How to block Spam Bot (Spider) from PSI (Performance Systems International)
Who is Performance Systems International?
OrgName: Performance Systems International Inc.
OrgID: PSI
Address: 1015 31st St NW
City: Washington
StateProv: DC
PostalCode: 20007
Country: USNetRange: 38.0.0.0 - 38.255.255.255
CIDR: 38.0.0.0/8
NetName: PSINETA
NetHandle: NET-38-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS.PSI.NET
NameServer: NS2.PSI.NET
Comment: Reassignment information for this block can be found at
Comment: rwhois.cogentco.com 4321
RegDate: 1991-04-16Updated: 2005-10-05
According to a post (Panscient Data Services – Stealing Your Data?) on http://randominternet.blogspot.com, Performance Systems International Inc is stealing everybody’s data. It’s notorious ShopWiki spider is probably crawling your e-commerce web site 10,000 times everyday. Read this article for more information:
http://randominternet.blogspot.com/2006_12_01_archive.html
Many people believe a bad guy, who wrote a few notorious bots while serving his jail time, is now doing whatever it takes to steal your data, and jam your web sites. Consult your web master or ISP on how to block Performance Systems International’s spiders:
voyagerShopWiki
Snapbot
Or you can do it by yourself by putting this into your root .htaccess file (if the bot is from IP address 38.99.203.110).
deny from 38.99.203.110
deny from 38.98.120.71
If you are using WordPress, you may want to install bad-behavior or Akismet plugin.
Tags: Business
Shumey said,
September 19, 2007 @ 12:29 am
The same one also left me wondering for a long time until I made further research. With the following IPs
38.98.120.83
38.100.41.112
This started to happen after I tried to contract some one supposedly from India to work on my site who mentioned an affiliate company in the US. Interestingly enough the person who signed on to my site also belonged to the same strings of IPs which is 38.98.120..83. I fired the group and kicked them out from from my site. After further investigation to my files, I found out a suspicious program called CERBERUS installed on my site. I confronted the person who pretentiously claimed to be working on my site. He dodged the questions.
Does any one have any advice for me where to check for site integrity and security vulnerability and how to take care of it?
Thank you for the info.
JP said,
January 3, 2008 @ 6:01 am
These strings of IP, 38.0.0.0 – 38.255.255.255, as detailed in the first post above, belongs to Performance Systems International. As I got plenty of of these IP, I dug a bit, and found their web-site: http://www.psi-cu-software.com/ A web solution company, based in USA. So I would guess that there’s nothing particularly wrong with them. But being a web company, they are used as proxy by many, absolutely normal. Using a proxy to access the web can be convenient for many reasons, but I guess that it also allows you to “hide” a bit, which is an advantage if your activities are not okay.
I suppose also that the IP address used for the proxy will change everytime the client access the web. So blocking one or a string of IP addresses from this PSI will not help a lot, and may block communication between you and other perfectly respectable contacts.
Cindy said,
January 4, 2008 @ 9:38 pm
Found this on the link http://www.psi-cu-software.com:
Please Note: We are not an Internet Service Provider (ISP). We are not affiliated with the ISP Cogent Communications, formerly known as “Performance Systems International”. If you would like to contact the ISP formerly known as “Performance Systems International”, please visit their WHOIS entry.
On the whois search – looks like it’s this company:
http://www.cogentco.com/htdocs/index.php
Noel said,
January 30, 2008 @ 5:05 pm
Symantec Endpoint block all efforts by these bots to access the net rendering them useless.So invest in it
zack said,
March 3, 2008 @ 12:49 pm
hi
today there was a visit by the IP 38.98.19.67. i found the following details from whois
IP Whois Results:
Connecting to whois.arin.net…
OrgName: Performance Systems International Inc.
OrgID: PSI
Address: 1015 31st St NW
City: Washington
StateProv: DC
PostalCode: 20007
Country: US
NetRange: 38.0.0.0 – 38.255.255.255
CIDR: 38.0.0.0/8
NetName: PSINETA
NetHandle: NET-38-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS.PSI.NET
NameServer: NS2.PSI.NET
Comment: Reassignment information for this block can be found at
Comment: rwhois.cogentco.com 4321
RegDate: 1991-04-16
Updated: 2005-10-05
RTechHandle: PSI-NISC-ARIN
RTechName: IP Allocation
RTechPhone: 1-877-875-4311
RTechEmail: ipalloc@cogentco.com
OrgAbuseHandle: COGEN-ARIN
OrgAbuseName: Cogent Abuse
OrgAbusePhone: 1-877-875-4311
OrgAbuseEmail: abuse@cogentco.com
OrgNOCHandle: ZC108-ARIN
OrgNOCName: Cogent Communications
OrgNOCPhone: 1-877-875-4311
OrgNOCEmail: noc@cogentco.com
OrgTechHandle: IPALL-ARIN
OrgTechName: IP Allocation
OrgTechPhone: 1-877-875-4311
OrgTechEmail: ipalloc@cogentco.com
# ARIN WHOIS database, last updated 2008-03-02 19:10
# Enter ? for additional hints on searching ARIN’s WHOIS database.
some one let us know what is the purpose of their visit to our sites, are they trying to steal something, put some spyware in our webserver etc..
denis long said,
March 22, 2008 @ 7:25 pm
sirs
i play poker at pokerstars for over a year now.
two weeks ago, i started to have big problems,
getting to the tables to play.
the program would hang.
while doing a network status report,
i discovered one of the hops was losing
30% of the packages.
the hop’s address–38.99.220.153 i.e PSI
are they trying to stop gambling?
denis
1-gb.net said,
March 24, 2008 @ 12:16 pm
I’m thinking of blocking the whole IP range from my servers.. it seems they also ‘host’ cuill a ‘stealth’ search group.. not sure what’s up with these PSI folks, but there a a LOT of bad log entries from their IP’s and well its better to be safer then sorry..
anyone else?
spat said,
March 25, 2008 @ 5:36 pm
Hi,folks!
I recently installed PeerGuardian2 and was noticing a few IP no’s in that range being blocked. PeerGuardian informs me they are being initiated by StarDock which is a desktop customizing tool. My weather tool was not updating with them blocked but works fine when unblocked. Not sure what to do now. I mean I have seen many negative or concerned comments from the formentioned IP range but no one in the StarDock community has mentioned any complaints that I know of.
Sietse Logger said,
April 5, 2008 @ 5:28 am
I have blocked the entire IP range yesterday, and suddenly my Snap plugin shows the message “IP banned” when I browse over links to entries I posted today. Does anyone else who posted here before me have a Snap plugin?
Helen Davies said,
April 10, 2008 @ 1:04 pm
This has got me worried folks! I am affraid to go out at night! Who are these PSI people and I feel like they are watching me from accross the street! I want to know how to protect myself?
Sietse Logger said,
April 11, 2008 @ 6:44 am
I have contacted snap.com over this, and they confirmed to me that the 38.98.x.y. range is their “Cogent pipe”, which they use for “crawling, and some serving”. Since I don’t mind the snap plugin working properly, I feel no need to maintain the block for my own pages. Snap is a site preview plugin that requires screenshots to be made for each page they crawl. So, that’s mostly what they are doing. I have even noticed they go back to old pages, to take new snapshots.
Jeff said,
April 22, 2008 @ 1:34 pm
Yep, I to use it and just noticed these log entries since I re-enabled the snap plugin. I was also concerned, but thanks to this post, mystery solved!
Thanks Sietse Logger!
D.F. Duck said,
May 1, 2008 @ 4:46 pm
Do a google on “Performance Systems International” and you will learn they have a long history of web site abuse and mass content theft. Notice in your httpd logs that most of the search spiders in this Class A IP range don’t honor robots.txt, even ones that do indentify themselves like Gigablast. I deny the entire IP range from all my web sites and could care less about the few “good” search spiders that get blocked in the process. The benefits of not having my sites raped an pillaged far outweighs the benefits of allowing them.
Deny from 38.0.0.0/8
Pat said,
June 3, 2008 @ 6:13 pm
I sent a note to someone who has Aol. It came back read by Performance Systems International, Washington DC what does that mean?
Thanks
Heather said,
June 13, 2008 @ 2:56 pm
I’ve been trying to sort out a mess with e-newletter company Constant Contact. They are based in Waltham, MA, but lately I’ve received several emails from someone claiming to work there but the IP address of the emails is in Washington, DC not Waltham, MA. Yep, the imposter IP is registered to Performance Systems International. The emails asked me to call an 800 number that is not affiliated with Constant Constant. Of course, I did NOT call. I reported all of this to CC and they are looking into it.
J.D. said,
August 6, 2008 @ 11:51 am
I am late to this thread but, it is day 3 of seeing “Performance Systems Interantional Inc.” on my statcounter stats. It updated every 20 seconds, making a new visit. I HATE THEM.
So, I am an average mac user, personal blogger. Could they actually be accessing any of my files this way?
What exactly is PSI DOING with this info?
How can I block them from getting to my blogger?
Thank you,
Jim Moore said,
August 17, 2008 @ 1:06 pm
Here’s my contribution. PSI has been on my case for some time, and since my site is sometimes critical of our governments shenanigans, I just assumed it was the HomeLand Security folks. I still suspect PSI is a Big Brother clone, but I no longer feel “special”. Shucks!
Jim
Meckanic said,
August 28, 2008 @ 6:07 pm
I have been watching PSI (out of the Washington DC area) in my logs and researching their footprint for some time (I think since August 2006). If I had to hazard a guess based on what I know and was involved in, this has a reasonable probability of being an alphabet company organization of the not so friendly kind, eg. CIA, NSA, etc. (you can look up what appears to be some rather suspicious information for yourself). Bad Santa may be checking/updating its list looking for security threats, real or imagined. You know, the kind that disagree with government policy. I highly doubt that the data is going into a ShopWiki…
katy said,
September 4, 2008 @ 3:35 am
I too have had PSI on my blog. The 38…..ips were from different cities & some I could tell from the srearch phase or host name would only be interested in my blog because of the content. I then noticed after another site I post on got hacked that my posts would only stay in google search results for a couple of days then were gone unless another site had linked to them. Also my blog no longer showed in google blog search. Found out this happened to another blog that had a negative post about a similar topic. I emailed cogent and posted their responses on googl blogger help group-links disappearing. I started posting their visits on my blog & the comment on the arin ip lookup. The info on my blog is negative info about only 1 part of a huge PE corp. & Iwould not be suprised if they own part of cogent. Do search on cogent communications investigations & then you can really worry. My blog is This is NOT OKAY! if you want to see subject matter targeted by huge corporations . katy
susy said,
September 25, 2008 @ 11:51 am
I am a newbie blogger and I noticed this IP address 38.99.13.124 registered to PSI in (Philadelphia, Pennsylvania) has been browsing my site. I don’t know what the hell is going on because, frankly I don’t even understand half the things that were mentioned here. Yay Newbie! But PSI started visiting my site on Sept 20, 2008 (my visitor count was at around 110 visitors and 70 unique visitors). Yesterday, the count was 0. ZERO. Wth? PSI was my most active visitor prior to this mishap. From what I can gather PSI is stealing my info and visitor count. Why would they even bother? HOW DO I GET RID OF THIS IP ADDRESS? I hate PSI. I am also hosted with godaddy and they don’t have an easy button to get rid of it. I really should have looked into other hosts that offer IP blocking.
Jim said,
October 5, 2008 @ 1:16 am
Yeah for some reason they have started hitting me lately and very hard with a jolt2 DoS attack about every ten minutes… sorry for bad format just copied logs and pasted… removed user and machine name.
As you can see the ip changes regurlarly and its always coming from:
OrgName: Performance Systems International Inc.
OrgID: PSI
Address: 1015 31st St NW
City: Washington
StateProv: DC
PostalCode: 20007
Country: US
NetRange: 38.0.0.0 – 38.255.255.255
CIDR: 38.0.0.0/8
NetName: PSINETA
NetHandle: NET-38-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS.PSI.NET
NameServer: NS2.PSI.NET
Comment: Reassignment information for this block can be found at
Comment: rwhois.cogentco.com 4321
RegDate: 1991-04-16
Updated: 2005-10-05
RTechHandle: PSI-NISC-ARIN
RTechName: IP Allocation
RTechPhone: 1-877-875-4311
RTechEmail: ipalloc@cogentco.com
OrgAbuseHandle: COGEN-ARIN
OrgAbuseName: Cogent Abuse
OrgAbusePhone: 1-877-875-4311
OrgAbuseEmail: abuse@cogentco.com
OrgNOCHandle: ZC108-ARIN
OrgNOCName: Cogent Communications
OrgNOCPhone: 1-877-875-4311
OrgNOCEmail: noc@cogentco.com
OrgTechHandle: IPALL-ARIN
OrgTechName: IP Allocation
OrgTechPhone: 1-877-875-4311
OrgTechEmail: ipalloc@cogentco.com
10/4/2008 10:51:23 PM Active Response Disengaged Information None None 38.101.109.227 00-00-00-00-00-00 0.0.0.0 00-00-00-00-00-00 Normal 1 10/4/2008 10:50:22 PM 10/4/2008 10:50:22 PM
10/4/2008 10:41:24 PM Active Response Information Incoming None 38.101.109.227 00-11-95-7C-4D-79 192.168.0.133 00-11-95-88-CF-B5 Normal 1 10/4/2008 10:40:22 PM 10/4/2008 10:40:22 PM
10/4/2008 10:40:22 PM Denial of Service Major Incoming UDP 38.101.109.227 00-11-95-7C-4D-79 192.168.0.133 00-11-95-88-CF-B5 Normal 1 10/4/2008 10:39:17 PM 10/4/2008 10:39:17 PM
10/4/2008 10:40:17 PM Active Response Disengaged Information None None 38.101.109.231 00-00-00-00-00-00 0.0.0.0 00-00-00-00-00-00 Normal 1 10/4/2008 10:39:16 PM 10/4/2008 10:39:16 PM
10/4/2008 10:30:16 PM Active Response Information Incoming None 38.101.109.231 00-11-95-7C-4D-79 192.168.0.133 00-11-95-88-CF-B5 Normal 1 10/4/2008 10:29:15 PM 10/4/2008 10:29:15 PM
10/4/2008 10:29:14 PM Denial of Service Major Incoming UDP 38.101.109.231 00-11-95-7C-4D-79 192.168.0.133 00-11-95-88-CF-B5 Normal 1 10/4/2008 10:28:11 PM 10/4/2008 10:28:11 PM
10/4/2008 10:29:14 PM Active Response Disengaged Information None None 38.103.50.88 00-00-00-00-00-00 0.0.0.0 00-00-00-00-00-00 Normal 1 10/4/2008 10:28:10 PM 10/4/2008 10:28:10 PM
10/4/2008 10:18:53 PM Active Response Information Incoming None 38.103.50.88 00-11-95-7C-4D-79 192.168.0.133 00-11-95-88-CF-B5 Normal 1 10/4/2008 10:18:09 PM 10/4/2008 10:18:09 PM
10/4/2008 10:18:09 PM Denial of Service Major Incoming UDP 38.103.50.88 00-11-95-7C-4D-79 192.168.0.133 00-11-95-88-CF-B5 Normal 1 10/4/2008 10:17:07 PM 10/4/2008 10:17:07 PM
All hits point back to
Jacque said,
October 7, 2008 @ 10:04 pm
LOL. I am reading all this and see all of you have these important sites, and yet the IP 38.118.19.44 which activemeter shows as: Host Name d044.host.mprdc.com
IP Address 38.118.19.44
ISP PERFORMANCE SYSTEMS INTERNATIONAL INC
Domain MPRDC.COM
City DAVIDSONVILLE
Region MARYLAND
and http://www.utrace.de shows it as being in Plainsboro, NJ and http://www.ip-adress.com shows it as:
IP address [?]: 38.118.19.44 [Copy][Whois]
IP address country: United States
IP address state: Massachusetts
IP address city: Cambridge
IP postcode: 02139
IP address latitude: 42.364601
IP address longitude: -71.102798
ISP of this IP [?]: Performance Systems International
Organization: Performance Systems International
Host of this IP: [?]: d044.host.mprdc.com
and dnsstuff.com shows it as:
IP address: 38.118.19.44
Reverse DNS: d044.host.mprdc.com.
Reverse DNS authenticity: [Verified]
ASN: 174
ASN Name: COGENT (Cogent/PSI)
IP range connectivity: 1
Registrar (per ASN): RIPE
Country (per IP registrar): US [United States]
Country Currency: USD [United States Dollars]
Country IP Range: 38.0.0.0 to 38.255.255.255
Country fraud profile: Normal
City (per outside source): Davidsonville, Maryland
Country (per outside source): US [United States]
Private (internal) IP? No
and I think whois says it’s in Washington, DC. But the reason I am weirded out is because it hit my friend’s MYSPACE PAGE. WTF?! Why? I monitor the IP hits for both of us, and she has nothing important nor all that interesting on there. So all I want to know is (I am not a complete lodite, but I am not a computer tech or programmer either)….DO I NEED TO CHECK FOR A VIRUS that might not show up on a regular scan? I am asking instead of her because she logged into her account on my laptop about a week ago and myspace said she had been phished (apparently) and this hit was yesterday, so I didn’t think they were connected, but please just tell me in dumb-person’s plain english if I should be concerned about my laptop or either of us when she logs into her account (if you know…if you care to take a moment to tell me). I would very much appreciate it. We’re nice people. We don’t even live in the US (think cold, wet, more north and very west!). It’s kinda creepy. If it is something that can be used by one of those proxies like hidemyass or hidemyd*ck.com etc., I am not so concerned. But if it’s a virus, or something bad for my computer, I am going to freak out.
Sorry it’s so long. I just don’t know how else to explain this techno-stuff. Thank you!
John said,
October 8, 2008 @ 7:03 pm
I visited a local city jail today to do some consulting for a contractor friend. While I was there, I used one of their computers to view some real-time data hosted on my servers. Low and behold, when I returned this evening, my logger had recorded the site vist as follows:
================================================
10/8/2008 10:07:20 AM, 38.184.1.100, Real-time
OrgName: Performance Systems International Inc.OrgID: PSI
Address: 1015 31st St NW
City: Washington
StateProv: DC
PostalCode: 20007
Country: US
NetRange: 38.0.0.0 – 38.255.255.255CIDR: 38.0.0.0/8NetName: PSINETA
NetHandle: NET-38-0-0-0-1
Parent:NetType: Direct Allocation
NameServer: NS.PSI.NET
NameServer: NS2.PSI.NET
Comment: Reassignment information for this block can be found at
Comment: rwhois.cogentco.com 4321
RegDate: 1991-04-16
Updated: 2005-10-05
RTechHandle: PSI-NISC-ARIN
RTechName: IP AllocationRTechPhone: +1-877-875-4311
RTechEmail: ipalloc@cogentco.comOrgAbuseHandle: COGEN-ARIN
OrgAbuseName: Cogent AbuseOrgAbusePhone: +1-877-875-4311
OrgAbuseEmail: abuse@cogentco.com
OrgNOCHandle: ZC108-ARIN
OrgNOCName: Cogent CommunicationsOrgNOCPhone: +1-877-875-4311
OrgNOCEmail: noc@cogentco.com
OrgTechHandle: IPALL-ARIN
OrgTechName: IP AllocationOrgTechPhone: +1-877-875-4311
OrgTechEmail: ipalloc@cogentco.com
10/8/2008 10:07:38 AM, 38.184.1.100, Recent kW
10/8/2008 10:07:44 AM, 38.184.1.100, Recent kW
10/8/2008 10:07:44 AM, 38.184.1.100, Recent kW
10/8/2008 10:07:45 AM, 38.184.1.100, Recent kW
10/8/2008 10:07:45 AM, 38.184.1.100, Recent kW
10/8/2008 10:07:49 AM, 38.184.1.100, Recent kW
10/8/2008 10:07:50 AM, 38.184.1.100, Recent kW
…
10/8/2008 10:18:17 AM, 38.184.1.100, Real-time
10/8/2008 10:18:18 AM, 38.184.1.100, Recent kW
10/8/2008 10:18:19 AM, 38.184.1.100, Recent kW
10/8/2008 10:18:53 AM, 38.184.1.100, Duration
I suspect that PSI is a proxy service for law enforcement, etc. as the facility I visited is on the West Coast.
some anonymous guy said,
November 12, 2008 @ 12:52 am
I’ve always wondered about this range too, I had a problem a with CGIproxy ( http://cgiproxy.gardennetworks.org ) that was hosted on a server with a 38.* range, and google was crawling threw it, I had to block 38.0.0.0/8 but what I was curious about is looking it up, there is no mention of a host. No parts of this range are proxy registered or anything. I’m really curious where that cgiproxy is hosted, what Webhosts have this range?
Anadolu said,
November 12, 2008 @ 7:02 pm
Their behavior is highly suspicious, it is clear that they belong to CIA or NSA. I have a website serving documents about socialism. Probably it is a bot, but they are indexing people, not websites.
thanatos said,
November 14, 2008 @ 7:55 pm
I too have had problems with these guys – and just because of one simple blog post. I think these guys are about massive IP (intellectual property) theft! If you put original thoughts onto the web these guys will attempt to intercept and remove them from ‘the record’ so that they can come back later and be ‘first to file’. They are just a massive patent/IP sieve and are probably in cahoots with intelligence types and big bizness – this just looks like a front for a Myhrvold style IP land grab where they don’t even have to work at being original; all they have to do is sift out original thoughts and ideas and steal them for themselves. The FBI should stomp on these guys, but I think they are probably helping them – traitorously manipulating the Patriot act and the DMCA for personal gain – betcha agents ‘investigating’ such crimes have nice cushy jobs lined up for them post-’enforcement-career in the companies they are supposedly investigating, just like most politicians and military intelligence types… And I think that google has a part in this too – selectively applying provenance to ideas to facilitate this IP theft – this is the scam of the century, if not millenium.
A friend said,
November 29, 2008 @ 1:21 am
I have a high school friend who works in the Department of Homeland Security and he tells me that the bot in question is part of the Homeland Securitys team. Whether it is a person or crawler I dont know but it has gone to your domian on a keyword basis.
Be afraid? Only if you have something to hide.
Joe said,
December 11, 2008 @ 11:56 pm
The reason I came to this site was because I did a test as speedtest.net and when I checked to see who was the fastest provider in my area it gave Performance Systems International as the best, and not just by a small margin, there numbers were much higher than any one else’s. The thing is PSI only showed in the results when I checked the box that said “click here to include schools and corporations.” So, I did a google search on PSI and it led me to here.
The Moderator said,
December 16, 2008 @ 12:05 pm
just a random spot check of my logs showed PSI is interested in what I have to say. SWEET! Then I Googled “Performance Systems International” then I went to http://samspade.org/whois/38.98.19.67 then I went to my IP Ban tool in C-Panel and added 38.98.19.64/26 to the ban list (which gave me a range of 38.98.19.64 – 38.98.19.127). So we shall see if this knocks PSI out of my logs or if I’ll have to add a whole new range to my kill list.
The Moderator said,
December 16, 2008 @ 12:09 pm
After more investigating, the IP range I listed above traces back to snap.com. Specifically, Perfect Market Technologies, Inc. which owns snap. So, I unblocked them.. Dang, I thought I had Homeland Security on my butt.
SIlaz said,
December 17, 2008 @ 1:39 pm
Yeah these guys are obviously US government. They seem to spider anything new you put up on a new domain name. I can’t say for sure whether they are actually stealing our intellectual property, and I personally have not put up on the web any of my dats that I consider particually valuable except things that I would expect people to want to share. In accordance with the spirit of the freedom of information on the web as I understand it. So these assholes don’t have any of my more valuable data a nd designs unless they have obtained my data illegally through other means. If they are intelligence related then they are probably just data junkies, and like to know everything that is up there on the web. In which case I hope they very very bored of thier jobs, and only have ugly wives to go home to…
Steve said,
December 24, 2008 @ 1:00 am
I’ve blocked PSI for a long time with any noticeable problems. Just logged a sweep of 111 domains on my server, loading the index page off every site, all within about 90 seconds, from 20 different 38.105.xxx.xxx ip addresses. I just assume they are content thieves.
Design And Promote said,
January 5, 2009 @ 9:59 am
I noticed the same issue but besides the 38 rage IP it also showed a competitor of mine name associated with the visit.
I’m guessing PSI is a proxy and my competitor was clicking on my PPC ads and trying not to be noticed.
I blocked the whole range by adding Deny from 38.0.0.0/8 to my .htaccess file.
stu said,
January 11, 2009 @ 12:30 pm
pretty funny (or not so funny) suggestions that PSI is some type of US government-backed snooper..They’ve visited a new blog 233 times in 15 days, average time on site 2 minutes plus…like they have nothing better to do….but the blog (parody of the crook bernard madoff) is becoming extremely popular—2000+ unique visitors a day…and aside from PSI, the SEC has visited it 15 different times…based on the IQ of government employees working within ‘enforcement’ departments, it would seem they don’t know the difference between butter and margarine.
http://www.bernard-madoff-scam.blogspot.com
Tyler said,
January 16, 2009 @ 11:44 am
Dudes and dudettes, this is the FBI who used this company as a front. Block them as much as possible
ScaryMadman said,
February 15, 2009 @ 10:06 pm
Guess what?
ISP is a US Gvt. Proxy Service…
38.0.0.0 – 38.255.255.255
ALL OF ‘EM!
G.Curtis said,
April 19, 2009 @ 11:05 pm
Hi guys.
I get hit, and I wonder how and why. My site is purely astro-mathematical, and PSI is hitting me.
There is no way they could have found my site by accident, because it is to replace a defunct site and I haven’t got round to promoting it yet. There are no links to lead to it.
(http://homepages.tesco.net/astroequation)
My tracker reports there is never a refering link, so they must be crawling at random or using a keyword search. As far as I am aware they have not done any harm, and as to stealing info, they sure as hell wouldn’t understand it anyway!
If it is CIA or related then the only interest they could have in my page is the implication of the real existence of alien superpower, which most officials would regard as nonsense? Surely?
I am baffled.
Cheers
Astroequation.
HiddenDark said,
July 23, 2009 @ 8:34 pm
The feds are crawling your sites to create their own search engine because
they google search engine results aren’t 100% accurate due to google
bans or blocks some sites.
So they want an accurate search engine for themselves.
So they built their own google search engine essentially.
It is also a proxy for them so they do searches and
visit sites personally, so it is both bots and people.
m3wt said,
August 26, 2009 @ 2:31 pm
I have just installed mobloquer, a graphical interface for moblock which is the linux equivalent of peerguardian. After a few minutes of running the program I checked the logs and was surprised to see several incoming connections from Performance Systems International. I googled this company and it led me to this site. I am very much concerned after reading some comments. Nobody seem to know who these people are.
yellowfever said,
July 2, 2011 @ 10:49 am
I have a particular website that we’ve moved from 2 different hosting providers over to GoDaddy because the site kept becoming “unreachable” at the other hosting providers and they couldn’t fix it (DoS attacks), the last time it was down for 2 months. Anyway after the latest move, all was okay until yesterday evening. Now on GoDaddy, getting the DoS on the site and the logs show PSINETA as the culprit. I don’t get it, this is an inocculous site, what is the interest the government has? By the way, the site is still down and GoDaddy can’t get it back up. The tracert has the last 20 of the 30 hops breaking down at … you guessed it cogentco.com’s servers. Yet, inside GoDaddy they get the site to come up, it is just the rest of the world that see’s the problems.