| 2:01 am on Feb 1, 2014 (gmt 0)|
Ta for the tip, Sir: Done!
| 3:03 am on Feb 1, 2014 (gmt 0)|
"They seem to host across several EU countries."
Iceland yesterday, Europe today, tomorrow ze vorld!"
Nazis just never learn.
| 7:58 am on Feb 1, 2014 (gmt 0)|
I probably should not have laughed quite so hard when I started pasting-in EDIS ranges and found that the 37.235.c.d. piece was in my notes as Poland...
| 9:39 am on Feb 2, 2014 (gmt 0)|
My German friends claim every vestige of Nazism has been eradicated, and are truly ashamed of their modern history.
| 1:43 pm on Feb 2, 2014 (gmt 0)|
Moving rapidly on from the subject of National Socialism...
Ontario, Canada, is also host to some very unpleasant characters, amongst which we present: spdnetwork
220.127.116.11 - 18.104.22.168 22.214.171.124/19 Blocked
Visited our valid robots.txt, ignored its disallow, and proceeded to grab dozens of pages until zapped.
67.213.90.nn - - [02/Feb/2014] "GET /robots.txt HTTP/1.1" 200 3101 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT)"
| 10:11 pm on Feb 2, 2014 (gmt 0)|
MSIE five? Even on my (very permissive) site they'd never have got past the Old Browsers page.
| 12:59 am on Feb 3, 2014 (gmt 0)|
| 1:32 am on Feb 3, 2014 (gmt 0)|
OK, where do we draw the line if not Netscape 3? :)
We still have css hacks for IE 6...
But in my defence, we've blocked Blackberry on UA (and principle) for ages.
| 7:25 pm on Feb 3, 2014 (gmt 0)|
New MS range, registered last June:
126.96.36.199 - 188.8.131.52
I've started off with it blocked; we'll see what developes.
| 8:49 pm on Feb 3, 2014 (gmt 0)|
|But in my defence, we've blocked Blackberry on UA (and principle) for ages. |
I know 12,000+ people, well educated(think 100K+) that use BBs, me(I have 3) included. I actually had to redo several intranet apps recently to accommodate the browser.
| 8:07 am on Feb 4, 2014 (gmt 0)|
You work in the Pentagon?
If so, advise your colleagues, if they do not already know, why they are not welcome on the 21C internet. :)
| 12:00 pm on Feb 4, 2014 (gmt 0)|
New DataShack range (to me) registered 12/2013
184.108.40.206 - 220.127.116.11
| 5:48 pm on Feb 4, 2014 (gmt 0)|
Actually I'm pretty sure that DS range has been around since about March of 2011 (according to my notes.)
| 6:51 pm on Feb 4, 2014 (gmt 0)|
NetRange: 18.104.22.168 - 22.214.171.124
NetType: Direct Allocation
| 7:20 pm on Feb 4, 2014 (gmt 0)|
Not that it actually matters, but I've had 126.96.36.199/19 blocked in a client's htaccess for well over 2 years and my note says it was registered 03/2011. I've often seen the original registration date changed when the info is updated.
FWIW - whois.domaintools.com also says AS33387 DATASHACK - DataShack, LC (registered Mar 18, 2011)
| 9:53 pm on Feb 4, 2014 (gmt 0)|
Actually, the entire 107.150. range was re-registered/appointed during 12/2013.
Not that it matters. :)
| 10:37 pm on Feb 4, 2014 (gmt 0)|
Yup, that's what I said :)
|I've often seen the original registration date changed when the info is updated. |
| 10:39 pm on Feb 4, 2014 (gmt 0)|
keyplyr, are you positive your notes aren't attached to some type of time machine? I've still got huge slabs of 107 labeled bogon, including most of 144-191 with isolated holes. (Almost all of the holes are block-on-sight server farms. Figures.)
| 12:50 am on Feb 5, 2014 (gmt 0)|
Found one I had no info on, not a new register, but new to me:
Netelligent Hosting Services (Montreal)
188.8.131.52 - 184.108.40.206
Wearing UA "c3.sh/0.01" which I have not seen before.
| 1:15 am on Feb 5, 2014 (gmt 0)|
@lucy24 did you look at the source I gave?
| 2:00 am on Feb 5, 2014 (gmt 0)|
Thought I had HP fully blocked, but today 15.126.240.nnn displayed identical behaviour to those hyperactive Swedish fellows, xeex, et al...
Make your own minds up.
For me 220.127.116.11/8 is now Blocked
| 2:01 am on Feb 5, 2014 (gmt 0)|
Fer hevvins sakes, I'm not saying you're wrong. Just that you seem to get a lot of retroactively correct information, which is unnerving :)
| 2:25 am on Feb 5, 2014 (gmt 0)|
| 4:04 am on Feb 5, 2014 (gmt 0)|
Mention of Bogons is relevant.
I had to contact two site hosts recently because I couldn't access their sites.
The first one took some time to resolve.
It was my national Asian ISP, who had used a Bogon IP (quite legitimately) in relaying, but the host-site had not updated their Bogon filter.
The second incident:
Took me three months to get the CTO's attention, (whilst being fobbed-off by their Indian call-centre).
I'd guessed the same precipitating cause.
The guilty party this time was a major UK utility company using an old Bogon filter, until I nudged them to update it.
Lesson: Regularly refresh +our+ Bogon filters.
| 7:46 am on Feb 5, 2014 (gmt 0)|
18.104.22.168 - 22.214.171.124
| 12:08 pm on Feb 7, 2014 (gmt 0)|
Yet another nasty piece of work residing in Ontario Canada.
Identical behaviour to xeex, eonix, and those jolly Swedish chaps, but with a different UA
126.96.36.199 - 188.8.131.52 184.108.40.206/16 Blocked
166.48.192.nnn - - [05/Feb/2014] "GET /example.htm HTTP/1.1" 200 6101 "Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3"
| 12:22 pm on Feb 7, 2014 (gmt 0)|
Thread too big.
Continued in the Feb. 2014 thread:
| This 327 message thread spans 11 pages: < < 327 ( 1 2 3 4 5 6 7 8 9 10  ) |