126.96.36.199 - 188.8.131.52
184.108.40.206 - 220.127.116.11
Although it's not part of my normal vocabulary, I'd suggest caution with this categorization.
API-Digital is a very large network (15 ranges in all) and colo is a mere part of their overall service.
Thanks Don, of course you're correct.
The trouble came from a media site that has a small sub-range within 18.104.22.168/19. When I saw that API-Digital also hosted gaming sites (a thorn in my side for years) as well as other colo services, I pulled the trigger.
Now that you've drawn my attention I see wireless and other ISP types speckled in there :)
ecommerce.com & ixwebhosting
22.214.171.124 - 126.96.36.199
Such a shiny new thread!
Seeing a new Amazon range at 188.8.131.52 - 184.108.40.206 with CIDRs: 220.127.116.11/13 and 18.104.22.168/12 that was registered 11-25-13.
Edited to add - I see now that dstiles posted this over in the Amazon pages - sorry, I'm having ISP difficulties this week and limping on a mobile modem so I'm missing a lot.
I block all of 54.
Tethered to a mobile; Luxury!
Try Asian dial-ups, or even maintaining a site via "Internet Shops". (Remember those?)
Lots of people connect throughout 54. Example: Whitehouse Telecom, New Jersey where my brother is.
Not to our site they don't.
Your brother... a missionary or inmate? :)
> Lots of people connect throughout 54
Tough. If Amazon cannot delineate their services properly they get blocked. I even block proxy accesses through them - especially block!
Tough. If Amazon cannot delineate their services properly they get blocked.
Nothing to do with Amazon. Anyone blocking 54/8 is shutting out a lot of human traffic.
"SeFlow.it Internet Services"
One-off robot from 22.214.171.124, but I think it's all servers.
I've had them blocked for well over a year.
BTW, what does "one-off" mean?
126.96.36.199 - 188.8.131.52
|BTW, what does "one-off" mean? |
I've seen them only one time, making only one request. Or just once per site.* I'm currently in a grumpy mode w/r/t robots, and am therefore blocking them wholesale. Ordinarily I ignore any isolated requests for front page alone, since I'm not a front-driven site and it's really no skin off my nose.
* For some reason I now own five domains. This would seem to be at least four more than I need, but oh well.
"Tough. If Amazon cannot delineate their services properly they get blocked. I even block proxy accesses through them - especially block!"
Gobbling 403's; A nasty hacking attempt today from the Mormon owned data centre in, you guessed, Utah, USA;
184.108.40.206 - 220.127.116.11 18.104.22.168/18 Blocked
You need 95. Lucy?
Let them go, we only allow 3 CIDRs from that A.
22.214.171.124 - 126.96.36.199
Servers and open proxy
188.8.131.52 - 184.108.40.206
Believe there's an old thread on OC3/Quadranet
QuadraNet, Inc (QUADR-20) [OC3 Networks]
QuadraNet provides dedicated hosting servers, enterprise level solutions, infracloud, and
QUADRANET 220.127.116.11 - 18.104.22.168 22.214.171.124/20
QUADRANET 126.96.36.199 - 188.8.131.52 184.108.40.206/18
QUADRANET 220.127.116.11 - 18.104.22.168 22.214.171.124/20
QUADRANET 126.96.36.199 - 188.8.131.52 184.108.40.206/19
QUADRANET 220.127.116.11 - 18.104.22.168 22.214.171.124/19
QUADRANET 126.96.36.199 - 188.8.131.52 184.108.40.206/21
QUADRANET 220.127.116.11 - 18.104.22.168 22.214.171.124/19
PacketExchange, Inc 126.96.36.199 - 188.8.131.52 184.108.40.206/18
UNUSED-LEGACY-REALLOCATION 220.127.116.11 - 18.104.22.168 22.214.171.124/24
UNUSED-LEGACY-REALLOCATION 126.96.36.199 - 188.8.131.52 184.108.40.206/29
QUADRANET 220.127.116.11 - 18.104.22.168 22.214.171.124/20
PacketExchange, Inc 126.96.36.199 - 188.8.131.52 184.108.40.206/19
UNUSED-LEGACY-REALLOCATION 220.127.116.11 - 18.104.22.168
UNUSED-LEGACY-REALLOCATION 22.214.171.124 - 126.96.36.199
UNUSED-LEGACY-REALLOCATION 188.8.131.52 - 184.108.40.206
UNUSED-LEGACY-REALLOCATION 220.127.116.11 - 18.104.22.168
UNUSED-LEGACY-REALLOCATION 22.214.171.124 - 126.96.36.199
QUADRANET 188.8.131.52 - 184.108.40.206 220.127.116.11/19
QUADRANET 18.104.22.168 - 22.214.171.124 126.96.36.199/19
PacketExchange, Inc 188.8.131.52 - 184.108.40.206 220.127.116.11/17
UNUSED-LEGACY-REALLOCATION 18.104.22.168 - 22.214.171.124
UNUSED-LEGACY-REALLOCATION 126.96.36.199 - 188.8.131.52
UNUSED-LEGACY-REALLOCATION 184.108.40.206 - 220.127.116.11
UNUSED-LEGACY-REALLOCATION 18.104.22.168 - 22.214.171.124
UNUSED-LEGACY-REALLOCATION 126.96.36.199 - 188.8.131.52
UNUSED-LEGACY-REALLOCATION 184.108.40.206 - 220.127.116.11
UNUSED-LEGACY-REALLOCATION 18.104.22.168 - 22.214.171.124
UNUSED-LEGACY-REALLOCATION 126.96.36.199 - 188.8.131.52
QUADRANET 184.108.40.206 - 220.127.116.11 18.104.22.168/18
QUADRANET 22.214.171.124 - 126.96.36.199 188.8.131.52/20
QUADRANET 2607:FCD0:: - 2607:FCD0:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
Thanks Don, had all those. The one I posted was new to me and also the fact that it was being used as a proxy for a bot in Africa.
(Dallas Fort Worth, Texas)
184.108.40.206 - 220.127.116.11
18.104.22.168 - - [14/Feb/2014:23:09:49 -0800] "GET /favicon.ico HTTP/1.1" 403 665 "-" "Nokia3120classic/2.0 (12.35) Profile/MIDP-2.1 Configuration/CLDC-1.1 Opera/9.60 (J2ME/MIDP;Opera Mini/4.2.13337Mod.by.CHIZZY/503; U; en)Presto/2.2.0 UNTRUSTED/1.0"
22.214.171.124/20 #126.96.36.199 - 188.8.131.52
Services include Security, Web Acceleration, Hosting & Colo.
You allow Level3 access?
|184.108.40.206 - - [14/Feb/2014:23:09:49 -0800] "GET /favicon.ico HTTP/1.1" 403 665 "-" "Nokia3120classic/2.0 (12.35) Profile/MIDP-2.1 Configuration/CLDC-1.1 Opera/9.60 (J2ME/MIDP;Opera Mini/4.2.13337Mod.by.CHIZZY/503; U; en)Presto/2.2.0 UNTRUSTED/1.0" |
What would a cell phone-- whether TRUSTED or not-- need with a favicon?
inetnum: 220.127.116.11 - 18.104.22.168
22.214.171.124 - guest book trap, comment spam attempts, hopeless...
Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A403 Safari/8536.25
inetnum: 126.96.36.199 - 188.8.131.52
You allow Level3 access?
|What would a cell phone-- whether TRUSTED or not-- need with a favicon? |
Dunno. This was obviously a probe to see what's up, but if in fact a cell phone did really request a favicon, there may be use as a tile, much in the same manner as a apple-touch-icon or browserconfig.xml icons. Too many new devices to know how they all work.
[added]Just checked on my Android phone. Yup, for a site where I have not designated an apple-touch-icon or a png to be used as a tile in browserconfig.xml, my Chrome browser uses the favicon as the icon in the bookmarks directory. Can't check the native Android web browser as I've disabled it.
And it's not the device that's UNTRUSTED, it's the network.
And from the Spanish-speaking enclave, up pops an ISPrime proxy;
AS23393 ISPrime, Inc.
184.108.40.206 - 220.127.116.11 18.104.22.168/18 Blocked
22.214.171.124 - 126.96.36.199
188.8.131.52 - 184.108.40.206
220.127.116.11 - 18.104.22.168
22.214.171.124 - 126.96.36.199
| This 109 message thread spans 4 pages: 109 (  2 3 4 ) > > |