Home IP address blacklisted

For a few months, I notice one website that I could not reach from my home network. I made sure that the destination hosts were up and they were. I was able to query them with a SOCKS proxy, and I tried with different clients from my home and every one of them had the same behaviour: the HTTP request timed out.

blacklist 1

Weird behaviour… I noted the website and kept going on with my life. The following months I noticed other websites being subject to the same behaviour. I suspected the DNS server to be a problem (as we all do time to time) since I recently switched to OpenNIC DNS servers. This was not the problem since I was able to translate the unreachable domain using either OpenNIC or Google DNS servers. By looking at the resolved IP addresses, I saw that 3 of the unreachable websites had similar IP addresses, changing only in the /24. We this, I can see that they are all hosted by the same entity, or using the same ISP; either way, there is a similarity between those hosts.


I started to Google for users with problem similar with mine and I landed on a blacklist check page. Turns out, my IP address was listed in a blacklist.


Who could say why my public IP address got there. My friends laughed at me for mistyping a digit in a home lab port scan, which could have caused it to go in the WAN. I am usually pretty careful for this stuff so I do not think that is it. Maybe one client in my LAN is infected and its malicious traffic is the reason for my IP address being blacklisted. Sadly, I may not be able to know because my ISP changed my address (not to my demand) so I have trouble continuing this analysis. But let’s say that I now watch more than enough my monitoring server for suspicious behaviour in my home.