Date: Thu, 24 May 2001 22:02:52 -0500 From: "G. Adam Stanislav" <adam@whizkidtech.net> To: chat@freebsd.org Subject: Braindead spider from 198.4.83.49 Message-ID: <3.0.6.32.20010524220252.00a87690@mail85.pair.com>
next in thread | raw e-mail | index | archive | help
I really don't know whom else to ask this. It has nothing to do with FreeBSD. I just figured someone here will know (and since chat is about anything...) Does anyone know who is behind the IP of 198.4.83.49? I cannot ping it. I cannot browse to it. But it appears in my web logs, and, from a Google search, in apparently everyone's web logs. Namely, it spiders the web all the time. It uses a spider named "WFARC". Now, all other spiders have the decency to leave a web address in my log, so I can go and check who is spidering me. Not so with WFARC. The only trail it leaves is the mysterious IP of 198.4.83.49. Now, I normally do not mind spiders. In fact, I welcome them. But not this one. For one, it keeps coming back too often. More importantly, it is brain dead. Take a look at this, for example: 198.4.83.49 - - [23/May/2001:23:55:12 -0400] "GET /protectamerica/info.cgi?information HTTP/1.0" 404 39580 "-" "WFARC" 198.4.83.49 - - [23/May/2001:23:55:15 -0400] "GET /protectamerica/order.cgi?information HTTP/1.0" 404 39580 "-" "WFARC" 198.4.83.49 - - [23/May/2001:23:55:17 -0400] "GET /protectamerica/plans.cgi?information HTTP/1.0" 404 39580 "-" "WFARC" These pages do not exist. Well, not on MY server. The web page where they are listed contains <base href="http://.....">. But the stupid spider does not know what that means. It keeps looking for hundreds of pages that do not exist on my server. And that is driving me crazy. At least if I knew who is sending this nonsense all around the web, so I could email to them and ask them to fix their spider! And if you want to see total incompetence, check this out: 198.4.83.49 - - [23/May/2001:23:55:26 -0400] "GET /registrar/https:/secure.onlineaccess.net/supertransfer/new-transfer.php?ID= 65dedf717554e61dd0a90bb730110260&secID=information HTTP/1.0" 404 39580 "-" "WFARC" It saw <a href="https://secure...">. It changed the // to /, and just appended the URL to the directory in which it found the link. This is totally ridiculous. With so much incompetence, I do not understand how it found my web site to start with. But as long as it did, and as long as it is wasting precious cycles, if someone knows who is behind it, PLEASE, PLEASE, let me know. Thanks, Adam --- http://phonecowboy.com/registrar/twist/ finds a good domain for you and checks for its existence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.6.32.20010524220252.00a87690>