adult spider bot poking my web
April 20, 2008 Posted by Al Castle
trackback
Categories: Castle, Puter Stuff, Squirrels, TimeWaster
I tend to keep a tail open to my web logs, much in the same way I usually keep the TV on as background noise. My highly tuned Über brain keeps a look out for odd traffic for me to go easter egg hunting with.
Just a minute ago I saw three unusual direct hits, no referral, no other requests.
64.27.21.2 “GET /2006/10/15/crossover-revisited-osx/ HTTP/1.1″ 200 23337 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)”
64.27.21.2 “GET /2006/12/18/cowboy-al HTTP/1.1″ 200 24358 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)”
64.27.21.2 “GET /?attachment_id=79 HTTP/1.1″ 200 21207 “-” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)”
A whois gives us this.
Hollywood Interactive, Inc. HOLLYWOOD-INTERACTIVE (NET-64-27-0-0-1)
64.27.0.0 - 64.27.31.255
AirlineReservations.Com, Inc. HWLD-AIRRES-005 (NET-64-27-21-0-1)
64.27.21.0 - 64.27.21.255
Yeah. Right. AirlineReservations is a great domain name, but it’s just a series of Google Ads pages with nothing of its own. More of a ruse than anything.
Accessing 64.27.21.2 on port 80 gives us a page titled “Adult Search”, without any search functionality, just a list of adult sites with thumbnails.
What’s funny is look at the pages they wanted from me. I’m guessing these are quality adult keywords?
- crossover-revisited-osx
- cowboy-al (this could also be a regex looking for cowboy-gal?)
- attachment_id=79 (not sure on this one. My page is about Audio Hijack so who knows).
Nothing terribly exciting for a lazy Sunday morning.
Comments»
no comments yet - be the first?