Results 1 to 11 of 11
  1. #1
    Newbie
    Join Date
    January 18th, 2005
    Posts
    47
    I have just discovered that someone has forwarded the url, www.kroek.de to my site. Based on the source script, it appears that the url is forwarded to a domain which I am directing to my site as well. Various German pop ups have been added, but other than that, everything is the same.

    Is this some form of Parasiteware that will cause me to lose commissions, or is this individual to lazy to build a site and is simply intending on profiting from the pop ups?

    Thanks
    Rick

  2. #2
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Let's see, the domain belongs to:
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>domain: kroek.de
    descr: Tobias Kroek
    descr: CarlHurtzigStr.26
    descr: D-28259 Bremen
    descr: Germany
    nserver: ns.freedoms.de
    nserver: ns.freecity.de
    status: connect
    changed: 20010214 221802
    source: DENIC<HR></BLOCKQUOTE>

    The "Tropi-Ties" link on your site is http://www.qksrv.net/click-1141109-9700816, on the German site it is also http://www.qksrv.net/click-1141109-9700816 - so it's not changing your HTML.

    It looks to me like the popups are being generated by the free hosting provider he's using, rather than being a deliberate add-on to cream off money.

    A look at the redirect HTML shows an email address of "Tobias Kroek (webmaster@kroek.de)"

    Since the website is the same as the owner's name, I assume this isn't part of some grand conspiracy to use framed websites to earn money.

    So.. it doesn't look like parasiteware or site cloning. Might be worth sending him an email to say "hi" and "uh?"



    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  3. #3
    Newbie
    Join Date
    January 18th, 2005
    Posts
    47
    Thanks for the help Dynamoo. I sent the guy an email and it came back undelivered. The message was redirected to a yahoo.de account that does not exist. His middle name must be "Redirect". I wish I knew what he was up to.

    Rick

  4. #4
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Here's a neat trick to get rid of unwanted redirects if they're becoming a pest:

    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>{script language="JavaScript"}{!--
    if (document.referrer.indexOf('www.kroek.de') &gt; -1)
    location.href = 'http://www.yahoo.com/';
    //--}{/script}<HR></BLOCKQUOTE>

    You'll need to replace the {} braces with &lt;&gt; ones (you can't post Javascript in the forum).

    Put that in the body text of the HTML. You can add more terms with an "else if" statement.

    I'd only recommend doing that if you were really concerned though, it doesn't look like a threat.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  5. #5
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    Heh heh, there are other places to send them besides Yahoo...

    I'd probably send them to a spare domain of mine that I'd code up to generate an endless sea of popups! Since the object of the pops would be to crash the browser I'd probably leave them blank. No need to associate a brand name with such a thing...

    As for what he's up to, it may be to try to get bookmarks to his site and then switch it for some other kind of content later. Whatever that guy's plan, it seems to be fishy as heck and it may be best to dissociate the real site from it...

    -I've been a king, and I've been a pauper, and everything there is in between ~T.G. Sheppard. NOT Frank Sinatra!

  6. #6
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    Ahhh yes, well that's the story behind The Horse Porn Incident when someone was redirecting their site to my site (to make it look like they'd been hacked) and I just redirected their redirects to something.. more interesting.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  7. #7
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    ROFLMAO!!

    That whole site is hilarious! And your advice to "wash the phone" and be careful of leaflets (on another page)...haw haw haw! It makes Commerce Twp.'s politics look so dull in comparison!

    -I've been a king, and I've been a pauper, and everything there is in between ~T.G. Sheppard. NOT Frank Sinatra!

  8. #8
    Newbie
    Join Date
    January 18th, 2005
    Posts
    47
    Thanks all, I appreciate the feedback. I'm really new at this, so correct me if I am wrong with my interpretation of the Javascript suggestion. This script would in turn redirect kroek.de visitors to Yahoo, correct?

  9. #9
    ABW Ambassador John Kruger's Avatar
    Join Date
    January 18th, 2005
    Location
    At my computer
    Posts
    645
    I am curious how you found this out in the first place.

    John

    Once a year, go someplace you've never been before.

    www.teampb.com

  10. #10
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    AVP, that's right. But it does mean that all visitors to your site will end up running a little bit of javascript, so I'd maybe leave it in reserve.

    ________
    All your commission are belong to us.
    Check out the latest Homeland Security press releases.

  11. #11
    Newbie
    Join Date
    January 18th, 2005
    Posts
    47
    TeamPB, I discovered the redirect when checking the referring urls on my site log.

  12. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Hijacked?
    By abantu in forum Suspicious Activity!
    Replies: 15
    Last Post: July 18th, 2005, 05:44 PM
  2. HELP!!! MY SITE IS BEING HIJACKED!!!!!!
    By SSanf in forum Midnight Cafe'
    Replies: 5
    Last Post: October 2nd, 2004, 04:13 PM
  3. Link Hijacked
    By speda1 in forum Suspicious Activity!
    Replies: 1
    Last Post: December 3rd, 2003, 02:56 PM
  4. Please Help!!! My computer has been hijacked!!!
    By wtjpm in forum Suspicious Activity!
    Replies: 5
    Last Post: June 14th, 2002, 02:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •