Saturday, May 27, 2006

ServePath to being banned

Found a bunch of random stuff coming from a hosting company called ServePath today while running historical analysis on a batch of IPs.

Now these are the visible crawlers that came from ServePath: PEAR HTTP_Request class ( ) "Jakarta Commons-HttpClient/3.0" "Jakarta Commons-HttpClient/3.0" Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) NutchCVS/0.7.1 (Nutch;;
Here's the whole range:
OrgName: ServePath, LLC
NetRange: -
I'm going to block the whole thing and see if there are any stealth crawlers operating out of that location that haven't tripped any alarms yet and see what happens.


Anonymous said...

Seems to be another ServPath net range out there.
Had one come by my blog from IP
Info on this IP is:
NetRange: -
NetHandle: NET-69-59-128-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation

It pulled nothing but the favicon.ico and check access to / and that's it.
Probably a drive-by for access.

IncrediBILL said...

Thanks Keith!

I think I found some other stuff too as they seem to have a few blocks and decided just to block EVERYTHING with their reverse dns prefix of "customer-reverse-entry." and see what happened.

I've caught a few strays with that but probably missing things that actually reverse resolve to actual domain names.

Anonymous said...

Small world. Was just G'ing the IP and here ye be! Good move re the reverse, Bill -- that's all I've seen:

customer-reverse-entry. - [29/May/...] "Jakarta Commons-HttpClient/3.0"
customer-reverse-entry. - - [14/Jun/...] "Jakarta Commons-HttpClient/3.0"
customer-reverse-entry. - - [16/Jun/...] "Jakarta Commons-HttpClient/3.0"
customer-reverse-entry. - - [17/Jun/...] HEAD "online link validator ("
customer-reverse-entry. - - [17/Jun/...] "Jakarta Commons-HttpClient/3.0"

She Who Doesn't Cuss, Dammit