Bots - where are they coming from?
Human versus bots and botnetsGeolocation of machines (not of attacks) that have intended a bad action against a website. The above illustration is refreshed every hour, based on data collected from a real live website having around 10 000 visitors per day. Data is kept for a duration depending on the importance of action. For instance, if a script kiddie is trying to download all your webpages using an automated tool, IP will be kept for only a few hours/days. If a botnet is doing a ddos, IPs will be remembered for a few days. The duration can be up to 1 year for intrusion detection or recurrent access from a server. The values exclude friendly bots that respect the robots.txt file.
Identified machines include the following: