Unauthorized domain pointer?

I have a website that I have developed for photo scanning and DVD slideshow services, http://www.dvdsmiles.com. I was looking through my statistics this morning, and while looking through referring URLs I noticed this website: http://www.llandoverybroadband.co.uk. When I went to the website, I was shocked to see that it was what seemed to be a pointer or alias to my website. All of the functionality works so I don't think it could be a copy unless they copied all of my database tables, changed the scripts that call them, etc.

Does anyone know why someone would do this? Could it be a mistake?
PLavelleAsked:
Who is Participating?
 
humeniukCommented:
Sorry to see this isn't resolved.  A little more digging:

Here's the server header for www.llandoverybroadband.co.uk (via www.rexswain.com/httpview.html):

Header (Length = 393):
HTTP/1.1 302 Found
Connection: close
Date: Thu, 26 May 2005 19:10:05 GMT
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Location: http://www.dvdsmiles.com/Unauthorized.htm
Set-Cookie: ASP.NET_SessionId=s0rf2d45sxd5pde3cyldp4ar; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 158

Content (Length = 158):
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href='http://www.dvdsmiles.com/Unauthorized.htm'>here</a>.</h2>
</body></html>

So basically, there is now a 302 (temporary) redirect set up on this domain to your 'unauthorized.htm' page - not quite the same thing as before.

The other interesting element is that both domains resolve to the same IP.  You can do an IP lookup here - perhaps this  will give you some additional contact info that you can use to pursue this.


Here's an except from WhoIs lookup for that domain:

    Domain Name:
        llandoverybroadband.co.uk

    Registrant:
        Paul Thomas

    Registrant's Address:
        28 Clonmel Close
        Caversham
        Reading
        Berkshire
        RG4 5BF
        GB

    Registrant's Agent:
        Parbin Ltd t/a Get Surfed (Metronet) [Tag = GETSURFED]
        URL: http://www.metronet.co.uk

    Name servers listed in order:
        dns0.getsurfed.com                213.162.97.177
        dns1.getsurfed.com                213.162.97.178

http://195.66.240.211/cgi-bin/whois.cgi?query=llandoverybroadband.co.uk&x=25&y=14


www.metronet.co.uk (the registrant's agent) is a broadband ISP.

Metronet
7 Jardine House
Harrovian Business Village
Bessborough Road
Harrow
Middx HA1 3EX

Information: info@metronet.co.uk
Sales: sales@metronet.co.uk
Billing: admin@metronet.co.uk
Support: support@metronet.co.uk

Tel: 087 0284 0284
Tel: 020 7043 8202
Mon-Fri 9am - 6pm


Metronet also offers .co.uk domain names through www.just-the-name.co.uk.

Their web page says 'try our url masking - it's different!'.  URL masking would provide the previous effect, ie. your website showing up under their domain name.

You can read more about that here - http://www.just-the-name.co.uk/qna.shtml#10_url_masking.

Included there:
"Also, with all URL masking, full Analog-generated logs are now available from your control panel. These logs are updated weekly, are accessible at any time, and include hit-graphs, and statistics by domain suffix, referrer, etc."

Is someone trying to get info on your prospective customers by setting up a masked version of your site?  Perhaps this will give you a few more avenues to follow up with if you haven't uncovered these things yourself.
0
 
ChastityManCommented:
It probably isn't a mistake.  I've heard of people doing this for a variety of reasons; most of which are not virtuous.  Sometimes it is a lazy person who liked your site and basically lifted it from you.  Other times it is somebody who is trying to trick people into believing it is your site and scam information off of your users.

Either way, I would watch it and possibly send their ISP a letter of complaint.
0
 
rdivilbissCommented:
>Does anyone know why someone would do this? Could it be a mistake?

It is clearly no mistake and all your customers are at risk of identity theft.

You need to run, don't walk to your ISP and attorney.  You can block their ip after the investigation.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

 
humeniukCommented:
Agreed.  This is much more than a case of someone copying your design.  In addition to the above, you should consider reporting this to the major search engines (Google, Yahoo, MSN) as mirror sites with duplicate content can harm your rankings.  With Google (for example), you can either file a Trademark Complaint (www.google.com/tm_complaint.html) or a spam report (www.google.com/contact/spamreport.html) or both.  In either case, be sure to make it very clear that the other site is an unauthorized copy of your site.

You can do the same with Yahoo (http://add.yahoo.com/fast/help/us/ysearch/cgi_reportsearchspam) or MSN (http://support.msn.com/feedbacksearch.aspx).
0
 
PLavelleAuthor Commented:
Thanks for the help guys. I wrote some code to redirect to my real web site if the domain name does not contain dvdsmiles.com. I'll try those links that you provided as well, humeniuk.

I contacted my hosting company, discountasp.net, and they said that there wasn't anything they could do. I have emailed all of the people I could find in the whois record about the problem, but no one has responded yet. I don't have any sensitive information in my database so my customers are not in any danger.
0
 
humeniukCommented:
Keep it posted as to how it goes.
0
 
PLavelleAuthor Commented:
Unforunately, the problem was never corrected, and the domain still points to my IP address. I redirect to a page that displays "unauthorized request" if the request is coming from that domain. I have tried to contact everyone I could find but no one has responded.
0
 
rdivilbissCommented:
I would have to agree the question has been abandoned, regardless of your current situation.

Your questions was: Does anyone know why someone would do this? Could it be a mistake?

1. They do it to commit fraud
2. It is no mistake.

Further advice beyond the scope of the original question was given and there has been no indication from you what you have or have not specifically done to address the issue.

I would say your question was answered, however had you continued to participate the experts here would likely have helped further with the benefit of their experience.

You have to participate as well.

Regards,
Rod
0
 
PLavelleAuthor Commented:
What? There was clear indication from me as to what I specifically did to address the issue. The post on "Date: 04/26/2005 06:42AM PDT" stated exactly what I did. I continued to participate as much as I could, but nothing else at this point could be done. If you read my last post and had any other ideas, you should have posted them. Otherwise, I was waiting for a response from someone to my emails.

So what would you have recommended, Rod?
0
 
PLavelleAuthor Commented:
Still no response from anyone. Points to humeniuk for the most helpful response.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.