You are viewing alienghic

Auto-affiliate

« previous entry | next entry »
Apr. 22nd, 2010 | 04:21 pm

I saw rumors that the current LJ owners were trying the javascript affiliate re-writing code again. This is a link to a pdf where I know one of the authors. The link text is the simplest version of the amazon link that works correctly. I'm curious if the link one lands at differs from it.

http://www.amazon.com/Introduction-Testing-Applications-twill-Selenium/dp/B001O7HEPW/

Answer: Yes they are doing it, though its even subtler. When I clicked on the link in this post and for a moment I saw a redirect in the url bar. So I dumped my port 80 network traffic.

The first HTTP request. (Note the Host: outboundlink.me entry)



GET /anxo/dr_ta_1/dr_rwl_v2.php?DR_id=1111&r=false&link=http%3A//www.amazon.com/Introduction-Testing-Applications-twill-Selenium/dp/B001O7HEPW/&link_id=link_13&dr_log=-1&callback=DR_JSONP_callback&ref=http%3A//alienghic.livejournal.com/ HTTP/1.1
Host: outboundlink.me
Referer: http://alienghic.livejournal.com/
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_3; en-us) AppleWebKit/531.22.7 (KHTML, like Gecko) Version/4.0.5 Safari/531.22.7
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive

Next there's some json request:

THTTP/1.1 200 OK
Connection: closeDate: Thu, 22 Apr 2010 23:23:02 GMT
Server: Microsoft-IIS/6.0X-Powered-By: PHP/5.2.5
Content-type: application/json

TDR_JSONP_callback({"l_ID":"link_13","dr_af":"http:\/\/www.amazon.com\/Introduction-Testing-Applications-twill-Selenium\/dp\/B001O7HEPW\/","log_id":"-1","log":true,"m":0})

Then there's the connection to amazon.

GET /gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2FIntroduction-Testing-Applications-twill-Selenium%2Fdp%2FB001O7HEPW%2F&tag=5336432744-20&linkCode=ur2&camp=1789&creative=9325 HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_3; en-us) AppleWebKit/531.22.7 (KHTML, like Gecko) Version/4.0.5 Safari/531.22.7
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive


That GET has quite a bit more information than my initial URL. However then it finally finishes redirecting with:


HTTP/1.1 301 MovedPermanently
Date: Thu, 22 Apr 2010 23:23:02 GMT
Server: Server
x-amz-id-1: 118NYYYJRESMA4CBCA7W
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="AMZN "
x-amz-id-2: +BtO3oszOFtkCQ6sGA4NuJ5QIUsoqqXz
Location: http://www.amazon.com/Introduction-Testing-Applications-twill-Selenium/dp/B001O7HEPW/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-1
Transfer-Encoding: chunked


which contains my initial url.

(I did remove the Cookie: header from these posts.

I am curious what the parameters tag, linkCode, camp, and creative mean.

http://www.amazon.com/dp/0596514832/thepolychromatpa Link to Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast using joedeckers affiliate code.

Link | Leave a comment | Add to Memories | Share

Comments {5}

(Deleted comment)

Diane Trout

Re: Amazon might want to know this.

from: alienghic
date: Apr. 23rd, 2010 12:15 am (UTC)
Link

RE: 26.

The buggy version of the auto-affiliate script directed fees away from the person participating in the program which violated the Amazon TOS. However It seemed like their goal was to redirect bare links so they could profit off people who didn't already have a business relationship with Amazon.

My tests were just with a bare url. I'm not sure what'd happen if someone had a proper Amazon affiliate ID.

Though RE: Point 15. The auto-affiliate script does seem to violate that.

Reply | Parent | Thread

(Deleted comment)

Diane Trout

Re: Amazon might want to know this.

from: alienghic
date: Apr. 23rd, 2010 02:56 am (UTC)
Link

I'm not sure... your ID stays attached to the urls through the rewriting, but then some of the other mysterious codes show up while its being redirected. So I have no idea how its supposed to work.

Reply | Parent | Thread

Josh

(no subject)

from: irilyth
date: Apr. 23rd, 2010 02:04 am (UTC)
Link

Can you put the details behind a cut? The long lines are making my friends page unreadable. :^(

Reply | Thread

Diane Trout

(no subject)

from: alienghic
date: Apr. 23rd, 2010 02:29 am (UTC)
Link

is that better?

Reply | Parent | Thread

Josh

(no subject)

from: irilyth
date: Apr. 23rd, 2010 12:10 pm (UTC)
Link

Yep! Thanks. :^)

Reply | Parent | Thread