I'm not going to be much help here.

Personally, I've had the 153 Class A denied since 2003.
As to the why? Who knows!

These PHP requests seem to come in batches. Over time (unless the IP range is already denied) I simply the ignore them.
Ignoring may not be an option for a PHP user whose server offers vulnerabilites in the files they are requesting.

Thanks.

I know there is a lot about what should be forbidden out there (already Googled bot related stuff), and I wonder if there are decent, well known proven lists of both bots and IP addresses that should not be thought about twice before banned.

About PHP, although I do use PHP inside HTML, I guess I should not worry as I don’t actually host PHP software within my site (shared hosting). Their IP got banned though.

well known proven lists of both bots and IP addresses that should not be thought about twice before banned

There are some older (pre-2004) accumulated lists from this forum's heyday.
Many of the UA's and IP's are still relevant. While others are either no longer used or irrelevant.

What's detrimental to my sites may prove beneficial to yours, and vice versa.

To simply copy a denies and accept the insights from another whose reputability you'd have no concept of?
Is a bad practice.

Got it. Thanks.

Hmm. From your original email it sounds like you're victim of a script kiddy using probably a compromised computer ( from a military base I guess according to the IP ). That's the reason for the long query. Usually when you see a request on your site, followed by a tremendous amount of characters after it, it's an attempt to hack your site through buffer overflow.

More details here
[en.wikipedia.org...]

I get them all the time. But usually if you are up to date with your apache or IIS patches you don't need to bother about them.