I have been getting an awful lot of ill-mannered spambot type IPs and I'm getting tried of banning them. This one looks fishy, but the IP resolves to Mountain View. ff-in-f84.google.com 66.249.85.84 WTF? Anybody know FOR SURE wheteher this is a legit bot or something ugly?
Its google. http://www.dnstools.com/?lookup=on&wwwhois=on&arin=on&checkp=on&portNum=80&ping=on&all=on&target=66.249.85.84&submit=Get+Info
I guess I'm glad I didn't block it...I wonder what it's for? Not a typical Googlebot. There's no way that that DNS info could be faked, I guess?
The UserAgent will usually tell you plenty about whichever GoogleBot you have. Also, plugging the UserAgent into Google's search engine will find you more information than you could possibly want to know about it
I did that and didn't find anything conclusive, which is why I thought it was odd...only about 400 listings, all from server logs. Usually I look to see if someone else banned the IP.
Somone is running a keyword lookup of your site with Googles keyword generator tool. This bot is used by google to scan you site for keywords for use in an adwords campaign. Try it out yourself by entering your web address and then watch your logs, visit the adwords keyword generator tool https://adwords.google.com/select/KeywordToolExternal Typically it is competitors who are trying to get ideas for keywords by using your site as a guide.
This (reverse) DNS ... 66.249.85.84 resolves to ff-in-f84.google.com Code (markup): ... can easily be faked. But, this can't: OrgName: Google Inc. OrgID: GOGL Address: 1600 Amphitheatre Parkway City: Mountain View StateProv: CA PostalCode: 94043 Country: US NetRange: 66.249.64.0 - 66.249.95.255 CIDR: 66.249.64.0/19 NetName: GOOGLE NetHandle: NET-66-249-64-0-1 Parent: NET-66-0-0-0-0 NetType: Direct Allocation Code (markup): Jay
Hello amanamission, You may already know about these resources, but you can investigate anything suspicious you see in your server logs with arin.net, dnsstuff.com, and domaintools.com. There are plenty of other things you can do, for example from the command line with nslookup and whois.