Friday, June 15, 2007

Doctor Zero Goes Scraping

Some scraper used all zeros in place of the parameters normally found in an MSIE or Firefox browser user agent.

Just look at this stupid crap:

86.21.47.45 "Mozilla/5.0 (000000000; 0; 000 000 00 0 000000; 00000; 0000000000) 00000000000000 000000000000000"

86.21.47.45 "Mozilla/5.0 (000000000; 0; 000 000 00 0; 00) 000000000000000 0000000 0000 000000 000000000000"
You know what he got for his efforts?

A big fat fucking ZERO in return, nada, zip, zilch, goose egg.

I'll bet he got the same number as a grade on his computer science project in school too!

14 comments:

Anonymous said...

Your almighty bot filter even kills access by people who surf with "Mozilla" but the version number doesn't parse? Oh, I'm soooo proud of you. :P

IncrediBILL said...

It does a full parse, one character out of place and you get punted.

Anonymous said...

You're such a Nazi

IncrediBILL said...

Not sure how my German heritage is a relevant to this conversation, but if name calling makes you feel big, enjoy.

Anonymous said...

This could also be an Earthlink browser; but more than likely, you've hit the nail on the head..

Side note: I did see the sign on the window that said; "We reserve the right to refuse service.."

Anonymous said...

A smart shopkeeper doesn't actually use their right to refuse service except on very, very rare occasions. That's because a smart customer who finds one establishment doesn't think their money's green enough simply takes that money directly to the competition...

IncrediBILL said...

I don't really dump that many real humans per day to make a difference out of 35K-40K visitors.

The few playing silly games with user agent strings that MAY be human simply aren't welcome, let them play silly games elsewhere, I really don't care.

Probably shoplifters anyway...

Anonymous said...

That is ludicrous. Every human is as important as any other. And it's simply not possible to shoplift from a virtual store, unless you've got terrible encryption/security like CD Universe famously did.

IncrediBILL said...

Speaking of ludicrous, your last comment was a gem.

Shoplifting from ecommerce is called credit card fraud, using a stolen card, happens all the time. Another variation is a shipping fraud scheme, lots of ways to steal from online stores.

Nice you see you've kept up with the times.

Anonymous said...

That's not shoplifting -- the victim is the card holder who gets the bill, not the store. If I stole your wallet and went to the local Best Buy and bought a Roomba with your money, who's the victim? The store, with one more customer? Or you, out $150 or so?

Anonymous said...

Right, and your bot paranoia and bot blocking will somehow stop someone using someone else's CC# that they happen to know.

I'd like to see you explain how, precisely.

IncrediBILL said...

Most people using fake CC#s do so via anonymous proxy servers so they can't be traced and I block off of those that I know about, so there!

Pffffft!

Anonymous said...

Hi,

Thanks for all the info especially the spybot ip lists.

Thanks again!

Berni said...

I think it is legitimate for a webmaster to demand to get the real user's UA. You can even argue to your clients it is necessary to detect the ability to use specific features like an AJAX gallery or so, and then display a nice message. ;)
On the other hand, IPv4 is still manageable -- to dump the lists of 'bad' IPv6 ranges could be a nightmare...
I just cut off HTTP/1.0 requests except for Yahoo, see what happens. :D