How to report wrong IP whois information (part 2)

email669 · March 13, 2025, 2:39am

Hi,

I posted previously in this thread: How to report wrong IP whois information?

I THOUGHT that using the suggested ASN0 was picking up all of the results, but there are still some sliding through.

In the first thread, a link was shared to https://www.maxmind.com/en/geoip-web-services-demo allowing me to do a whois on the IP address.

MaxMind has the IP information correct, but on my website the IP address 140.228.23.0 (140-228-23-0.websetup.net) was able to get passed the ASN detection and has done hundreds of requests with a new user agent for each request (just a few daily).

---- the IP is 140.228.23.0/24 (I cannot find the exact IP. I have annon setup on last digit and in the CLoudflare system I did everything I could to find the IP - but I can’t). There is no traffic with ASN0 or ASN 16276 to my website with an IP inside of 140.228.23.0/24

Can you please help me understand what is happening here? It should be classified as ‘OVHcloud’ AS16276 - OVH SAS

Please let me know the best thing to do here. I am like in a loop of blocking these, my old rules getting too large and then removing etc. I THINK this is some type of proxy like they suggested in the first thread because of the user agent switching (which makes it even harder to detect for me).

To respond to last thread (I missed it by 6 hours) - that I am def using the API ( I just created two API endpoints)- the only thing that has ‘stopped me’ from putting it live yet is that I have to ‘update ALL of the rules everytime’. I use the Cloudflare web interface always… and then it seems like it will get ‘to confusing, to much’.

What I wanted to do was a ‘copy rule’ and rename it ‘copy API Endpoint’ and have just that rule automated - but I can’t it doesn’t appear. So it’s an ALL or NONE thing…
So that has me in some mental block lol.

---- i have a secondary domain setup on the FREE - I can’t see analytics in that account . - but I confirmed that ASN0 is setup and ASN16276 rule. These requests can’t be passing the JS challenge, there’s like requests with user agent Firefox 3.6 <=- lol

cloonan · March 13, 2025, 7:59pm

2 posts were merged into an existing topic: How to report wrong IP whois information?

Topic		Replies	Views
How to report wrong IP whois information? Website, Application, Performance	14	56	March 17, 2025
Geo location often stale/out-of-date Cloudflare Radar	4	50	July 14, 2024
Australian IP geolocation incorrect (showing as United States) Security	2	1238	December 15, 2022
IP identified in the wrong country since 2-3 days Rules	3	20	October 25, 2024
Bug with WAF Logs; Same IP address shown for different ASNs Security	8	2029	July 30, 2022

How to report wrong IP whois information (part 2)

---- the IP is 140.228.23.0/24 (I cannot find the exact IP. I have annon setup on last digit and in the CLoudflare system I did everything I could to find the IP - but I can’t). There is no traffic with ASN0 or ASN 16276 to my website with an IP inside of 140.228.23.0/24

Related topics