From 69460b61d1ffe50890640a6758f5bc6eedc5edc7 Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 09:50:30 -0800
Subject: [PATCH 1/7] Added sinkhole used for abuseat.org and spamhaus

---
 lists/sinkholes/list.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index ed33eeb..f7337eb 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -36,6 +36,7 @@
     "178.32.140.251",
     "178.79.190.156",
     "183.236.2.18",
+    "184.105.192.2",
     "192.169.69.25",
     "192.42.116.41",
     "193.166.255.171",

From b50769586d75a62bef59d71799e589f53298f6a5 Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 12:50:05 -0800
Subject: [PATCH 2/7] Reverse looking up all these addresses in this range
 mention sinkhole

---
 lists/sinkholes/list.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index f7337eb..f206f3a 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -36,7 +36,7 @@
     "178.32.140.251",
     "178.79.190.156",
     "183.236.2.18",
-    "184.105.192.2",
+    "184.105.192.0/29",
     "192.169.69.25",
     "192.42.116.41",
     "193.166.255.171",

From 09f0c147949d0f9b72635d59951836258d12eb00 Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 12:56:17 -0800
Subject: [PATCH 3/7] 5 of the hosts in this range are also shadowserver
 sinkholes according to their reverse DNS

---
 lists/sinkholes/list.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index f206f3a..0792934 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -66,6 +66,7 @@
     "52.5.245.208",
     "58.158.177.102",
     "64.71.166.50",
+    "66.220.23.112/29",
     "67.215.255.139",
     "74.200.48.169",
     "74.208.15.160",

From 48465b733e95720cc2b5be244d0a89a737517be0 Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 13:42:33 -0800
Subject: [PATCH 4/7] Combine cert.pl range, a significant number of these IPs
 revese lookup to sinkhole.cert.pl.

---
 lists/sinkholes/list.json | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index 0792934..2721fd3 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -20,9 +20,7 @@
     "146.112.61.108",
     "146.112.61.109",
     "146.112.61.110",
-    "148.81.111.111",
-    "148.81.111.114",
-    "148.81.111.91",
+    "148.81.111.0/25",
     "153.234.210.49",
     "162.222.213.197",
     "166.78.144.80",

From c65df599a39081767c96af547ef50b5e452c327e Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 13:46:58 -0800
Subject: [PATCH 5/7] This range all has reverse DNS lookup info pointing to
 sinkholed.by.zinkhole.org.

---
 lists/sinkholes/list.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index 2721fd3..db6cecf 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -27,7 +27,7 @@
     "168.181.184.35",
     "168.62.217.117",
     "173.192.192.10",
-    "176.31.62.76",
+    "176.31.62.76/30",
     "176.58.104.168",
     "178.162.203.202",
     "178.162.203.226",

From 77de13eac05e2bfc74840eaa582ca60cb76ae62b Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 13:50:10 -0800
Subject: [PATCH 6/7] Reverse lookup of this IP shows sinkhole.hyas.com.

---
 lists/sinkholes/list.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index db6cecf..3145090 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -36,6 +36,7 @@
     "183.236.2.18",
     "184.105.192.0/29",
     "192.169.69.25",
+    "192.169.69.26",
     "192.42.116.41",
     "193.166.255.171",
     "195.22.26.192/26",

From 7b26dc4489d37382c5b2ab84857da4529db2b97a Mon Sep 17 00:00:00 2001
From: Drew Middlesworth <drew.middlesworth@gmail.com>
Date: Wed, 17 Nov 2021 13:54:58 -0800
Subject: [PATCH 7/7] sinkhole.fitsec.com revese DNS

---
 lists/sinkholes/list.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lists/sinkholes/list.json b/lists/sinkholes/list.json
index 3145090..7392c40 100644
--- a/lists/sinkholes/list.json
+++ b/lists/sinkholes/list.json
@@ -38,6 +38,7 @@
     "192.169.69.25",
     "192.169.69.26",
     "192.42.116.41",
+    "193.166.255.170",
     "193.166.255.171",
     "195.22.26.192/26",
     "198.61.227.6",