remarks: Loaded with proxies, see also: https://krebsonsecurity.com/2019/08/the-rise-of-bulletproof-residential-networks/
is-anonymous-proxy: yes
-net: 186.2.160.0/20
-descr: DDOS-GUARD CORP.
-remarks: IP chunk owned by an offshore company, abuse contact is a freemail address, address says "1/2 Miles Northern Highway, Belize"
-is-anonymous-proxy: yes
-
net: 188.72.80.0/21
descr: GZ Systems Limited / PureVPN
remarks: VPN provider
remarks: VPN provider
is-anonymous-proxy: yes
-net: 192.230.37.0/24
-descr: Privax LTD
-remarks: VPN provider
-is-anonymous-proxy: yes
-
-net: 192.230.39.0/24
-descr: Privax LTD
-remarks: VPN provider
-is-anonymous-proxy: yes
-
net: 192.241.169.122/32
descr: ssltunnel.net et al.
remarks: Open proxy provider
remarks: VPN and open proxy provider
is-anonymous-proxy: yes
-net: 193.218.190.0/24
-descr: Private Internet Hosting LTD
-remarks: VPN provider
-is-anonymous-proxy: yes
-
net: 194.5.96.0/22
descr: Angelo Kreikamp trading as Forhosting / Privacy Online / Danilenko, Artyom / ...
remarks: (Rogue) VPN provider
remarks: VPN provider
is-anonymous-proxy: yes
+net: 2607:6100:e1::/48
+descr: VPN Tunnel Endpoints
+remarks: VPN provider [high confidence, but not proofed]
+is-anonymous-proxy: yes
+
net: 2620:7:6001::/48
descr: Quintex Alliance Consulting
remarks: Tor relay provider
aut-num: AS206819
descr: ANSON NETWORK LIMITED
-remarks: Autonomous System registered to UK letterbox company, traces back through shady ISPs to TW
-country: TW
+remarks: another shady customer of "DDoS Guard Ltd.", located in AP area
+country: AP
aut-num: AS206898
descr: Server Hosting Pty Ltd
aut-num: AS207400
descr: AAEX NETWORK TECHNOLOGY LTD
-remarks: IP hijacker located in HK
+remarks: ... traces back to HK
country: HK
aut-num: AS207429
remarks: ISP located in NL, some RIR data contain garbage
country: NL
-net: 5.1.68.0/24
-descr: GaiacomLC
-remarks: routed to DE, inaccurate RIR data
-country: DE
-
-net: 5.1.69.0/24
-descr: GaiacomLC
-remarks: routed to DE, inaccurate RIR data
-country: DE
-
-net: 5.1.83.0/24
-descr: GaiacomLC
-remarks: routed to DE, inaccurate RIR data
-country: DE
-
-net: 5.1.88.0/24
-descr: GaiacomLC
-remarks: routed to DE, inaccurate RIR data
-country: DE
-
-net: 5.252.32.0/22
-descr: StormWall s.r.o.
-remarks: claims to be located in DE, but traces back to somewhere else in central Europe
-country: EU
-
net: 31.220.0.0/22
descr: Amarutu Technology Ltd. / KoDDoS / ESecurity
remarks: fake offshore location (BZ), traces back to NL
remarks: fake offshore location (PA), traces back to NL
country: NL
-net: 45.134.12.0/24
-descr: MS Network LTD
-remarks: fake offshore location (SC), traces back to NL
-country: NL
-
net: 45.134.144.0/22
descr: IPv4 Superhub Limited
remarks: same as 45.93.16.0/22
net: 185.143.223.0/24
descr: Lenar Davletshin
-remarks: traceroutes dead-end somewhere after entering Voxility's network in Vienna, but that's not the location of this network
-country: EU
+remarks: traceroutes dead-end somewhere in US, network location appears to move a round a lot
+country: US
net: 185.175.93.0/24
descr: Perfect Hosting Solutions
-remarks: bulletproof ISP related to AS204655, traces back to BG
-country: BG
+remarks: traces back to UA
+country: UA
net: 185.169.253.0/24
descr: Amarutu Technology Ltd. / KoDDoS / ESecurity
remarks: claims to be located in DE, traces back to HK
country: HK
+net: 188.40.220.0/24
+descr: FireStorm ISP GmbH
+remarks: Hetzner customer, infrastructure is physically located in DE
+country: DE
+
net: 190.2.128.0/19
descr: WorldStream (LATAM) BV
remarks: LACNIC IP chunk solely used in NL (inaccurate data)
remarks: claims to be located in DE, traces back to GB
country: GB
-net: 194.87.218.0/24
-descr: Hauer Hosting Services Limited
-remarks: traces back to RU
-country: RU
-
net: 195.66.165.0/24
descr: Posta Crne Gore
remarks: Orphaned RIR data, see: https://lists.ipfire.org/pipermail/location/2021-April/000267.html
country: ME
+net: 195.191.81.0/24
+descr: Matthias Fetzer
+remarks: traces back to UA at this time
+country: UA
+
net: 195.252.115.0/24
descr: Drenik ISP
remarks: Orphaned RIR data, see: https://lists.ipfire.org/pipermail/location/2021-April/000267.html
country: HK
drop: yes
-aut-num: AS22133
-descr: Octet Brasil Ltda
-remarks: Hijacked AS being announced out of RU
-country: RU
-drop: yes
-
-aut-num: AS24009
-descr: LANLIAN INTERNATIONAL HOLDING GROUP LIMITED
-remarks: IP hijacker and bulletproof ISP, possibly located near Los Angeles, US
-country: US
-drop: yes
-
aut-num: AS22769
descr: DDOSING NETWORK
remarks: IP hijacker located in US, massively tampers with RIR data
country: US
drop: yes
-aut-num: AS24009
-descr: LANLIAN INTERNATIONAL HOLDING GROUP LIMITED
-remarks: IP hijacker located in HK, tampers with RIR data
-country: HK
-drop: yes
-
-aut-num: AS27891
-descr: Universidad PedagA³gica Experimental Libertador
-remarks: Hijacked AS being announced out of RU
-country: RU
-drop: yes
-
aut-num: AS39770
descr: 1337TEAM LIMITED / eliteteam[.]to
remarks: Owned by an offshore letterbox company, suspected rogue ISP
remarks: IP hijacking? Rogue ISP?
drop: yes
-aut-num: AS61879
-descr: Ami¿½rica Latina Educacional Adm. e Servii¿½os LTDA
-remarks: Hijacked AS being announced out of RU
-country: RU
-drop: yes
-
aut-num: AS62068
descr: SpectraIP B.V.
remarks: bulletproof ISP (linked to AS202425 et al.) located in NL
aut-num: AS393889
descr: EightJoy Network LLC
-remarks: All prefixes announced by this network are hijacked
+remarks: Most likely hijacked AS
drop: yes
aut-num: AS398478
net: 196.11.32.0/20
descr: Sanlam Life Insurance Limited
-remarks: Stolen AfriNIC IPv4 space announced from NL
+remarks: Stolen AfriNIC IPv4 space announced from NL?
country: NL
drop: yes
projects / location / location-database.git / commitdiff
