I received an answer from planet-lab. Hi Kathleen,
Apologies for not resolving this sooner. We believe we found a likely source behind the traffic you've been referring to. As you may know, PlanetLab is a distributed systems research test bed with 1000+ machines world wide. These machines may share access to both research, local and public Internet. These services are actively managed by researchers granted access to PlanetLab accounts. Since your site is hosted by Google, the IP addresses that you use are not unique to you, but are shared among many Google hosted services. Many experiments on PlanetLab nodes sent significant volume of legitimate traffic to these IP addresses and finding the subset of this traffic that corresponds to your service is a bit more involved. We have however identified a likely experiment that is responsible, it is ucr_web slice, run by researchers at University of California, Riverside, who are cc'ed on this email. The researchers provide a description of their work as: """ This slice is being used to perform measurements to detect outages on paths on which traffic is served from PlanetLab. We passively observe traffic outgoing from PlanetLab to see which prefixes are receiving TCP traffic from PlanetLab, and then use a combination of passive monitoring and active probing to detect outages on paths to these prefixes.<br>We ensure that we only send active probes to prefixes that receive traffic from PlanetLab, and we probe every prefix at most once every 5 minutes if the prefix is reachable and at most three times in a 5 minute period if we do not receive responses to our probes.' On Friday, August 10, 2012 5:41:36 PM UTC-4, Kate wrote: > > I do not need multiple threads. My last three were in error as I was > having problems with my iPad and didn't think they were posted. My > apologies. > > I explained earlier that cloudflare cannot help as they need me to change > my dns and I cannot as it is a gae app. My netsol dns for > australiansabroad.com is set up according to google specs and are not > accepted by cloudflare.. > > The correct course of action is to have planet-lab stop sending tens of > thousand of curl requests. My site has been running since 1996 and I should > not have to spend hours figuring out how to block attacks. If planet-lab > will not stop the attacks I will take the course suggested by other posters > and report them to the appropriate authorities, > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/GqLd2DT2fZwJ. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
