Is NATS Revealing Sensitive Data?

Stats Remote just did it’s morning pull from my sponsors and I think it just told me how much TIM has made so far today…

I WISH I was going to make $2100 today off TIM, but those numbers are clearly not my numbers (when I go into NATS I’ve made 0 sales so far today), and I doubt they’re any other affiliate’s numbers - which means they’re probably the totals.

While NATS/StatsRemote usually gives appropriate data, this isn’t the first time I’ve seen this problem. If I were a NATS-based sponsor I’d be a little concerned.

And for the people who were asking the question of how much you can make off a site - this sorta answers that question… Averaging $2000/day based on a Wednesday morning - the slowest time of the slowest day… Just at $2K/day that’s over $700K/year, but given it’s a Wednesday morning they’re probably making over $900K per year on their 4 sites. But of course, I can’t say for sure since I don’t know what the numbers actually represent.

Screen Shot 2013-03-20 at 7.20.11 AM.jpg

Re: Is NATS Revealing Sensitive Data?

I don’t know what it exactly is, but SR is acting weird at the moment. I see very odd numbers for Intense Cash when I look at the previous month. The software obviously pulls numbers from somewhere, but those aren’t mine.

Re: Is NATS Revealing Sensitive Data?

[QUOTE=rawTOP;131315]
While NATS/StatsRemote usually gives appropriate data, this isn’t the first time I’ve seen this problem. If I were a NATS-based sponsor I’d be a little concerned.[/QUOTE]

If I were Statsremote I would be concerned too - because Too Much Media could end up blocking 3rd party utilities and scrapers. Problem solved. At least until they figure out what has gone wrong.

Re: Is NATS Revealing Sensitive Data?

Sorry, just re-read rawtop’s post which says he made no sales but SR is reporting 17 … that is definitely weird. I did have some weirdness happening with one of the boyfriend sites. SR, nor I was never able to get to the bottom of it because the boyfriend site was just never forth coming with info.

***** I was going to remove everything below, which doesn’t apply now, but I’ll leave it anyway ****

However, I never put much stock in that last column, it’s a wild prediction based on everything staying the same and conversions continue at currently rates.

For instance, I got one Intense Cash sale this morning and SR is predicting I’m going to get three today and make $106 dollars. I never sell three Intense Cash memberships in one day.

I’ve had a couple of good days at the beginning of the month and SR will tell me that overall for the month that I’m going to make three times what I normally make in a month. Dennis and I always giggle about that and how we’ll have lunch in Paris when that happens, but invariably by the end of the month we might be able to afford a coffee in our local cafes and as for seeing each other face to face, well, we’d have to Skype on our tablets. :slight_smile:

Re: Is NATS Revealing Sensitive Data?

[QUOTE=rob;131319]If I were Statsremote I would be concerned too - because Too Much Media could end up blocking 3rd party utilities and scrapers. Problem solved. At least until they figure out what has gone wrong.[/QUOTE] Well it depends on how SR is accessing the data. Is there an approved API built in that can access the data or are clever people comeing up with their own methods?

Re: Is NATS Revealing Sensitive Data?

[QUOTE=rawTOP;131315]Stats Remote just did it’s morning pull from my sponsors and I think it just told me how much TIM has made so far today…

I WISH I was going to make $2100 today off TIM, but those numbers are clearly not my numbers (when I go into NATS I’ve made 0 sales so far today), and I doubt they’re any other affiliate’s numbers - which means they’re probably the totals.

While NATS/StatsRemote usually gives appropriate data, this isn’t the first time I’ve seen this problem. If I were a NATS-based sponsor I’d be a little concerned.

And for the people who were asking the question of how much you can make off a site - this sorta answers that question… Averaging $2000/day based on a Wednesday morning - the slowest time of the slowest day… Just at $2K/day that’s over $700K/year, but given it’s a Wednesday morning they’re probably making over $900K per year on their 4 sites. But of course, I can’t say for sure since I don’t know what the numbers actually represent.[/QUOTE]

That could very well be the data from their total sales and rebills for Tim for the day could it not? The numbers seems way to high to be just one affiliate to be pushing numbers like that.

Re: Is NATS Revealing Sensitive Data?

Just to be clear… My take on what’s happening is that there’s some glitch in NATS so say every 1 in 10000 times a query is made it doesn’t properly limit the data that’s returned. The volume of requests that StatsRemote makes in a day/week/month make it more likely to be seen in SR than in the NATS affiliate interface.

Re: Is NATS Revealing Sensitive Data?

Doesn’t SR store previously downloaded results though? I’m wondering if it’s some kind of glitch and mash-up in SR itself.

I actually had a similar problem with Celebrity Cash where it was showing that I made 100+ sales to them in one month when I hadn’t made a single one. It never did correct itself.

Re: Is NATS Revealing Sensitive Data?

I’ve had suspicions of that myself, and have had significant problems with some sponsors.

Re: Is NATS Revealing Sensitive Data?

Wow crazy.
Did you open a ticket with nats? this needs to be patched right away

Re: Is NATS Revealing Sensitive Data?

So I have spoke with Too Much Media about this, and they have been trying all sorts of things to reproduce it.

They have seen that Stats Remote is scraping the sponsors sites. They have no idea why - as a feed is available (no feeds are available for admin stats),

If the page they are scraping does not render properly for whatever reason you will get incorrect stats. The same applies if the sponsor changes the way their tables are displayed and Stats Remote does not update.

There is no way for anyone to access admin stats without an active session using an admin login.

Don’t shoot the messenger - this is just what Too Much Media have said, and they appear to have spent quite a bit of time testing.

Re: Is NATS Revealing Sensitive Data?

[QUOTE=rob;131485]So I have spoke with Too Much Media about this, and they have been trying all sorts of things to reproduce it.

They have seen that Stats Remote is scraping the sponsors sites. They have no idea why - as a feed is available (no feeds are available for admin stats),

If the page they are scraping does not render properly for whatever reason you will get incorrect stats. The same applies if the sponsor changes the way their tables are displayed and Stats Remote does not update.

There is no way for anyone to access admin stats without an active session using an admin login.

Don’t shoot the messenger - this is just what Too Much Media have said, and they appear to have spent quite a bit of time testing.[/QUOTE]

This makes sense, as there is an RSS Feed internally, for affiliates to pull their stats, but not admin stats.

Re: Is NATS Revealing Sensitive Data?

Sorry for bumping this old thread, but this is related to this thread. Here’s proof that affiliates sometimes see data that they are not supposed to see.

This is from a sponsor that I hardly promote, so none of these sales is mine. I can even see the referral links, so I know where the sales come from and those are not my sites:

stats12.jpg