Author Options:

What are all these cookies on Instructables, etc? Answered

I don't know if most people can read their own cookies.
Today when I signed on instructables with a clear cache , I got these cookies:

consumerist.com SESSID_GANJA

Apparently ganja means smoking pot. Why give me those cookies?

Here are some other cookies I think stink.

ROLL (< who's being "wicked ... in High places"? Everybody must get stoned?)
doubleclick.* (tracking cookie)
hitbox.* (tracking cookie)
2o7.* (tracking cookie)
paypal.com (when I haven't been there)
RU4 (are you for... as in RU4 86? what are you for?)
test-loyalty (do you like Bush?)
geoinfo (where are you now?)

FLASH9 (hidden)

I will post more sneaky looking cookies as I get them. I can't remember more now.
If anyone is a truthful expert on cookies, share more clues.

dttd://CMD MSG 41387 04551.70280 ETX (user defined protocol)



9 years ago

I wrote that question at least a year ago, seems like longer. I see no evil looking cookies here today. :) I still would like to know EVERYTHING about web cookies though.

(This is what is going on in my mind) *Cookies... Mmmm...


A little late to your response, but late is better than never, right? If there are cookies that have a match.com domain name, than yes, someone has gone to match.com on your computer. Websites can only set cookies for their own domain, so an advertiser could not create a match.com cookie. The utma, etc. cookies are tracking cookies, probably from Google Analytics. Advertisers do set cookies across domains to try and track users and potentially target ads to that way. Lots of sites store cookie data to tell if someone is a new or returning user. Cookies are nothing to worry about, but it is a sly way of seeing where someone has been browsing. It's easy to erase one's browsing history, but most wouldn't think of deleting their cookies as well.

If you look at cookies for the instructable.com domain, you will only see these cookies being set:


So if you are seeing the mentioned cookies being set, they are getting set from the advertising on the site.

For example, SESSID_GANJA is coming from our ads that we run for consumerist.com and lifehacker.com. Ganja is the name of their publishing platform, this is from one of their blog posts:

We’ve spent the first half of this year developing the Ganja publishing platform that Lifehacker and Consumerist are now operating on. The goal of the Ganja project is simple: to further empower you to create the best sites you can.

If you want to understand more about sessions, just google 'server sessions'.

As for this comment:

"The cookies I mentioned have 1 month expiration dates and are self set to upload to all cookie sites."

The expiration would be normal, so if you go back to that one site, it would be able to read your cookie. Most sites have these types of expiration dates so that they can track new vs. returning users.

The part about "self set to upload to all cookie sites" doesn't make any sense to me. If you're using a homebrew browser that doesn't conform to the cookie spec, than maybe this could happen, but with any of the major browsers, you can only access/set cookies within your domain. We can only access cookies that have instructables.com as the domain.

I hope this helps clarify the cookies coming from our site.

I agree that the instructables cookies listed above are "ok". I didn't list any of them, and noticed that eng-tips.com had both utm cookies and tracking cookies. I'll go back to cookie defense mode. Questions remain, like what are dopey cookies actually for? : (GANJA,ACID,BASE,ROLL)? GANJAUSERID seemed at first like an accusation that I might be smoking pot. (***) Haha: is GANJA a platform like JAVA ... but much dopeyer? Seriously, what does it add to the web that's otherwise missing? The way things are going, there'll be one called SCREWUID and everybody will just laugh at the suggested function without consideration it may be well named or wondering what it does. I may grab a "to be sent to all cookie sites" attribute and post it next time I get one of those cookies.

I don't know why you (or anyone else) are worried about cookies. They aren't malware and cannot be used by anyone other than the site that placed them there. My browser has a setting that allows me to block cookies from offsite (those placed by ads), so the only cookies I accrue are those that let me to re-visit sites without having to login every time.

Read what's going on at eff.org. I can build a nonPC computer from scratch, and it just pisses me off that companies out there think they own it, or that they are entitled, if it were possible, to break and enter even the memory of my mind!

What makes you think that they think they own it? All they're doing is storing information that you supplied so that you don't have to re-enter it when you return. No other site can read those cookies.

If you don't like it, just turn off the cookies in your browser. Note that many sites will not work without them.

All they're doing is storing information that you supplied so that you don't have to re-enter it

Not even ;) Typically, all that is stored is session information - which is a website unique ID. So even if another site was able to look at it, they'd have that wasn't any good to them. Even when a password is stored, it's not nice looking asci text words ;) It's just garbage to every other site and on any other computer ;)

That's especially important for merchant processing (credit cards and such). The site handling it legally can not store your information - not even for an instant (everything is handed over to the CC guys). So when they say "save my number" or whatnot, really - all you are saving is a processor ID, which is stored in a database that the merchant processor handles. Not useful to anyone other than the CC folks. Similar to cookies :D

You might have already known this - I'm just putting it out there :D


10 years ago

Well, I said screw it and looked at all the "dangerous" groups. (only on instructables) Here are the sneaky cookies I accumulated meanwhile: atdmt.com AA002 consumerist.com GANJAUSERSETTINGS (again with that!) consumerist.com SESSID_GANJA dynamic.fmpub.net geoInfo (***) eng-tips.com : (both browsing and tags cookies) google.com PREF (***) instructables.com (mostly browsing cookies) itxt.vibrantmedia.com VM_USR (***) www.consumerist.com NSC_(encrypted - uh oh!) NatSe-Cookie!(***) www.eng-tips.com CFGLOBALS (***) www.eng-tips.com CFCLIENT_ENG www.eng-tips.com CFID (***) www.eng-tips.com CFTOKEN youtube.com use_hitbox (***) youtube.com VISITOR_INFO1_LIVE (***) youtube.com AXT youtube.com LOCALE_PREFERENCE (***) youtube.com GEO (***) youtube.com user_omniture (***) youtube.com watched_video_id_list (***) Now again, what are those GANJA cookies for? (***) (***) Justifiable Paranoia! Time to stop playing "evil".

. I'm not sure what's happening to you, but I only have nine cookies from Instructables and none of the stuff you mention. You may have some malware installed on your system.

nah, just a small linux kernel and a browser. I can see everything going on in it. The cookies I mentioned have 1 month expiration dates and are self set to upload to all cookie sites. I have it set to show me and then clear them all whenever I go to a different site. I purposely unblocked the cookies to see what would come. Out of all the sites I go to, Instructables gives more cookies than average. BUT, the cookies I listed so far are more than half from other sites. Youtube gave a lot of the above too. I wonder why instructables gave me "ganjauser" cookies. There was an ad for FRY's Electronics on the page at that time. I'm not sure how to read what's in the cookies in firefox. It either blocks, or worse, hides them. I wonder if I'll get terrorist cookies if I look at ILLEGAL and EXPLOSIVE groups. Anyone else want to volunteer who can also read what's in their cookies?

I think I'll look for, or write a webpage that shows you what cookies it can see on you and me and what's inside them. I'll talk to a friend about exactly how to do it.


10 years ago

more sneaky cookies: omniture.com UID (tracking,we know who you are!) VISITOR_INFO_LIVE (We see you looking at this now!) trafficmp.com (we know you're listening to music on the internet!) tribalfusion.com yourID (we know who you are!) questionmarket.com (we wanna know you might wanna buy this!) quantserve.com yourID (we know who you are too!) Stay tuned.