Sunday, September 03, 2006

Today I noticed another hit from this same server farm in Germany with something pretending to be a Windows browser: [] requested 16 pages as "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x4.90)"
So I checked my archives and sure enough it's been here a time or two before attempting to get inside and there was some hit's from other assocated IP's in their range.

Who hosts this mess appears to be
netnum: -
netname: DE-INTERGENIA-20010727
descr: intergenia AG
Which also owns,,,, and some end user services who's IP's may be a part of's range, no clue.

The, and both appear to use this range:
inetnum: -
netname: PLUSSERVER-1
descr: PlusServer - Dedicated Premium Serverhosting
The seems to have this block:
OrgName: Server4You Inc.
NetRange: -
Which means the crawler that started this search still can't be pinned down to a specific hosting block for server4you other than the reverse DNS claims it's I poked around doing a few nslookups in that range and they return either return static-ip-62-75-*-* or so I'm a little hesitant just to block the whole range.

So it looks like I'll block the obvious hosting ranges by IP and by reverse DNS for now.

1 comment:

Olliver said...

What you see isn't exactly a mess. It all runs under the intergenia umbrella, however with different established brands:

They don't offer any dialup/broadband services to end users, but hosting or backbone connectivity, so you can safely block these ranges without accidentally locking out legitimate German visitors ;-)