Blog

Glam Ink’s design was ripped off and stolen including Google Analytics code

I wish my first 2018 blog post would be exclusively about wishing you all the best and prosperity for this year.

Unfortunately, my return from the holidays was a rude awakening courtesy of the “nice” people at zoxtel.com. They completely ripped off the Glam Ink design, including my Google Analytics tracking code. So when I returned to work instead of planning new projects I had to take the time to contact the them to at least have the decency to delete my code from the stolen design, and to contact the Google Analytics Support Team to report the problem.

The ugliest part of this issue is that somehow my whole Google Analytics traffic history disappeared from my GA dashboard and I get only the zoxtel.com website traffic in reports. I don’t exactly know how this could have happened, why is Google Analytics reporting traffic from another domain (different from the property’s domain) and where is all my traffic history gone.

I’m anxiously waiting for a response from Google Analytics Support Team. I’ll update this post as soon as I have news.

zoxtel.com website – screenshot taken 9 January 2018 02:28:00

UPDATE 1: I got a reply from zoxtel.com that they’ve deleted my Google Analytics code from their website, but that they “bought the template of this site on one of the aggregators on the Internet.” So, either there’s somebody out there that ripped off my Glam Ink theme and sells it including my Google Analytics code… or they just said that. Because we live in a world in which people generously pay thousands of dollars for ads, but refuse to pay 15$ for a template from a genuine shop or use a free one from the multitude available. I asked for proof of purchase, but they avoided to provide one.

zoxtel.com theme css file on 9 January 2018 10:09:27

UPDATE 2: Zoxtel said that they purchased my ripped-off design on a forum, for $50 from an individual. I explained that that person didn’t have a clue what he/she was doing, just scraped my website’s theme (on which I worked for months) to be used as a static html template, but loading javascript and other assets that belong in the WordPress plugins I’m using.

Zoxtel didn’t provide a link to the forum thread, or a payment proof. But in the end it really isn’t relevant anymore whether they scraped my theme themselves or really bought it from someone. The damage is done, I lost all my Google Analytics history (I’m still baffled by this, I have no idea what happened). And the Google Support Team is not at all in a rush to answer my ticket…

Meanwhile I changed my Google Analytics code and resumed business as usual.

UPDATE 3: Zoxtel asked to allow them 3 days to change their design, I agreed, and it looks like they kept their end of the bargain. They changed it enough so that the resemblance is minimized, and somebody wrote a decent html.

Chrome devtools warning for Typekit

The SSL certificate used to load resources from https://use.typekit.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.

If you are loading fonts from Adobe Typekit on your website (NOTE: Actually, this notice is visible for various services, not just Adobe Typekit), and checked your website with DevTools in Chrome after December 1st 2017, you might have seen these notices:

The SSL certificate used to load resources from https://use.typekit.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.


The SSL certificate used to load resources from https://use.typekit.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.

The SSL certificate used to load resources from https://p.typekit.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.

The notice will appear regardless if you load the fonts with the asynchronous javascript method or the newer (recommended) css method.

I haven’t found any official Adobe communication or other material regarding this, so I chose to write these few lines for the clients that use my themes.

The notices are not caused by the theme or your website’s SSL certificate, but because Adobe Typekit service uses SSL certificates issued by Symantec’s infrastructure, certificates that were found to be not up to industry standards. The link in the notice is very helpful, it’s a detailed article written on the official Google Security Blog where the notices are thoroughly explained. I recommend you read it.

You don’t need to make any change to your website, or push the panic button. It’s something Adobe has to fix before the release of version 70 of Google Chrome on October 23, 2018. Your font service is not affected in any way until then. For any questions about this I would recommend to contact the Adobe’s support team, it’s not something theme related.

UPDATE: As of January 2018 the notice is gone for the Typekit font kits, regardless if loaded via CSS or JavaScript.