@evan yes, and it creates a sort of "thundering herd" unintentional ddos for web sites on underpowered providers. there have been ideas on how to solve the trust issue, like randomly verifying some small subset and tracking reputation, or like deferring to a semi-centralized pre-trusted "link preview provider" that is shared between several instances, or even simply ignoring the issue and depending on people to report misleading links. (i prefer the provider approach)