Prospect One

  • Resolved Mr-Manor

    (@mr-manor)


    5 years, 8 months ago

    Hi. When testing a page with wp-slimstat enabled, this test claims “This website loads trackers on your computer that are designed to evade third-party cookie blockers.” I guess that some tracking mechanism is to be expected, but text goes on “Blacklight detected a script belonging to the company Prospect One doing this on this site.”

    Is wp-slimstat related to Prospect One or are Prospect One simply doing business using wp-slimstat software?

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor toxicum

    (@toxicum)

    5 years, 8 months ago

    Not that I know of or that is any evidence of in the source code. (https://github.com/slimstat/wp-slimstat/search?q=prospect)

    When testing my sites, it only states that a hidden canvas is drawn, which is ok for finger printing.
    No evidence of “Prospect One” here. Are you using any additional (commercial) Slimstat plugins in your website?

    Thread Starter Mr-Manor

    (@mr-manor)

    5 years, 8 months ago

    Yes I agree that some kind of tracking is expected, but I am curious on how Prospect One got into the equation. As far as remember I have not installed any wp-slimstat commercial plugins. But we do have used slimstat for many years. So I cat say for sure if wp-slimstat has always been one single download (did I have to add som geo related stuff at some time?)

    I wrote to the author of Blacklight and he readily replied:

    The tool has a (slightly hidden) download feature for the inspection archive, I looked through it for your website, the script doing the fingerprinting is https://cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js. I have attached the inspection report to this email which you can further inspect. And if you are interested in learning more about what we are testing for we define it in our methodology. You can see the raw inspection result at the following path after extracting the zip – raw/inspection.json. For more information about the inspection results archive you can look here

    zip file here if anyone is interrested

    There is no mention of prospect anywhere in the raw data from my site nor if I do a raw grep -iR Prospect * on the www folders on my webserver. So at this time I suspect that slimstats tracking have been incorrectly associated with Prospect One – although that does not fit if you do not have the same text when scanning your site.

    I am still puzzled

    Thread Starter Mr-Manor

    (@mr-manor)

    5 years, 8 months ago

    ok, so the difference in our results @toxicum seem to be if local versus cdn download is selected for Tracker. If I change to local download I get the expected message and the above text regarding Prospect One is changed to “Blacklight detected a script loaded from busene.dk doing this on this site”

    Digging into the jsdelivr website I found the Privacy Policy – cdn.jsdelivr.net: Prospect One (“us”, “we”, or “our”) operates the cdn.jsdelivr.net website (the “Service”).

    Plugin Contributor toxicum

    (@toxicum)

    5 years, 8 months ago

    Here are my settings:

    CDN: disabled
    Set Cookie: on.
    Private Mode: on.
    GeoLocation: City
    Relative Ajax: off

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Prospect One’ is closed to new replies.