It's possible to set up a server as a proxy, so that the connection to your site shows in your loga as coming from a hosting company instead of from the actual user's ISP.

Or just as likely, these are not human users, they're scripts, signing up and posting using automated methods.

Putting the IP address into a good reverse-DNS lookup tool may give you the domain name of the server, if it has one.

Jim

Yes, you can even code image verification to avoid automated postings and be sure to check if the ips you are mentioning are really illegitimate. You can use some tools at dnsstuff.com

Hi, thanks for reply!

Yes, I have the IPs and hosting company name, so I can block them easily with htaccess, just didn't mention their names here because it may be not their fault. And I'm using text in image to protect the site, but scripts and human scammers can bypass it easily.

So should I block those IPs? Should I assume that no human being, normal people, would use an IP from a hosting company (usually companies that provide dedicated servers) to sign up with my site?

Keep in mind that there is a thin line between "ISP" and "hosting company". For many years, it was common practice for companies to offer both services, though that is fading with the demise of dial-up. Additionally, local hosting has become less attractive, as webmasters catch-on to the advantages of big, strategically-located data centers.

There are still many local and regional ISPs that also offer hosting services. As well, there are firms that are now primarily in the hosting business who are still supporting their "legacy" connectivity customers.

I would focus more on behavior than IP addresses. Yes, many of these accesses from hosting companies are your competitors scraping your content. So, use anti-scraping measures, as well as finding the sites and doing what you can to have them shut down.

If you want to block hosting company IPs, I'd do it in a selective manner after careful research. One of the obvious steps is to see if there is a website at the address that is accessing your site, and go poking around.