1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

cj.com are you familiar?

Discussion in 'Site & Server Administration' started by PinoyIto, Jul 22, 2005.

  1. #1
    When I check my site log stat. I found this dns ace.cj.com with ip address 216.34.209.23. It crawl every pages of my site. Are you familiar with it?
     
    PinoyIto, Jul 22, 2005 IP
    digitalpoint likes this.
  2. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Never seen that before. Maybe they check for dead aff links?

    Anyway, looking on that domain gives some weird stuff that doesn't make any sense to the untrained eye: http://ace.cj.com/ace/export.do?action=poll The HELP suggests it's an intranet feature http://help.cj.com/intranethelp/CMS/ACE_Help.htm

    I exported a repository out of interest and get this:

    
    accounts.other.mail.rename_folder.new_name=Enter new folder name
    accounts.other.reauthenticate.currPasswd.incorrect=Incorrect password for {0}
    accounts.others.confirm_edit_contact.title=Confirm User Settings Change
    accounts.others.coowner.reauthenticate.passwd=Enter co-owner password
    accounts.others.member.reauthenticate.passwd=Enter superuser password
    accounts.others.reauthenticate.magic_word=Enter the characters shown in the image above
    accounts.others.reauthenticate.note=A superuser password is required to make changes to this section. Interesting
    accounts.others.reauthenticate.title=Reauthenticate Superuser Password
    action=Number of Actions
    adv.account.index.12_mon=12 Month
    adv.account.index.30_day=30 Day
    adv.account.index.3_mon=3 month
    adv.account.index.3_mon_epc=3 month EPC
    adv.account.index.7_day=7 day
    adv.account.index.7_day_epc=7 day EPC
    adv.account.index.account_bal=Account balance
    adv.account.index.announcement.default=Please check back here for great ideas to help you increase your online sales!
    adv.account.index.compared_to_cat=Compared to primary category (<b>{0}</b>)
    adv.account.index.compared_to_network=Compared to network
    adv.account.index.deposit=Deposit funds into account
    adv.account.index.deposit_funds=Deposit Funds
    adv.account.index.deposit_notice=Please deposit {0,number,currency} to meet the minimum account requirement. Thank you!
    adv.account.index.epc_ranking=EPC Ranking
    adv.account.index.group.header.messages=Messages
    adv.account.index.group.header.prog_maintenance=Program Maintenance
    adv.account.index.group.header.reports=Reports
    adv.account.index.na=N/A
    adv.account.index.no_application=You have no new applications to review.
    adv.account.index.nt_earnings=Network Earnings
    adv.account.index.num_my_pubs=Number of My Publishers
    adv.account.index.of={0,number} of {1,number}
    adv.account.index.performance=Program Performance
    adv.account.index.prog_status=Program Status
    adv.account.index.review=Review <b>{0,number}</b> pending applications
    adv.account.index.review_new_action=Review new {0} transactions
    adv.account.index.review_new_actions=Review all new transactions
    adv.account.index.review_new_lead=Review new lead transactions
    adv.account.index.review_new_msg=Respond to new messages
    adv.account.index.review_new_sale=Review new sale transactions
    adv.account.index.select_period=Select Period
    adv.account.index.select_type=Select Type
    adv.account.index.tasks=Today''s Tasks
    adv.account.index.trend_graph=Trend Graphs
    adv.account.index.view_trend=(view trend)
    adv.accounting.correction_txn_status.crumbtrail=Correct Transaction Result
    adv.accounting.correction_txn_status.title=Transaction Corrected
    adv.accounting.create_aof.crumbtrail=Create Advertising Order Form
    adv.accounting.create_aof.enter_forecast=Enter Forecast Period<Br><small>(number of days)</small>
    adv.accounting.create_aof.notice=When you create an Advertising Order Form (AOF) it is in addition to the Monthly AOF sent by Commission Junction.  Your monthly AOF settings may be adjusted via your account payment settings.
    adv.accounting.create_aof.title=Create AOF
    # {0} = deposited amount
    # {1} = account number
    # {2} = date of deposit
    # {3} = new account balance
    # {4} = Extra text describing the currency conversion
    adv.accounting.deposit.email.body.plain=Dear valued Commission Junction advertiser:\n\nThank you for your recent deposit of {0,number,currency} for\naccount {1}. The deposit transaction\nwas recorded on {2,date} and is reflected in your\nnew account balance of {3,number,currency}. This information can\nalso be viewed in your Account Manager and in your\ntransaction reports.\n\n{4}\nBest regards,\n\nCommission Junction
    # The deposit receipt may contain a note describing the currency
    # conversion involved in the transaction
    adv.accounting.deposit.email.note.conversion=Your deposit was calculated from a USD equivalent amount\nof {1} which translates to {0,number,currency}.\n\n
    adv.accounting.deposit.email.subject=Payment received
    adv.accounting.deposit1.amount_to_pay=Amount ({0} minimum balance required)
    adv.accounting.deposit1.crumbtrail=Account Deposit
    adv.accounting.deposit1.curr_bal=Your current balance
    adv.accounting.deposit1.currency_note=Non USD Credit Cards deposits are subject to currency exchange fees.
    adv.accounting.deposit1.deposit_notice=The payment will be processed securely and the funds will be available in your account immediately.  For assistance, please use the Contact Us link at the top of the Account Manager.
    adv.accounting.deposit1.min_deposit_req=Minimum deposit required
    adv.accounting.deposit1.title=Deposit
    adv.accounting.deposit2.address=Address
    adv.accounting.deposit2.amex=American Express
    adv.accounting.deposit2.city=City
    adv.accounting.deposit2.country=Country
    adv.accounting.deposit2.credit_card_expire=Expiration Date (mm/yy)
    adv.accounting.deposit2.credit_card_num=Card Number
    adv.accounting.deposit2.credit_card_type=Credit Card Type
    adv.accounting.deposit2.crumbtrail=Card Information
    adv.accounting.deposit2.deposit=Make Deposit
    # {0} = Text representation of the amount that will be charged
    adv.accounting.deposit2.deposit_notice=Your card will be billed <b>{0}</b>. Please enter your credit card information.
    adv.accounting.deposit2.mastercard=Mastercard
    adv.accounting.deposit2.name_on_card=Name on Card
    adv.accounting.deposit2.state=State
    adv.accounting.deposit2.title=Deposit
    adv.accounting.deposit2.visa=Visa
    adv.accounting.depositVAT.crumbtrail=VAT Deposit\r\n
    adv.accounting.depositVAT.currency_note=Non USD Credit Cards deposits are subject to currency exchange fees.\r\n
    adv.accounting.depositVAT.original_deposit=Deposit\r\n
    adv.accounting.depositVAT.title=VAT Deposit\r\n
    adv.accounting.depositVAT.total_deposit=Deposit Including VAT\r\n
    adv.accounting.depositVAT.vat_assessed=VAT\r\n
    adv.accounting.depositVAT.vat_notice=Value Added Tax (VAT) is calculated based on the deposit amount entered, and must be paid with the deposit.\r\n
    adv.accounting.extend_txn.import.ok=Ok
    adv.accounting.extend_txn.reason.testmode=Subscription in Test Mode. Record appears to be correct.
    adv.accounting.manualtransaction1.field.action=Select Action
    adv.accounting.manualtransaction1.field.pid=Enter Publisher Web site ID (PID)
    adv.accounting.manualtransaction1.form.title=Step 1 of 3| Enter Manual Transaction
    adv.accounting.manualtransaction1.title=Run Reports
    adv.accounting.manualtransaction2_review.amount=You have entered {0,number,currency}. Is this the correct {1}?
    adv.accounting.manualtransaction2_review.bonus=bonus amount
    adv.accounting.manualtransaction2_review.item=item amount
    adv.accounting.manualtransaction2_review.sim=amount
    adv.accounting.manualtransaction2_review.title=Step 3 of 3| Enter Manual Transaction
    # {0} is publisher pid
    adv.accounting.manualtransaction2_review_bonus.confirm=No active relationship exists with Publisher PID: {0}. Do you want to continue?
    adv.accounting.manualtransaction2bonus.button.createtxn=Create Transaction
    adv.accounting.manualtransaction2bonus.field.amount=Enter Bonus Amount
    adv.accounting.manualtransaction2bonus.field.oid=Enter Order ID (OID)
    adv.accounting.manualtransaction2bonus.field.refdate=Enter Reference Date (Format: MM/DD/YY)
    adv.accounting.manualtransaction2bonus.form.title=Step 2 of 3| Enter Manual Transaction
    adv.accounting.manualtransaction2bonus.title=Run Reports
    adv.accounting.manualtransaction2item_action.button.createtxn=Create Transaction
    adv.accounting.manualtransaction2item_action.field.amount=Item Amount
    adv.accounting.manualtransaction2item_action.field.itemid=Item Identifier
    adv.accounting.manualtransaction2item_action.field.oid=Enter Order ID (OID)
    adv.accounting.manualtransaction2item_action.field.quantity=Item Quantity
    adv.accounting.manualtransaction2item_action.field.refdate=Enter Reference Date (Format: MM/DD/YY)
    adv.accounting.manualtransaction2item_action.field.sid=Enter SID
    adv.accounting.manualtransaction2item_action.form.title=Step 2 of 3| Enter Manual Transaction
    adv.accounting.manualtransaction2item_action.title=Run Reports
    adv.accounting.manualtransaction2sim_action.button.createtxn=Create Transaction
    adv.accounting.manualtransaction2sim_action.field.amount=Enter Amount
    adv.accounting.manualtransaction2sim_action.field.oid=Enter Order ID (OID)
    adv.accounting.manualtransaction2sim_action.field.refdate=Enter Reference Date (Format MM/DD/YY)
    adv.accounting.manualtransaction2sim_action.field.sid=Enter SID
    adv.accounting.manualtransaction2sim_action.form.title=Step 2 of 3| Enter Manual Transaction
    adv.accounting.manualtransaction2sim_action.title=Run Reports
    adv.accounting.manualtransaction3.enter=Enter another transaction
    adv.accounting.manualtransaction3.form.title=Enter Manual Transaction
    adv.accounting.manualtransaction3.title=Run Reports
    adv.accounting.manualtransation3.error=Unable to process transaction:
    adv.accounting.manualtransation3.success=The transaction has been processed.
    adv.accounting.mer_gen_reports_trans_detail.contact=Contact Publisher about this transaction
    adv.accounting.mer_gen_reports_trans_detail.correc.amount=Correction Amount
    adv.accounting.mer_gen_reports_trans_detail.correc.c
    Code (markup):
    I get the impression that shouldn't be publicly available like that.
     
    T0PS3O, Jul 22, 2005 IP
  3. PinoyIto

    PinoyIto Notable Member

    Messages:
    5,863
    Likes Received:
    170
    Best Answers:
    0
    Trophy Points:
    260
    #3
    But I don't use my site for any affiliate program before... don't you think they are stealing site contents?
     
    PinoyIto, Jul 22, 2005 IP
  4. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #4
    No I wouldn't think CJ is up to anything bad. cj.com IS Commission Junction though is it?
     
    T0PS3O, Jul 22, 2005 IP
  5. PinoyIto

    PinoyIto Notable Member

    Messages:
    5,863
    Likes Received:
    170
    Best Answers:
    0
    Trophy Points:
    260
    #5
    I am not sure if cj.com is owned by commission junction...
     
    PinoyIto, Jul 22, 2005 IP
  6. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Whois it and you'll know.
     
    T0PS3O, Jul 22, 2005 IP
  7. yfs1

    yfs1 User Title Not Found

    Messages:
    13,798
    Likes Received:
    922
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Yes, Cj.com equals Commision Junction

    REGISTER.COM, INC.
    IP Address: 216.34.209.14 (ARIN & RIPE IP search)
    IP Location: US(UNITED STATES)
    Record Type: Domain Name
    Server Type: Other 2
    Lock Status: ACTIVE
    Web Site Status: Active
    DMOZ 1 listings
    Y! Directory: see listings
    Web Site Title: Online marketing solutions: performance-based affiliate programs & search marketing
    Meta Description: Commission Junction affiliate programs offer pay-for-performance online advertising and internet marketing solutions
    Meta Keywords: cj internet advertising online marketing affiliate programs pay for performance affiliate programmes commission junction cj.com performance marketing affiliate network comission junction commision junction comision junction pay for performance advertising
    Secure: Yes
    E-commerce: Yes
    Traffic Ranking: 1
    Data as of: 21-Jun-2004
     
    yfs1, Jul 22, 2005 IP
  8. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #8
    Its' a bunch of message templates - some for the web and some for emails. Somebody screwed up big time at cj.com - anybody can edit these messages now (on the manage repository page).

    Makes me think next time I use any of their clients http://www.cj.com/clients/ :D

    J.D.
     
    J.D., Jul 22, 2005 IP
  9. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #9
    Holy Crap, I didn't even realize.

    I just looked up one I listed earlier and you're right. Anyone can modify, delete and add shite to it. Cock-up of the year!

    Try this URL for instance: http://ace.cj.com/ace/someurl

    OK Who's going to put their links on their site? Could yield some nice high PR links. Wonder how long it will go unnoticed.

    Are we the first to find out about this? Let's start blogging...
     
    T0PS3O, Jul 22, 2005 IP
  10. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #10
    Careful with editing - it can still be considered as hacking, even if they screwed up like this.

    The funny part is that it's a three-fold screw-up:

    1. They have this machine publicly-accessible (it's not their main web server, somebody actually put in on the outside)

    2. This apparently wasn't enough publicity for them and somebody ran/running a crawler on this machine, which identifies the machine to all the sites it's visiting

    3. There's no authentication of any kind for this system

    J.D.
     
    J.D., Jul 22, 2005 IP
  11. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #11
    Yeah I figured best not to mess with it. Not the sort of people to get nasty with. Hence I didn't actually modify, just went there and looked one up. I guess they are smart enough to keep access logs somewhere, or maybe not :) Still can't believe it.

    Maybe we should give them a buzz, before Shawn's eBay earning are affected by someone finding out about this with malicious intent.

    http://www.cj.com/about/contact.jsp
     
    T0PS3O, Jul 22, 2005 IP
  12. 5starAffiliates

    5starAffiliates Well-Known Member

    Messages:
    1,766
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    155
    #12
    WOW what a big screwup!

    BTW CJ is owned by ValueClick.

    There were some complaints in the past about a CJ spider that was hitting sites too many time (checking for compliance issues) and sometimes even hitting sites that didn't have affiliate links on them. Don't think this is the same one though.

    I'm not tecky enough to understand everything above - but are you saying someone COULD hack in and change these files? Is there also confidential info people could get into?

    I'll call CJ and let them know about this. I know one of the top tech people there. Not sure if I can reach anyone on a weekend though.
     
    5starAffiliates, Jul 23, 2005 IP
  13. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #13
    They already know and it seems they've closed the hole.

    It wasn't their actual database, just their templates.
    So it didn't affect end-user data, just site lay-out. It might have been a non-production server but even then, still not the cleverest thing to do.

    Also see my blog.
     
    T0PS3O, Jul 23, 2005 IP
  14. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #14
    Not quite true - the attacker could easily modify one of the templates to embed their code and steal identitis and other associated private data of whoever views pages/emails generated from these templates.

    J.D.
     
    J.D., Jul 23, 2005 IP
  15. T0PS3O

    T0PS3O Feel Good PLC

    Messages:
    13,219
    Likes Received:
    777
    Best Answers:
    0
    Trophy Points:
    0
    #15
    Hmm yeah I guess you could have replaced a plain text entry with some code that then gets embedded in their site and do whatever you want it to do.
     
    T0PS3O, Jul 23, 2005 IP
  16. 5starAffiliates

    5starAffiliates Well-Known Member

    Messages:
    1,766
    Likes Received:
    115
    Best Answers:
    0
    Trophy Points:
    155
    #16
    Well, good they have taken care of it. They are closed on Sat. I tried a bunch of extensions of people I know, but no one answered. So left a general voice mail and alerted them to this thread.
     
    5starAffiliates, Jul 23, 2005 IP
  17. samayahuja

    samayahuja Active Member

    Messages:
    268
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    51
    #17
    If you do not sell a product as affiliate within 6 month your a/c may be deactivated.
     
    samayahuja, Jun 19, 2007 IP
  18. inworx

    inworx Peon

    Messages:
    4,860
    Likes Received:
    201
    Best Answers:
    0
    Trophy Points:
    0
    #18
    I too get similar hits form Archieve. About 1000+ connections at peak hours!

    Its blocked due to that sometimes, but I am thinking of a permanent solution so as these websites arent banned...
     
    inworx, Jun 20, 2007 IP
  19. lilsimon04

    lilsimon04 Active Member

    Messages:
    175
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    71
    #19
    I am having this problem now, I dont even have any link on my site to cj and now their spider is on my website... But i did recently add a subforum to my forum that was name Commission Junction...does that have anything to do with it????
     
    lilsimon04, Sep 26, 2008 IP