A cool online business idea. How to make money on someone else's name, someone else's site, and even without a product
The story began with the fact that one of my sites began to download a suspicious robot. It was not a Yandex-bot or a Google-bot and in general, none of the famous search engines. The suspicion was supported by the fact that Useragent was strange - curl / <SOMETHING>, and Referer - d: / <SOMETHING>. The sole purpose of such robots is to steal content from the attacked resource ...
For about two months, everyone did not reach out to look for the evil parser - to understand on which other domain my most valuable content is laid out (joke). I only sometimes forbade some values ​​of Useragent and Referer at the level of the php code, but my mysterious friend corrected them and came back to the site with unnecessary load.
And now, hands reached!
I figured out how to find the parser, or rather, its domain (s) in the issuance of Yandex. A little about the project - about 10 million pages of the same type with registration data of legal entities of the Russian Federation - names, codes, addresses, etc. But, on each page there is a long phrase that the current state of a legal entity may not correspond to the presented one. Well, yes, 10 million companies - 400 thousand of them change something every year (director, legal director, founders ...) Here, for this phrase, Yandex found a lot of sites (not mine), but not with my content! (On the second page of issue, for example, url of the type uralres.ru/ q6bCp__08pky ) Although, snippets indicated that there is information about legal entities. I simply closed the first ten of such pages without thinking, and why, in fact, there is one in the snippet, and when you go to the site - some kind of GE with a tool for ... to taste - potency, weight loss, anti-chromin, etc. Moreover, if you just score the URL from this site in the address bar, we get Error 404!
')
I assume the following mechanism of this system:
Go ahead.
On several open false pages I came across a photo with a popular TV presenter, a doctor, who is holding a box with a miracle cure tool. I must say at once that there were pages with a means for potency - and yes, the presenter was holding the corresponding objects in her hands in the same way.
But dwell on the hard drinking.
This is a typical landing page, designed for blog presenter. As if, based on one of the programs about alcoholism, this blog was created to answer common questions, share experiences and order form of the drug. Also, all the links on the page using javascript were replaced by the supposedly official site of a drug like c.superantipohmel.ru - so that a visitor with any click would get to the white site of the manufacturer.
A photo with the image of a popular host, holding in her hands this miracle cure - a fake, low-grade photoshop! However, judging by the scope of the businessmen, it is this picture that misleads the gullible citizens who accidentally hit one of their sites.
Now the whole scheme of fraud in full view!
The enterprising Webmaster has developed a clever scheme of deception:
I conducted a mini-investigation - I also ordered a medicine supposedly for my father. In the order placement form, you need to specify your full name, phone number and select a country (for solidity?).
After sending the order, after 5 minutes, someone Gennady called me back from the number (495) 645-80-56 (auto-dialing system, contact center, everything). He introduced himself as a consultant to the Shop-online store (the two most popular search words - try, find a store) and in a calm, confident voice asked who I was taking the drug for. He inquired about the duration of his father's addiction to alcohol, the severity of dependence. After listening to my tearful story, he authoritatively confirmed that A-hangover confidently copes with this form of the disease and the result in the form of a disgust for alcohol in a patient can be expected after a month's course. A monthly course of drug treatment is 4 packs, with delivery cost about 4000 rubles!
We place an order - they took the delivery address from me. Type of delivery - Russian Post with payment upon receipt. The kit should include the tool itself, instructions and certificate! Interestingly, the certificate for what? What this tool is not dangerous for his host? We'll see…
Googling the search, I found a lot of feedback about the company-seller, whose details are listed on the white site next to the order form. In particular, that they do not send what you ordered at all, but put in a package, for example, a penny pack of tea. Anyway, in the mail you first pay the cash on delivery, and only then go to see what has come. By the way, the parcel will be sent to you by a certain individual, to whom you cannot file a lawsuit - you do not have his passport data and registration. And you have no idea how much I was pleased with the fact that the reviews were found on my website.
So, 4 stages in the scheme, and each of them is fraudulent! Swappable content — one time, using the image of the doctor-presenter — two, a false certificate — three, cheating on the mail — four. And each stage as separately as possible is unproven - you will not get to the site except from Yandex, you order the drug on another one - the “official” manufacturer’s website. Well, the fact that you were given a box with a bag of tea for 4 kilorubbles at the post office - this is you and the sending physicist, figure out what your contract was about.
This completes my report. And may your content remain intact!
PS Read to the end - a bonus.
How to easily and clearly recognize the bot-theft, and generally get a picture of what is happening at the moment on the site? For several months I was carrying out the idea of ​​how to understand one by one look at the screen, is everything good with the site? And came up with such a solution. Store in a certain storage data about the last 100 requests to the site - URL, Useragent, Referer, script runtime ...
Now, having logged on at any time to a special monitoring URL, I see how many Yandex bots, Google bots, useless bots and Visitors I have per 100 requests per moment. I see the response times of scripts in different classes of urls — slow and fast urls are immediately detected. I see suspicious bots - well, an ordinary user cannot open 10 same url in 10 seconds! And if you divide 100 requests by the number of seconds for which they arrived, then we get the load on the site in requests per second.
As a stand, I recommend XCache (for php lovers). It is magic - multi-threaded, fast, without locks! But only suitable for storing null data for a minimum period of time. This janitor, who comes to clean everything, is very unpredictable! I tried to ask him to come less often, but then OOM happened.
For the last 100 queries, you will need 101 key cells — cur_counter and zapr_i, where i = [0..99]. Each time the php script is executed, we increment the cur_counter and calculate the cell number for the request statistics as cur_counter% 100 (the remainder of the division by 100). Further in this cell we put metadata on demand and, do not believe, exactly 100 last requests ALWAYS lie in the cache! What to put in the cache and how to display it - at your discretion.
For about two months, everyone did not reach out to look for the evil parser - to understand on which other domain my most valuable content is laid out (joke). I only sometimes forbade some values ​​of Useragent and Referer at the level of the php code, but my mysterious friend corrected them and came back to the site with unnecessary load.
And now, hands reached!
I figured out how to find the parser, or rather, its domain (s) in the issuance of Yandex. A little about the project - about 10 million pages of the same type with registration data of legal entities of the Russian Federation - names, codes, addresses, etc. But, on each page there is a long phrase that the current state of a legal entity may not correspond to the presented one. Well, yes, 10 million companies - 400 thousand of them change something every year (director, legal director, founders ...) Here, for this phrase, Yandex found a lot of sites (not mine), but not with my content! (On the second page of issue, for example, url of the type uralres.ru/ q6bCp__08pky ) Although, snippets indicated that there is information about legal entities. I simply closed the first ten of such pages without thinking, and why, in fact, there is one in the snippet, and when you go to the site - some kind of GE with a tool for ... to taste - potency, weight loss, anti-chromin, etc. Moreover, if you just score the URL from this site in the address bar, we get Error 404!
')
I assume the following mechanism of this system:
- Looking for a donor site with a large number of pages
- An acceptor domain is created, which starts feeding Yandex-bot pages from the donor site, replacing all the links with their own on the fly. And, as I understand it, not directly like donor.ru/otrasli/25 -> gs.ru/otrasli/25, but somehow encrypting them is reversible - donor.ru/otrasli/25 -> gs.ru/8SDnm34rLK
- Pages submitted to Yandex are not even cached by the acceptor - and why, then we will take it again if asked. But, if only ask Yandex-bot! And we show the user a miracle advertisement.
Go ahead.
On several open false pages I came across a photo with a popular TV presenter, a doctor, who is holding a box with a miracle cure tool. I must say at once that there were pages with a means for potency - and yes, the presenter was holding the corresponding objects in her hands in the same way.
But dwell on the hard drinking.
This is a typical landing page, designed for blog presenter. As if, based on one of the programs about alcoholism, this blog was created to answer common questions, share experiences and order form of the drug. Also, all the links on the page using javascript were replaced by the supposedly official site of a drug like c.superantipohmel.ru - so that a visitor with any click would get to the white site of the manufacturer.
A photo with the image of a popular host, holding in her hands this miracle cure - a fake, low-grade photoshop! However, judging by the scope of the businessmen, it is this picture that misleads the gullible citizens who accidentally hit one of their sites.
Now the whole scheme of fraud in full view!
The enterprising Webmaster has developed a clever scheme of deception:
- Yandex scans its site and sees non-unique content. But Yandex cannot always recognize the fact that the information is stolen, and places some of the data in its index.
- An Internet user enters a query on Yandex and in the search results sees a link to the scam site. Clicks on the link, but receives not the desired information, but the substitution - the page ( sample ) with an easily recognizable TV presenter.
- Further, the most gullible and those for whom the problem of alcoholism is currently the most acute, remain on the alternate page, read the doctor's false recommendations, false reviews, see a fuzzy photo of some certificate ... and order Antipokhmelin.
I conducted a mini-investigation - I also ordered a medicine supposedly for my father. In the order placement form, you need to specify your full name, phone number and select a country (for solidity?).
After sending the order, after 5 minutes, someone Gennady called me back from the number (495) 645-80-56 (auto-dialing system, contact center, everything). He introduced himself as a consultant to the Shop-online store (the two most popular search words - try, find a store) and in a calm, confident voice asked who I was taking the drug for. He inquired about the duration of his father's addiction to alcohol, the severity of dependence. After listening to my tearful story, he authoritatively confirmed that A-hangover confidently copes with this form of the disease and the result in the form of a disgust for alcohol in a patient can be expected after a month's course. A monthly course of drug treatment is 4 packs, with delivery cost about 4000 rubles!
We place an order - they took the delivery address from me. Type of delivery - Russian Post with payment upon receipt. The kit should include the tool itself, instructions and certificate! Interestingly, the certificate for what? What this tool is not dangerous for his host? We'll see…
Googling the search, I found a lot of feedback about the company-seller, whose details are listed on the white site next to the order form. In particular, that they do not send what you ordered at all, but put in a package, for example, a penny pack of tea. Anyway, in the mail you first pay the cash on delivery, and only then go to see what has come. By the way, the parcel will be sent to you by a certain individual, to whom you cannot file a lawsuit - you do not have his passport data and registration. And you have no idea how much I was pleased with the fact that the reviews were found on my website.
So, 4 stages in the scheme, and each of them is fraudulent! Swappable content — one time, using the image of the doctor-presenter — two, a false certificate — three, cheating on the mail — four. And each stage as separately as possible is unproven - you will not get to the site except from Yandex, you order the drug on another one - the “official” manufacturer’s website. Well, the fact that you were given a box with a bag of tea for 4 kilorubbles at the post office - this is you and the sending physicist, figure out what your contract was about.
This completes my report. And may your content remain intact!
PS Read to the end - a bonus.
How to easily and clearly recognize the bot-theft, and generally get a picture of what is happening at the moment on the site? For several months I was carrying out the idea of ​​how to understand one by one look at the screen, is everything good with the site? And came up with such a solution. Store in a certain storage data about the last 100 requests to the site - URL, Useragent, Referer, script runtime ...
Now, having logged on at any time to a special monitoring URL, I see how many Yandex bots, Google bots, useless bots and Visitors I have per 100 requests per moment. I see the response times of scripts in different classes of urls — slow and fast urls are immediately detected. I see suspicious bots - well, an ordinary user cannot open 10 same url in 10 seconds! And if you divide 100 requests by the number of seconds for which they arrived, then we get the load on the site in requests per second.
As a stand, I recommend XCache (for php lovers). It is magic - multi-threaded, fast, without locks! But only suitable for storing null data for a minimum period of time. This janitor, who comes to clean everything, is very unpredictable! I tried to ask him to come less often, but then OOM happened.
For the last 100 queries, you will need 101 key cells — cur_counter and zapr_i, where i = [0..99]. Each time the php script is executed, we increment the cur_counter and calculate the cell number for the request statistics as cur_counter% 100 (the remainder of the division by 100). Further in this cell we put metadata on demand and, do not believe, exactly 100 last requests ALWAYS lie in the cache! What to put in the cache and how to display it - at your discretion.
Source: https://habr.com/ru/post/309748/
All Articles