POC works :
- User visits e.g. http://evercookie.0x41.link/img/.
- An iframe is created that points to another origin with an inlined SVG image that executes JavaScript - this image is cached
- Parent window retrieves the identifier from the IFRAMED image (which is taken either taken from cache or backend)
How to mitigate this:
This depends on which browser you are currently using... but clearing site cache should do it in most cases (not all though).
All major browsers are affected (04/04/2021)