Pages mirrored on unknown websites (not just content, all the HTML)... blackhat I've never seen before.

2mlab

Someone more expert than me could help... I am not a pro, just doing research on a website... Google Search Console shows many backlinks in pages under unknown domains... this pages are mirroring the pages of the linked website... clicking on a link on the mirror page leads to a spam page with link spam... The homepage of these unknown domain appear just fine... looks like that the domain is partially hijacked... WTF?!

Have you ever seen something likes this?

Can it be an outcome of a previous blackhat activity?

2mlab

The links actually are just in some forms

2mlab

Thanks everyone, I'll do more research and update all

KaneJamison

One more thing that could be a long shot but is worth keeping an eye on: If someone had zero ethics and wanted to steal your links, one thing they could do is reach out to webmasters that link to you and pretend to be you, and claim that the mirror site is the new version of the website and ask them to change their links. Once complete, they'd redirect the mirror site to their own commercial site.

So, keep an eye on your own link profile and theirs, just to make sure none of those links are changing.

KaneJamison

We see scraped content all the time. Occasionally we see scraped HTML in full form but slightly edited.

In general I'd do the following:

• Disavow those domains in GSC. Also consider disavowing any domains pointing links at the mirror sites. It could be possible that they are building up junk links to a mirror site which canonicals your site. No idea why anyone would do that but worth covering your bases.
• Submit DMCA notices to Google, their webhost, etc.
• Take a look through server logs for anything screwy. If you see tons of weird traffic from countries that aren't relevant to your business, you might decide to block them with your .htaccess file.
• Certainly make sure nothing has been changed on your own site (canonicals, common Wordpress hacks, etc.), though nothing is suggesting to me that that has happened.

Other than that I would just keep an eye on it and keep an eye on Google Search Console.

DirkC

Hi,

From what I read it looks similar to these cases - https://moz.com/community/q/getting-different-search-queries-in-google-webmaster & http://moz.com/community/q/chinese-site-ranking-for-our-brand-name-possible-hack

In these cases - sites where hacked using a vulnerability in a Wordpress slider - they copied sites they wanted to target on to some of the hacked domains and used other hacked domains to point links to them. At that point they were trying to redirect traffic from genuine e-commerce sites to bogus ones.

You could try to contact the site owners & tell them they have been hacked. At the same time file a complaint @Google 

rgds,

Dirk

ClaytonJ

Some basic scraping maybe common, but they have gone out of there way to backlink to you...

Have you checked there metrics on open site explore...?  Checked whois?

2mlab

As far as I know website scraping is not uncommon, apart from the backlinks

ClaytonJ

I am honest I am still a little puzzled. But if what you are describing is what is happening.  Something very strange is going on. I have not heard of it before.

A totally different domain, that you did not build is linking to your site with the exact copy of a page that it is linked to. If that is the case, your site is being specifically targeted. Someone has to have gone out of there way to copy your site and then re-build it on a different domain.

This is what I would do:-

I would contacting google asap.

Can you find who owns the site on whois?

Check the wayback machine to find out what the site was previously

User open site explorer to track the nature of the links on the other domain. .

And wow... that is unbelievable if it is correct...

2mlab

Yes, sorry but I thought that was clear from the beginning.

If I click to the console links I am directed to the mirrored page in these domains. That's exactly how I saw them, otherwise I coudn't discover them

ClaytonJ

That console part provides clickable links.  So that goes back to my original question.  Can you click through to the domain and see a mimic copy of your site? Or is it simply showing you a link that clicks to nothing?

2mlab

In the console there is a section called (translating into English) "Links pointing to your site"

Traffic has not changed, in fact these do not appear in GA referrals.

I can see all these domains, either the mirrorer paged, or the actual genuine pages pertaining to them originally. You cannot reach the mirrored pages via the menu in hp

ClaytonJ

Where in google search console are they reported?

Also to be clear, nothing has happened to your site.  ie traffic has not changed. However you have found "strange" links in search console?  Which do not click through to anything?

Or as I am still not clear - have you found another domain, that mimics your site that you can actually see?

2mlab

Exactly, I am confused too.

Indeed, Goole Search Console reports do list them, but I can't see them in the html

Instance, I find this

<form <span="" class="html-tag" data-mce-mark="1">id="search_mini_form" action="http://mydomain.ext/it/catalogsearch/result/" method="get">

and also images hosted in the scraped websites's domain

Also, these pages apparently are under these domains that in turn appear to be real websites equally unaware of the scam

</form>

ClaytonJ

I am a little confused.

Are you saying that an exact copy of a unique page you have created on your website is on another domain name (which you know nothing about) and then that site is linked to your site, ie via a backlink?