Well mystery solved. I did a bit of sleuthing and noticed they have a scratch card at the bottom of the page. I had written a scratchpad plugin so I did a quick search for "wScratchPad" and sure enough it's there. They copied my sample code from <a href="http://wscratchpad.websanova.com" rel="nofollow">http://wscratchpad.websanova.com</a>, div's css and all and, you can even see the same `id` and `class` names.<p>I guess they copied a little too much.
There is a comment on my blog from a developer from MLB.com for anyone who is interested:<p>"Hi -<p>Engineer from mlb.com here. It appears this goes a bit deeper down the rabbit hole than meets the eye. Apparently there’s some code laying around in our tests run by a CI setup that randomly generates a tracking code to mock third party scripts (Google analytics, ad tracking, etc) instead of using our actual IDs as to not mess with our marketing guys’ numbers (we run a LOT of tests on CI).<p>The strange thing is that your IDs aren’t being pulled from your site, but have randomly been generated the same way many, many times and then been shipped out to our production server by mistake.<p>We can’t figure out why this is happening, but are looking into the build system and how it caches data. Luckily I read HN or we might have never caught this!"
One day Microsoft (msn.com) to be exact hotlinked a small gif from one of my servers. Support did not respond at all to my inquiries to <i>please</i> have it removed (the msn.com homepage had a lot more traffic than I was used to dealing with) so I replaced the gif on my server with the "netscape now" button.<p>This was at the height of the browser wars.
I once hired an offshore developer on ODesk who stole my code and resold it. I discovered he was doing this because he left my analytics code in. Same deal; I woke up one day to analytics showing traffic on a domain I didn't own, so I went to look and it was basically a mirror of my site.
@MLB.com<p>But why are you generating those random IDs at all? That means you guys are sending false tracking data to so many websites using those IDs.<p>Stop doing this! Create a different tracking ID for testing or something!!
For anyone else experiencing this problem what you can do is simply setup a filter in Google Analytics to only allow your domain to add traffic to your google analytics profile.<p>Inside google analytics goto filter,
create new filter,
select custom filter,
select include filter,
Enter hostname in the filter field,
enter your websitename\.com in the filter pattern box,<p>Apply this filter to your profiles for websitename.com and you should be good to go
I wrote an example for graduate students in the US to create a webpage and directed them to look at my webpage for an example template. Now they all copy my analytics tracking code, and I have like tens of student websites that I'm tracking me. It annoys me. I think we should have some sort of two-way authentication or atleast a way to "mute" certain domains or only whitelist certain domains in the reporting side of GA. Perhaps it exists?
Back in 2003 Sony Pictures hotlinked some javascript code I had created for handling Flash->javascript communication. Back then all I could think of was using it to float a dancing robot over their content. These days I guess you can get away with a lot more.
One morning, we woke up to see Google Analytics sending us data from an external site. When we opened that link, it turned out to be a clone of our website.<p>They had crawled the entire site (which was designed by our partners) and replaced the logos and text. The GA code was still there.
I think it would have been cool to ping one of the MLB.com developers, not write a blog post and laugh at them publicly/without warning. Just sayin'.
On a side note, when I visited the blog, it triggered a Web of Trust warning because it got flagged as spam: <a href="https://www.mywot.com/en/scorecard/websanova.com" rel="nofollow">https://www.mywot.com/en/scorecard/websanova.com</a>.<p>It looks like a legit programmer's blog to me, so I gave it a full positive review.
Hilarious. You probably aren't seeing a huge traffic spike because it's a microsite that hasn't been launched yet. It also appears to be outsourced or in some sort of BETA since the script management is atrocious. Run a Chrome audit - it's only a landing page and still makes 37 different JS file requests & 13 different CSS file requests, none of which are minified. Granted many "professional" sites ignore client-side asset performance but regardless, 120+ HTTP requests for a landing page is laughable.<p>Edit: Might be same shop as mlb.com, they don't appear to care about asset performance either.
Doesn't Google Analytics cost money after a certain amount of hits per day/month? If that is the case and the gap was hit, would MLB.com be liable to pay the fees?
People usually steals my designs. Well, I stole better but that's another story.<p>I once had my site's design stolen complete with my CSS, Javascript errors, the Analytic and the Adsense Code. I think I have the screenshots somewhere on Flickr.<p>The irony was that, mine was powered by a WordPress theme that I designed and was available as a free download.
Meta comment: This thread has seemed to attract more nonsense comments -- many are almost entirely whited-out -- than usual. Why? Whatever happened to the endorsement idea?
I've had this issue too with some of my old, Open Source jQuery plugins and even keeping the scripts separated (into the document head and at the end of the body) and commented didn't seem to work. Developers looking for the cheap and easy copy and paste I guess don't recognize the difference. Fortunately GA supports simple filtering to mitigate it.
I've created an open source project and forgot to remove my tracking code too. The only thing was, I was hosting my own analytics with piwik, so the tracking code came from my domain. Although I marked the code with comments lots of people still left it there.<p>If I was a bad guy this would be an easy and subtle XSS attack vector
I have seen something similar, when three companies stolen award-winning design of digital agency I used to work for. They just copied whole code (including comments in javascript) and changed logos/texts but they haven't change our ga code.
Reviewing the comments made regarding this and other "Stackoverflow is down" kinda threads I start to wonder... are there so many so-called developers that just copy-paste 9-5?
Someone done goofed. Google Analytics and other KPI chew-toys and gadgets are what keeps executives busy while people get work done.<p>This will not go unnoticed.