homepage Welcome to WebmasterWorld Guest from 54.226.173.169
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / Search Engines / Search Engine Spider and User Agent Identification
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL

Search Engine Spider and User Agent Identification Forum

    
news bot
prateh.ru
keyplyr




msg:4483296
 8:47 pm on Aug 9, 2012 (gmt 0)



UA: Mozilla/5.0 (compatible; news bot /2.1)
Referrer: http://prateh.ru/
robots.txt: no

BSB-SERVICE Dedicated Server Hosting
85.25.129.0 - 85.25.153.255

 

dstiles




msg:4483668
 8:20 pm on Aug 10, 2012 (gmt 0)

85.25.0.0/16 - serverloft DE. Block the lot. :)

keyplyr




msg:4483747
 12:36 am on Aug 11, 2012 (gmt 0)



Seems there are many server farms inside 85.25.0.0/16 including Hurricane.

dstiles




msg:4483900
 6:55 pm on Aug 11, 2012 (gmt 0)

Although I have the range tagged since May 2010 as serverloft it now appears to belong to PlusServer and managed by Intergenia (same company?).

Hadn't noticed hurricane but a lot of US companies are using RIPE services now. Part of the world take-over bid, I suppose. :)

motorhaven




msg:4484094
 6:09 pm on Aug 12, 2012 (gmt 0)

I have mostly garbage in that range (most of it is blocked). 85.25.176.x and 85.25.138.x I have legit users from.

dstiles




msg:4484115
 7:31 pm on Aug 12, 2012 (gmt 0)

I assume those users are bots from servers? Taking an IP at random at 176.88 I got three open ports including http, ftp and something called mythtv. In my book, that's a server.

motorhaven




msg:4484116
 7:47 pm on Aug 12, 2012 (gmt 0)

From two long time and respected members of one of my forums with hundreds of posts each. Out of the dozens of IPs they've each used over the years, those are listed. I have no *recent* data, so it may have been a proxy at some point in the past they used.

I show nothing in my logs from either of those IPs from the last 60 days so its probably a safe bet to block the IPs.

dstiles




msg:4484401
 8:04 pm on Aug 13, 2012 (gmt 0)

Proxy IPs would be a good bet if the servers' users were that way inclined. If you have specific IPs then run a port check of them (I use linux umit) to see if there are any open ports that could be used for any purpose such as http, ftp. If so, it's a fair bet they could also be used as proxies.

I monitor all proxies that hit my servers (check the headers). Many are harmless and are let through, others are blocked.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Search Engines / Search Engine Spider and User Agent Identification
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved