Wednesday, August 09, 2006

SCRAPER BUSTED #9 - Umax is baaaack

This is déjà vu day in the scraper busting dept. as Umax is back with a new virulent website.

BTW, if you want to read some funny misguided shit, this guy wants people to boycott the UMAX the scanner company because of something unrelated, like this spamming virus site maker that's the topic of this post.

What a screwball, sheesh.



Remember, I'm a trained professional, so don't try this site at home as this is some nasty shit.

However, if you're stupid enough [and most of you are] to attempt to access this site then use some goddamn common sense and disable your javascript and maybe java in your browser first or you might end up in a world of hurt.

For those of you real dumb fuckers, I mean the dumb as a pet rock variety, you'll get Trojan.ByteVerify installed on your machine if you visit these sites [see list at bottom] without proper precaution so don't blame me as YOU HAVE BEEN WARNED!

Crawler Info:
IP Address: []
User Agent: lwp-trivial/1.41
Site info: (
This is on the same server and host as the last reported site, but just in case you're too fucking lazy to click the link about and look it up for yourself it's repeated below.

Not sure this is even real information about this asshole, as other registrations say Russia, there's a shock, but they all seem to have FREEYAHO LLC in common.

American asshole information:
Sid Wongvorakul
979 Rutland Dr
Memphis, Tennessee 78243
United States

Registered through: FREEYAHO LLC.
Domain Name: UMAX-PPC.NET
Created on: 15-Dec-04
Expires on: 15-Dec-07
Last Updated on: 12-Jul-06

Administrative Contact:
Wongvorakul, Sid
979 Rutland Dr
Memphis, Tennessee 78243
United States

Technical Contact:
Wongvorakul, Sid
979 Rutland Dr
Memphis, Tennessee 78243
United States

Domain servers in listed order:
Russian asshole information:
Domain ID: D10559406-BIZ
Sponsoring Registrar: WILD WEST DOMAINS, INC.
Sponsoring Registrar IANA ID: 440
Domain Status: clientDeleteProhibited
Domain Status: clientRenewProhibited
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Registrant ID: GODA-013273608
Registrant Organization: Freeyaho LLC.
Registrant Address1: a-n 262
Registrant City: Ulan-Ude
Registrant State/Province: Ru
Registrant Postal Code: 670042
Registrant Country: Russian Federation
Registrant Country Code: RU
Registrant Phone Number: +790.25651263
Registrant Email:
Host information:
Address: AccessIT - Hosting Services
Address: 75 Broad Street, Suite 1902
City: New York
StateProv: NY
PostalCode: 10004
Country: US

ReferralServer: rwhois://
NetRange: -
The rest of this prolific virus spamming assholes domains hosted on the same box:
If you think I have a bad attitude in this post, you're very perceptive, as this fucker really pisses me off more than the usual garden variety scraper and hosting companies that allow this shit on their premises make my blood boil.

I'm trying to resist calling the whole lot of them a bunch of cocksucking assholes, but I think I'm losing that battle..


GaryK said...

I've never been rude to you before Bill. But that's cause you've always directed your anger at the bots, not those of us who read your blog to gleam valuable information. So please pardon me while I tell you to fuck off! ;-)

willmacc said...

I commented on one of your posts and the person I could think of was this a$$hole - umax.
This is the only spammer I know of that EV1 finally booted off their system - he went to a russian server after that. He was running a hotel bait page last time I looked and still using the script to spam with from the bait page.

Anonymous said...

I commented in another thread, it is WAAAY larger than just one guy running this. This is a big business using PPC feed and affiliates who provide doorway/spam/malware traffic. Affiliates come mostly from Eastern Europe. The company that provides PPC feed (search around, there are only few) then launeres this traffic, basically.

Olliver said...

This guy is from Ukraine and is called Dmitriy Soldatenko:
source #1
source #2
The comments added by the spammer speak for themselves and give an idea why this guy wasn't able to find a job in real life ;-)

IncrediBILL said...

Olliver, dude, Source #1 is rude and tries to automatically download a file protending to be a service pack update, which it very well may be but I'm sure not letting it complete!

DONT CLICK SOURCE #1 above unless you want this to autodownload:

Sheesh, those guys are something else.

Try reading it via Google Cache

olliver said...

Sorry for that automatic download on Lemat's guestbook site (# 1). I wasn't aware of it since I don't use Windows and have a proxy filter zapped unwanted ads and other things I don't wish to be bothered with.


Anonymous said...

Source #1 in case of detecting misbehaviour is redirecting to the
and it is indeed SP2 for M$ Windows.
I thought somebody would check it before accusing me.

If you want to search for other Dmitriy Soldatenko web sites and poorly moderated webforums try to search for "FREEYAHO LLC"