# This is Wizcrafts' Exploited Servers blocklist, in iptables APF format, for use in Linux/Apache web server firewalls.
## Compiled and published by Wizcrafts Computer Services - http://www.wizcrafts.net/
### We have safer version of this file, in .htaccess format, at: http://www.wizcrafts.net/exploited-servers-blocklist.html
#### This time consuming work is supported by donations from people who use and benefit from this blocklist.
##### Please make your donation here: http://www.wizcrafts.net/payments.html - Thanks in advance :-)
###### This page was last updated on: December 29, 2008 (may include multiple updates per day)


########## READ THESE NOTES ##########
# All of the CIDRs in this list are here because they host un-secured exploited servers, or client websites.
# Some of these servers/websites are used for spamming, while others attempt hostile script redirects or scraping.
# This list includes CIDRs for German based spammers using "Schlund + Partner AG" and "1&1 Internet AG" servers.
# This list of IP CIDRs should go into a file named "deny_hosts.rules" which is managed by your APF directives.
### Be careful! Your own web host's, or dedicated server's IP may be included in this list.
# If so, you and your users will be totally blocked from HTTP, FTP and Email access!
# If your server's IP is covered by a CIDR in this list, remove it before installing this blocklist!
# You can also direct an APF firewall to allow your own IP addresses, via an included file, named "allow_hosts.rules"
## The .htaccess version of this blocklist is safer to use, as it doesn't normally lock out access to your mail or ftp servers.

# Exploited - shared, VPS and dedicated web servers, listed by the entire CIDR assigned to each hosting company.

24.172.171.18
38.100.22.104/29
38.100.22.112/28
38.100.22.128/26
62.21.96.0/22
62.75.202.0/24
62.141.48.0/20
62.141.56.0/21
62.149.128.0/17
64.15.138.160/27
64.20.32.0/19
64.22.64.0/18
64.27.0.0/19
64.34.176.0/20
64.38.0.0/18
64.91.224.0/19
64.92.199.0/24
64.92.200.0/24
64.118.80.0/20
64.182.0.0/16
64.185.224.0/20
64.191.0.0/17
65.23.153.0/24
65.36.128.0/17
65.98.0.0/17
65.167.19.30
65.182.188.0/22
66.7.192.0/19
66.35.39.128/25
66.38.130.192/26
66.49.128.0/17
66.79.167.128/25
66.79.168.134/32
66.90.64.0/18
66.116.125.0/24
66.148.64.0/18
66.154.0.0/18
66.154.64.0/19
66.160.186.0/24
66.186.36.195
66.197.128.0/17
66.199.224.0/19
66.225.212.0/22
66.232.96.0/19
66.235.160.0/19
66.235.192.0/19
67.131.248.0/24
67.159.0.0/18
67.205.69.32/27
67.228.0.0/16
69.13.0.0/16
69.16.192.0/18
69.31.40.0/21
69.31.80.0/21
69.50.160.0/19
69.60.111.0/24
69.64.64.0/20
69.65.0.0/18
69.73.128.0/18
69.93.241.192/27
70.87.208.34
72.18.150.0/23
72.21.32.0/19
72.22.64.0/19
72.29.64.0/19
72.32.0.0/16
72.36.128.0/17
72.36.168.153/29
72.51.32.0/20
72.52.116.40/29
72.52.128.0/17
72.55.128.0/18
72.232.0.0/16
72.233.0.0/17
72.249.32.0/23
74.50.0.0/20
74.50.96.0/19
74.63.64.0/18
74.86.0.0/16
74.124.192.0/24
74.200.192.0/18
74.208.15.0/24
74.208.16.0/24
74.208.64.0/19
77.92.88.0/23
78.46.0.0/15
78.129.208.0/24
79.32.0.0/15
79.135.160.0/19
80.67.25.0/24
80.67.27.0/24
80.69.92.0/25
80.86.80.0/20
80.92.64.0/19
80.237.128.0/17
81.19.183.0/27
81.29.70.0/24
81.169.144.0/20
82.61.0.0/16
82.99.30.0/25
82.165.128.0/17
82.208.60.0/22
83.65.62.0/24
83.149.90.0/24
84.19.176.0/20
85.8.128.0/18
85.10.192.0/18
85.17.0.0/16
85.25.0.0/16
85.88.12.0/24
85.113.224.0/19
85.114.140.0/22
87.106.0.0/16
87.118.64.0/18
87.118.96.0/19
82.165.0.0/16
87.230.0.0/20
87.237.60.64/27
87.253.128.0/19
87.253.176.0/21
88.208.238.0/24
89.138.0.0/16
89.149.192.0/18
89.163.128.0/17
91.121.0.0/16
91.186.0.0/19
91.192.116.0/22
92.48.64.0/18
92.48.65.0/24
92.48.112.64/26
92.56.0.0/16
92.243.8.0/21
94.102.48.0/20
193.164.132.0/23
193.192.58.0/23
193.254.184.0/24
194.116.186.0/23
195.56.55.0/28
195.56.189.32/28
195.225.176.0/22
195.234.171.0/24
195.242.98.0/23
200.63.40.0/22
204.13.64.0/21
205.177.79.0/24
205.178.128.0/18
205.234.96.0/20
205.234.132.0/24
206.51.224.0/20
206.188.0.0/26
206.190.65.128/25
207.58.128.0/18
207.150.188.0/24
207.234.128.0/17
208.53.128.0/18
208.66.68.0/22
208.66.194.160/28
208.71.128.0/22
208.99.192.0/19
208.101.0.0/18
208.109.0.0/16
208.112.107.20
208.184.65.0/24
209.2.34.112/28
209.9.240.0/21
209.25.128.0/17
209.40.192.0/20
209.59.167.50/31
209.66.122.0/24
209.85.0.0/17
209.97.192.0/19
209.126.128.0/17
209.160.0.0/18
209.160.64.0/20
209.163.169.0/24
209.172.32.0/19
209.200.0.0/18
209.205.0.0/18
213.165.64.0/19
213.194.149.0/24
213.225.101.128/27
216.17.96.0/20
216.32.64.0/19
216.93.160.0/19
216.104.37.120/29
216.120.224.0/19
216.180.224.0/19
216.182.224.0/20
216.185.128.0/24
216.242.44.96
216.245.192.0/20
216.255.176.0/20
217.20.208.0/20
217.70.128.0/22
217.70.132.0/23
217.169.46.96/28
217.172.187.0/24
217.197.152.0/24

# Proxy servers and services and hosting companies with proxy server clients, listed by the full CIDR of the hosting company.
61.206.125.0/24
62.171.194.0/23
75.126.0.0/16
80.33.0.0/16
80.58.0.0/16
81.12.0.0/17
83.16.154.152/29
85.10.219.104/29
85.92.130.0/24
85.185.0.0/16
88.198.241.104/29
88.198.252.144/29
145.253.239.8/29
150.188.0.0/15
193.164.131.0/24
194.112.195.202
198.145.112.128/25
198.145.182.0/26
200.30.64.0/20
200.43.108.0/24
200.75.128.0/20
200.126.112.0/20
200.172.222.0/26
200.202.192.0/18
200.210.0.0/16
203.160.0.0/23
207.44.128.0/17
207.210.192.0/18
208.72.159.68
208.110.68.144/29
216.104.32.0/20

# Individual Proxy Server IPs
64.20.205.251
64.202.161.130
66.6.122.130
66.36.230.163
66.37.153.74
66.63.167.166
66.79.162.102
66.212.18.89
69.50.208.74
69.94.124.137
72.55.146.175
72.167.115.164
74.208.16.108
75.175.243.195
76.76.15.73
77.235.40.189
85.92.130.117
88.198.5.220
88.214.192.24
91.186.21.78
206.221.184.108
208.100.20.148

# ThePlanet.com and Everyones Internet; home of many spammers, hackers and trojan horses.
64.5.32.0/19
64.246.0.0/18
66.98.128.0/17
67.15.0.0/16
67.18.0.0/15
69.93.0.0/16
70.84.0.0/14
74.52.0.0/14
75.125.0.0/16
207.44.128.0/17
209.62.0.0/17
216.127.64.0/19

# Rackspace - Hackers, spammers, scammers and phishers
69.20.0.0/17
72.3.128.0/17
72.32.0.0/16
74.205.0.0/17

# Performance Systems International (PSI) (Spies) (entire CIDR = 38.0.0.0/8 - blocking this is not advised)
38.100.41.64/26

# End of file