Quick answer
A "vendor" is a hostname alias when (1) its IP address matches another vendor's, (2) its rendered HTML carries a different brand's name in the page title, (3) its homepage 301-redirects elsewhere, or (4) certificate-transparency logs name a different operating entity. Any one signal is suggestive; all four together is conclusive.
Why this matters for buyers
A buyer ordering a $300 vial wants to know who is actually shipping it. In the research-peptide market, a single operator running multiple storefronts under different brand names — sometimes with different pricing, sometimes with different stated COA practices — is common enough that you should check before you trust a brand. The check is cheap and reproducible.
The pattern doesn't make a vendor a bad vendor. It does mean the brand name is marketing rather than identity. Buyers who know the relationship can make an informed call; buyers who don't are buying from someone they didn't realize they were buying from.
The four signals — and the commands to run
Signal 1 — Reverse-IP
The fastest tell. If two vendors resolve to the same IP, they're either on the same shared host (suggestive) or running on the same operator's box (decisive).
dig +short vendor-a.com
dig +short vendor-b.com
If both return the same IP address, run whois or
api.hackertarget.com/aslookup/?q=<ip> to see whether the IP is a
known shared host (Cloudflare, AWS, Hostinger) or a dedicated host.
A match on a dedicated host is a strong alias signal; a match on a
shared host is suggestive but not decisive on its own.
Signal 2 — Page-title check
Fetch the storefront and look at the rendered HTML's <title> tag:
curl -s https://vendor-a.com/shop/ | grep -oE '<title>[^<]*</title>'
If the title returns <title>Shop — Vendor B</title> when the
hostname says Vendor A, you have a brand-mismatch at the rendering
layer. The same pattern across product detail pages confirms it
isn't a one-page mistake.
Signal 3 — Root redirects
A vendor whose homepage 301-redirects to a different domain is almost always a hostname alias:
curl -sI https://vendor-a.com/ | grep -iE 'location|HTTP/'
If the response is HTTP/2 301; location: https://vendor-b.com/,
the brand exists at the URL hostname only. Buyers who land on the
homepage end up on Vendor B's site without ever seeing Vendor A
content.
Signal 4 — Certificate-transparency logs
crt.sh records the legal entity name listed on TLS certificates
issued for a domain. Run:
https://crt.sh/?q=%25vendor-a%25
(URL-encoded %vendor-a% for SQL-style wildcards.) If the
certificates were issued under a different operator's organization
name, that's the legal entity behind the brand.
Worked example — Prime Research Peptides / Truform Compounds
We added "Prime Research Peptides" to our cohort in early May 2026
because they carried Retatrutide at the cheapest per-mg pricing in
our index. A reader spotted that the affiliate redirect from our
site was landing on truformcompounds.com rather than
primeresearchpeptides.com. We ran the four checks.
Signal 1 — Reverse-IP:
$ dig +short primeresearchpeptides.com
46.202.198.196
$ dig +short truformcompounds.com
46.202.198.196
$ dig +short primeresearchlabs.com
46.202.198.196
Three "different" peptide brands all resolve to the same Hostinger
IP. ASN lookup confirms AS-HOSTINGER, CY. Hostinger is a budget
shared host, so the same-IP fact alone isn't decisive — but three
peptide brands sharing a single IP is unusual enough to warrant the
remaining checks.
Signal 2 — Page-title check:
$ curl -s https://primeresearchpeptides.com/shop/ | grep -oE '<title>[^<]*</title>'
<title>Shop - Truform Compounds</title>
The rendered HTML on the Prime hostname is titled with the Truform brand. Same pattern on every product detail page we fetched.
Signal 3 — Root redirect:
$ curl -sI https://primeresearchpeptides.com/
HTTP/2 301
location: http://truformcompounds.com/
The Prime homepage isn't a homepage — it's a 301 redirect to
Truform. Buyers who type primeresearchpeptides.com into a browser
land on truformcompounds.com without seeing any Prime content.
Signal 4 — Certificate transparency:
crt.sh/?q=%25truform%25 returns truform supplements llc as a
registered organization name on TLS certificates issued for the
domains in this cluster. The legal entity behind all three brands
is Truform Supplements LLC.
Conclusion: Four signals, all pointing the same direction. The "Prime Research Peptides" and "Prime Research Labs" brands are hostname aliases for Truform Compounds. Same operator, same WooCommerce instance, same product catalog.
What this means in practice
Truform sells real product. The catalog data is real. The pricing is real. A buyer ordering through any of the three hostnames receives a shipped product. The audit-relevant complaint is not that the vendor doesn't exist — it's that the brand separation exists only at the URL hostname layer, with no separate operating entity behind it.
We've documented this finding prominently on the Prime Research Peptides vendor profile and re-pointed our affiliate URL to land buyers on the storefront catalog page rather than the homepage that 301-redirects to Truform. We're keeping the listing because the catalog data is useful — but buyers should know what they're buying into.
Why we're publishing the methodology
Single-vendor disclosures are useful but limited. The methodology generalizes — and we're going to apply it across the rest of the research-peptide vendor ecosystem in a follow-up piece. If three peptide brands share a single Hostinger IP, the question worth asking is how many other clusters exist that buyers don't know about. The four-signal check above is the tool to find them.
If you run the check on a vendor and find an alias cluster we've missed, email info@vialaudit.com — we maintain a running list and credit reader-submitted findings on the methodology page.
Update: 7 more signals (May 2026)
After publishing this methodology, we extended the automated scan from 4 to 10 signals. The additions catch operators who scrub the content-layer fingerprints (page title, OG site_name) but forget the infrastructure-layer fingerprints they're inheriting from a shared account. The new signals:
| Signal | What it catches |
|---|---|
| Google Analytics / GTM / Facebook Pixel ID | Same tracking account across "different" brands. Decisive on its own — GTM container IDs map 1:1 to Google accounts. |
NS records (dig NS) | Same registrar account / DNS admin |
MX records (dig MX) | Same email infrastructure |
SOA admin email (dig SOA) | Same registered DNS admin contact |
| Favicon SHA-256 hash | Same icon binary across brands |
| WordPress theme path | Same custom child theme |
OpenGraph og:site_name | Brand name in social-card metadata, often different from page title |
The single highest-yield addition is tracking-ID extraction.
Operators almost never re-create a separate GTM or GA account per
property; they reuse the parent account and the IDs propagate. When
we extended the scan and ran it across our 32-domain cohort, the
Truform cluster fingerprint became unmistakable — same
GTM-P9QHNWM9 Tag Manager container ID across multiple supposedly-different
"Prime"-branded domains. The full extended-scan findings are at
/articles/alias-clusters-31-vendor-scan.
FAQ
Does same-IP always mean same operator?
No. Cloudflare, Shopify, and other major hosts put thousands of unrelated sites behind shared IPs. The reverse-IP signal is only decisive when (a) the host is dedicated rather than shared, or (b) it's combined with at least one of the other three signals.
Why isn't this just white-labeling?
White-labeling is one operator (the manufacturer) supplying many distinct retail brands run by different operators. Hostname aliasing is one operator running multiple frontend brands themselves. The distinction matters: a white-labeled product is sold by genuinely different vendors with different customer-service, shipping, and warranty policies. A hostname-aliased brand has none of that separation — it's the same vendor with multiple URLs.
Is hostname aliasing illegal?
Not on its face. It's a marketing pattern, not a regulatory issue. What can be a regulatory issue is undisclosed brand-versus-operator relationships in contexts where the operator has prior enforcement history or cross-brand reputation arbitrage matters to consumers — neither of which applies to the Truform cluster as far as we can tell from public records.
How often does this pattern appear in the peptide market?
Unknown until we scan the cohort. We're publishing the systematic scan as a follow-up. Suggestive priors: white-label peptide infrastructure is well-established (services like SmartMD Labs sell "launch your own peptide brand" turnkey packages), so the multi-brand single-operator pattern has structural precedent.
Sources
- DNS evidence:
dig +shortagainst three Truform-cluster domains; results above. - ASN lookup:
api.hackertarget.com/aslookup/?q=46.202.198.196→AS-HOSTINGER, CY - Cert-transparency:
crt.sh/?q=%25truform%25returnstruform supplements llc - HTTP evidence:
curl -sI https://primeresearchpeptides.com/returns 301 to truformcompounds.com - Background: SmartMD Labs white-label peptide brand infrastructure
- Internal: Prime Research Peptides vendor profile and the four-signal evidence applied to that listing