Bot intelligence record

Splunk Attack Analyzer

Usually allow

Use the TwinWaveScanner identifier to separate Splunk feed fetching or subscription-style retrieval from normal visitor requests in server logs.

Feed Ai Training Verified Bot Confidence: Medium Verified: Yes robots.txt: No

User-Agent Pattern

Splunk
TwinWaveScanner

Robots.txt Snippet

Copy-ready 
User-agent: TwinWaveScanner Disallow: /

Handling Guidance

No

This bot is usually safe to allow when the request source is verified and the traffic matches your site policy.

Feed fetching, subscription updates, podcast retrieval, or content syndication checks.

Record Details

Structured data
Operator
Splunk
Family
Splunk
Type
Feed
Purpose
Ai Training
Identity type
Verified Bot
Confidence
Medium
Last verified
2026-04-01
Last checked
2026-04-30
Source type
Verified Directory
Spoofing risk
User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

Notes

Splunk Attack Analyzer is listed in the Botcrawl directory as a feed retrieval bot from Splunk. The primary identifier for log review is TwinWaveScanner.

Identification

  • User-agent pattern: TwinWaveScanner
  • Family: Splunk
  • Type: Feed
  • Kind: Fetcher

Common use

Feed fetching, subscription updates, podcast retrieval, or content syndication checks.

Verification and handling

Confirm the user-agent against server logs and use published operator documentation, IP ranges, reverse DNS, or other trust signals when available.

Directory guidance marks the risk level as Safe and the blocking decision as No. Do not rely on the user-agent string alone because user-agent strings can be copied or spoofed.

Robots.txt handling: No.

Evidence and Source

  • Validate the identifying user-agent or signature against the operator documentation before creating hard allow rules.
  • Feed fetching, subscription updates, podcast retrieval, or content syndication checks.
  • User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

https://www.splunk.com/en_us/products/attack-analyzer.html

Same family: Splunk

Splunk Synthetics Safe

Splunk Synthetics

Synthetic monitoring tool with global agents running in AWS.

Splunk Splunk Monitoring Monitoring
Verified robots.txt: No Block: No Verified Bot
Rigor Safe

Splunk

Synthetics monitoring platform used by Enterprise organizations.

Splunk Splunk Monitoring Monitoring
Verified robots.txt: No Block: No Verified Bot

Similar purpose: Ai Training

cohere-ai Neutral

cohere-ai

cohere-ai is a search crawler from Cohere used for search indexing, page discovery, or content rendering.

Cohere Cohere Search Ai Training
Verified robots.txt: Unknown Block: Depends Verified Bot
cohere-training-data-crawler Neutral

cohere-training-data-crawler

cohere-training-data-crawler is a search crawler from Cohere used for search indexing, page discovery, or content rendering.

Cohere Cohere Search Ai Training
Verified robots.txt: Unknown Block: Depends Verified Bot
WordPress Neutral

WordPress Namecheap

This is the major egress IP for our containerised WordPress platform so it is likely to be many flavours of WordPress and the potential to be any domain.

namecheap namecheap Ai Ai Training
Verified robots.txt: No Block: Depends Verified Bot
vercel-build-container Neutral

Vercel build container

Vercel build container is an AI crawler from Vercel used for AI-related crawling, retrieval, search, or assistant activity.

Vercel Vercel Ai Ai Training
Verified robots.txt: Unknown Block: Depends Verified Bot

WordPress Bot Protection

Bot Blocker for WordPress

Monitor bot traffic, review live activity, and control AI crawlers, scrapers, scanners, spam bots, and fake trusted bots from one clean WordPress dashboard.

Buy Now Start Free Trial