Acts of Hostility (Piracy, Site Snatching, Virus Attacks) Targeting Ion Saliu, His Web Site, Theories, Systems, Software

Some of the offenders of that period:

(Toronto, Canada)
hse-toronto-ppp284894.sympatico.ca - - [07/Nov/2001:18:16:21 -0600] "GET /scripts/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
hse-toronto-ppp284894.sympatico.ca - - [07/Nov/2001:18:16:30 -0600] "GET /MSADC/root?/c+dir HTTP/1.0" 404 2562 "-" "-"

Block 64.221.119.238 assigned to:
Concentric Network Corporation (NETBLK-CNCX-BLK-6)
1400 Parkmoor Avenue
San Jose, CA 95126-3429
64.221.119.238 - - [05/Nov/2001:20:46:23 -0600] "GET /scripts/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
64.221.119.238 - - [05/Nov/2001:20:46:23 -0600] "GET /MSADC/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
...

dsl-64-130-20-225.telocity.com - - [06/Nov/2001:07:01:15 -0600] "GET /scripts/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
dsl-64-130-20-225.telocity.com - - [06/Nov/2001:07:01:15 -0600] "GET /MSADC/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
...

Concentric Network Corporation (NETBLK-CNCX-BLK-6)
1400 Parkmoor Avenue
San Jose, CA 95126-3429
64.221.49.143 - - [06/Nov/2001:19:34:40 -0600] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd?/c+dir HTTP/1.0" 404 2562 "-" "-"
64.221.49.143 - - [06/Nov/2001:19:34:40 -0600] "GET /scripts/..%c0%af../winnt/system32/cmd?/c+dir HTTP/1.0" 404 2562 "-" "-"
...

unknown.level3.net - - [06/Nov/2001:20:01:53 -0600] "GET /scripts/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
unknown.level3.net - - [06/Nov/2001:20:01:53 -0600] "GET /MSADC/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
...

Pac Bell Internet Services (NETBLK-PBI-NET-8) PBI-NET-8
Main Way (NETBLK-SBCIS-101424-17188) SBCIS-101424-17188
64.174.183.150 - - [07/Nov/2001:00:26:21 -0600] "GET /scripts/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
64.174.183.150 - - [07/Nov/2001:00:26:21 -0600] "GET /MSADC/root?/c+dir HTTP/1.0" 404 2562 "-" "-"
...

I noticed most disturbing facts in 2005: Acts of blunt piracy of my web site.
Noticeable in 2005, they started more intensely to pirate my web site, to snatch it. I saw several pages with different names and addresses but displaying my web pages. Something like Celebrity Blog.net, UDGROUND.COM, etc.

UDGROUND.COM is a horrible case. The address bar always shows UDGROUND.COM, but the site displays every page at saliu.com. A look at the source code reveals this web trick:

<FRAMESET rows="100%,*" border=0 frameborder=0 framespacing=0>
<FRAME name=top src="messages/595.html" noresize>
</FRAMESET>

210.213.149.123 - - [13/Aug/2005:00:19:45 -0700] "GET messages/595.html HTTP/1.1" 500 616 "//udground.com/forum/archive/index.php?t-11.html"

Their reaction to my action:

"dude we are merely referring you traffic. think of it is a present - it is REFERRING!!!!"
----- Original Message -----
From: "Ion Saliu"
To: brandonfuchs@yahoo.com
Sent: Thursday, August 18, 2005 11:20 AM
Subject: You commit piracy!

No kidding! REFERRING, huh? That's hijacking! The reader never sees saliu.com in the address bar!!! What they are doing is piracy, not referring. They have an empty domain. Not even one sentence of abc... They fill the empty nut up with pages I CREATED. udground.com are committing theft. My web pages are my property entirely. The formidable Attorney General of the great State of New York deserves to hear about this matter. They know about this case now. The AG put away big bullies such as big shots on Wall Street...

They are unconscious. They mess around with some powerful companies. You can go to my search page — it still shows www.udground.com. My search page offers links to notable encyclopedias online resources, such as Microsoft's Encarta and Encyclopaedia Britannica Online. You go to Encyclopedia Britannica and you read materials owned by Encyclopaedia Britannica Online. Yet, the domain in the address bar reads udground.com! Obviously, Encyclopedia Britannica is not the creation of the rats at www.udground.com!

Why would some take such serious risks? On one hand, they hope I would never notice such acts. On the other hand, they hijack web sites with good search rankings and therefore potential advertising revenue. Similar to what another nest of criminals do: Grik.Net. They make money off my effort, by stealing one of my web pages and then hijacking my website entirely. Curiously, the ads are by Google! I don't accuse Google of knowingly participating in a cyber crime.

browser.grik.net/saliu.com/winning_bell.html

Something bothers me at once, however. Then it double bothers me. Google refused AdSense ads at my web site for the reason that my site was gambling and lottery related! I never make things up when I tell the truth. When I don't tell the truth it is very obvious that I try my hand at fiction. Now, the plain truth is that Google display their ads at thousands of gambling and lottery related sites; the ads convey messages to many more thousands of gambling and lottery sites. GRIK.NET is such a source site. What double bothers me is that the source, GRIK.NET, is also a showcase of criminality.

I am sure the googlitsers don't do it knowingly. They surely are aware of this rule of natural economics: The more billions you have, the harder you might get hit by the formidably long and strong arm of the law; and the faster the billions will vanish, as the Enrons and WorldComs have proven…

Google sends now around 75% of all the visitors that my web site gets. Am I crazy? NOT! NON! I always put Truth above anything. I always put Truth ahead of anybody. And, again, I furthermore have a serious problem with the caching at google.com/search. It's a genuine form of copyright infringement.

Just click on these links:
udground.com/
messages/595.html/forum/
(That link appears in several referrals to saliu.com, especially from Yahoo.com; the link results in error 404.)

The burden of guilt is shared by the web host of UDGROUND.COM: DIRECTNIC.COM. directNIC is run by Intercosmos Media Group, Inc., and also serves as domain registrar. Their address is:

 Intercosmos Media Group, Inc.
 650 Poydras Street, Suite 1150
 New Orleans, Louisiana 70130
 USA
email: legal@directnic.com

directNIC offers the following advice in their FAQ file regarding URL Redirecting:

""What does it mean to redirect a domain?

Redirecting a domain means that when someone attempts to go to a website (types in a domain name in the address bar), he/she is automatically sent to another website.

directNIC offers the option of automatically redirecting domains at no cost.

Through this option, a user may redirect their domain name to a URL (uniform resource locator) (ex: directnic.com) of their choice. This allows the user to point domains registered with directNIC to pre-existing Web pages of their choice."

No reference to the legality of URL Redirecting. Everything goes, according to directNIC! Any web target is acceptable! If I want to redirect my empty domain to Microsoft.com or Google.com — no law can stop me! It is perfectly legal! DirectNIC may be in the jurisdiction of the State of Louisiana, therefore the core of their legal system may be different from the other 49 states of the USA. Still, no jurisdiction, regardless the State, may allow hijacking of other people's properties!

I have a big problem with the FRAMESET tag implemented by the WWW Consortium.
FRAMESET makes it very easy to hijack web sites. Every thick–headed moron of this great world of ours can hijack the most popular web sites of the planet with just a few lines of HTML code. The moron only needs an empty domain name, without a single word! The WWW Consortium must implement a defensive tag; e.g. NO_FRAMESET. NO_FRAMESET in a META tag or inside the HEAD tag should prevent other web sites from illegally filling up content from the targeted web site. Otherwise, legal action against site hijacking becomes mission impossible!

I have also another big problem with the caching of web sites.
Even when it is done by the search engines — I still have a problem. The search engines do not really need caches of the web pages they index. Just clicking on the (current) page in the search–results list will do. Caching encourages even more pirating in cyber space. I saw how my site was cache–pirated by a Celebrity–Blog.net via a vicious cache.cgi script. I have learned that the government of Canada intends to make web-caching ILLEGAL. Great idea! I hope all the governments in the world implement similar legislations.

The email address:
grigori@bi.com.ua
is false now.

That's how easy it is for the Cyber criminals these days. Get an email, commit the crime; then cancel the email account. Get another email account, etc., etc., etc. Can you see a clear way of fighting cyber crime? Right now, I can envision a terrible situation. Every bastard of this huge world of ours will register a domain name for a very small fee. The small fee is a great thing, but also a big pain in that part of the body the classics called ass. One small registration fee and the petty criminal will hijack every great web site of the Internet. For example: WWW.CRIMINAL.COM. The first page, www.criminal.com/page1.html will redirect (i.e. hijack or snatch) to Microsoft.com. page2.html will redirect to google.com. page3.html will redirect to yahoo.com. page_m.html to page_n will redirect to the major universities of the world. Not to mention redirecting to government websites for the purpose of terrorism — even make money by advertising on political terrorism pages!

The law enforcement agencies around the world must work together better in the fight against cyber crime. Right now, the Internet is largely a no–man's land.

Another disturbing act is hidden referrals to my web site.
Legitimate referrals show clear links to web sites or pages. No authority may stop web linking. In my case, looks like some haters want to affect negatively the ranking of saliu.com by the search engines. The referrals usually come from pages that refer to pornography. Again, linking is legal. The problem I have is the fact that those unpleasant referrals are hidden. They are, actually, scripts that run invisibly to the Internet surfer. Another reason for such trick is to cause traffic problems to a web site. The hidden referral to saliu.com/strategy.html opens the page 2000 times a day, with no reader! Just open the page many times in order to cause problems to legitimate Internet searchers and would–be readers of the page! Here are some illegitimate referrals:

148.244.150.58 - - [13/Aug/2005:00:07:58 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//incest-sex.rg.ro 148.244.150.57 - - [13/Aug/2005:00:20:39 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//cialis.rg.ro 207.248.240.119 - - [13/Aug/2005:00:25:56 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//forced-sex.rg.ro 207.248.240.119 - - [13/Aug/2005:00:09:51 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//incest.okis.net 207.248.240.119 - - [13/Aug/2005:00:15:21 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//viagra.okis.net 66.250.69.100 - - [13/Aug/2005:00:21:13 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//rape.okis.net 80.58.3.172 - - [13/Aug/2005:00:24:50 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//zoloft.je.ro 207.248.240.119 - - [13/Aug/2005:00:31:47 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//valium.me.ly 148.244.150.57 - - [13/Aug/2005:00:38:08 -0700] "GET /strategy.html HTTP/1.0" 200 38708 "//fioricet.kor.st

They snatch other web sites via vicious scripts. The source of the search script appears to be here:

za-e.biz/search.php?qq=vioxx

Another hostile act is incessant attempts to run scripts from saliu.com, when knowing that such scripts do NOT exist!
The message board script is ran illegitimately hundreds of times a day, even though error 404 pops up every time. The only reason is intent to disrupt activity at saliu.com. The most abused script at saliu.com is the linking script: link.pl. I removed it it years ago. That script might have been requested a hundred thousand times to no avail! The file–not–found error popped–up a hundred thousand times to no effect! Only vicious behavior can perform such insane acts so many times, for so long!

Here are some illegitimate requests:

203.134.195.205 - - [13/Aug/2005:00:08:00 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; FunWebProducts)" ~ Host: Asia Pacific Network Information Centre
209.102.131.49 - - [13/Aug/2005:00:13:20 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" ~ Host: Mebtel Communications; netops@madisonriver.net
81.5.248.11 - - [13/Aug/2005:00:13:21 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" ~ Host: RIPE Network Coordination Centre, Amsterdam
24.46.146.225 - - [13/Aug/2005:00:13:34 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" ~ Host: Optimum Online (Cablevision Systems)
69.234.133.77 - - [13/Aug/2005:00:23:22 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" ~ Host: Pac Bell Internet Services, rback26c.irvnca SBC06923412800020050113165857
220.87.111.36 - - [13/Aug/2005:00:25:08 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" ~ Host: Asia Pacific Network Information Centre
203.134.195.205 - - [13/Aug/2005:00:27:40 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; FunWebProducts)" ~ Host: Asia Pacific Network Information Centre
59.144.29.220 - - [13/Aug/2005:22:25:45 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" ~ Host: Asia Pacific Network Information Centre
70.16.170.53 - - [13/Aug/2005:09:10:26 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 12137 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322)" ~ Host: Verizon Internet Services; abuse@verizon.net
60.225.117.72 - - [13/Aug/2005:09:13:17 -0700] "POST /cgi-saliu/links.pl HTTP/1.1" 404 15527 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" ~ Host: Asia Pacific Network Information Centre

Searching on Ion Saliu at Google yields over 13,000 results (more than 40,000 web pages in July 2006).
About 1000 of them are web pages I created. Most web pages displaying the name Ion Saliu are legitimate. Still, a few dozen web pages listed by Google are the result of illegal copy–and–paste of content from saliu.com. There are cases when other pages copy entirely pages from saliu.com. The "authors" remove the inner linking. But the authors are so lazy that they forget to remove Ion Saliu from the copy–and–paste process. I do hit hard some of the bastards, especially when I know who they are!

Here is a number of cases of illegally copy-and-paste content from saliu.com.

www.pvage.ch/gambling/single_zero_roulette/how_Single_Zero_Roulette_work.html
www.casinomantra.com/
(These suckers removed Ion Saliu, but copied my Roulette.htm page way beyond the law–breaking point!)
www.nv-recollections.com/roulette-freeware.htm
(Hidden referring via hidden scripting, copy–and–paste.)
9532.z4.k74.info/
(Hidden referring via hidden copy–and–paste.)
www.pvage.ch/gambling/single_zero_roulette/internet_Single_Zero_Roulette.html
menuaton.fbhosting.com/american/roulette.html
(Just places the name ION SALIU in many sections in order to increase page ranking. The name is white on light background, so that is hardly visible!)
www.findgambling.info/internet_poker/wizard_of_odds.html
www.pilgrimage.ru/how-to-win-at-blackjack.html
www.paysefeed.com/search.php?aid=197&said=divtab.com&q=Betting
 (Hidden referring via hidden scripting, copy–and–paste.)
 //roulette.seltons.com/roulette-betting-strategy.htm
(Hidden referring via hidden scripting, copy–and–paste.)
78050.table.k8y.info/lx.php?q=discount+furniture&qx=Ion+Saliu
(Hidden referring via hidden scripting, copy–and–paste.)

More Cases Of Hostility Targeting Ion Saliu And saliu.com
Why do some people live only to cause trouble to other people? Why do they spend their lives devising ways and means to disrupt the normal activity of normal humans?

You might not have heard of this. There are now web sites that promise to shorten long URL addresses. They offer a so–called short–hand URL service. I will list here a few of such web "services" that hit my web log in sizable numbers.

This is one more piracy method. I can see in the web log thousands of referrals from web URL shortening sites. The "referrals" are still illegitimate. They hide the referring in "secret" scripts. The main purposes are to diminish the ranking of my web pages by the search engines and/or to cause traffic problems for saliu.com.

www.webmask.com 336 referrals;
link.toolbot.com 321 referrals;
2url.org 168 referrals;
dephine.org 151 referrals;
qwer.org 78 referrals;
forced-sex.4h.pl/ 454 referrals;
phentermine.roo.pl/ 370 referrals;
link.toolbot.com/hydrocodone/10116 182 referrals;
incest-sex.4h.pl/ 96 referrals;
incest-porn.4h.pl/ 86 referrals;
phentermine.kupisz.pl/ 84 referrals;
www.webmask.com/phentermine 81 referrals;
rape-pics.4h.pl/ 80 referrals;
dephine.org/phentermine 76 referrals;
72.14.207.104/search 76 referrals;
dephine.org/hydrocodone 75 referrals;
hydrocodone.xu.pl/ 70 referrals;
rape-movies.4h.pl/ 70 referrals;
www.webmask.com/hydrocodone 68 referrals;
hydrocodone.prezes.com/ 67 referrals;
.....

Some of the aforementioned web services promised to me to "kill" the spamming links in their databases. Yet, illegitimate referrals still show up in the daily web log at saliu.com!

The Worst Cyber Crimes: Trojans, Hijackers, Dialers, Etc.
The cyber attacks have turned worse than imaginable! My computer has been literally invaded by hijackers, Trojans, worms, dialers… Here are some of the bastards that must be obliterated, physically, if no other solution exists. Apropos (dialer), PeopleOnPage (hijacker), ISTBar, YourSiteBar, SurfAccuracy, etc.

Only a high performance anti–spyware application can fight with good success against this type of the worst cyber criminals. If the criminals are not blasted off, no more computing would be possible.

Even if you don't connect to the Internet, working at your computer turns into a very difficult task. A hidden dialer, for example, keeps trying to connect to the Internet. We click on 'Cancel', but the dialer keeps coming back! The dialer attempts to call unknown–to–you phone numbers from your computer. That might cause you trouble, although you are innocent. You are forced to reboot numerous times, because Windows detects invalid operations or faults in numerous applications.

Law enforcement worldwide must pay very close attention to this crime. The criminals must be punished very severely. The punishment must be also highly publicized as an efficient deterrent.

Cyber crimes are no longer jokes. Cyber crimes have become the most dangerous form of warfare: a worldwide guerilla war against the computing community.

A new criminal act has emerged in 2006: The dialog box popup. There are effective pop-up blockers out there, especially from Google and Yahoo. The bastards found new ways to fight the popup blockers. Annoying popup dialog boxes will scare you that there are serious problems with your system - especially the registry. The false alarms go like this (includes their punctuation):

"Message from Microsoft to System.
Microsoft Windows has encountered an Internal Error.
Your windows registry is corrupted.
We recommend a complete system scan."

Of course, they do a free scan showing mostly bull; no real problems. They don't fix a single error until you pay for a different version of the software. These new pop-up services have become a terrible headache!

Here is a list of the most common offenders:

www.correctreg.com
www.regdocpro.com
www.regpro32.com
www.scanmyreg.com
www.RegistryRepairXP.com
WindowsRepair.net
www.myregfix.com
www.patchreg.com
www.regscans.com
www.regrinsepro.com

There is no way to avoid those pests. They intercept your Internet connection and they follow you wherever you go. They must be obliterated!

I checked and I believe all those domains represent one group of bastards. They hide their tracks skillfully. My fighting method might be more efficient than filing complaints. I go to those addresses and contact them. I curse them like they never heard before. Other people are strongly encouraged to do the same!

Closely related materials at this Web site:

"Roulette System That Won Millions!"
~ Australian Piracy of One of Ion Saliu Roulette Systems.

• Illegal Roulette System, Piracy, Roulette Computer Sales Stopped by Law.
• Free and Expensive Roulette Systems: Honesty, Fraud, Scams, Casinos.
• Roulette Gambling Systems, Fraud, Piracy, Stealing.

Read more on piracy and hostile acts against Ion Saliu:

• Ion Saliu's Book of Records.

• Copyright notice on intellectual property; rights of the author.

• A List of Free and Expensive, Pricey Roulette Systems to Play in Casinos.
  Only the casinos would be so fiercely aggressive and sell roulette and gambling systems priced up to US $40000 (forty thousand)!
• Australian roulette system presents piracy of Ion Saliu's roulette system based on wheel half, sector, hemisphere.
  
• Piracy, scams on eBay regarding lottery and gambling systems.
  My lottery strategies and gambling systems are always pirated, including by eBay sellers.
• Piracy: Unauthorized Software Offering, Distribution.

• Intelligent Design, Theory of Evolution, Creationism, Survival
• Related: Copyright lotto, lottery numbers, combinations, wheels, mathematical relations, formulae, equations.
• This site is under hack attack: Code Red Nimda Virus.
• Other cases: Beware! They use my name to sell systems!
  ~ Acts Of Piracy Against Ion Saliu's Gambling Systems, Lotto, Lottery Software.

• The Best-Ever Roulette Strategy, Systems based on mathematics of progressions and free-for-all.
  ~ An Act Of Napster–Like Piracy Makes The Super Roulette Strategy Freeware!

More to come, cyber bastards!

Humans of honor and dignity, please bear with me!

Ion Saliu

Home | Contact | Search | Help | What's New | Software | Odds, Generator | Contents | Forums | Sitemap | Shop Online