Pages mirrored on unknown websites (not just content, all the HTML)... blackhat I've never seen before.
-
Someone more expert than me could help... I am not a pro, just doing research on a website... Google Search Console shows many backlinks in pages under unknown domains... this pages are mirroring the pages of the linked website... clicking on a link on the mirror page leads to a spam page with link spam... The homepage of these unknown domain appear just fine... looks like that the domain is partially hijacked... WTF?!
Have you ever seen something likes this?
Can it be an outcome of a previous blackhat activity?
-
The links actually are just in some forms
-
Thanks everyone, I'll do more research and update all
-
One more thing that could be a long shot but is worth keeping an eye on: If someone had zero ethics and wanted to steal your links, one thing they could do is reach out to webmasters that link to you and pretend to be you, and claim that the mirror site is the new version of the website and ask them to change their links. Once complete, they'd redirect the mirror site to their own commercial site.
So, keep an eye on your own link profile and theirs, just to make sure none of those links are changing.
-
We see scraped content all the time. Occasionally we see scraped HTML in full form but slightly edited.
In general I'd do the following:
- Disavow those domains in GSC. Also consider disavowing any domains pointing links at the mirror sites. It could be possible that they are building up junk links to a mirror site which canonicals your site. No idea why anyone would do that but worth covering your bases.
- Submit DMCA notices to Google, their webhost, etc.
- Take a look through server logs for anything screwy. If you see tons of weird traffic from countries that aren't relevant to your business, you might decide to block them with your .htaccess file.
- Certainly make sure nothing has been changed on your own site (canonicals, common Wordpress hacks, etc.), though nothing is suggesting to me that that has happened.
Other than that I would just keep an eye on it and keep an eye on Google Search Console.
-
Hi,
From what I read it looks similar to these cases - https://moz.com/community/q/getting-different-search-queries-in-google-webmaster & http://moz.com/community/q/chinese-site-ranking-for-our-brand-name-possible-hack
In these cases - sites where hacked using a vulnerability in a Wordpress slider - they copied sites they wanted to target on to some of the hacked domains and used other hacked domains to point links to them. At that point they were trying to redirect traffic from genuine e-commerce sites to bogus ones.
You could try to contact the site owners & tell them they have been hacked. At the same time file a complaint @Google
rgds,
Dirk
-
Some basic scraping maybe common, but they have gone out of there way to backlink to you...
Have you checked there metrics on open site explore...? Checked whois?
-
As far as I know website scraping is not uncommon, apart from the backlinks
-
I am honest I am still a little puzzled. But if what you are describing is what is happening. Something very strange is going on. I have not heard of it before.
A totally different domain, that you did not build is linking to your site with the exact copy of a page that it is linked to. If that is the case, your site is being specifically targeted. Someone has to have gone out of there way to copy your site and then re-build it on a different domain.
This is what I would do:-
I would contacting google asap.
Can you find who owns the site on whois?
Check the wayback machine to find out what the site was previously
User open site explorer to track the nature of the links on the other domain. .
And wow... that is unbelievable if it is correct...
-
Yes, sorry but I thought that was clear from the beginning.
If I click to the console links I am directed to the mirrored page in these domains. That's exactly how I saw them, otherwise I coudn't discover them
-
That console part provides clickable links. So that goes back to my original question. Can you click through to the domain and see a mimic copy of your site? Or is it simply showing you a link that clicks to nothing?
-
In the console there is a section called (translating into English) "Links pointing to your site"
Traffic has not changed, in fact these do not appear in GA referrals.
I can see all these domains, either the mirrorer paged, or the actual genuine pages pertaining to them originally. You cannot reach the mirrored pages via the menu in hp
-
Where in google search console are they reported?
Also to be clear, nothing has happened to your site. ie traffic has not changed. However you have found "strange" links in search console? Which do not click through to anything?
Or as I am still not clear - have you found another domain, that mimics your site that you can actually see?
-
Exactly, I am confused too.
Indeed, Goole Search Console reports do list them, but I can't see them in the html
Instance, I find this
<form <span="" class="html-tag" data-mce-mark="1">id="search_mini_form" action="http://mydomain.ext/it/catalogsearch/result/" method="get">
and also images hosted in the scraped websites's domain
Also, these pages apparently are under these domains that in turn appear to be real websites equally unaware of the scam
</form>
-
I am a little confused.
Are you saying that an exact copy of a unique page you have created on your website is on another domain name (which you know nothing about) and then that site is linked to your site, ie via a backlink?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
A website with some guidelines points similar - is this creates an issue?
Hey Guys, Please clarify my doubt at the earliest. We just revamped the website with new content and hired a content writer for our services page to make it done. I just came across with 2 pages with similar guidelines over the content. These are the pages showing some similarity of bulletins. Please take a look on it and give the reply, it creates any ranking issues or not. Page-1: https://www.socprollect-mea.com/business-setup-in-ajman/ Page-2: https://www.socprollect-mea.com/business-registration-in-ajman-free-zones/ Reply ASAP
White Hat / Black Hat SEO | | nazfazy0 -
HELP! My website has been penalized - what did I do wrong?
I have been working on a website Zing.co.nz and have made a sub domain blog.zing.co.nz. The website is for a company that is yet to launch, so I have been boosting traffic by writing blog posts about the topic (loans) on the subdomain. I pushed some traffic to the actual website too. We were climbing the rankings for our brand name but have all of a sudden started to drop. The domain authority was something like 0.9 and has dropped to 0.3. (Using SEO Spyglass) The blog was somewhere similar, but has dropped to 0.0!!! Please help in anyway you can. These changes have happened within the last 48 hours. Zing.co.nz Blog.zing.co.nz
White Hat / Black Hat SEO | | Startupfactory0 -
How to Handle Sketchy Inbound Links to Forum Profile Pages
Hey Everyone, we recently discovered that one of our craft-related websites has a bunch of spam profiles with very sketchy backlink profiles. I just discovered this by looking at the Top Pages report in OpenSiteExplorer.org for our site, and noticed that a good chunk of our top pages are viagra/levitra/etc. type forum profile pages with loads of backlinks from sketchy websites (porn sites, sketchy link farms, etc.). So, some spambot has been building profiles on our site and then building backlinks to those profiles. Now, my question is...we can delete all these profiles, but how should we handle all of these sketchy inbound links? If all of the spam forum profile pages produce true 404 Error pages (when we delete them), will that evaporate the link equity? Or, could we still get penalized by Google? Do we need to use the Link Disavow tool? Also note that these forum profile pages have all been set to "noindex,nofollow" months ago. Not sure how that affects things. This is going to be a time waster for me, but I want to ensure that we don't get penalized. Thanks for your advice!
White Hat / Black Hat SEO | | M_D_Golden_Peak0 -
Rel author and duplicate content
I have a question if a page who a im the only author, my web will duplicate content with the blog posts and the author post as they are the same. ¿what is your suggestion in that case? thanks
White Hat / Black Hat SEO | | maestrosonrisas0 -
Does Anybody Know Who Interflora's SEO Company Is (Or Was)?
In light of the recent penalty put on the Interflora site, does anybody know who their SEO company is or was (or if they were doing it in house)? Also, do you think SEO companies that are responsible for things like this should be named and shamed?
White Hat / Black Hat SEO | | jasarrow0 -
Website mallware attacks
I keep getting attacks to my website every time that are being blocked by OSE firewall Is there any way to stop this? I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer. Is there any malware scan for Mac Thanl you == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 11:48:18 FROM IP: http://whois.domaintools.com/75.126.24.81 URI: [http://www.propdental.es/](http://www.propdental.es/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 10:13:17 FROM IP: http://whois.domaintools.com/107.21.150.82 URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A ``` == Attack Details == TYPE: Found Malicious User Agent DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 ACTION: Blocked LOGTIME: 2013-02-25 03:13:52 FROM IP: http://whois.domaintools.com/119.245.226.74 URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/) METHOD: HEAD USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 REFERRER: N/A ``` ```
White Hat / Black Hat SEO | | maestrosonrisas0 -
New website :301 redirection of a established domain
Hello , I am launching a new website which would host user generated content . Based on my brandname i have purchased a new domain . In order to improve SEO rankings i was considering to purchase a good quality domain (have gr8 link backs) and then perform 301 redirection of the domain to the new brandname.co.in domain . Does this work ? Is there any harm in doing this ? . Does the Link juice pass naturally ? Warm Rgd
White Hat / Black Hat SEO | | ShoutOut0 -
Competitors have local "mirror" sites
I have noticed that some of my competitors have set up "mirror" homepages set up for different counties, towns, or suburbs. In one case the mirror homepages are virtually identical escept for the title and in the other case about half of the content id duplicate and the other half is different. both of these competors have excellent rankings and traffic. I am surprised about these results, does anyone care to comment about it and is this a grey hat technique that is likely to be penalized eventually. thx Diogenes
White Hat / Black Hat SEO | | diogenes0