Site clone?

[hdspot.net]

Hey guys, my site is www.hdspot.net

but I found this site: http://cheappatioheater.co.uk/

how is it working? and what's the point?

Thank you.

 

[shadow.prx]

Dude i think your site has been hacked or someone has downloaded a back up of your site somehow, This is not a clone of your site this is your site.

He has all your users (he cant just copy your users like that there is no bot to do that)
The skin is identical to yours which also indicates that he has had access to your files (including that title mod i made for you).

Might want to ask all your users to change their passwords and hire someone to secure your server (or at least find out how he got access to your database and files).

How are you a webmaster but you cant tell someone has an exact back up of your site ?

 

[hdspot.net]

But I'm using CloudFlare, and I think this happened since I started using CloudFlare.

I will continue investigating what's going on.

Thanks for the mod, I didn't remember.

Is it possible that they are only using the same database?
I mean what's the point of doing this?

 

[shadow.prx]

:facepalm: using cloudflare has nothing to do with this he has your sites files and database. Cloudflare does not protect you from being hacked.

Like i said this is your site and your files not just a "clone" or connected to your database or anything silly like that.

As for why they are doing this i have no idea your guess is as good as mine.

 

[DLow]

Your sites been hacked, have your host check for misc code on the server

 

[hdspot.net]

I contacted the host, still waiting for an answer.

How can it has the same information and latest posts too?

It's like auto updating :s or like that.

Really weird.

---------- Post added at 12:49 AM ---------- Previous post was at 12:34 AM ----------

I found that domain name cheappatioheater.co.uk from a Copyright Infringent Notice email.

Maybe they want me to know how it feels?

Well, I don't care as long as they don't hack my website.

They can rip it, but don't mess with the security of the website.

Here is the email I received.

[COLOR=#000000][FONT=Times New Roman][COLOR=#222222][FONT=arial][FONT=Verdana]To Whom It May Concern,[/FONT]
[FONT=Verdana]
This letter is a Notice of Infringement as authorized in § 512(c) of the U.S. Copyright Law under the Digital Millennium Copyright Act (DMCA). I wish to report several instances of Copyright Infringement.[/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]1. The copyrighted work is the new release by Big Bill Morganfield called “Blues With A Mood”. William Tee Morganfield owns all rights to the said recording and this retailer has not been authorized to sell this Recording or offer it as a free download. Below is a link to the work listed legally on my site:[/FONT]
[FONT=Verdana]
[URL]http://www.bigbillmorganfield.com/cdsdownloads.html[/URL][/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]2. The unauthorized material appears at the website addresses: [/FONT]
[FONT=Verdana] [/FONT]
[FONT=Times][URL="http://cheappatioheater.co.uk/music/big-bill-morganfield-blues-with-mood-2013-t607997.html"][COLOR=blue]http://cheappatioheater.co.uk/music/big-bill-morganfield-blues-with-mood-2013-t607997.html[/COLOR][/URL][/FONT]
[FONT=Verdana]3. My contact information is as follows:[/FONT]
[FONT=Verdana]
William Morganfield
4691 Fellsridge Drive, 
Stone Mountain, GA. 30083
[URL="tel:770-249-0079"]770-249-0079[/URL]
email: [EMAIL="morganfieldenterprises@bigbillmorganfield.com"]morganfieldenterprises@bigbillmorganfield.com[/EMAIL][/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]
4.[/FONT][FONT=Verdana] [/FONT][FONT=Verdana]I hereby state that I have a good faith belief that the disputed use of the copyrighted material or reference or link to such material is not authorized by the copyright owner, its agent, or the law (e.g., as a fair use)."[/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]"I hereby state that the information in this Notice is accurate and, under penalty of perjury, that I am the owner, or authorized to act on behalf of the owner, of the copyright or of an exclusive right under the copyright that is allegedly infringed."[/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]Note: We are only trying to have this link removed without having to result to legal action/ lawsuits. Thank you so much in advance for your help with this copyright infringement issue.[/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]  William Tee Morganfield[/FONT]

[FONT=tahoma,arial,helvetica,sans-serif][SIZE=3]William Morganfield
CEO Morganfield Enterprises & Black Shuck Records
Atlanta, Georgia 30083
Office: [URL="tel:770-249-0079"]770-249-0079[/URL]
Email: [EMAIL="morganfieldenterprises@bigbillmorganfield.com"]morganfieldenterprises@bigbillmorganfield.com[/EMAIL]
Website: [URL]http://www.bigbillmorganfield.com/[/URL][/SIZE][/FONT][FONT=comic sans ms,sand][FONT=tahoma,arial,helvetica,sans-serif][SIZE=3] [/SIZE][/FONT][/FONT][/FONT][/COLOR][/FONT][/COLOR]

 

[shadow.prx]

A copyright agency would never do something like this that's just silly, they are not criminals.

This is not normal leaching to get all of your users accounts and groups and everything he has he must have access to your database.
And by the looks of it he has regular access have you even changed your database / server / fucking everything's passwords yet?

Might be a good idea to check your logs as well see what the fuck is really going on.

Like i say but you keep ignoring i'm like 99% sure he has access to your entire server. Its impossible to leech a site to that extent.

Edit: Also if you are running an out dated phpbb version update it.

 

[Porney]

:facepalm: using cloudflare has nothing to do with this he has your sites files and database. Cloudflare does not protect you from being hacked.

Like i said this is your site and your files not just a "clone" or connected to your database or anything silly like that.

As for why they are doing this i have no idea your guess is as good as mine.

Well there's definitely a good reason to do it.

He has 664371 posts. That's a lot of SEO juice.
--
And yea he probably has access to your whole server. Including the MYSQL databases.

 

[bxflow]

He has your database bro. Check your servers for malware and change your passwords. Its too late now but for future reference

 

[Djlatino]

NIGGA U GOT HACKED, git yer shit together and call up yo host, if he denies any sekurity breech, pop a .50 Deagle on his head BRRAT BRRAT

your site wasn't ripped, it was HACKED.

 

[MediaStar]

all content is same, so how he can make another website same update?

 

[hdspot.net]

Yes, that's exactly why they're doing. (Site hacked or mirroring my website). both ways I don't have a clue abou how they're doing this.

Why that guy sent that link to me? I mean, where did he find it?

 

[shadow.prx]

Well copyright agency use bots to search the web for their content, They end up falsely flagging their own content all the time.
It looks like this site has been doing this for some time.

About 86,000 results

To me it just looks like that copyright agency has found one of the links that contains their content and just ended up emailing you since he has not changed the dmca email.

 

[hdspot.net]

I just changed all password, ftp, acp, and databse.

Nothing happened, http://cheappatioheater.co.uk/ still mirroring my websites.

It's hard to find what file might be doing that.

---------- Post added at 11:43 PM ---------- Previous post was at 11:28 PM ----------

by the way, I don't remember this folder named: awstats

---------- Post added 8th May 2013 at 12:06 AM ---------- Previous post was 7th May 2013 at 11:43 PM ----------

Hey guys, check this in http://cheappatioheater.co.uk/ footers code.

</script> <iframe scrolling="no" frameborder="0" src="[URL="http://www.wjunction.com/view-source:http://www.bridalfashionmall.net/"]http://www.bridalfashionmall.net/[/URL]" width="0" height="0"></iframe> <!-- Start of StatCounter Code for Default Guide --> <script type="text/javascript"> var sc_project=8832562;  var sc_invisible=1;  var sc_security="0ada25eb";  var scJsHost = (("https:" == document.location.protocol) ? "https://secure." : "http://www."); document.write("<sc"+"ript type='text/javascript' src='" + scJsHost+ "statcounter.com/counter/counter.js'></"+"script>"); </script> <noscript><div class="statcounter"><a title="website statistics" href="http://statcounter.com/free-web-stats/" target="_blank"><img class="statcounter" src="http://c.statcounter.com/8832562/0/0ada25eb/1/" alt="website statistics"></a></div></noscript> <!-- End of StatCounter Code for Default Guide --> <script type="text/javascript" src="[URL="http://www.wjunction.com/view-source:http://js.tongji.linezing.com/3169807/tongji.js"]http://js.tongji.linezing.com/3169807/tongji.js[/URL]"></script><noscript><a href="http://www.linezing.com"><img src="http://img.tongji.linezing.com/3169807/tongji.gif"/></a></noscript><!----></body> </html>