On Monday September 15 2003, a change to .com/.net behavior was announced. In sum, every mistyped domain name, one that had not been registered, would be redirected to a new site controlled by the company which runs a major part of the domain name system, Verisign.
When a URL has a misspelled domain name, Verisign's changes have the effect of redirecting every single HTTP page request (technically, HTTP response code 302). There is a redirection header and page which displays:
The document has moved <A HREF="<a href="http://sitefinder.verisign.com/lpc?url=[your url];&host=[your typo domain]">here</A>.<P>
So, for example, the URL
http://verisign-is-to.net/more/evil/than/satan/himself.html
Gets redirected to:
This site suggests corrections to the typo. I have written a program " Verisign Typosquatter Explorer" in order to examine these suggestions. Future data may be analyzed as interest permits.
Note tests with some domains seem to return results which are not constant, i.e. differences when the program is run repeatedly. This is not a program bug. Reloading the Verisign page also changes which squat-suggested domains are displayed. I don't believe it's an advertising rotation, but the behavior is similar to that practice.
This project was not supported by anyone. If anyone is providing financial support for such projects, the author would dearly like to know.
Version 1.2 September 17 2003
See also: Domain Investigations
(if you subscribed a few months ago, please resubscribe due to a crash)
See more of Seth Finkelstein 's Censorware Investigations