My money, in this case, is something like Akamai Kona or Shape Security, that does bot blocking. Comparing user-agent against known header order for that specific user-agent sounds like something they would do.
I'm asking because I've been running a web crawler for years now, and in the past week, I have noticed that the crawler is being rejected in more websites then usual.
idbehold|8 years ago
jstanley|8 years ago
unknown|8 years ago
[deleted]
gwillem|8 years ago
jnfurst|8 years ago
$ URL=http://www.akamai.com
$ UA="User-Agent: Mozilla/5.0 My API Client"
$ ACCEPT="Accept: /"
$ curl -v -H "$UA" -H "$ACCEPT" $URL
< HTTP/1.1 301 Moved Permanently
< Content-Length: 0
< Location: https://www.akamai.com
< Date: Tue, 02 May 2017 14:46:59 GMT
< Connection: keep-alive
squeed|8 years ago
My guess is a single site that was getting DDoS'd added this as an attack signature and forgot about it.
tyingq|8 years ago
jnfurst|8 years ago
michaelmior|8 years ago
Most libraries use an undefined order. This is not the same as random.
unknown|8 years ago
[deleted]
unknown|8 years ago
[deleted]
unknown|8 years ago
[deleted]
AznHisoka|8 years ago
I'm asking because I've been running a web crawler for years now, and in the past week, I have noticed that the crawler is being rejected in more websites then usual.
gumby|8 years ago
This is actually a report of two bugs:
1- the standard doesn't require an order
2 - the IETF's admonition that you be liberal in what you accept.