lucy24 - 7:54 pm on Jun 8, 2013 (gmt 0)
Met this under the "indexphp botnet" header (a group I can only identify after-the-fact by behavior pattern):
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
As of a few months ago, the range 126.96.36.199/18 was unassigned. It's now
188.8.131.52/18 MailChimp (dunno who they are, but they sure don't sound like a likely source of human traffic)
The latter name brings up vague mental associations of the not-good variety. Closer investigation turns up two other PegTech ranges involving the same botnet-- each of them alongside a subrange registered in China. Is this one of those "never met a customer they didn't like" hosts?