Drake Holdings and bing? - Crawler, Spider, and User Agent ID forum at WebmasterWorld - WebmasterWorld

Forum Moderators: open

Message Too Old, No Replies

Drake Holdings and bing?

rscwm

5:13 am on Nov 12, 2017 (gmt 0)

Does anyone know the connection between Drake Holdings LLC out of NV and Microsoft/bing?

I had the following show up in my logs

204.79.180.* - - [11/Nov/2017:09:42:33 -0800] "GET /d/<a pdf file> HTTP/1.1" 200 1147942 "http://www.bing.com/search?q=[search term 1]+[search term 2]+[search term 3]+[search term 4]&form=MSNH14&sc=8-4&sp=-1&qs=n&sk=" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; Trident/5.0)"

Then hours later the same sort of thing, but the search terms equaled a phrase this time.

204.79.180.* resolves to Drake Holdings, which I've seen from time to time in my logs. In the past, it would get a file or two and move on. But this time, I could see search terms being used via bing, which doesn't seem to be the type of behavior I would expect from a spider/bot.

There is an old thread about Drake Holdings on webmaster world, but no one seems to know what is going on.

Thanks in advance.

[edited by: keyplyr at 6:15 am (utc) on Nov 12, 2017]
[edit reason] obscured ip address [/edit]

keyplyr

6:12 am on Nov 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Hi rscwm and welcome to WebmasterWorld [webmasterworld.com]

Nothing certain, but we've discussed this before:
[webmasterworld.com...]
[webmasterworld.com...]

Strong implication to Drake being tied to MS, but no solid evidence.

Try using the Search utility in the upper-right corner and you may find more info.

lucy24

7:18 am on Nov 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

There's a Drake Holdings robot whose behavior and UA are in almost every respect* identical to the plainclothes bingbot--and it shows up 5-10 times as frequently. I've been logging it since
:: shuffling papers ::
mid-November 2015.

It gets page + all ordinary supporting files--CSS, scripts, fonts--except images. Sometimes it professes to come from bing search; more often there's no referer.

* �almost every respect� = Drake robot requests piwik.php, meaning that it acts on javascript; plainclothes bingbot doesn't.

rscwm

9:46 am on Nov 12, 2017 (gmt 0)

Yes, I am aware of the other older threads and yes, I am aware of the NV Sec of State filings with MS attorneys for Drake Holdings.

However, what struck me odd was the query.. In one case it was an phrase like 'bob jones works for apple computer' while the other hours previously was 'bob+jones+Apple+Computer'

I get bingbot all the time, but it has been some time since I have seen Drake Holdings show up and never like this.

Has anyone else had this sort of behavior?

keyplyr

10:40 am on Nov 12, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Could be two vertical crawls, using seperate data, possibly comparative.

If there was more info on what Drake actually does, it might give light on how they do it, gleaned from log data, but without that, it's just fragmented assumption IMO.

blend27

2:36 pm on Nov 19, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

From what I remember I simply DROP their requests in web.config based on IP Range/Net-Mask

lucy24

7:50 pm on Nov 19, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

What does DROP mean? It sounds like saying to the server �forget you ever received this request, do not pass Go, do not serve a 403, just put your fingers in your ears and hum loudly�--but my translations have been known to be erroneous. It also sounds like something you can't do in the confines of htaccess.

keyplyr

8:32 pm on Nov 19, 2017 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

It [DROP] also sounds like something you can't do in the confines of htaccess.

Difference is... blocking an IP address/range in an htaccess file will still show the request in the log, albeit a 403. Blocking it in web.config or htconfig will no longer show the request in the access log.