Test Certificate Info

Forum Moderators: open

Message Too Old, No Replies

Test Certificate Info

keyplyr

2:50 am on Apr 7, 2017 (gmt 0)

UA: Test Certificate Info
Protocol: HTTP/1.1
Robots.txt: No
Host: rr.com (Time Warner ISP)
70.60.0.0 - 70.63.255.255
70.60.0.0/14
174.96.0.0 - 174.111.255.255
174.96.0.0/12

One browser UA visit from each range, different times, normal behavior. Last request from each instance used "Test Certificate Info" and was blocked because of my server config:

HEAD /https://www.example.com

However, if this security was not in place, root files would be accessible.

CynicalRaver23

4:41 pm on Apr 7, 2017 (gmt 0)

Same.

Hosts:
Time Warner ISP
104.138.0.0 - 104.139.255.255
104.138.0.0/15
192.180.0.0 - 192.181.255.255
192.180.0.0/15
Comcast Cable Communications, Inc.
73.0.0.0 - 73.255.255.255
73.0.0.0/8
50.149.0.0 - 50.149.63.255
50.149.0.0/18
Qwest Communications Company, LLC (CenturyLink)
67.232.0.0 - 67.239.255.255
67.232.0.0/13

---

[edited by: keyplyr at 9:39 pm (utc) on Apr 7, 2017]
[edit reason] No specific IPs, only ranges please [/edit]

lucy24

5:53 pm on Apr 7, 2017 (gmt 0)

HEAD /https://www.example.com

Is this happening at sites that actually are https, or is it hitting http sites attempting to find out if an https exists?

CynicalRaver23

8:44 pm on Apr 7, 2017 (gmt 0)

All of my companies sites are HTTPS, but I do not think that matters.

Its supposed to pull information about the SSL cert of the website it goes to, but apparently the person who copied the code from a MSDN article missed the second / and so now it errors out.

keyplyr

9:34 pm on Apr 7, 2017 (gmt 0)

Hi CynicalRaver23 and welcome to WebmasterWorld [webmasterworld.com]

lucy24

1:00 am on Apr 8, 2017 (gmt 0)

:: idly wondering how 1 post + 1 post = 1 post ::

keyplyr

1:16 am on Apr 8, 2017 (gmt 0)

:: Pay no attention to the man behind the curtain ::

CynicalRaver23

2:01 pm on Apr 10, 2017 (gmt 0)

Thanks keyplyr. Have been checking this forum for about 2 months now and this thread finally convinced me to sign up.

Thank you for editing my Ranges, I wasnt sure if I should be putting the whole range as I was only hit from 1 IP out of the range, but will do so in future.

keyplyr

8:49 pm on Apr 10, 2017 (gmt 0)

@CynicalRaver23 - thanks.

Yes, we stick to posting ranges only. Probably not troublesome when the IP belongs to a server farm or data center, but when the IP is from an ISP, these are individual computer addresses and that is personal sensitive information.