I own a file upload website, and to prevent users from linking to files directly (skipping the pages with ads), the urls are regulary changed (and when someone tries to go to the file directly on the old url they are referred to a page with ads).
Recently I've noted something strange, one of the sites referring to my site is using Javascript: If the link goes directly to the file, and is not referred to a page with ads, the visitor gets the file when he clicks on it.
If, however the file refers to a page with ads, the link seems to disappear after a user clicks on it and the user stays on the same page.
I hope you understand what I mean. Here is the code:
<script type="text/javascript">
function getURLParam(level)
   var search = level + "=";
   var searchURL=location.href;
   var searchURL=searchURL.substring(searchURL.indexOf('?')+1, searchURL.length);
   if (searchURL.length > 0) {
        var offset = searchURL.indexOf(search);
        if (offset != -1) {
            offset += search.length;
            var end = searchURL.indexOf("&", offset);
            if (end == -1) end = searchURL.length;
            return unescape(searchURL.substring(offset, end));
    return "";
<script type="text/javascript">
function fraRefresh () {
var str = getURLParam("url");
window.frames['frame1'].location = str.replace(/ABC/,"&")



<body leftMargin=0 topMargin=0 >
<a href="javascript:location.replace(getURLParam('url'))">DOWNLOAD</a> 
and they put that as the src of an iframe.
Now, I was wondering if someone could explain to me what this code does and if there's any way to get around it.(they're stealing bandwidth doing this at the moment)