UA (including intial and terminating quotes):
"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1"
Don't know about others here but for years I've been blocking UAs with an initial quote. Suddenly a number of iPhone urls come along with it and get blocked. (The OS version seen has been 10 and 11.)
Is this some misguided recent update or are there really stupid bots hitting from a variety of broadband IPs? I opt for the former explanation.