Exact illegal copy of my Site on another Domain

[Mike Rockett]

First time I've seen this thread. I still find it odd that the virtual host setup is allowing this kind of thing to happen... In fact, it's the first time I'm hearing of an issue like this in the first place. Could this be a service-provider issue - possible server misconfig?

[elabx]

I had seen this thread before but is seemed such an obscure problem! 

http://ladosis.eduardosanmiguel.com (mine!)

http://thatsnew.net (copycat!)

I am talking with namecheap right now (my registrar)

[LostKobrakai]

You should probably talk to their registrar instead of yours: abuse@enom.com. 

[elabx]

8 hours ago, LostKobrakai said:

You should probably talk to their registrar instead of yours: abuse@enom.com. 

Done that too! 

[cstevensjr]

36 minutes ago, elabx said:

Done that too! 

You should open a work (trouble) ticket with your hosting provider/domain registrar.  Sending an email to the abuse address is most likely not manned or properly monitored.

There are explicit established rules for hosting providers/domain registrars to handle this type of situation.  It may take some time to get this resolved, however the sooner you make them officially aware the better for you.  They can also provide guidance on how you, as their subscriber, can alleviate this problem in the future. Additionally, you will then have an official record that there was a problem.  You can refuse to close the ticket until the hosting provider/domain register has satisfied your request.

Worst case scenario, here is a link to use if all your other problem resolution strategies don't work:

http://www.iana.org/help/abuse-answers

Furthermore, If you aren't getting any resolution of this issue, I would recommend that you additionally look for a better hosting/domain registration provider.  Good luck with this because this is one of those irritating problems that occurs sometimes.

[elabx]

Thank @cstevensjr for the recommendations, I actually submitted a ticket not just an email! Neither NameCheap nor Enom have answered up to now, meanwhile, the .htaccess that Ryan posted did the trick.

[Mike Rockett]

I just did a WHOIS on that copy-cat domain. Why is there no registrant info?

Edit: And it appears that site is meant to have its own site.

[tpr]

49 minutes ago, elabx said:

Neither NameCheap nor Enom have answered

Perhaps they have set up their mail in the similar manner as their domains?

[LostKobrakai]

42 minutes ago, Mike Rockett said:

I just did a WHOIS on that copy-cat domain. Why is there no registrant info?

A lot of registrars allow you to use/simply use a middleman service to anonymize the private name and address.

[Mike Rockett]

22 minutes ago, LostKobrakai said:

A lot of registrars allow you to use/simply use a middleman service to anonymize the private name and address.

Sure, but that information should still be visible, right?

[LostKobrakai]

It was for me, when I did lookup the whois data yesterday iirc.

[Mike Rockett]

9 hours ago, LostKobrakai said:

It was for me, when I did lookup the whois data yesterday iirc.

I see - it is showing on whois.com as WHOISGUARD.

[mrjasongorman]

www.ladosis.eduardosanmiguel.com = 52.24.162.64 (amazon seattle) according to https://www.iplocation.net/ 

www.thatsnew.net = 52.24.162.64 (amazon seattle) according to https://www.iplocation.net/ 

Looking at curl -I www.thatsnew.net it returns:

HTTP/1.1 301 Moved Permanently

Server: nginx

Date: Wed, 14 Sep 2016 17:30:09 GMT

Content-Type: text/html; charset=iso-8859-1

X-Frame-Options: SAMEORIGIN

Location: http://www.ladosis.eduardosanmiguel.com/

Age: 0

Connection: keep-alive

So it's just a redirect?

[Mike Rockett]

@mrjasongorman - yes, elabx created a temp redirect while this gets sorted out. Before it was showing the site without a redirect.

[mrjasongorman]

@Mike Rockett Ah ok i see, i may have not read the thread properly, my bad.

[elabx]

Update:

1s answer from namecheap:

Quote

 

Hello,

Thank you for your email regarding thatsnew.net. 

In general, a domain which is not added to your server should be resolving to your server IP even if the corresponding A record is set for it. Please double-check the settings in your control panel. For example, if you have WHM, please make sure that you have uncheck the option "Allow Creation of Parked/Addon Domains that resolve to other servers (i.e. domain transfers) [This can be a major security problem. If you must have it enabled, be sure to not allow users to park common internet domains.]" from tweak settings.

Alternatively, you are welcome to contact the company that controls the hosting nameservers of this domain.

Should you have any questions, please let us know.

 

2nd answer from Namecheap once I insisted that they are the domain owners and that the abuse mail belongs to them according to the whois on the IP address 192.64.119.6 (the domain resolves to this address).

Quote

 

Hello,

Thank you for getting back to us.

Please be informed that 192.64.119.6 is an IP-address of our URL-forwarding server. It is technically impossible to store any content on it as it was set up simply for forwarding purposes. 

Let us recommend you to contact the company which operates the "www." sub-domain in this very case. Please find their contact details below:
https://whois.domaintools.com/xx.xx.xxx.x

You are welcome to contact us back in case of any questions or concerns.

 

(the xx mask is my actual server address)

1st answer from Enom:

Quote

If you have an issue with site content you need to contact the web hosting provider -- the one who runs the server. The Registrar, Enom, only created the domain name for whoever purchased it. We don't run, manage, or host their website.
Domain thatsnew.net resolves to IP 192.64.119.6. Per the American Registry for Internet Numbers (ARIN, https://www.arin.net/), that IP is assigned to Namecheap, Inc.; the site is hosted by Namecheap. You can reach them via the information at http//namecheap.com.
Regards,
Derek
Technical Support

I think neither of them is paying much attention, but I think Namecheap is to be the one who takes the hit, on any whois I get that thatsnew dot net is the actual reseller so I wonder if my DNS setup is somehow filtered to someone else. (my domain is hosted on Namecheap too, and apparently, being resold by Namecheap with Enom as registrar).
 

What the heck? I mean, anyone would only need my IP address and point an A record right? Had never thought about it but is this really unavoidable up to the server's configuration (as per it is solved right now).

[francesco1975]

it happened to me too, in my case the problem is explained here:
https://forums.cpanel.net/threads/https-shows-another-website.646157/

in htaccess is it possible a rule like if it is not mydomain.com redirect it somewhere else? instead of writing a rule for each domain pointing to my site.