Techie Question? What is this IP doing?

Michael Mayhew · 04-21-2012, 09:21 AM

Everyday almost on the hour I get a visit like this

Referer: http://88.198.7.221/?xurl=88.198.7.2...automation.com

3 different IP's, all everyday.

Just trying to figure out the purpose?

Farish · 04-21-2012, 10:34 AM

Trying to figure out it's purpose from your link is hard. What you need to do is look over your logs and see exactly what the referrer is trying to access. They are basically using a proxy service if that is what you were wondering about. Read this post on how to disable people using an xurl to come over. You may want to read that whole thread.

visitors from an xurl redirect what is it?

Lloyd Buchinski · 04-21-2012, 10:41 AM

At least the ip isn't in the spam database I checked.

If you treat the ip as a domain and do a whois, it looks like ripe.net has that whole range of ips.

88.198.7.221 - Who.is

It looks like it might be slightly related to your sig site, so maybe they are just keeping a check for new material.

It doesn't really answer your question, but maybe some of that is useful, or could lead to other ideas.

arthurnyc · 06-08-2012, 01:45 AM

I have the same IP hitting us (starreviews dot com) but I think it is some sort of bot for posting comments. We use wordpress and I am trying to match up IPs with the Spam comments. Let you know.

Arthur

automaton · 06-08-2012, 04:37 AM

Weird, searching with the operators inurl:"xurl" inurl:"xref" yields other examples.
There are some Russian sites blocked by their hosting in those examples so I guess there is a high probability that nothing good is of these kind of requests.

williamk · 06-11-2012, 04:45 AM

I think it is a spam bot too. Its better you change some comments to approval based. Its hard to tackle them.
They are persistent.

prismkuet · 06-11-2012, 11:15 AM

Probably they are keeping on eye to your site to see what the update you have that they can use. This sometimes happens for similar/same segment. And I don't think, they will be anyhow useful for you.

04-21-2012, 09:21 AM	#1
Michael Mayhew Senior Warrior Member War Room Member Join Date: Aug 2002 Location: Nashville, TN , USA. Posts: 3,274 Thanks: 62 Thanked 135 Times in 101 Posts Social Networking	Techie Question? What is this IP doing? Everyday almost on the hour I get a visit like this Referer: http://88.198.7.221/?xurl=88.198.7.2...automation.com 3 different IP's, all everyday. Just trying to figure out the purpose?
	IMO Partnership. A National Insurance Marketing Alliance. http://www.imopartnership.com/

04-21-2012, 10:34 AM	#2
Farish HyperActive Warrior Join Date: Feb 2012 Posts: 153 Thanks: 2 Thanked 30 Times in 25 Posts	Re: Techie Question? What is this IP doing? Trying to figure out it's purpose from your link is hard. What you need to do is look over your logs and see exactly what the referrer is trying to access. They are basically using a proxy service if that is what you were wondering about. Read this post on how to disable people using an xurl to come over. You may want to read that whole thread. visitors from an xurl redirect what is it?

04-21-2012, 10:41 AM	#3
Lloyd Buchinski copy and paste geek War Room Member Join Date: Jan 2005 Location: Calgary Posts: 1,720 Thanks: 116 Thanked 273 Times in 222 Posts	Re: Techie Question? What is this IP doing? At least the ip isn't in the spam database I checked. If you treat the ip as a domain and do a whois, it looks like ripe.net has that whole range of ips. 88.198.7.221 - Who.is It looks like it might be slightly related to your sig site, so maybe they are just keeping a check for new material. It doesn't really answer your question, but maybe some of that is useful, or could lead to other ideas.
	A lot of people become pessimists from financing optimists. CT Jones The KimW WSO

06-08-2012, 01:45 AM	#4
arthurnyc Warrior Member Join Date: May 2012 Location: Northport, NY Posts: 3 Thanks: 0 Thanked 0 Times in 0 Posts Contact Info	Re: Techie Question? What is this IP doing? I have the same IP hitting us (starreviews dot com) but I think it is some sort of bot for posting comments. We use wordpress and I am trying to match up IPs with the Spam comments. Let you know. Arthur

06-08-2012, 04:37 AM	#5
automaton HyperActive Warrior War Room Member Join Date: Jan 2011 Posts: 123 Blog Entries: 2 Thanks: 13 Thanked 19 Times in 17 Posts	Re: Techie Question? What is this IP doing? Weird, searching with the operators inurl:"xurl" inurl:"xref" yields other examples. There are some Russian sites blocked by their hosting in those examples so I guess there is a high probability that nothing good is of these kind of requests.
	Video Marketing Bot PRO - Video Marketing Made Easy

06-11-2012, 04:45 AM	#6
williamk Keyword Research Addict War Room Member Join Date: Jan 2010 Location: Multiverse Posts: 776 Thanks: 1 Thanked 41 Times in 41 Posts Contact Info	Re: Techie Question? What is this IP doing? I think it is a spam bot too. Its better you change some comments to approval based. Its hard to tackle them. They are persistent.
	Premium Mini Authority Site – Hot Untapped Niche, LSI Articles, Custom Themes & Full SEO! Premium MNS - Instant Earnings Targeting Ultra Low Competition Keywords! Adsense Keyword Research - The LOWEST COMPETITION Keyword Research Service You’ll Ever See!

06-11-2012, 11:15 AM	#7
prismkuet Advanced Warrior Join Date: Dec 2010 Posts: 669 Thanks: 5 Thanked 36 Times in 35 Posts	Re: Techie Question? What is this IP doing? Probably they are keeping on eye to your site to see what the update you have that they can use. This sometimes happens for similar/same segment. And I don't think, they will be anyhow useful for you.
	check out the Pros and Cons of CPA