Yet again there is some bad bot behaviour on my website. This time it comes from the IP address: 14.18.25.69
The behaviour seems to be a bot due to trying to use the external URL from Google Tag Manager as a URL on my website. The 360Spider already got a 418 HTTP response code today due to its nonsense.
Based on my quick research, the traffic comes from China. See:
http://myip.ms/info/whois/14.18.25.69
http://myip.ms/info/whois/118.85.207.18/k/3309037677/website/center.189.cn
Thursday, February 28, 2013
Tuesday, February 26, 2013
Very suspect website traffic
Adding a mailing script and some logging to the 404 page of my website revealed the scary world of security hacking attempts, spammers, unwanted bots, old links and hopefully no missing files.
The Baidu spider started generating traffic going to URLs that do not even remotely exist on my site which in particular involves sign up, join and membership pages. This was later on followed by some three level deep news URLs and my website is only one level deep. Other bots started becoming an issue as well, but they did not keep going as long as Baidu did. At least Baidu is a big search engine, but the traffic makes me think that someone was using the search engines to scan my site to get access to sign up forms for spamming and other reasons. Since Baidu does not know of the URLs, it was most likely sending the bot to check if the URL is valid. If that is the case then I am happy that I was made aware of these attempts. They all got 301 redirects for their effort.
Another series of visits that I had was a blatant attempt at trying to breach security by looking for various standard updating URLs like WordPress and other CMS systems to try and identify what I use for my website plus possible breaking in. Due to custom system and security through obscurity, all of those attempts failed horribly and the 301 redirect list got extended. The CMS login is now also extended to three passwords and only three attempts to log in.
Another recent case that I had was URL's from other sites where "http://" gets stripped out and the rest gets added to maybe get lucky. My entire website is using full URLs and this was already happening when I used relative URLs.
The user agent string recorded for this was:
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MDDR; .NET4.0C; .NET4.0E; .NET CLR 1.1.4322; Tablet PC 2.0); 360Spider
IP Address: 101.226.166.243
HTTP Accept Language: zh-CN
The Baidu spider started generating traffic going to URLs that do not even remotely exist on my site which in particular involves sign up, join and membership pages. This was later on followed by some three level deep news URLs and my website is only one level deep. Other bots started becoming an issue as well, but they did not keep going as long as Baidu did. At least Baidu is a big search engine, but the traffic makes me think that someone was using the search engines to scan my site to get access to sign up forms for spamming and other reasons. Since Baidu does not know of the URLs, it was most likely sending the bot to check if the URL is valid. If that is the case then I am happy that I was made aware of these attempts. They all got 301 redirects for their effort.
Another series of visits that I had was a blatant attempt at trying to breach security by looking for various standard updating URLs like WordPress and other CMS systems to try and identify what I use for my website plus possible breaking in. Due to custom system and security through obscurity, all of those attempts failed horribly and the 301 redirect list got extended. The CMS login is now also extended to three passwords and only three attempts to log in.
Another recent case that I had was URL's from other sites where "http://" gets stripped out and the rest gets added to maybe get lucky. My entire website is using full URLs and this was already happening when I used relative URLs.
The user agent string recorded for this was:
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MDDR; .NET4.0C; .NET4.0E; .NET CLR 1.1.4322; Tablet PC 2.0); 360Spider
IP Address: 101.226.166.243
HTTP Accept Language: zh-CN
Wednesday, February 20, 2013
Activate-A Mercedes-Benz tablet device app
Mercedes-Benz in South Africa has launched an app that work on iOS and Android tablet devices. It does not seem to be an option for entry level Android phones since I tried to get it. Part of the app requires checking in at certain locations. The app is supposed to show how the Mercedes-Benz A class car will look which is most likely going to be on certain locations like road, parking lot and others using augmented reality to experience that type of lifestyle. Currently I could not yet test this part due to having to get home first to install the app and then drive to these location.
To install the app, search for "activate-a" (without the quotes) in the app store. The app does require registration and works for Cape Town, Durban and Johannesburg areas.
To install the app, search for "activate-a" (without the quotes) in the app store. The app does require registration and works for Cape Town, Durban and Johannesburg areas.
Subscribe to:
Posts (Atom)