Forum Moderators: open
The bot(s) come in and sucks a site dry within minutes. As you can see it flips UAs and IPs to avoid setting any alarms.
This took a bit of snooping.
whois 65.102.17.89
Web content International WEBCO-DSL-4 (NET-65-102-17-88-1)
65.102.17.88 - 65.102.17.95
-------------------------------------
whois WEBCO-DSL-4
OrgName: Web content International
OrgID: WCI-12
NetRange: 65.102.17.88 - 65.102.17.95
CIDR: 65.102.17.88/29
NetName: WEBCO-DSL-4
NetHandle: NET-65-102-17-88-1
Parent: NET-65-100-0-0-1
NetType: Reassigned
Comment:
RegDate: 2001-12-18
Updated: 2001-12-18
TechHandle: IO-ORG-ARIN
TechName: Internet Operations, U S WEST
TechPhone: +1-800-672-8520
TechEmail: dns-info@uswest.net
# ARIN Whois database, last updated 2002-09-13 19:05
# Enter? for additional hints on searching ARIN's Whois database.
----------------------------------------
whois WCI-12
OrgName: Web content International
OrgID: WCI-12
Address: 3636 NE 63rd Avenue Portland, OR 97213-4404
Country: US
Comment:
RegDate: 2001-09-25
Updated: 2001-09-25
---------------------------------------
google search for "3636 NE 63rd Avenue Portland, OR 97213-4404"
brings up
www.horsebrass.com
-------
whois horsebrass.com
Horse Brass Pub (HORSEBRASS-DOM)
4534 S.E. Belmont Street
Portland, OR 97215
Domain Name: HORSEBRASS.COM
Administrative Contact:
Hagerman, Pat (PH456) pat@REALBEER.COM
Real Beer, Inc.
2325 Third St. Suite 426
San Francisco, CA 94107
415-522-1516 (FAX) 415-522-1535
Technical Contact:
Scott, Jeff (JS15066) jeff.scott@REALBRANDING.COM
Real Branding
2325 Third Street, Ste. 426
San Francisco, CA 94107
US
(415) 522-1516 (415) 522-1535
Record expires on 19-Jun-2003.
Record created on 18-Jun-1996.
Database last updated on 14-Sep-2002 06:49:30 EDT.
Domain servers in listed order:
NS1.REALBRANDING.COM 209.61.183.160
NS2.REALBRANDING.COM 66.216.94.192
NS3.REALBRANDING.COM 209.61.187.153
------------------------------------------------------
REALBRANDING.COM
That's them, those are they guys running the dirty bot.
Took about 5 minutes to dig them out.
Welcome to WebmasterWorld!
Good job! See related post [webmasterworld.com] on WebContent IP addresses.
Jim
I've also got 65.102.17.40-71
This info is from www.arin.net
Jim
[horsebrass.com...] Welcome to the world famous Horse Brass Pub. A visit to Portland, Oregon is never complete without a trip to the Brass, a haven for good friends and craft beer in Portland, Oregon -- aka "Beervana" and "Munich on the Willamette". [snipped the rest ... it goes on]
[realbranding.com...] Real Branding has been delivering interactive solutions since 1994 for packaged-goods and Internet clients along with top-line advertising agencies. The company has offices in the U.S., UK and Canada. Real Branding has developed successful, award winning online strategies for over 300 companies and brands including: Corona, Dos Equis, Environmental Sampling, Newcastle Brown Ale, Moosehead, Pete's Brewing Company, Samuel Adams, Sic-Em Advertising and Smirnoff Ice.
My first question, I guess, is, what is a company like this doing in the business of crawling unsuspecting web sites and sucking up so much bandwidth? Or am I missing something?
My next question, is, would it be unwise to write to the company and ask them what the deal is and/or asking them to cease and desist?
Thanks.
Instead, try a search on the shortened form:
"3636 NE 63rd Ave". This turns up a non-profit organization
called CITE. See my related post on the other thread:
[webmasterworld.com...]
Unfortunately, THEY may not be the culprits either, but
if they're NOT, then they may be able to put a stop to the
activity by notifying US West that the mailing address for
"Web Content International" is fraudulent and damaging
their reputation.
BTW, it took me quite a bit longer than "five minutes" to
sort all this out. It's worth the time to get the facts
right before jumping to conclusions and hurling accusations
at uninvolved third parties. The Devil's in the details.
