Ang0ie: I did something similar. I looked for keywords Encyclo and <unmentionably innocent>.

Encyclo apparently brought up some French law reference. If you can read french, I have a beauty of a link.

<innocent> was ordered to stop doing the same exact thing to a competing job-search site
under a 50,000 francs-per-day penalty.

Francs? Not Euros? This was because the case was decided a good 3 years ago.
I guess they are still working on their white-list. - Larry

Just stumbled across this same problem with our site. Found a huge list by typing "inurl:" and then the redirect part of the offending url into google.com.

Thought it was all a huge conspiracy at first then thought it was probably an open relay because you can type any web address and add the redirect and it'll work.

THEN, i looked even further and found loads of lawsuits relating to the offending party relating to web based incidents. I really don't know what's going on or why but it seems a bit of a coincidence that lots of the sites you can find in google using the above method are in the same industry as the offending company.

I originally thought they were trying to inflate their logfiles to be able to say they have x amount of hits per month and be able to charge huge fees for advertising. Fits with what industry their in.

Not saying innocent or guilty, just saying it's wrong...

Hello Willohara:

Was the site French and jobs related? If so, its likely the same outfit this thread started with.
IF NOT, could you please sticky me a URL or two? I want to see if my site is affected.

It now appears that <snip> was doing surgical URL implantation to coopt listings from other job engines.
For example, www.goodsite.com/listing#123 would become www.goodsite.com.redirect.badguy/listing#123

No chance of an accident there! Badguy lost multiple lawsuits in France, I found URLs for the verdicts / penalties.

What I _suspect_ went wrong (well, MORE wrong) was that the surgical hack got out of hand
and affected all sorts of sites not related to job searches in Europe.

Very soon after this thread appeared here, Google removed most of those hacked URLs from the SERPs.
A 'residue' of some 1200 of those are still found in links lists.
Just search for "redirect.<snip>.com" as an exact phrase. Sticky me for the actual badguy URL.
- Larry

No, we found that exact same url. Then i searched for it and found those sites and this forum thread.

I'm not sure that they've surgically done anything? You can type in ANY domain name and then add the "re***********ob.com" part and it'll work. It's going through a proxy server at their end i think?

I found the lawsuits as well, thats when i stopped thinking it was an "accident". Most of them were relating to internet issues.

If it is going through a proxy at their end then it'll be inflating their log files massively. They can then say "Hey, we get x amounts of hits per month" and then charge lots for adverts on the site.

This is what I get now when I try to enter their site, unmentional.com

They have banned me from their site! Now I wonder why they would do that.
_______________________________________

180
Forbidden
You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

--------------------------------------------------------------------------------

Apache/1.3.33 Server at www.unmentional.com Port 80
0

Oooops! Disregard the message above. I was guilty of a typo.

They have not banned me from their site.

The site in question indeed actually rewrites urls on the hijacked pages to make them pass through their domain. It is very clearly theft if you ask me, nothing innocent about it.

You could block the hijacking of your site by adding the following to an .htacces file:

---------------------------------------------
SetEnvIf Remote_Addr ^213\.41\.67 keep_out #block C-class of IP address content thieves
SetEnvIf Remote_Addr ^213\.41\.66 keep_out #block C-class of IP address content thieves

<Limit GET POST >
order allow,deny
allow from all
deny from env=keep_out
</Limit>
---------------------------------------------

Note this will block some innocent ip's in those two c classes as well.. use at your own risk.

They unmentionals, still have not stopped what they are doing. They promised that the problem would be fixed in a month. Well, time is wasting.

Can any one tell me WHY they are doing this? What is the advantage to them?