The strangest one is a subdomain with this guy’s name on it!
... this case appears to be what is called ‘Domain Shadowing’.
• compromise through phishing
• set-up a subdomain lurking below the parent
• utilize for whatever BS you want
blogs.cisco.com/security/talos…
unit42.paloaltonetworks.com/takedowns-and-…
latesthackingnews.com/2019/04/28/god…
At least, at this point, it appears to be remnants of a compromise!
Here is one regarding ‘GMO Foods’ - looks like the type of affiliate scams described in the articles I linked.
Just FYI material - not conclusive yet, but looks like we’re narrowing in.