Wednesday, June 28, 2006

SCRAPER BUSTED #5 - Site is so bad McAfee SiteAdvisor blocked the page load!

Well, I knew some scrapers were bad but this one takes the cake. []
User Agent: lwp-trivial/1.41
The scraping was tracked to a page on

When I went to open the page in Internet Explorer I got this error instead. may cause a breach of browser security.

We blocked your browser from visiting this site.

In our tests, attempted to make unauthorized changes to our test PC by exploiting a browser security vulnerability. This is a serious security threat which could lead to an infection of your PC.
The proud owner of this lovely site is:

Registrant Name:Sid Wongvorakul
Registrant Street1:979 Rutland Dr
Registrant City:Memphis
Registrant State/Province:TN
Registrant Postal Code:78243
Registrant Country:US
The site's information is as follows: (
The site is hosted by this now blocked company:
Address: AccessIT - Hosting Services
Address: 75 Broad Street, Suite 1902
City: New York
StateProv: NY
PostalCode: 10004
Country: US

NetRange: -
The SCRAPING IP came from iWeb Technologies which I'll assume is hosting a proxy site that was used to scrape and is now also on my blocked list.

OrgName: Groupe iWeb Technologies inc.
OrgID: GIT-20
Address: 3185, rue Hochelaga
City: Montreal
StateProv: QC
PostalCode: H1W-1G4
Country: CA
NetRange: -
From Canada to Tennessee and finally landing in New York, my scraped data took a wild trip and ended with a McAfee warning, sheesh.

Nastiest thing I've run into so far, but I doubt it will be the worst.


MP1 said...

UMAX has been around for a few years. They got so bad he moved his spamming operation to another host in another country (last time I checked). He runs a so-called search script that ends up spamming guestbooks each time it's ran by the visitor - thus having the visitor's IP busted instead of his own. His referer urls have been blacklisted on my sites for a few years now (since 1999).
I'll give ya 3 guesses as to where he started out and the first 2 guesses don't count... EV1 - Good 'ol Everyone's Internet. They receieved so many complaints that FINALLY gave him the boot (can't remember his name right now)..

ClosedGL said...

Sorry Icredibill, could find your email address anywhere, but wanted to alert you to something I've been seeing a lot of in my log files (until I blocked it of course!): Syntryx ANT Scout Chassis Pheromone; Mozilla/4.0 compatible crawler

Anonymous said...

Wrong Umax company is getting a bad PR here. The spamming comes from UmaxSearch (see and, it is a website that uses PPC feed from a well-known firm.

They accept affiliates and split profits. Affiliates usually use doorways and spamming techniques. Well, this is a bad thing. The worse thing is that this well-known entity is selling legitimate guys this laundered traffic.