dstiles - 10:50 pm on Jun 30, 2010 (gmt 0)

I've had a look at a few logs that google returns in serps. They do not seem to include the /contact.php but always seem to be the same querystring, though I've only checked half a dozen logs. The querystrings in those I looked at carry the word "casper" as in:

/casper/Ckrid1.txt?

(this seems to be a common point in the logs).

I tried looking in the actual file (a gedcom) for the name "casper" and it's not there so another theory bites the dust.

One google posting mentions casper doing a POST but very little other info. A couple of the serps relate it to exploits.

I have now found a couple of other forums saying this is an exploit attempt aimed at various things including PDFs. Type the following, including quotes, into google:

"casper bot search" exploit

One translated site mentions a "casper rule" which defines the life of something: not sure what as I ran out of patience trying to translate a wiki.

What I can't understand is its persistent hits on a single site/page/querystring. Every single hit, apart from the 404s it generates. For any kind of bot or exploit this is stupid.