Note the lack of a question mark in the title because this wasn't a question about "WHO?" but an actual statement about "WHO!" and by that I mean the WHO as in an office of the World Health Organization.
It registered 411 page requests from 220.127.116.11 which is a non-portable address assigned to the WHO Representative Office in Sri Lanka.
Here's the IP and UA:
18.104.22.168Here's the WHOIS:
"Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
inetnum: 22.214.171.124 - 126.96.36.199It pretended to be a human browser like so many of them do these days by pulling all the images from the index page and then it took off ripping pages like a bandit.
descr: WHO Representative Office
descr: 385, Health Inform. Centre, Suwasiripaya, Deens Road, Colombo-10
status: ASSIGNED NON-PORTABLE
person: Network Administrator SLTNet
address: Sri Lanka
It wasn't even a smart bot as the first link it hit off the index page was my bot trap which is easily flagged and avoidable in the robots.txt as a no crawl zone, so it definitely wasn't human.
Of course the robots.txt file is my other bot trap but what the hell.
Then it went screaming along asking for the next 409 pages at 2-3 pages a second.
It would appear that WHO should check out the health of their computer network as something is rotten in their offices in Sri Lanka.