1 Nov
2011
1 Nov
'11
10:42 p.m.
On 11/1/2011 7:05 PM, Stefan Fouant wrote:
Is there anything perhaps protecting or intercepting the data on its way to the server, perhaps an Arbor device of some type of load balancer?
This type of behavior is quite common when protecting web assets to eliminate zombies and such, but its usually something you would see back to the clients, not tp the server.
I have seen this in SEO-poisoning type of webpage defacement. They anchor a javascript in the main website "frame" and it generates optimization "links" using a numeric suffix or ?argument so that they appear as separate links. If the crawler is recognized (e.g., googlebot) then the SEO page is returned. Jeff