host-64-166-83.ubernet.com.bd was testing my security, so I thought I would out them. ubernet.com.bd is an IP telephone and ISP, out of Bangledesh.
Pattern:
This guy seems to have an older and a newer pattern. The older pattern starts with 220.47 and then appends the last 2 octets of the host name. The newer pattern starts with 45 and appends the last 3 octets of the host name.
static.vnpt.vn does not resolve as a host name, and as they scraped me I will track them down. They are pretty tricky. One of their tactics is that they use the host name “localhost”, which looks odd in the access log. Tech staff cannot find the actual IP address.
As I work with these IP ranges it is clear that this content scraper is doing a real detriment to Viet Nam. The use of his IPs would force me to pretty much ban the whole country. As an emerging country this would be very bad for Viet Nam, all for the greed and selfishness of a single bot maker. I know that there are no morals with stealing content, as with thieves, but at this stage of Viet Nam’s development this bot maker could easily damage the country.
lyncdiscover.dps.gov.co has nothing to do with the Government of Columbia, and a good thing, because it is a content scraper bot.
dps.gov.co is the Departamento para la Prosperidad Social, part of the Columbian Government. I am unsure how a content scraper got hold of a Columbian Government extent, legally.
As this is a Government site I have contacted their tech contact, but they do not look too sophisticated. At least I have done my part to try to stop this abuse of the dps.gv.co host name.
Research:
186.170.31.134 186.170.0.0 /15 COLOMBIA TEL
186.170.31.134
186.170.31.134
pool.hdesknet.com.br is part of the fix-website-errors.com by Semalt SEO content scraper campaign, huge and very annoying. I wish they would just stop scraping my site. This botnet is huge and does not seem to want to end. It started with keywords-monitoring-success and free-video-tool.com, which then involved Virtua and megared.net.mx. The vast majority of these content scraper bots reside in Brazil and South America, but there are others from Italy and the US.
sl-reverse.com is a content spammer that is creeping into my site and I want it stopped. I’ll hunt them down and ban them. Sl-reverse also uses servers in Canada, Germany, Singapore, Japan and Italy, to name a few.
If they botnet my butt I will get more aggressive on them.
hn.kd.dhcp is spamming my site, so I need to remove it. This guy has been around for quote a while and has a long list of IPs, but not so long a list of IP ranges. This spammer runs out of Henan Province, China, but has used Jilin, Chongqing, Guangdong, and Shanghai
These may be related: hn.kd.ny.adsl; hn.ly.kd.adsl; hn.kd.dhcp
Seven bamboo utensils, 3 spatulas, 3 spoons and maybe a pasta scooper, purchased in Toronto, Canada. What are their purposes and why so many? I will think about them. Photo by Don Tai
Mum offered me some spoons, which I did not really think about. After all, what is there to now about spoons. As with all simple things in life, they are not so simple once you dig into them. How many types of spoons can there be? Lots. What the purpose of the spoon with the round hole in it?
unassigned.calpop.com is a comment spammer, small yes, but still needs removal. They change this hostname’s IP a lot and move between different companies such as Calpop, CoreExpress, AirlineReservations.Com, and ATMLINK. They are out of Los Angeles. I am unsure if calpop.com is still in business, as Yelp postings suggest they are now closed. Their bot is still somehow finding electricity and connectivity to spam me, so the company and store die but the bot lives on…
no-reverse-dns-configured.com is a content spammer, and I need to eliminate him from hitting my site. Here are the details required to ban him. If these strict IPs are not sufficient then ban the range.
I did not ban the AWS ranges because IPs usually come up with AWS host names, and I ban them already.
