Welcome to WebmasterWorld Guest from 54.147.220.66

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

Iana

   
10:18 pm on Jan 21, 2009 (gmt 0)

5+ Year Member



Didn’t raise any flags but just happened to see this in the log:

UA:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5 (.NET CLR 3.5.30729)

IP:
172.19.35.xx (172.16.0.0/12, IANA-BBLK-RESERVED)

No reverse DNS and did not read robots

Came in on the root domain and navigated to a “History” page keeping the previously established session – behaved like a human.

Just curious, does IANA make it a practice to either spider sites or browse sites? Maybe just an employee at IANA hitting the site? Maybe another IANA hack?

Phred

2:42 am on Jan 23, 2009 (gmt 0)

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member



172.16.0.0 to 172.31.255.255 is a private IP range, no? Someone on the same local network as the server? It's not from IANA as such, as the IP range is not routable on the public internet.
3:35 am on Jan 23, 2009 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Yes, the proper reading of the WHOIS record is, "Reserved by IANA for use in private networks." As encyclo said, it is an unroutable IP address range, just like 192.168.x.x and 10.x.x.x (and several others), and is reserved for use inside a LAN, similar to the way that 127.x.x.x is reserved for 'loopback' within a single machine. These addresses cannot pass through routers; They are meant only for use inside LANs. The reason they are not routable is so that anyone and everyone can use these ranges for their private networks; If they were routable, there would be a massive number of "collisions" because so many LANs use them.

OK, so that was about five ways to say the same thing... :)

So, it appears that someone at your hosting company is navigating your site from inside their network.

Jim

10:54 am on Jan 23, 2009 (gmt 0)

5+ Year Member



in the log
access_log or output from your statistics program?

That IP is most likely extracted from X-Forwarded-For. Please throw away your buggy statistics program!