1. Home
  2. Forums Index
  3. General SEO Issues / Crawler, Spider, and User Agent ID 3:20 pm May 4, 2026

Forum Moderators: open

Message Too Old, No Replies

scripted dot com

         

lucy24

11:00 pm on Dec 1, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



OK, not technically a UA but I think this is the appropriate place to ask. 

45.33.59.35 - - [26/Nov/2015:12:34:12 -0800] "HEAD / HTTP/1.1" 301 365 "http://scripted.com/example.com" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 
96.126.98.111 - - [26/Nov/2015:14:07:54 -0800] "HEAD / HTTP/1.1" 200 330 "http://scripted.com/www.example.com" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36"

So far it's always just a HEAD. There were others; this was the only site where they began by asking for the wrong form of the domain name-- and then came back from a completely unrelated IP. (Oddly, on all other sites it was the initial request that came from 96.126.etcetera.)

I must say their site doesn't inspire confidence, since it looks as if they're saying "Looking for a left rear door for your powder-blue '97 Ford Escort? We don't have one right now, but check back in 48 hours and I'm sure something will have turned up."

Any idea what they're up to?

keyplyr

3:10 am on Dec 2, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Linode leases by the (wait for it...) node. So it depends on how many server nodes the customer is paying for. I assume nodes get cheaper the more the customer wants.

scripted.com sits at 96.126.124.153 which is:
Linode.com
96.126.96.0 - 96.126.127.255
96.126.96.0/19

Your hits from 45.33.59.35 are:
Linode.com
45.33.0.0 - 45.33.127.255
45.33.0.0/17

That explains the ranges. Why they are hitting your server and the TLD discrepancy are the mystery. However, since they boast "content creation made easy" maybe this is how they get it easily :)

aristotle

2:30 pm on Dec 2, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I've been seeing this too. They try to make it look like someone there has created a page about your website. I think it's an attempt to lure webmasters to their site to show them the services they offer.

keyplyr

9:39 pm on Dec 2, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Bait - I keep telling my clients to never click on those links from their stats report (or otherwise verify the link is active.)

aristotle

10:07 pm on Dec 2, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Sometimes if I'm curious enough, I'll do a search for the domain name and read the snippets in the results. Occasionally I'll also take a look at the cache for the home page. If everything looks okay, then I might visit the site itself.

nakkers

10:42 pm on Dec 2, 2015 (gmt 0)



+1 for keyplyr. Don't clink on those links.

blend27

11:53 pm on Dec 2, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I've seen it couple of days ago and started researching it.... Something came up and I had to go, so before I left I added it to a global ban list by referrer, same level as SEMALT, all the way on top with: RewriteRule .? - [F]

lucy24

10:01 pm on Dec 6, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



They try to make it look like someone there has created a page about your website.

I was thinking it's a site lookup format: "what can you tell me about soandso".

After meeting a couple today from
45.79.various
(new to me; it's Linode from earlier this year) I added them to the SetEnvIf Referer blahblah list.

keyplyr

8:21 pm on Dec 8, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Careful with Linode ranges. There are lots & lots of small mobile app ranges leasing at any of their many nodes as well as several social media platforms that I personally find benneficial.

lucy24

9:10 pm on Dec 8, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I blocked them by referer, not by IP. I generally don't block even clear-cut server ranges a priori unless it's something like {name} or {othername} where you know it's only a matter of time; I wait for the first offense. After all, everyone starts out small.

aristotle

10:20 pm on Dec 8, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



The search result snippets for the scripted.com website indicate that it's a place to hire content writers. For all I know, their "writers" might not be much better than what you would find at fiverr. i would guess that they're at about the skill level of ehow's writers.

Anyway, it appears to me that scripted.com is resorting to deception to try to lure webmasters to their site and show thwm their services. It looks like a shady operation to me. But even if it's an honest business, most likely its main effect is to splatter even more spam across the web.

keyplyr

10:32 pm on Dec 8, 2015 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



a place to hire content writers
Except it's YOUR content they're after :)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. General SEO Issues / Crawler, Spider, and User Agent ID 3:20 pm May 4, 2026