That IP address is a proxy, part of Cisco's Umbrella cloud security gateway.

Routers can be configured to use that service. I'd be curious about the FF 62.4, sort of older than most people would use.

It must have been a bot, because Firefox 62.4 was never released according to Mozilla [mozilla.org].

So, what was opendns? I would have assumed it to be an open-source or public DNS service. That it is now "owned" by Cisco is I guess to be expected if corporations take over things like this. But if it's part of "cloud security" then why is DNS still in the name? DNS has got nothing to do with being a surfing proxy.

Crap like this makes it hard to figure out which sort of corporate garbage to block. Is cloud security being used mostly by garbage bots (like TOR is) or is it being used by my company's next fortune-500 customer?

The hit was to my landing-page file and then to robots.txt.

That sequence, in and of itself, points to a malign operator. Honorable robots ask for robots.txt first. Why did you call it a search bot?

Consumers can use the service to add filters to their internet service. It is used by businesses and consumers. The IP range is part of a larger chunk that was transferred to RIPE in 2004 (146.112.0.0 - 146.112.255.255). Since the FF v62.4 was never released, it doesn't matter - someone is not who/what they claim to be.

I've searched through the past 6 years of web-logs and can find no other use of Firefox/62.4 in a user-agent string. Sort of reminds me of the scourge of Firefox 40.1 hits that were very common starting in the fall of 2016 from a wide variety of IP's (was the group or entity responsible for those ever identified?).

Cisco / OpenDNS seems to claim much of the 146.112.0.0/16 IP range. I've had no previous contact from that /16 up until now. I've added the particular /24 subnet to my router's blocking list, so my web server will no longer see them. I will be watching that particular /16 and AS36692 for more malarkey and will block more of them as necessary.