[ale] Noscript found a couple of scripts I didn't write.

Robert Reese~ ale at sixit.com
Wed Apr 15 13:56:27 EDT 2009 

> I have developed an ajax app using Dojo and php to support a club I
> belong to.  It's been up and running for a short while but when I
> went to it today, the FF plugin noscript asked if I wanted to
> permit imiclk.com and abmr.com to run scripts on that page.

My guess is you are a victim of sql injection or some other breach.  It appears 
that these are two advertisers, and my guess is that the script will launch 
pop-under ads for an affiliate.  Looking at those scripts will show that.  At 
least you'll have a chance that if you complain to Akamai and netegg about the 
illegal activity then they will drop (and not pay) the criminal affiliate.  If 
you want to pursue the f*cktard, then sue the two companies and the John Doe 
and use discovery to find out who the John Doe is.  (standard IANAL disclaimer 
applies).  Then have his or her ass arrested and tossed into the federal 
judicial system and any local ones you can find to prosecute.

Now on to the findings:

imiclk.com redirects to acerno.com which is a flash-only site.  But in the 
source of the page I found this meta info:"acerno is the only ad network that 
joins hundreds of multi-channel retail and product manufacturer websites in 
the industry?s only online shopping data cooperative acerno - the add 
network"
Also, the flash contains the name Akamai and this is confirmed by the whois 
data on acerno.com:


Whois Record

Registrant:
Sperry, Tom
   330 Madison Ave, 9th Floor
   New York, NY 10017
   US

   Domain Name: ACERNO.COM

   Administrative Contact, Technical Contact:
      Ops, Network                wearl at akamai.com
      aCerno Inc
      1540 Market Street
      Suite 400
      San Francisco, CA 94301
      US
      5107541916

   Record expires on 17-Jan-2017.
   Record created on 06-Mar-2006.
   Database last updated on 14-Apr-2009 08:31:01 EDT.

   Domain servers in listed order:

   NS89.WORLDNIC.COM            205.178.190.45
   NS90.WORLDNIC.COM            205.178.144.45


Here is an interesting post about aCerno, Inc.:
http://mediatechbusiness.com/start/2008/01/14/do-you-really-want-to-kno
w-the-future-of-behavioral-targeting/
<http://mediatechbusiness.com/start/2008/01/14/do-you-really-want-to-kno
w-the-future-of-behavioral-targeting/>

abmr.com is almost certainly a fake website owned by netegg.com (Domains 
For Sale) and hosted by revenuedirect.com.

Domain name: abmr.com

Registrant Contact:
   Domains for Sale, dba netEGG
   ADMIN SRVCS ()
   
   Fax: 
   767 Pratt st
   Baltimore, MD 21201
   US

Administrative Contact:
   Domains for Sale, dba netEGG
   ADMIN SRVCS ()
   +1.4107521513
   Fax: 
   767 Pratt st
   Baltimore, MD 21201
   US

Technical Contact:
   Domains for Sale, dba netEGG
   ADMIN SRVCS ()
   +1.4107521513
   Fax: 
   767 Pratt st
   Baltimore, MD 21201
   US

Status: Locked

Name Servers:
   ns1.revenuedirect.com
   ns2.revenuedirect.com
   
Creation date: 21 Dec 1999 16:38:14
Expiration date: 21 Dec 2009 16:38:00



Or, your computer or browser is possibly infected with 
adware/spyware/malware. ;c)

RDAG,
Robert~

More information about the Ale mailing list