Member Avatar for T4gal

Hello,

First of all, I'm not sure if this is the correct place to ask this or not. If it isn't, I apologize, please direct me to the appropriate place.

First off, let me explain the situation as best I can.

I built a website for a client, www.example.ca. I take care of hosting and domain registration for them through godaddy, just so that they do not have to worry about it. I just noticed now, that if I go to www.example.net, a copy of my site comes up. It is an exact copy, and when I navigate around the website, the url in the address bar does not change to www.example.ca, it stays at www.example.net. So it's not just a redirect. This copy site also updates instantly when I update the original site. Any change I make to my .ca website is reflected on the .net site instantly. I've looked on websites that allow you to see where a website is hosted, and the .net website is apparently hosted at a different place than my site. I do not own this .net domain name. This domain name is registered to our local phonebook company.

I've been told that this is probably just a 301 redirect, but that doesn't seem right based on what I've read about it. Mind you, I'm no expert. I've also looked on websites that apparently tell you whether a domain is redirected or not, and they say that this .net domain name is not redirecting.

So now to my question, how is this possible? How did they duplicate my site, and get it to reflect any changes I make?

I hope this makes sense. Thank you in advance for any help.

Thanks,
Jesse

maybe you should ask the people at GoDaddy, since they are handling your dns and hosting?

commented: Yep, that would seem the obvious answer :) +0

Can you post the output of tracert?

You can use an iframe to embed another site's page on your page. That way, you are seeing the original site (content) under a different domain/page. Links to other pages work but they are all displayed within the (same) frame so the page address in the browser bar won't change. This can be a very useful trick but it can also be an underhanded way to dynamically 'steal' other sites' content. The only obvious logic here would be that the person behind it likes your content and intends to promote his (her?) version AND/OR they expect enough mistakes keying .net instead of .ca that it will give them some traffic. I presume that in either case, they would want to surround your content with their own ads / links.

a (Javascript?) statement like:

if (window.top !== window.self)window.top.location.replace(window.self.location.href);

has been suggested by others as a way to determine that your content is running in an iframe and then redirect back to your page. If that is what this other site is doing, then this could negate it.

Member Avatar for T4gal

Thanks for the answer!

If they were using an iframe like you suggested, would I be able to see it when I view the duplicate websites source code? Because I've looked with firebug and I don't see it anywhere.

Also, about that statement, where could I find out how to implement that to see if it will work?

As for their reasoning for doing this, they haven't put any ads on the duplicate site. They actually have not made even the smallest change to anything. The client I made this website for advertises with them, and in their ad they used the .net domain name instead of the .ca domain name, so my theory is that they want to make the .net as popular as possible, then they can threaten to take the website down unless my client pays whatever they want to either buy the domain name from them, or pay some monthly fee to keep the website going.

Thanks,
Jesse

Member Avatar for T4gal

maybe you should ask the people at GoDaddy, since they are handling your dns and hosting?

I called them before posting here, and the guy I talked to said it was probably a 301 redirect, but like I said, I have my doubts based on what I know about them.

Can you post the output of tracert?

I'm sorry, I'm not sure what that means?

tracert (sitename) in the console.

Member Avatar for T4gal

tracert (sitename) in the console.

Sorry, but I don't know what that means.

Open a command prompt and type:

Tracert www.mysite.com

Replacing mysite.com with your sites address

Hit enter.

Post the results.

Not very difficult....

Also post the output of "nslookup" (done the same way)

Member Avatar for T4gal

It may not be very difficult to do, but if I don't know what it means, that does make it a little difficult.

Anyway, I checked google and I believe I know what you mean now.

I put traceroute www.ramexteriors.net into Terminal (Since I'm on a mac. I believe that's the equivalent to what you said?) and got:

traceroute to www.ramexteriors.net (50.57.202.13), 64 hops max, 52 byte packets
1 192.168.0.1 (192.168.0.1) 3.062 ms 5.542 ms 0.478 ms
2 * * *
3 rd1no-ge3-0-0-10.cg.shawcable.net (64.59.133.67) 23.374 ms 19.804 ms 22.023 ms
4 rc2so-tge0-3-0-0.cg.shawcable.net (66.163.71.158) 26.148 ms 22.582 ms 26.677 ms
5 66.163.77.2 (66.163.77.2) 38.369 ms 45.103 ms 38.583 ms
6 rc2ec-tge0-8-0-0.il.shawcable.net (66.163.77.125) 62.016 ms 51.525 ms 60.148 ms
7 equinix.xe-1-3-0.cr2.ord1.us.nlayer.net (206.223.119.61) 55.426 ms 54.273 ms 53.669 ms
8 ae2-20g.ar1.ord6.us.nlayer.net (69.31.110.254) 61.695 ms 59.930 ms 62.864 ms
9 as19994.xe-1-0-7.ar1.ord6.us.nlayer.net (69.31.110.242) 57.118 ms 58.088 ms 58.771 ms
10 corea.ord1.rackspace.net (184.106.126.136) 55.010 ms
coreb.ord1.rackspace.net (184.106.126.138) 67.349 ms
corea.ord1.rackspace.net (184.106.126.136) 53.238 ms
11 core1-coreb.ord1.rackspace.net (184.106.126.129) 53.213 ms
core1-corea.ord1.rackspace.net (184.106.126.125) 60.156 ms
core1-coreb.ord1.rackspace.net (184.106.126.129) 51.049 ms
12 core1-aggr301a-4.ord1.rackspace.net (184.106.126.33) 54.603 ms 57.093 ms 60.720 ms
13 50.57.202.13 (50.57.202.13) 49.344 ms 51.178 ms 53.503 ms

and the same with nslookup:
Server: 192.168.0.1
Address: 192.168.0.1#53

Non-authoritative answer:
Name: www.ramexteriors.net
Address: 50.57.202.13


Is that what you wanted?

Therefore we can find the following info:

www.ramexteriors.com - IP: 72.34.40.201
Registered with Godaddy (possibly hosted by rackspace) to:

Mccoy, Kris
Ram Builders
649 N 500 E
Lindon, Utah 84042
United States

www.ramexteriors.net - IP: 50.57.202.13
Domain registered with Enom, Inc to:

Michel Turcotte (michel.turcotte@ypg.com)
Yellow Pages Group Inc.
325 Milner Avenue
Toronto, ON M1B 5S8
CA

Why not contact this Turcotte fellow and ask?

Member Avatar for T4gal

Well, like I explained in my first post, and another of my posts, I already knew who the copy domain was registered to. I didn't have to do all of that to find it out. I can find out who the domain name is registered through by searching for it on godaddy. That doesn't answer my question though.

no, but you can ask him whether or not he has an iFrame displaying your site, or whether or not he knows how your site appears on his url

no, but you can ask him whether or not he has an iFrame displaying your site, or whether or not he knows how your site appears on his url

There is no Iframe, check the source.

It will be interesting to understand how this was done (and what, if anything can be done about it). It appears that the site is referencing php code within that site. If he somehow got a complete copy of the original (.ca) site, that would be one way. Another might be if he created dummy php modules that 'include' your php modules from your site. There may be other ways that someone can suggest. If you make a small change on the original site and it immediately shows on the .net version, then he has to be using some sort of dynamic approach.

Legally, since you know who is doing it, the (.ca) website owner (who presumably has the copyright) may want to send a "cease and desist" letter to him and copy his hosting company.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.