Make that 184.108.40.206/17 Turkey (TR) Radore Hosting Telekomunikasyon Hizmetleri San. ve Tic. Ltd. Sti.
11:02 pm on Jul 24, 2012 (gmt 0)
Thanks dstiles. Do you happen to have that range in long form?
1:22 am on Jul 25, 2012 (gmt 0)
All I could find for Radore Hosting is:
220.127.116.11 - 18.104.22.168 22.214.171.124/24
9:09 pm on Jul 25, 2012 (gmt 0)
/17 is half /16 where /16 is nnn.nnn.0.0 - nnn.nnn.255.255 so /17 is either nnn.nnn.0.0 - nnn.nnn.127.255 or nnn.nnn.128.0 - nnn.nnn.255.255.
And so it goes on, halving each time - /18 /19 /20 etc. The linux Internet Protocol Calculator is useful here.
Radore is one of those annoying companies that only register in DNS in /24 units. I often get impatient with these and dunp them whether or not they really are servers/nasties (also companies that register in DNS with gmail or hotmail addresses!). In the case of Radore, the full /17 belongs to them: you have to check each /24 (or skip a few, anyway) to find the full range. Usually a check at 0.0, 31.0, 32.0, 63.0, 64.0 etc (ie every /19) is sufficient.
Although some records give the "owner" as SAYFA, robtex says the full /17 is Radore.
I use linux Network Tools (the Whois tab) for most of the work but occasionally use robtex for deeper digging. On Windows I used to use a downloaded version of Sam Spade but I'm fairly sure the Whois on that is now well out of date. I usually use robtex in its cnet mode - paste in all but the last IP digit (eg nnn.nnn.nnn.) and it will return a) a sample of IPs within that /24 unit; b) the range(s) that it thinks are related (eg /17 plus /16 plus /15) (although not for Radore); c) the range's "owner".
I also use spamhaus and blacklistalert.org sometimes to find out more about an IP's reputation. These are geared towards mail but can sometimes be interpreted for servers. Spamhaus also has a server-useable blacklist.
If there is an ambiguity about a range of IPs (ie is it a server farm or a broadband network) I sometimes hit a couple or so sample IPs with linux Umit to check for open ports etc.