Re: common cookie db?

Ramon Pinuaga Cascales wrote:
Hi offset,

I've compiled a document called "cookie_figerprinting".
I put here the cookies I usually found working.

Interesting. Here's a patch adding some more cookies and also some additional references.

--- cookie_fingerprinting.orig.txt	2006-01-20 10:54:20.515625000 +0100
+++ cookie_fingerprinting.txt	2006-01-20 13:01:18.046875000 +0100
@@ -27,8 +27,18 @@
 Microsoft IIS (
+where 'X' is a upper case letter
+Microsoft ASP.Net (
+Set-Cookie: ASP.NET_SessionId=0hqed4qelkxvjj153tplacm0; path=/
 IBM Net.Commerce (
@@ -86,9 +96,15 @@
 IBM Tivoli Policy Director WebSeal (
+Set-Cookie: PD-S-SESSION-ID=2_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; Path=/; Secure
+where 'x' is {[A-Z],[a-z],[0-9],+,-}
 Set-Cookie: PD-S-SESSION-ID=2_L7kl8vzZ9b8LMEwpm0PgqqQRIh2ZZakRamBlgvMXqIIAABDZ; Path=/; Secure
+When accessing a stateful sesion:
+Set-Cookie: PD_STATEFUL_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx=/LOCATION; Path=/
@@ -96,8 +112,8 @@
 Set-Cookie: WEBTRENDS_ID=; expires=Fri, 31-Dec-2010 00:00:00 GMT; path=/
-IBM WebSphere ()
+IBM WebSphere Application Server ()
 Set-Cookie: sesessionid=ZJ0DMWIAAA51VQFI50BD0VA;Path=/
@@ -120,3 +136,25 @@
 Set-Cookie: _sn=u3YBSdYfaf0oa5H1hz7Tc0ccApc0T1Iz60QWgeSiMEA_; Version=1; Path=/
+BlueCoat Proxy (
+Set-Cookie: BCSI-CSC2B35314=1; Path=/
+Coldfusion (
+More info at
+Urchin Tracking Module
+More info at:

Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

Relevant Pages

  • Photos
    ... Once you have one opened then go to Format> Format ... provide a link to the website so we could help you with any issues. ... Read the instructions. ... page you will import will be 2250 pixels long. ...
  • Re: Self-service checkouts have not cut supermarket queues
    ... of card you want to pay with, so the computer should know what number ... that the strange format was probably the cause, ... their own to successfully parse and perform a cursory validation on ... I wrote an ecommerce website for a local cleaning ...
  • Re: Do you consider this software licensing practice ethical? I am furious!
    ... without eating up resources if they do not format their hard ... and at the end of a FAQ "printed clearly" on the website? ... because I normally do use a repair install or a restore point ... else's quilting software that has what you regard as a better licensing policy. ...
  • Re: Capturing genealogy data from websites
    ... It would depend on the format of your website but this does raise the question of "why a website?". ... The following is a copy of the policy on Gedcom files. ... the FamilySearch website does not support the uploading and downloading of GEDCOM files. ... They didn't mention downloading in any other format so I'm assuming, maybe wrongly, that if they were planning some other download format they'd have mentioned that. ...
  • Re: Get generated html data from aspx page and send out email
    ... > When a payment is done they post the data to my website. ... > that to a string variable with html formating tags in it and email it out, ... > have an web page which generated an invoice to view in the right ... > format and all that, so the question becomes is there any way in .net that ...