there are infinite mitigations and it will always boil down to how much they want to do this vs how much you want to prevent them. in the end they could render in a remote controlled browser and use cdn or aws ip adresses en mass, i would consider highjacking their users in subtle ways like replacing pictures or text with obscenities or legal disclaimers. unfortunately their motivation is ad selling to other dodgy companies so unlikely you can mitigate that way. i would also invest in getting the seo in order and having them removed from google if possible. lastly there are solutions like cloudflare turnstile that impact normal users not as much as in days of captchas
Maybe op only needs to do enough to undermine their website, rather than drive them away.
it’s possible the combination of blocked image hotlinks, watermarking the domain inside the images, and CSS trickery that messes up the page on the proxy (along with whatever other steps that can be thought of to make it look wrong or erroneous on the proxied site) could get op bumped to #1 on search on enough links that it no longer matters.
Given the other site isn’t generating original content it’s unlikely to ever get its google juice back.
On a side note - does Google have an option for this? I’m sure they must have encountered this before and it helps the quality of their results too to block obviously fudged content.
