Per the OP's Host info, if this is yet another PlanetLab (planet-lab.org) thing, too bad its "researchers at top academic institutions and industrial research labs" apparently disdain standard UA ID and bot-running activity. Hrrmph.
[edited by: incrediBILL at 12:11 am (utc) on May 24, 2010] [edit reason] Obscured IPs for HOWARD.EDU [/edit]
11:20 pm on Apr 24, 2010 (gmt 0)
Dear Heart... do we expect anything different? The bots, bot-handlers, and those scraping the web think they can sell urls they think are merchandising worthy to the clueless seeking the holy grail of MFA hoping to make a killing in a saturated market where data is rapidly becoming mundane?
My fun thought is that no matter how big hard drives become, or how fast the connections, anyone attempting to "index the web" is butt stupid since there is way too much slop out there which is not worth a plug nickle. The real giggle is they have to spend tons of funds to play their games. We, as webmasters, spend our dollars in business/connection. And we can kill their business profile in .htaccess or similar, and they can't hurt us that much.
@thethrasher: Did those Hosts run the "ResearchProject" bot against your site(s)? (There are 1090 planetlab nodes at 503 sites world-wide.)
FWIW: There's no "ResearchProject" per se on the planet-lab.org site, either by name or an as active or inactive project. Unless we see it run from another planetlab-specific subdomain somewhere, it may just be someone's pass-around effort.
Regardless of who's running it, I'm curious to know what it tries to do when not 403'd from the get-go but for robots.txt, which it neglects to get.
dplanet1.uoc.es Mozilla/5.0 (Windows; U; Windows NT 6.1; pl; rv:18.104.22.168) Gecko/20100401 Firefox/3.6.3
planetlab1.pjwstk.edu.pl Mozilla/5.0 (Windows; U; Windows NT 6.1; pl; rv:22.214.171.124) Gecko/20100401 Firefox/3.6.3
planetlab4.csres.utexas.edu Mozilla/5.0 (Windows; U; Windows NT 6.1; pl; rv:126.96.36.199) Gecko/20100401 Firefox/3.6.3
12:13 am on May 24, 2010 (gmt 0)
Planet Labs runs lots of different projects.
I block anything that returns RDNS with "planetlab" and have for years.
12:54 am on May 24, 2010 (gmt 0)
Ditto, Bill. And I redirect "^planet" now. And experientially troublesome domains including "planet" (theplanet.com, planetsmb.net, planet.com, planetarabia.com, planethutch.com, ipplanet.com, etc.).
Aside: Those names remind me of when "planet" had the same cache "cloud" does today.
10:06 am on May 24, 2010 (gmt 0)
As far I know lots of universities offer proxies to the students to connect from anyplace and access various services (Eg: scholar documents). This means if the browser or system of a student is compromised an outsider can use the proxy and it will be the institute server that shows up. I do see quite few unrelated requests in my server logs that are similar.
6:51 pm on Oct 18, 2010 (gmt 0)
Another variation on the 'bad UAs (and/or bad-acting profs/students) from good schools come' theme: