Custom Curl Host Header Causes Strange Output

[nickfrosty]

So I was having some fun messing with CURL in my terminal and a custom PHP file on my local server. At first I was getting the expected output of the the host, client ip, the referrer, the user agent, and some other stuff. But then I decided to test out some Tor stuff, so I uploaded this PHP script to my website and then set the socks5 option of CURL to use Tor. That all worked fine. But when I set the host header using CURL, it freaked out. My terminal spit back some odd html code which included an iframe to "searchdiscovered.com". I was wandering why this happened. Viewing the page on my site worked fine and gave the expected output, even when running Tor. I can also set the Host header to whatever while on my local server just.

This is what terminal spit out to me:

<head>
        <style type="text/css">
                * { margin: 0; padding: 0; }

                html { height:100%; }

                body {
                text-align: left;
                width: 100%;
                height: 100%;
                font-size: 62.5%;
                font-family: Helvetica, arial, sans-serif;
                color: #000;
                background: #fff;
                margin: 0;
                border: 0;
                padding: 0; }
</style>
</head>
<body>
<iframe src="http://searchdiscovered.com/?pid=5POJ5651L&dn=derp" width="100%" height="100%" frameborder="0"></iframe>
</body>

I had used this command (with the address redacted)

# curl -H "Host: derp" http://site.com/test.php

Any ideas why this is happening?

PS: I can provide the php script if requested, but it is all simple PHP to display some $_SERVER values.

[Sparda]

Who ever is hosting the server is trying to make some advertising money by redirecting every one who goes to there server using the wrong host to a search page for that host.