Hi,
This is odd. I had a visitor come to the site and pretty much downloaded a whole directory that included a new section I added within the last few days. They came on with this log entry:

209.190.161.nnn - - [20/Mar/2011:10:05:58 -0400] "GET /ranchhouse/cattle.html HTTP/1.1" 200 8638 "h**p://www.google.com/search?q=ranch+cattle+cows&rls=com.microsoft:en-us:IE-SearchBox&ie=UTF-8&oe=UTF-8&sourceid=ie7&rlz=1I7GGLL_en" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SIMBAR={0080A079-5AD5-4c7e-9DC7-08B884C7BC95}; GTB6.6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

The odd part was then they changed to this:

66.196.119.nn - - [20/Mar/2011:10:11:45 -0400] "HEAD /osc/product_info.php?cPath=29 HTTP/1.1" 200 - "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SIMBAR={0080A079-5AD5-4c7e-9DC7-08B884C7BC95}; GTB6.6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

66.196.119.nn - - [20/Mar/2011:10:11:45 -0400] "GET /osc/product_info.php?cPath=29 HTTP/1.1" 200 39691 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SIMBAR={0080A079-5AD5-4c7e-9DC7-08B884C7BC95}; GTB6.6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

That is a Yahoo Proxy IP. The User Agent is the same as the original IP. Looking at the same pages in the same order. Then the visitor went back to the 209.190.161.nnn entries.

What was the point of the proxy? Is this a scraper? It just didn't make sense to show up with a typical visiter's footprint, then jump to a proxy, then go back to the original IP. Any comments?

Grandma_genie