Well, I knew some scrapers were bad but this one takes the cake.
209.172.60.19 [ip-209-172-60-19.reverse.privatedns.com]The scraping was tracked to a page on umax-search.info.
User Agent: lwp-trivial/1.41
When I went to open the page in Internet Explorer I got this error instead.
umax-search.info may cause a breach of browser security.The proud owner of this lovely site is:
We blocked your browser from visiting this site.
In our tests, umax-search.info attempted to make unauthorized changes to our test PC by exploiting a browser security vulnerability. This is a serious security threat which could lead to an infection of your PC.
whois umax-search.infoThe site's information is as follows:
Domain Name:UMAX-SEARCH.INFO
Registrant Name:Sid Wongvorakul
Registrant Street1:979 Rutland Dr
Registrant City:Memphis
Registrant State/Province:TN
Registrant Postal Code:78243
Registrant Country:US
umax-search.info (66.199.247.42)The site is hosted by this now blocked company:
OrgName: EZZI.NETThe SCRAPING IP came from iWeb Technologies which I'll assume is hosting a proxy site that was used to scrape and is now also on my blocked list.
OrgID: EZZIN
Address: AccessIT - Hosting Services
Address: 75 Broad Street, Suite 1902
City: New York
StateProv: NY
PostalCode: 10004
Country: US
NetRange: 66.199.224.0 - 66.199.255.255
whois 209.172.60.19From Canada to Tennessee and finally landing in New York, my scraped data took a wild trip and ended with a McAfee warning, sheesh.
OrgName: Groupe iWeb Technologies inc.
OrgID: GIT-20
Address: 3185, rue Hochelaga
City: Montreal
StateProv: QC
PostalCode: H1W-1G4
Country: CA
NetRange: 209.172.32.0 - 209.172.63.255
NameServer: NS1.IWEB-HOSTING.COM
NameServer: NS2.IWEB-HOSTING.COM
Nastiest thing I've run into so far, but I doubt it will be the worst.
2 comments:
Sorry Icredibill, could find your email address anywhere, but wanted to alert you to something I've been seeing a lot of in my log files (until I blocked it of course!):
216.7.179.21 Syntryx ANT Scout Chassis Pheromone; Mozilla/4.0 compatible crawler
Wrong Umax company is getting a bad PR here. The spamming comes from UmaxSearch (see UmaxLogin.com and UmaxSearch.com), it is a website that uses PPC feed from a well-known firm.
They accept affiliates and split profits. Affiliates usually use doorways and spamming techniques. Well, this is a bad thing. The worse thing is that this well-known entity is selling legitimate guys this laundered traffic.
Enjoy.
Post a Comment