Thanks for the corrections, seriously appreciated! The ARCOR designation was in the Vodaphone record so I thought that Arcor maint. servers is what the wider range covered, and for Vodaphone, Verizon, Roadrunner etc. communications cases I always only block the offending user, then watch for more of the same. I do copy the entire record for all my lookups, helps to see changes next time. :)
not2easy
4:45 pm on Mar 31, 2014 (gmt 0)
Two more scrapers today: 188.138.220.0 - 188.138.220.255 STARNETMD in Moldova route: 188.138.128.0/17 CIDR: (from online converter..) 188.138.220.0/24
I had a similar but different visitor come in with the blocked UA: "curl/7.15.5 (i386-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5" from ADD2NET-DOT-COM67.210.96.0 - 67.210.127.255 I had not seen such a combination before.
Tiscali scraper I had no record for: (FR) IE-POOL-BUSINESS-HOSTING 62.210.128.0 - 62.210.255.255
OK, thanks! It has both names in the record and I have lots of other Tiscali listings so it was put with them, but I'll set it right. It shows: netname: IE-POOL-BUSINESS-HOSTING descr: IP Pool for Iliad-Entreprises Business Hosting Customers country: FR admin-c: IENT-RIPE tech-c: IENT-RIPE status: LIR-PARTITIONED PA mnt-by: MNT-TISCALIFR-B2B
keyplyr
2:39 am on Apr 3, 2014 (gmt 0)
uni5.net servers in Brazil 177.12.160.0 - 177.12.163.255 177.12.160.0/20
keyplr - 177.12.160.0/20 is actually (and correctly) 177.12.160.0 - 177.12.175.255 - but thanks for the tip! :(
not2easy - 216.37.0.0/18 includes 216.37.55.128/25 but again, thanks.
keyplyr
8:40 pm on Apr 3, 2014 (gmt 0)
@dstiles - thanks... I had updated the CIDR (from what the WhoIS reports) but had forgotten to change the range (which I only use for my notes anyway.)
