Over 150 of the Worst Spammers, Scrapers and Crackers from 2007

Over the course of each year, I blacklist a considerable number of individual IP addresses. Every day, Perishable Press is hit with countless numbers of spammers, scrapers, crackers and all sorts of other hapless turds. Weekly examinations of my site’s error logs enable me to filter through the chaff and cherry-pick only the most heinous, nefarious attackers for blacklisting. Minor offenses are generally dismissed, but the evil bastards that insist on wasting resources running redundant automated scripts are immediately investigated via IP lookup and denied access via simple htaccess directive:

<Limit GET POST PUT>
	Order allow,deny
	Allow from all
	Deny from 123.456.789
</Limit>

Although many of the worst attacks happen in randomized, zombie-like fashion, I have found that individual IPs that are not blacklisted will return repeatedly until finally blocked. Yet, despite the short-term success enjoyed by denying access to the most malicious IPs, the long-term futility of such blacklisting reflects the temporary nature of this solution. In other words, I have found that blocking individual IPs is useful only for limited periods of time.

Thus, every year, I gather my code and flush the blacklist of all individually blocked IP addresses. I then start fresh, adding the worst villains to the list, blocking entire IP ranges if necessary, and referring to previous versions of my htaccess files to cross-check suspiciously familiar entities. It is within this context, then, that I present the following manually assembled collection of over 150 of the worst spammers, scrapers, and crackers to hit my site in 2007.

The Perishable Press 2007 Individually Blocked IP Blacklist

Note: The following list is presented for reference purposes, and is not necessarily recommended for direct copy & paste application.

# 165 BANISHED FOOLS
<Limit GET POST PUT>
	Order allow,deny
	Allow from all
	
	# RIPE Network
	Deny from 62.141.39.235
	Deny from 62.193.205.210
	Deny from 62.195.238.225
	Deny from 80.97.12.51
	Deny from 80.237.144.80
	Deny from 81.19.151.104
	Deny from 81.92.159.45
	Deny from 81.176.228.30
	Deny from 82.137.216.16
	Deny from 82.141.145.197
	Deny from 82.208.60.42
	Deny from 84.16.224.168
	Deny from 85.198.208.78
	Deny from 88.84.128.164
	Deny from 88.140.83.49
	Deny from 88.191.20.52
	Deny from 88.198.131.54
	Deny from 88.208.228.216
	Deny from 89.149.164.130
	Deny from 89.167.152.110
	Deny from 89.41.67.162
	Deny from 91.75.70.18
	Deny from 91.121.4.205
	Deny from 193.43.36.234
	Deny from 195.175.37.70
	Deny from 195.225.169.73
	Deny from 195.242.192.18
	Deny from 212.40.5.38
	Deny from 212.241.168.186
	Deny from 212.108.128.30
	Deny from 213.114.118.44
	Deny from 213.22.94.50
	Deny from 213.203.204.70
	Deny from 213.229.137.240
	Deny from 217.13.86.17
	Deny from 217.73.200.244
	Deny from 217.156.87.154
	Deny from 79.22.176.145
	Deny from 81.177.22.242
	Deny from 83.223.98.160
	Deny from 86.125.108.159
	Deny from 87.233.135.30
	Deny from 89.97.248.67
	Deny from 161.53.149.3
	Deny from 195.70.36.237
	Deny from 212.51.122.7
	Deny from 213.175.37.194
	Deny from 213.123.128.28
	Deny from 213.189.10.11
	
	# Asia Pacific Network
	Deny from 60.190.243.173
	Deny from 61.47.47.55
	Deny from 125.15.14.3
	Deny from 125.246.52.254
	Deny from 125.246.96.194
	Deny from 125.246.154.66
	Deny from 163.17.190.135
	Deny from 165.228.128.11
	Deny from 165.228.131.11
	Deny from 165.228.131.12
	Deny from 165.228.132.11
	Deny from 196.12.53.9
	Deny from 202.53.12.34
	Deny from 202.70.201.34
	Deny from 203.111.38.130
	Deny from 210.114.222.188
	Deny from 211.76.128.155
	Deny from 211.115.112.28
	Deny from 218.8.129.252
	Deny from 220.227.134.30
	Deny from 221.238.235.159
	Deny from 222.124.147.211
	Deny from 222.174.184.35
	Deny from 125.164.200.157
	Deny from 203.162.1.238
	
	# Latin American and Caribbean IP address Regional Registry
	Deny from 189.11.126.37
	Deny from 200.83.4.4
	Deny from 200.101.66.98
	Deny from 200.105.231.130
	Deny from 200.115.166.2
	Deny from 200.129.43.168
	Deny from 200.102.51.88
	Deny from 201.14.185.159
	Deny from 201.14.190.128
	Deny from 201.24.66.94
	
	# Google Hackers
	Deny from 69.89.21.71
	Deny from 72.232.150.250
	Deny from 208.110.218.138
	Deny from 208.110.218.139
	Deny from 208.110.218.201
	
	# HostDime com Inc
	Deny from 66.7.197.76
	Deny from 72.29.65.97
	Deny from 72.29.66.107
	Deny from 72.29.74.99
	
	# Layered Technologies
	Deny from 72.232.26.34
	Deny from 72.232.83.82
	Deny from 72.233.5.178
	
	# Level 3 Comm
	Deny from 4.79.181.202
	Deny from 8.7.22.195
	
	# Everyones Internet
	Deny from 207.44.234.6
	Deny from 207.44.188.10
	
	# ThePlanet.com Internet Services, Inc.
	Deny from 74.52.158.98
	Deny from 74.53.88.114
	Deny from 70.85.208.66
	Deny from 67.19.192.212
	Deny from 69.93.171.242
	Deny from 70.87.63.234
	
	# BANDWIDTH HOGS
	
	# infolink
	Deny from 69.60.125.233
	
	# ibis pa net
	Deny from 87.192.246.117
	
	# global net access
	Deny from 207.210.105.96
	
	# netdirect net
	Deny from 217.20.115.84
	
	# Managed Solutions
	Deny from 66.79.165.43
	
	# cox comm
	Deny from 72.215.220.52
	
	# time warner
	Deny from 207.67.117.178
	
	# savvis
	Deny from 216.91.52.168
	
	# hollywood interactive
	Deny from 64.27.10.199
	
	# tvcabo
	Deny from 213.22.94.50
	
	# atmlink
	Deny from 216.240.146.118
	
	# hollywood interactive
	Deny from 64.27.13.218
	
	# technix internet
	Deny from 81.223.153.134
	
	# GENERAL IDIOTS
	
	# Performance Systems International Inc
	Deny from 38.99.201.82
	
	# att internet services
	Deny from 70.249.74.134
	
	# CazoodleBot Crawler
	Deny from 72.36.115.56
	
	# mci comm
	Deny from 63.113.69.15
	
	# name intelligence
	Deny from 64.79.200.190
	
	# att
	Deny from 65.69.224.10
	
	# FDC Servers net LLC
	Deny from 67.159.26.63
	
	# fortress itx
	Deny from 69.72.254.194
	
	# Tierzero
	Deny from 208.179.126.38
	
	# bluehost
	Deny from 69.89.21.79
	
	# UUNET Technologies
	Deny from 65.228.131.12
	
	# California Regional Intranet
	Deny from 71.6.196.212
	
	# Allstream Corp Corporation Allstream
	Deny from 66.46.177.240
	
	# 7 plugin tips cracker at Cox Comm
	Deny from 72.215.220.52
	
	# Server Beach
	Deny from 66.135.39.227
	
	# Hostway Corp
	Deny from 64.26.63.10
	
	# Suavemente
	Deny from 66.11.122.72
	
	# GigeNET
	Deny from 69.65.46.207
	
	# Rackspace
	Deny from 67.192.61.246
	
	# Abacus America
	Deny from 69.64.77.25
	
	# Textdrive
	Deny from 207.7.108.203
	
	# Net Access Corp 
	Deny from 209.123.207.130
	
	# Colo4Dallas LP COLO4 BLK2
	Deny from 72.249.45.76
	
	# Electric Lightwave Inc
	Deny from 70.103.251.5
	
	# XO Communications
	Deny from 65.44.66.100
	
	# Staminus Communications
	Deny from 72.20.4.66
	
	# HopOne Internet Corporation
	Deny from 66.235.180.189
	
	# African Network
	Deny from 196.40.106.216
	
	# Novacon
	Deny from 64.27.143.218
	
	# B2B2C Inc 
	Deny from 66.158.134.10
	
	# Charter Communications
	Deny from 71.13.68.206
	
	# Groupe iWeb Technologies inc.
	Deny from 72.55.156.153
	
	# Peer 1 Network Inc.
	Deny from 72.51.42.202
	
	# Groupe iWeb Technologies inc.
	Deny from 72.55.148.27
	
	# dyn.user.ono.com
	Deny from 82.158.142.161
	
	# Sprint
	Deny from 144.226.173.68
	
	# J.E.D.I. Network
	Deny from 199.233.91.129
	
	# FDC Servers.net, LLC
	Deny from 208.53.147.60
	
	# Websense, Inc
	Deny from 208.80.193.39
	
	# Net Access Corporation
	Deny from 216.118.97.226
	
	# Speedfox, Inc
	Deny from 216.177.128.128
	
	# Logix Communications
	Deny from 216.215.70.242
	
	# Netfire.com
	Deny from 69.12.121.5
	
	# Phatservers.net
	Deny from 216.17.101.126
</Limit>

More security tips and tricks on the way. Stay tuned!

About the Author

Jeff Starr = Web Developer. Security Specialist. WordPress Buff.