Forter is a fraud prevention vendor for ecommerce sites. They collect a large number of signals in JavaScript to decide whether to allow a transaction or not. I hacked together a script [1] again using Jarrod Overson’s great shift-refactor library. A sample of their code can be found at [2]....
[Read More]
Analysis of a Commercial Browser Fingerprinting Service
Augur (2013-2017) was a commercial browser fingerprinting service, offered primarily to AdTech companies. In this post I will analyze their tracking script and describe how it works and what information it collects. The original copy of the script (https://cdn.augur.io/augur.min.js) is no longer up; however, the Internet Archive still has a...
[Read More]
Understanding Distil Networks Anti-Bot Code
Introduction I was browsing Whitepages when I noticed a request to https://www.whitepages.com/dstl-wp.js[1]. After beautifying the code, I found the string “Distil” in the code many times. “Distil” refers to Distil Networks, one of the leading bot detection vendors until its acquisition by Imperva in 2019. Whitepages seems to use them...
[Read More]