Wikipedia:WikiProject on open proxies/Requests

165.85.64.0/22


Reason: Amazon AWB. 165.85.64.0 - 165.85.66.255 are all registered to Amazon AWB, hence the /22 range in this report. BLP disruption caught by filter log. 73.67.145.30 (talk) 16:45, 28 April 2023 (UTC)
 * I've checked the three /24s separately here ( - - ). While the ISP is Amazon, all three ranges are currently allocated to Palo Alto Networks. The first range, 165.85.64.0/24, appears to be used for part of their GlobalProtect VPN service per Spur's data. This seems similar to the McAfee WGCS and Zscaler ranges currently reported on this page, and any hardblock on these ranges would have some collateral on legitimate users. A softblock/Colocationwebhost-soft might be appropriate here. The other two ranges in the /22 seem to be in the same data centre, and don't seem to be part of the same service, but the filter log linked above is from an IP on the third /24 so it clearly has some use somewhere. Not sure what to recommend here, and I've not been able to easily search to see if any other IPs in the range have triggered any filters, though none have any recorded contributions. Sideswipe9th (talk) 18:17, 17 July 2023 (UTC)

209.35.227.0/24


Reason: VPN. Perimeter 81. 73.67.145.30 (talk) 18:43, 15 May 2023 (UTC)
 * ✅ While the range is announced by Perimeter 81, and a large portion of it seems to be empty per Spur and Shodan, there are IP ranges within that are active on Perimeter 81's VPN product. However that product is aimed at businesses, with pricing to match. This seems similar to the Zscaler, McAfee WGCS cases that are also open at present. A softblock on the range might be appropriate however, the one contributor who was active on 15 May 2023 was using an IP that's part of their VPN range. While I've tried to pin down the exact range for just the IPs that are part of their VPN offering, it seems somewhat spread out throughout it with gaps, so it might be more expedient to just block it in its entirety. Flagging this for a 2O though, while we figure out how to handle this particular type of VPN provider. Sideswipe9th (talk) 00:22, 19 July 2023 (UTC)

157.167.128.0/24


Reason: Cloud server/VPN. This is an odd one, because the IP range geolocates to Turkey, and is listed as a VPN network; but most of the edits are to Turkish-related articles. Is this some sort of corporate cloud network? 2601:1C0:4401:F60:8C11:4CC3:7E71:B4CE (talk) 20:54, 13 August 2023 (UTC)


 * My reading is that this is a user or users in Turkey editing via a connection belonging to an enterprise, perhaps a business or a public body, that subscribes to cybersecurity services offered by Forcepoint. It looks to me like a corporate proxy. The contributions suggest a stable connection with largely unproblematic edits and I would not be inclined to take any action at this time. Malcolmxl5 (talk) 02:05, 20 January 2024 (UTC)

192.189.187.125


Reason:Listed ISP is FedEx which is not a legitimate provider, in addition these various FedEx proxy ranges are used by a LTA and extensive sock puppeteer HaughtonBrit to block evade and push tendentious edits in various South Asian topics. Southasianhistorian8 (talk) 21:13, 3 April 2024 (UTC)

57.140.32.8


Seems to be a Menlo Security VPN. Checked using Spur (public version) and IPQualityScore and returned as a VPN. Edit history also indicates that it might be a shared IP. However, other services (shown on IPCheck) indicates that it may not be a proxy. 2NumForIce (speak  &#124; edits) 15:04, 16 May 2024 (UTC)

15.248.0.0/16


Reason: Amazon AWS webhosting services. Recently used for vandalism/disruption. 73.67.145.30 (talk) 15:59, 31 May 2024 (UTC)

136.226.3.95


The range 136.226.0.0/16 was blocked recently. Unfortunately my user account uses a static IP in this range. I use different devices for my editing, but only edit under my account. I also accept if the block will remain in place as it does use ZScaler (an open proxy), but am wondering if an exception could be granted. My account has never been blocked nor have I been under scrutiny for being blocked.

Reason: Requested unblock. Conyo14 (talk) 16:42, 20 June 2024 (UTC)


 * @Conyo14. Consider requesting WP:IPBE. -- Malcolmxl5 (talk) 11:19, 22 June 2024 (UTC)

208.184.210.151


Reason: ipcheck.toolforge.org reports this as a proxy and geolocation data shows it might be a datacenter ☆ Bri (talk) 22:49, 27 June 2024 (UTC)

110.93.85.16 and others

 * (July 2024)
 * (June 2024)

Reason: Questionable beauty pageant editing for some time from IPs in 110.93.85.0/24, and recent use by those noted above; spur reports both belong to a call-back proxy network. ☆ Bri (talk) 19:44, 2 July 2024 (UTC)