Thanks for the information so based of what that resource says and from what I understand surely that field should only say "anonymous" or "username" if on those files / folders in my Nginx config I use "auth_basic" ?

http://nginx.org/en/docs/http/ngx_http_auth_basic_module.html

The fact they are inputting that header unlike everyone else just alerts me.

Because I don't use auth_basic anywhere would anything bad happen if I did the following.

if($remote_user != "^$") { #Block requests where the user is not empty / missing
return 444;
}

Their IP is also listed on stopforumspam's database what also raises suspicion further https://www.stopforumspam.com/ipcheck/176.57.129.88

http://www.networkflare.com/