Welcome to WebmasterWorld Guest from 22.214.171.124
I recently set up a catch-all virtual host in my configs. Any host or IP request that isn't already hosted on my server will get pointed to this catch-all host. For example, if someone went to noname.mydomain.com, it would take them to the catch-all error page.
Recently, IP addresses from google have been requesting german and other spam websites from my server and reaching my catch-all. I believe someone is abusing google's accelerator by pointing random spam domains to random IP addresses and asking the accelerator to download a page from x.x.x.x ip address and inserting a random hostname into request headers. Thus we end up with random domains in our logs, and if people were to post their logs publicly, these domains would show up and resolve to an actual ip address somewhere else. In so giving them a link.
So in short, people are specially crafting http requests and sending them to google accelerator and in turn giving them more links IN google. Thus, google's doing the link exchange work for them, in a very bad evil sickening twisted way.
Anyone else seen this?
joined:Oct 16, 2014
I found a lot of strange/fake request to my server some days ago but I can't find an explanation. Maybe, I should to reopen the logs and take a look.
Thanks for your suggestion.
I see a strange "REDIRECT" link as follows:
When I click on the link it first shows for a short time a white page with the line (Redirecting you to [mysite.dk...] then it redirects me directly to my said page.
I really don´t know whether its a spam or just something belongs to Google standard tracking functions so I haven´t reported it to Google yet. I saved a print screen of the tracker page which shows that strange link).
Any of you can try above link, by replacing mysite url with yours and "page.htm" with any of your static pages.
most of these urls are blocked by the robots.txt - there is one way around this, but so far it is NOT being abused (not even a dozen people are using it) - and no I am not telling you how (however I am not even convinced it works very well).
I am not following what you said 100% reseller, but when you run across these tracking links - sometimes people use them by accident - they right click and paste the link in.
Keep in mind some people think this helps them as it will increase their clickthru with google (doesn't work).
Plenty of people use plenty of techniques that do not work. My advice is to ignore them, but plenty of people think they are making progress by using the spam report.
IMHO - the more your competitors use techniques like this - the better off you are.
I checked some out not believing that websites, such as universities, and institutes, would send spam, and sure enough they didn't.
This spam technigue may be what you are encountering.
Thanks for the infomative feedback and advice. Much appreciated.
As I said I saw the said link on a free public tracker I use in addition to my other trackers. So I clicked on the link to see where my page ranking on Google´s serps, as I usually do. To my surprise I was just redirected to my page.
I really don´t think that a "standard" searcher used such a link to arrive to my site. Maybe somebody somewhere is linking to my page in that strange way.
Of course best is if Google remove the "redirect" command (or whatever its called) from Google SE.
"www.somespammydomain.de" 66.249.66.x - - [17/Sep/2005:23:32:02 -0400] "GET /leftnavi.htm HTTP/1.1" 200 903 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
I don't know why I get these because I don't host them and their dns does not resolve to my server's ip address. But it's clear that it's googlebot requesting this. As far as I know, the ip address is used by google for their accelerator, so I would guess that someone is crafting requests to the accelerator.
If you think about it, this could be a potential threat to a lot of people. Imagine if you could get googlebot to request exploits in IIS or apache and then cover up your tracks by simply putting in a fake hostname.
I'm quite baffled by this stuff. I don't know what the purpose is, and a lot of the sites appear to be legit businesses such as albertadoctors.org, openquest.pt, and katagami.biz. Why google is asking my server for these sites? I have no clue.
Or possibly your own sitemap.xml file is corrupted.