Originally Posted by nelsa
We've checked and it's not done via iframe. This seems to be domain forwarding with masking.
The actual unauthorized domain is koyblanafuc.cf
Our domain is quackquack.in