Check out Framed! by Lauren Wood. There’s puzzling low-grade Internet scamware afoot. Here’s a slightly more detailed description of what’s going on; if you have any ideas, please leave a comment on her blog, not here.
There are a bunch of URLs,
aff000028.com; each of them can produce three distinct
results. If you fetch it with
curl (a command-line URL fetcher
on Unix-like systems) you get a page with a title and meta-tag claiming it to
be “Adult Friend
Finder”, and whose body is a list, sans markup, of 10,000 misspellings of the
adultfriendfinder.com. This is apparently what the
google robot sees, so if you google for (selecting one misspelling randomly)
adultfriendfindor.cwm, you get this page which looks like a link
to Adult Friend Finder. And if you click on that link, dereferencing aff000022.com
from the Google results list, sure enough, you get redirected and land on
Adult Friend Finder in all its sleazy glory. What's weird though, is that if
you go to aff000022.com by typing the URL into your browser, or by linking
from another page that isn't a google result page, you get a little
<frame> package that pulls in
leaving no trace of its existence.
The 29th page has only about 7,000 misspellings, so they are capturing about 277,000 potential mis-spelled URLs.
Like Lauren, I’m puzzled. Ideas?