I haven't been able to find any data service showing the IPs as sources for abuse, just proxy/vpn. Maybe I'm just not looking in the right places. Suggestions for places to check?
I'm usually looking at Cloudflare Radar, CrowdSec, and IP Quality Score. Eric ________________________________ From: Scott Fisher Sent: Thursday, May 15, 2025 7:06 PM To: North American Network Operators Group Cc: Dobbins, Roland; Eric C. Miller Subject: Re: Sudden surge in CGNAT blacklisting Eric, This is a total guess: There has been several takedowns of large residential proxy networks recently which may motivated security vendors to be more aggressive in their identification of known proxy hosts. Some of these proxy networks are more malicious than others that will force websites/shops/banks to deny access to IPs idenitfied to be part of these proxies as well. Thanks, Scott > On May 15, 2025, at 6:45 PM, Dobbins, Roland via NANOG > <nanog@lists.nanog.org> wrote: > > > On May 16, 2025, at 02:34, Eric C. Miller via NANOG <nanog@lists.nanog.org> > wrote: > > We've started accelerating our migration to our ARIN space, but it's still > odd why it's all of a sudden. > > Have some of the folks sitting behind it I’ll-advisedly signed up, or been > involuntarily subsumed into, some of the burgeoning residential proxy > services which are being leveraged by spammers, phishers, credential > stuffers, DDoSers, et. al.? > > There’s a growth in awareness of the threats they represent; & there are > several sessions on this topic at the upcoming NANOG conference. > > -------------------------------------------- > > Roland Dobbins <roland.dobb...@netscout.com> > _______________________________________________ > NANOG mailing list > https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/MHUIGOC4CXM3IXJ64RE7EYLTSUJUPOXC/ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/ATRGGFSLLRVXKLGVPM25RBWSNRTFPWXF/
