Forum Moderators: open
whois shows as
consult dynamics
1204 west st
wilmington de
this strangey has been mutating its UA
one of the UAs showed
cscinfo.com which could be bogus as has now gone away,
and is registered to another address in DE
and shows 'bot.com' which is a canadian board of trade
I did see some earlier threads about aipbot that also appears but the address above does not match ranges I saw.
It's gotten even more clueless now with just 'bot' and http://
any idea what this is?
here's the UAs:
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0/1.0 (bot; [;...] aipbot@bot.com)"
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0/1.0 (bot; [)"...]
"Mozilla/5.0 (compatible; crawler bot)/1.0 (bot; [;...] crawler@cscinfo.com)"
[cscglobal.com...]
Our sophisticated Web-crawling technology scans and digests Web pages, images and other Internet content around the clock to locate critical occurrences of online brand abuse.Expert in-house analysts collect and categorize the content to provide highly filtered, actionable results, allowing you to focus your resources on those abuses causing your organization the most harm.
There's no value to letting them crawl.
My first recorded visit of aipbot since I've been tracking this sort of thing was 05/02/2006 and the last was on 01/02/2007 operating from 2 different static IPs on charter.com
Then after a long hiatus, they came back on 04/04/2008 at the IP referenced above:
216.158.1.* "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
Not positive but it almost looks like they were testing my script defenses using the Firefox UA and still got blocked.
Then on 05/02/2008 it transitioned to the bogus crawler UA which whitelisting trashed:
"bot/1.0 (bot; [;...] bot@bot.bot)"
You keep knocking but you can't come in...
A 2007 reference provides a visitor using this IP and another (Level3) as a cache method. Even that visitor was the result of an on topic search.
I do NOT currently have the IP range denied. Perhaps they just don't like me ;)
Don
it was bizarre to see it change company names in the UA, then add a fake company reference, then just delete company and bot name.
<sarcasm> Real Quality Company! </endsarcasm>
I guess there was no question to ban this crawlie. I ban GOOD bots when they get out of hand.
Picsearch started being grabby directly to my large media files every minute or two, which caused 404's with my leach protection on. And doing this endlessly, found an earlier discussion where this happened to someone else.
I suppose I should put a note for them in robots but is easier just to deny them. And picsearch could be useful, my stuff shows up on their site for certain search terms. But if I let them in now they'd hammer away and I'd exceed my bandwidth limit. Or I'd have to re-arrange my site so smaller media files - thumbnails could be collected.
I'll have to think thru how to rearrange my site in a way that I can control access in robots.txt. Shortly after I re-arrange the stuff in the storage garage :)
Fist Seen: 2005-05-04 17:53:00
Last Seen: 2008-11-20 16:37:00
Total Visits: 60
I'll have to think thru how to rearrange my site in a way that I can control access in robots.txt.
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0/1.0 (bot; [)"...]
Edit: this appears to be the 'real' cscinfo.com
CIDR: 165.160.0.0/16
NetName: CSCNET
