iplists.firehol.org
Open in
urlscan Pro
2a06:98c1:3120::c
Public Scan
URL:
http://iplists.firehol.org/
Submission: On September 02 via manual from IT — Scanned from NL
Submission: On September 02 via manual from IT — Scanned from NL
Form analysis 1 forms found in the DOM
<form id="search_form" class="navbar-form navbar-left navbar-input-group " role="search">
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><span class="glyphicon glyphicon-search"></span></span>
<span class="twitter-typeahead" style="position: relative; display: inline-block;"><input class="form-control typeahead tt-hint" type="text"
style="width: 290px; position: absolute; top: 0px; left: 0px; border-color: transparent; box-shadow: none; opacity: 1; background: none 0% 0% / auto repeat scroll padding-box border-box rgb(255, 255, 255);" readonly="" autocomplete="off"
spellcheck="false" tabindex="-1" dir="ltr"><input id="search_input" class="form-control typeahead tt-input" type="text" placeholder="search 369 IP lists, by name or maintainer"
style="width: 290px; position: relative; vertical-align: top; background-color: transparent;" autocomplete="off" spellcheck="false" dir="auto">
<pre aria-hidden="true"
style="position: absolute; visibility: hidden; white-space: pre; font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; font-size: 14px; font-style: normal; font-variant: normal; font-weight: 400; word-spacing: 0px; letter-spacing: 0px; text-indent: 0px; text-rendering: auto; text-transform: none;"></pre>
<div class="tt-menu" style="position: absolute; top: 100%; left: 0px; z-index: 100; display: none;">
<div class="tt-dataset tt-dataset-search_ipsets"></div>
</div>
</span>
</div>
</div>
</form>Text Content
Toggle navigation FireHOL IP Lists
* Home
* About
* About
* Evolution
* Map
* Age
* Retention
* Overlaps
* Comments
* Wiki new!
*
* All Lists
* alienvault_reputation
* anonymous
* asprox_c2
* bambenek_banjori
* bambenek_bebloh
* bambenek_c2
* bambenek_cl
* bambenek_cryptowall
* bambenek_dircrypt
* bambenek_dyre
* bambenek_geodo
* bambenek_hesperbot
* bambenek_matsnu
* bambenek_necurs
* bambenek_p2pgoz
* bambenek_pushdo
* bambenek_pykspa
* bambenek_qakbot
* bambenek_ramnit
* bambenek_ranbyus
* bambenek_simda
* bambenek_suppobox
* bambenek_symmi
* bambenek_tinba
* bambenek_volatile
* bbcan177_ms1
* bbcan177_ms3
* bds_atif
* bitcoin_nodes
* bitcoin_nodes_1d
* bitcoin_nodes_30d
* bitcoin_nodes_7d
* blocklist_de
* blocklist_de_apache
* blocklist_de_bots
* blocklist_de_bruteforce
* blocklist_de_ftp
* blocklist_de_imap
* blocklist_de_mail
* blocklist_de_sip
* blocklist_de_ssh
* blocklist_de_strongips
* blocklist_net_ua
* blueliv_crimeserver_last
* blueliv_crimeserver_last_1d
* blueliv_crimeserver_last_2d
* blueliv_crimeserver_last_30d
* blueliv_crimeserver_last_7d
* blueliv_crimeserver_online
* blueliv_crimeserver_recent
* bogons
* botscout
* botscout_1d
* botscout_30d
* botscout_7d
* botvrij_dst
* botvrij_src
* bruteforceblocker
* ciarmy
* cidr_report_bogons
* cleantalk
* cleantalk_1d
* cleantalk_30d
* cleantalk_7d
* cleantalk_new
* cleantalk_new_1d
* cleantalk_new_30d
* cleantalk_new_7d
* cleantalk_top20
* cleantalk_updated
* cleantalk_updated_1d
* cleantalk_updated_30d
* cleantalk_updated_7d
* coinbl_hosts
* coinbl_hosts_browser
* coinbl_hosts_optional
* coinbl_ips
* cruzit_web_attacks
* cta_cryptowall
* cybercrime
* darklist_de
* datacenters
* dataplane_dnsrd
* dataplane_dnsrdany
* dataplane_dnsversion
* dataplane_sipinvitation
* dataplane_sipquery
* dataplane_sipregistration
* dataplane_sshclient
* dataplane_sshpwauth
* dataplane_vncrfb
* dm_tor
* dronebl_anonymizers
* dronebl_auto_botnets
* dronebl_autorooting_worms
* dronebl_compromised
* dronebl_ddos_drones
* dronebl_dns_mx_on_irc
* dronebl_irc_drones
* dronebl_unknown
* dronebl_worms_bots
* dshield
* dshield_1d
* dshield_30d
* dshield_7d
* dshield_top_1000
* dyndns_ponmocup
* esentire_14072015_com
* esentire_14072015q_com
* esentire_22072014a_com
* esentire_22072014b_com
* esentire_22072014c_com
* esentire_atomictrivia_ru
* esentire_auth_update_ru
* esentire_burmundisoul_ru
* esentire_crazyerror_su
* esentire_dagestanskiiviskis_ru
* esentire_differentia_ru
* esentire_disorderstatus_ru
* esentire_dorttlokolrt_com
* esentire_downs1_ru
* esentire_ebankoalalusys_ru
* esentire_emptyarray_ru
* esentire_fioartd_com
* esentire_getarohirodrons_com
* esentire_hasanhashsde_ru
* esentire_inleet_ru
* esentire_islamislamdi_ru
* esentire_krnqlwlplttc_com
* esentire_maddox1_ru
* esentire_manning1_ru
* esentire_misteryherson_ru
* esentire_mysebstarion_ru
* esentire_smartfoodsglutenfree_kz
* esentire_venerologvasan93_ru
* esentire_volaya_ru
* et_block
* et_botcc
* et_compromised
* et_dshield
* et_spamhaus
* et_tor
* feodo
* feodo_badips
* firehol_abusers_1d
* firehol_abusers_30d
* firehol_anonymous
* firehol_level1
* firehol_level2
* firehol_level3
* firehol_level4
* firehol_proxies
* firehol_webclient
* firehol_webserver
* fullbogons
* gpf_comics
* graphiclineweb
* greensnow
* haley_ssh
* hphosts_ats
* hphosts_emd
* hphosts_exp
* hphosts_fsa
* hphosts_grm
* hphosts_hfs
* hphosts_hjk
* hphosts_mmt
* hphosts_pha
* hphosts_psh
* hphosts_wrz
* iblocklist_abuse_palevo
* iblocklist_abuse_spyeye
* iblocklist_abuse_zeus
* iblocklist_ads
* iblocklist_badpeers
* iblocklist_bogons
* iblocklist_ciarmy_malicious
* iblocklist_cidr_report_bogons
* iblocklist_cruzit_web_attacks
* iblocklist_dshield
* iblocklist_edu
* iblocklist_exclusions
* iblocklist_fornonlancomputers
* iblocklist_forumspam
* iblocklist_hijacked
* iblocklist_iana_multicast
* iblocklist_iana_private
* iblocklist_iana_reserved
* iblocklist_isp_aol
* iblocklist_isp_att
* iblocklist_isp_cablevision
* iblocklist_isp_charter
* iblocklist_isp_comcast
* iblocklist_isp_embarq
* iblocklist_isp_qwest
* iblocklist_isp_sprint
* iblocklist_isp_suddenlink
* iblocklist_isp_twc
* iblocklist_isp_verizon
* iblocklist_level1
* iblocklist_level2
* iblocklist_level3
* iblocklist_malc0de
* iblocklist_onion_router
* iblocklist_org_activision
* iblocklist_org_apple
* iblocklist_org_blizzard
* iblocklist_org_crowd_control
* iblocklist_org_electronic_arts
* iblocklist_org_joost
* iblocklist_org_linden_lab
* iblocklist_org_logmein
* iblocklist_org_microsoft
* iblocklist_org_ncsoft
* iblocklist_org_nintendo
* iblocklist_org_pandora
* iblocklist_org_pirate_bay
* iblocklist_org_punkbuster
* iblocklist_org_riot_games
* iblocklist_org_sony_online
* iblocklist_org_square_enix
* iblocklist_org_steam
* iblocklist_org_ubisoft
* iblocklist_org_xfire
* iblocklist_pedophiles
* iblocklist_proxies
* iblocklist_rangetest
* iblocklist_spamhaus_drop
* iblocklist_spider
* iblocklist_spyware
* iblocklist_webexploit
* iblocklist_yoyo_adservers
* ip2proxy_px1lite
* ipblacklistcloud_recent
* ipblacklistcloud_recent_1d
* ipblacklistcloud_recent_30d
* ipblacklistcloud_recent_7d
* ipblacklistcloud_top
* iw_spamlist
* iw_wormlist
* lashback_ubl
* malc0de
* malwaredomainlist
* maxmind_proxy_fraud
* myip
* nixspam
* normshield_all_attack
* normshield_all_bruteforce
* normshield_all_ddosbot
* normshield_all_dnsscan
* normshield_all_spam
* normshield_all_suspicious
* normshield_all_wannacry
* normshield_all_webscan
* normshield_all_wormscan
* normshield_high_attack
* normshield_high_bruteforce
* normshield_high_ddosbot
* normshield_high_dnsscan
* normshield_high_spam
* normshield_high_suspicious
* normshield_high_wannacry
* normshield_high_webscan
* normshield_high_wormscan
* nt_malware_dns
* nt_malware_http
* nt_malware_irc
* nt_ssh_7d
* nullsecure
* packetmail
* packetmail_emerging_ips
* packetmail_mail
* packetmail_ramnode
* php_commenters
* php_commenters_1d
* php_commenters_30d
* php_commenters_7d
* php_dictionary
* php_dictionary_1d
* php_dictionary_30d
* php_dictionary_7d
* php_harvesters
* php_harvesters_1d
* php_harvesters_30d
* php_harvesters_7d
* php_spammers
* php_spammers_1d
* php_spammers_30d
* php_spammers_7d
* proxylists
* proxylists_1d
* proxylists_30d
* proxylists_7d
* proxz
* proxz_1d
* proxz_30d
* proxz_7d
* pushing_inertia_blocklist
* ransomware_cryptowall_ps
* ransomware_feed
* ransomware_locky_c2
* ransomware_locky_ps
* ransomware_online
* ransomware_rw
* ransomware_teslacrypt_ps
* ransomware_torrentlocker_c2
* ransomware_torrentlocker_ps
* satellite
* sblam
* shunlist
* snort_ipfilter
* socks_proxy
* socks_proxy_1d
* socks_proxy_30d
* socks_proxy_7d
* sorbs_anonymizers
* sorbs_dul
* sorbs_escalations
* sorbs_new_spam
* sorbs_noserver
* sorbs_recent_spam
* sorbs_smtp
* sorbs_web
* sorbs_zombie
* spamhaus_drop
* spamhaus_edrop
* sslbl
* sslbl_aggressive
* sslproxies
* sslproxies_1d
* sslproxies_30d
* sslproxies_7d
* stopforumspam
* stopforumspam_180d
* stopforumspam_1d
* stopforumspam_30d
* stopforumspam_365d
* stopforumspam_7d
* stopforumspam_90d
* stopforumspam_toxic
* taichung
* talosintel_ipfilter
* threatcrowd
* tor_exits
* tor_exits_1d
* tor_exits_30d
* tor_exits_7d
* turris_greylist
* urandomusto_dns
* urandomusto_ftp
* urandomusto_http
* urandomusto_mailer
* urandomusto_ntp
* urandomusto_rdp
* urandomusto_smb
* urandomusto_ssh
* urandomusto_telnet
* urandomusto_unspecified
* urandomusto_vnc
* urlvir
* uscert_hidden_cobra
* voipbl
* vxvault
* xforce_bccs
* xroxy
* xroxy_1d
* xroxy_30d
* xroxy_7d
* yoyo_adservers
* Links
* FireHOL Sites
* FireHOL Home
* IPSet Files in GitHub
*
* Interesting Articles
* Threat Intelligence is Not Intellectual Property
*
* Other IP Blacklist Aggregators
* Valli MultiRBL DNSBL Checker
* CriticalStack Intel Marketplace
*
* Global Real Time Threat Monitors
* LookingGlass, Global Botnet Infections
* Google, Malware Distribution
* Google, Digital Attack Map
* FireEye, Threat Map
* Kaspersky, Cyber Warfare Real Time Map
* Deutche Telekom, Security Tachometer
* Akamai, Real Time Web Attacks Monitor
* Norse, IpViking Live Map
* Trend Micro, Global Botnet Threat Activity Map
* F-Secure, Globe
ALL CYBERCRIME IP FEEDS BY FIREHOL
This site analyses all available security IP Feeds, mainly related to on-line
attacks, on-line service abuse, malwares, botnets, command and control servers
and other cybercrime activities.
Scroll down! The main menu is several pages long...
Discuss about this site!
Have you seen netdata?
Do you like this site? Help us make it better.
OVERVIEW OF FIREHOL_LEVEL1
namefirehol_level1 categoryattacks maintainerFireHOL IP familyipv4
ipset hashhash:net ipset entries2,360 min: 2,360 max: 2,549
unique IPs614,479,616 min: 614,479,616 max: 615,780,864 source(not a url)
local copydownload local copy changesetsgithub commit log check
frequency1 minute average update
frequency4 hours and 33 minutes aggregationnone fetch errorsnone monitoring
sinceFri Jun 19 2015 07:26:23 GMT+0000 (GMT)
(2632 days and 4 minutes ago)
last time
updated
by its maintainersThu Sep 01 2022 22:40:37 GMT+0000 (GMT)
(8 hours and 49 minutes ago)
last time
processed
by usThu Sep 01 2022 23:24:21 GMT+0000 (GMT)
(8 hours and 6 minutes ago)
last time
we checkedThu Sep 01 2022 23:24:21 GMT+0000 (GMT)
(8 hours and 6 minutes ago)
Found a bug? Search issues
--------------------------------------------------------------------------------
ALL IP LISTS MONITORED
* By Category
* By Maintainer
* Alphabetically
older alienvault_reputation
older anonymous
older errors asprox_c2
older errors bambenek_banjori
older errors bambenek_bebloh
older errors bambenek_c2
older errors bambenek_cl
older errors bambenek_cryptowall
older errors bambenek_dircrypt
older errors bambenek_dyre
older errors bambenek_geodo
older errors bambenek_hesperbot
older errors bambenek_matsnu
older errors bambenek_necurs
older errors bambenek_p2pgoz
older errors bambenek_pushdo
older errors bambenek_pykspa
older errors bambenek_qakbot
older errors bambenek_ramnit
older errors bambenek_ranbyus
older errors bambenek_simda
older errors bambenek_suppobox
older errors bambenek_symmi
older errors bambenek_tinba
older errors bambenek_volatile
older bbcan177_ms1
older bbcan177_ms3
this hour bds_atif
now bitcoin_nodes
now bitcoin_nodes_1d
now bitcoin_nodes_30d
now bitcoin_nodes_7d
this hour blocklist_de
this hour blocklist_de_apache
this hour blocklist_de_bots
this hour blocklist_de_bruteforce
this hour blocklist_de_ftp
this hour blocklist_de_imap
this hour blocklist_de_mail
this hour blocklist_de_sip
this hour blocklist_de_ssh
this hour blocklist_de_strongips
now blocklist_net_ua
older errors blueliv_crimeserver_last
older blueliv_crimeserver_last_1d
older blueliv_crimeserver_last_2d
older blueliv_crimeserver_last_30d
older blueliv_crimeserver_last_7d
older errors blueliv_crimeserver_online
older errors blueliv_crimeserver_recent
older bogons
now botscout
now botscout_1d
now botscout_30d
now botscout_7d
older botvrij_dst
older botvrij_src
older errors bruteforceblocker
this hour ciarmy
older errors cidr_report_bogons
today cleantalk
today cleantalk_1d
today cleantalk_30d
today cleantalk_7d
today errors cleantalk_new
today cleantalk_new_1d
today cleantalk_new_30d
today cleantalk_new_7d
this week cleantalk_top20
today errors cleantalk_updated
today cleantalk_updated_1d
today cleantalk_updated_30d
today cleantalk_updated_7d
older coinbl_hosts
older coinbl_hosts_browser
older coinbl_hosts_optional
older errors coinbl_ips
today cruzit_web_attacks
older cta_cryptowall
today cybercrime
this week errors darklist_de
older datacenters
older errors dataplane_dnsrd
older errors dataplane_dnsrdany
older errors dataplane_dnsversion
older errors dataplane_sipinvitation
older errors dataplane_sipquery
older errors dataplane_sipregistration
older errors dataplane_sshclient
older errors dataplane_sshpwauth
older errors dataplane_vncrfb
this hour dm_tor
now dronebl_anonymizers
older dronebl_auto_botnets
older dronebl_autorooting_worms
this week dronebl_compromised
older dronebl_ddos_drones
older dronebl_dns_mx_on_irc
today dronebl_irc_drones
older dronebl_unknown
today dronebl_worms_bots
today dshield
today dshield_1d
today dshield_30d
today dshield_7d
older dshield_top_1000
today dyndns_ponmocup
older esentire_14072015_com
older esentire_14072015q_com
older esentire_22072014a_com
older esentire_22072014b_com
older esentire_22072014c_com
older esentire_atomictrivia_ru
older esentire_auth_update_ru
older esentire_burmundisoul_ru
older esentire_crazyerror_su
older esentire_dagestanskiiviskis_ru
older esentire_differentia_ru
older esentire_disorderstatus_ru
older esentire_dorttlokolrt_com
older esentire_downs1_ru
older esentire_ebankoalalusys_ru
older esentire_emptyarray_ru
older esentire_fioartd_com
older esentire_getarohirodrons_com
older esentire_hasanhashsde_ru
older esentire_inleet_ru
older esentire_islamislamdi_ru
older esentire_krnqlwlplttc_com
older esentire_maddox1_ru
older esentire_manning1_ru
older esentire_misteryherson_ru
older esentire_mysebstarion_ru
older esentire_smartfoodsglutenfree_kz
older esentire_venerologvasan93_ru
older esentire_volaya_ru
this week et_block
older et_botcc
this week et_compromised
this week et_dshield
this week et_spamhaus
this week et_tor
older feodo
older feodo_badips
now firehol_abusers_1d
4 hours firehol_abusers_30d
now firehol_anonymous
today firehol_level1
now firehol_level2
this hour firehol_level3
now firehol_level4
now firehol_proxies
today firehol_webclient
4 hours firehol_webserver
today fullbogons
older errors gpf_comics
older graphiclineweb
now greensnow
this hour haley_ssh
older errors hphosts_ats
older errors hphosts_emd
older errors hphosts_exp
older errors hphosts_fsa
older errors hphosts_grm
older errors hphosts_hfs
older errors hphosts_hjk
older errors hphosts_mmt
older errors hphosts_pha
older errors hphosts_psh
older errors hphosts_wrz
older iblocklist_abuse_palevo
older iblocklist_abuse_spyeye
older iblocklist_abuse_zeus
4 hours iblocklist_ads
older iblocklist_badpeers
older iblocklist_bogons
today iblocklist_ciarmy_malicious
today iblocklist_cidr_report_bogons
today iblocklist_cruzit_web_attacks
older iblocklist_dshield
today iblocklist_edu
older iblocklist_exclusions
older iblocklist_fornonlancomputers
older iblocklist_forumspam
older iblocklist_hijacked
older iblocklist_iana_multicast
older iblocklist_iana_private
older iblocklist_iana_reserved
older iblocklist_isp_aol
older iblocklist_isp_att
older iblocklist_isp_cablevision
older iblocklist_isp_charter
older iblocklist_isp_comcast
older iblocklist_isp_embarq
older iblocklist_isp_qwest
older iblocklist_isp_sprint
older iblocklist_isp_suddenlink
older iblocklist_isp_twc
older iblocklist_isp_verizon
today iblocklist_level1
4 hours iblocklist_level2
this week iblocklist_level3
older iblocklist_malc0de
today iblocklist_onion_router
older iblocklist_org_activision
older iblocklist_org_apple
older iblocklist_org_blizzard
older iblocklist_org_crowd_control
older iblocklist_org_electronic_arts
older iblocklist_org_joost
older iblocklist_org_linden_lab
older iblocklist_org_logmein
older iblocklist_org_microsoft
older iblocklist_org_ncsoft
older iblocklist_org_nintendo
older iblocklist_org_pandora
older iblocklist_org_pirate_bay
older iblocklist_org_punkbuster
older iblocklist_org_riot_games
older iblocklist_org_sony_online
older iblocklist_org_square_enix
older iblocklist_org_steam
older iblocklist_org_ubisoft
older iblocklist_org_xfire
older iblocklist_pedophiles
older iblocklist_proxies
older iblocklist_rangetest
older iblocklist_spamhaus_drop
older iblocklist_spider
today iblocklist_spyware
older iblocklist_webexploit
this week iblocklist_yoyo_adservers
today ip2proxy_px1lite
older ipblacklistcloud_recent
older ipblacklistcloud_recent_1d
older ipblacklistcloud_recent_30d
older ipblacklistcloud_recent_7d
older ipblacklistcloud_top
older errors iw_spamlist
older errors iw_wormlist
older errors lashback_ubl
older errors malc0de
older errors malwaredomainlist
older maxmind_proxy_fraud
4 hours myip
older errors nixspam
older normshield_all_attack
older normshield_all_bruteforce
older normshield_all_ddosbot
older normshield_all_dnsscan
older normshield_all_spam
older normshield_all_suspicious
older normshield_all_wannacry
older normshield_all_webscan
older normshield_all_wormscan
older normshield_high_attack
older normshield_high_bruteforce
older normshield_high_ddosbot
older normshield_high_dnsscan
older normshield_high_spam
older normshield_high_suspicious
older normshield_high_wannacry
older normshield_high_webscan
older normshield_high_wormscan
older errors nt_malware_dns
older errors nt_malware_http
older errors nt_malware_irc
older errors nt_ssh_7d
older errors nullsecure
older errors packetmail
older errors packetmail_emerging_ips
older errors packetmail_mail
older errors packetmail_ramnode
4 hours php_commenters
4 hours php_commenters_1d
4 hours php_commenters_30d
4 hours php_commenters_7d
today php_dictionary
today php_dictionary_1d
today php_dictionary_30d
today php_dictionary_7d
today php_harvesters
today php_harvesters_1d
today php_harvesters_30d
today php_harvesters_7d
today php_spammers
today php_spammers_1d
today php_spammers_30d
today php_spammers_7d
older proxylists
older proxylists_1d
older proxylists_30d
older proxylists_7d
older proxz
older proxz_1d
older proxz_30d
older proxz_7d
older pushing_inertia_blocklist
older errors ransomware_cryptowall_ps
older errors ransomware_feed
older errors ransomware_locky_c2
older errors ransomware_locky_ps
older ransomware_online
older errors ransomware_rw
older errors ransomware_teslacrypt_ps
older errors ransomware_torrentlocker_c2
older errors ransomware_torrentlocker_ps
older satellite
older errors sblam
older errors shunlist
older errors snort_ipfilter
this hour socks_proxy
this hour socks_proxy_1d
this hour socks_proxy_30d
this hour socks_proxy_7d
older sorbs_anonymizers
older sorbs_dul
older sorbs_escalations
older sorbs_new_spam
older sorbs_noserver
older sorbs_recent_spam
older sorbs_smtp
older sorbs_web
older sorbs_zombie
today spamhaus_drop
this week spamhaus_edrop
older sslbl
older sslbl_aggressive
now sslproxies
4 hours sslproxies_1d
4 hours sslproxies_30d
this hour sslproxies_7d
today stopforumspam
today stopforumspam_180d
this hour stopforumspam_1d
this hour stopforumspam_30d
4 hours stopforumspam_365d
today stopforumspam_7d
4 hours stopforumspam_90d
older stopforumspam_toxic
older errors taichung
older errors talosintel_ipfilter
older threatcrowd
older errors tor_exits
older tor_exits_1d
older tor_exits_30d
older tor_exits_7d
older errors turris_greylist
older errors urandomusto_dns
older errors urandomusto_ftp
older errors urandomusto_http
older errors urandomusto_mailer
older errors urandomusto_ntp
older errors urandomusto_rdp
older errors urandomusto_smb
older errors urandomusto_ssh
older errors urandomusto_telnet
older errors urandomusto_unspecified
older errors urandomusto_vnc
older errors urlvir
older errors uscert_hidden_cobra
4 hours voipbl
this week vxvault
older xforce_bccs
this hour xroxy
this hour xroxy_1d
4 hours xroxy_30d
4 hours xroxy_7d
older errors yoyo_adservers
ABUSE
now blocklist_net_ua
now botscout
now botscout_1d
now botscout_30d
now botscout_7d
today cleantalk
today cleantalk_1d
today cleantalk_30d
today cleantalk_7d
today errors cleantalk_new
today cleantalk_new_1d
today cleantalk_new_30d
today cleantalk_new_7d
this week cleantalk_top20
today errors cleantalk_updated
today cleantalk_updated_1d
today cleantalk_updated_30d
today cleantalk_updated_7d
today dronebl_irc_drones
now firehol_abusers_1d
4 hours firehol_abusers_30d
older errors gpf_comics
older graphiclineweb
older errors hphosts_hfs
older iblocklist_forumspam
older ipblacklistcloud_recent
older ipblacklistcloud_recent_1d
older ipblacklistcloud_recent_30d
older ipblacklistcloud_recent_7d
older ipblacklistcloud_top
4 hours myip
older normshield_all_suspicious
older normshield_high_suspicious
older errors sblam
today stopforumspam
today stopforumspam_180d
this hour stopforumspam_1d
this hour stopforumspam_30d
4 hours stopforumspam_365d
today stopforumspam_7d
4 hours stopforumspam_90d
older stopforumspam_toxic
--------------------------------------------------------------------------------
ANONYMIZERS
this hour dm_tor
now dronebl_anonymizers
this week et_tor
now firehol_anonymous
now firehol_proxies
today iblocklist_onion_router
older iblocklist_proxies
today ip2proxy_px1lite
older maxmind_proxy_fraud
older proxylists
older proxylists_1d
older proxylists_30d
older proxylists_7d
older proxz
older proxz_1d
older proxz_30d
older proxz_7d
this hour socks_proxy
this hour socks_proxy_1d
this hour socks_proxy_30d
this hour socks_proxy_7d
now sslproxies
4 hours sslproxies_1d
4 hours sslproxies_30d
this hour sslproxies_7d
older errors tor_exits
older tor_exits_1d
older tor_exits_30d
older tor_exits_7d
this hour xroxy
this hour xroxy_1d
4 hours xroxy_30d
4 hours xroxy_7d
--------------------------------------------------------------------------------
ATTACKS
this hour blocklist_de
this hour blocklist_de_apache
this hour blocklist_de_bots
this hour blocklist_de_bruteforce
this hour blocklist_de_ftp
this hour blocklist_de_imap
this hour blocklist_de_mail
this hour blocklist_de_sip
this hour blocklist_de_ssh
this hour blocklist_de_strongips
older errors blueliv_crimeserver_last
older blueliv_crimeserver_last_1d
older blueliv_crimeserver_last_2d
older blueliv_crimeserver_last_30d
older blueliv_crimeserver_last_7d
older errors blueliv_crimeserver_online
older errors blueliv_crimeserver_recent
older botvrij_dst
older botvrij_src
older errors bruteforceblocker
today cruzit_web_attacks
this week errors darklist_de
older errors dataplane_dnsrd
older errors dataplane_dnsrdany
older errors dataplane_dnsversion
older errors dataplane_sipinvitation
older errors dataplane_sipquery
older errors dataplane_sipregistration
older errors dataplane_sshclient
older errors dataplane_sshpwauth
older errors dataplane_vncrfb
older dronebl_autorooting_worms
this week dronebl_compromised
older dronebl_ddos_drones
today dshield
today dshield_1d
today dshield_30d
today dshield_7d
older dshield_top_1000
this week et_block
this week et_compromised
this week et_dshield
this week et_spamhaus
today firehol_level1
now firehol_level2
this hour firehol_level3
now firehol_level4
4 hours firehol_webserver
now greensnow
this hour haley_ssh
today iblocklist_cruzit_web_attacks
older iblocklist_dshield
older iblocklist_hijacked
older iblocklist_spamhaus_drop
older normshield_all_attack
older normshield_all_bruteforce
older normshield_all_ddosbot
older normshield_all_dnsscan
older normshield_all_webscan
older normshield_high_attack
older normshield_high_bruteforce
older normshield_high_ddosbot
older normshield_high_dnsscan
older normshield_high_webscan
older errors nt_malware_dns
older errors nt_malware_http
older errors nt_malware_irc
older errors nt_ssh_7d
older errors shunlist
older errors snort_ipfilter
older errors taichung
older errors talosintel_ipfilter
older errors urandomusto_dns
older errors urandomusto_ftp
older errors urandomusto_http
older errors urandomusto_ntp
older errors urandomusto_rdp
older errors urandomusto_smb
older errors urandomusto_ssh
older errors urandomusto_telnet
older errors urandomusto_unspecified
older errors urandomusto_vnc
older errors uscert_hidden_cobra
4 hours voipbl
--------------------------------------------------------------------------------
GEOLOCATION
older anonymous
older satellite
--------------------------------------------------------------------------------
MALWARE
older errors asprox_c2
older errors bambenek_banjori
older errors bambenek_bebloh
older errors bambenek_c2
older errors bambenek_cl
older errors bambenek_cryptowall
older errors bambenek_dircrypt
older errors bambenek_dyre
older errors bambenek_geodo
older errors bambenek_hesperbot
older errors bambenek_matsnu
older errors bambenek_necurs
older errors bambenek_p2pgoz
older errors bambenek_pushdo
older errors bambenek_pykspa
older errors bambenek_qakbot
older errors bambenek_ramnit
older errors bambenek_ranbyus
older errors bambenek_simda
older errors bambenek_suppobox
older errors bambenek_symmi
older errors bambenek_tinba
older errors bambenek_volatile
older bbcan177_ms1
older bbcan177_ms3
older cta_cryptowall
today cybercrime
today dronebl_worms_bots
today dyndns_ponmocup
older esentire_14072015_com
older esentire_14072015q_com
older esentire_22072014a_com
older esentire_22072014b_com
older esentire_22072014c_com
older esentire_atomictrivia_ru
older esentire_auth_update_ru
older esentire_burmundisoul_ru
older esentire_crazyerror_su
older esentire_dagestanskiiviskis_ru
older esentire_differentia_ru
older esentire_disorderstatus_ru
older esentire_dorttlokolrt_com
older esentire_downs1_ru
older esentire_ebankoalalusys_ru
older esentire_emptyarray_ru
older esentire_fioartd_com
older esentire_getarohirodrons_com
older esentire_hasanhashsde_ru
older esentire_inleet_ru
older esentire_islamislamdi_ru
older esentire_krnqlwlplttc_com
older esentire_maddox1_ru
older esentire_manning1_ru
older esentire_misteryherson_ru
older esentire_mysebstarion_ru
older esentire_smartfoodsglutenfree_kz
older esentire_venerologvasan93_ru
older esentire_volaya_ru
older feodo
older feodo_badips
today firehol_webclient
older errors hphosts_emd
older errors hphosts_exp
older errors hphosts_hjk
older iblocklist_abuse_palevo
older iblocklist_abuse_spyeye
older iblocklist_abuse_zeus
older iblocklist_malc0de
older errors malc0de
older errors malwaredomainlist
older normshield_all_wannacry
older normshield_all_wormscan
older normshield_high_wannacry
older normshield_high_wormscan
older errors ransomware_cryptowall_ps
older errors ransomware_feed
older errors ransomware_locky_c2
older errors ransomware_locky_ps
older ransomware_online
older errors ransomware_rw
older errors ransomware_teslacrypt_ps
older errors ransomware_torrentlocker_c2
older errors ransomware_torrentlocker_ps
older sslbl
older sslbl_aggressive
older threatcrowd
older errors urlvir
this week vxvault
older xforce_bccs
--------------------------------------------------------------------------------
ORGANIZATIONS
now bitcoin_nodes
now bitcoin_nodes_1d
now bitcoin_nodes_30d
now bitcoin_nodes_7d
older coinbl_hosts
older coinbl_hosts_browser
older coinbl_hosts_optional
older errors coinbl_ips
older datacenters
older errors hphosts_ats
4 hours iblocklist_ads
today iblocklist_edu
older iblocklist_isp_aol
older iblocklist_isp_att
older iblocklist_isp_cablevision
older iblocklist_isp_charter
older iblocklist_isp_comcast
older iblocklist_isp_embarq
older iblocklist_isp_qwest
older iblocklist_isp_sprint
older iblocklist_isp_suddenlink
older iblocklist_isp_twc
older iblocklist_isp_verizon
older iblocklist_org_activision
older iblocklist_org_apple
older iblocklist_org_blizzard
older iblocklist_org_crowd_control
older iblocklist_org_electronic_arts
older iblocklist_org_joost
older iblocklist_org_linden_lab
older iblocklist_org_logmein
older iblocklist_org_microsoft
older iblocklist_org_ncsoft
older iblocklist_org_nintendo
older iblocklist_org_pandora
older iblocklist_org_pirate_bay
older iblocklist_org_punkbuster
older iblocklist_org_riot_games
older iblocklist_org_sony_online
older iblocklist_org_square_enix
older iblocklist_org_steam
older iblocklist_org_ubisoft
older iblocklist_org_xfire
this week iblocklist_yoyo_adservers
older errors yoyo_adservers
--------------------------------------------------------------------------------
REPUTATION
older alienvault_reputation
this hour bds_atif
this hour ciarmy
older dronebl_auto_botnets
older dronebl_dns_mx_on_irc
older dronebl_unknown
older et_botcc
older errors hphosts_fsa
older errors hphosts_mmt
older errors hphosts_pha
older errors hphosts_psh
older errors hphosts_wrz
older iblocklist_badpeers
today iblocklist_ciarmy_malicious
older iblocklist_exclusions
older iblocklist_fornonlancomputers
today iblocklist_level1
4 hours iblocklist_level2
this week iblocklist_level3
older iblocklist_pedophiles
older iblocklist_rangetest
older iblocklist_spider
today iblocklist_spyware
older iblocklist_webexploit
older errors nullsecure
older errors packetmail
older errors packetmail_emerging_ips
older errors packetmail_mail
older errors packetmail_ramnode
older pushing_inertia_blocklist
today spamhaus_drop
this week spamhaus_edrop
older errors turris_greylist
--------------------------------------------------------------------------------
SPAM
older errors hphosts_grm
older errors iw_spamlist
older errors iw_wormlist
older errors lashback_ubl
older errors nixspam
older normshield_all_spam
older normshield_high_spam
4 hours php_commenters
4 hours php_commenters_1d
4 hours php_commenters_30d
4 hours php_commenters_7d
today php_dictionary
today php_dictionary_1d
today php_dictionary_30d
today php_dictionary_7d
today php_harvesters
today php_harvesters_1d
today php_harvesters_30d
today php_harvesters_7d
today php_spammers
today php_spammers_1d
today php_spammers_30d
today php_spammers_7d
older sorbs_anonymizers
older sorbs_dul
older sorbs_escalations
older sorbs_new_spam
older sorbs_noserver
older sorbs_recent_spam
older sorbs_smtp
older sorbs_web
older sorbs_zombie
older errors urandomusto_mailer
--------------------------------------------------------------------------------
UNROUTABLE
older bogons
older errors cidr_report_bogons
today fullbogons
older iblocklist_bogons
today iblocklist_cidr_report_bogons
older iblocklist_iana_multicast
older iblocklist_iana_private
older iblocklist_iana_reserved
ABUSE.CH
older feodo
older feodo_badips
older errors ransomware_cryptowall_ps
older errors ransomware_feed
older errors ransomware_locky_c2
older errors ransomware_locky_ps
older ransomware_online
older errors ransomware_rw
older errors ransomware_teslacrypt_ps
older errors ransomware_torrentlocker_c2
older errors ransomware_torrentlocker_ps
older sslbl
older sslbl_aggressive
--------------------------------------------------------------------------------
ALIEN VAULT
older alienvault_reputation
--------------------------------------------------------------------------------
AUTOSHUN.ORG
older errors shunlist
--------------------------------------------------------------------------------
BAMBENEK CONSULTING
older errors bambenek_banjori
older errors bambenek_bebloh
older errors bambenek_c2
older errors bambenek_cl
older errors bambenek_cryptowall
older errors bambenek_dircrypt
older errors bambenek_dyre
older errors bambenek_geodo
older errors bambenek_hesperbot
older errors bambenek_matsnu
older errors bambenek_necurs
older errors bambenek_p2pgoz
older errors bambenek_pushdo
older errors bambenek_pykspa
older errors bambenek_qakbot
older errors bambenek_ramnit
older errors bambenek_ranbyus
older errors bambenek_simda
older errors bambenek_suppobox
older errors bambenek_symmi
older errors bambenek_tinba
older errors bambenek_volatile
--------------------------------------------------------------------------------
BBCAN177
older bbcan177_ms1
older bbcan177_ms3
--------------------------------------------------------------------------------
BINARY DEFENSE SYSTEMS
this hour bds_atif
--------------------------------------------------------------------------------
BITNODES
now bitcoin_nodes
now bitcoin_nodes_1d
now bitcoin_nodes_30d
now bitcoin_nodes_7d
--------------------------------------------------------------------------------
BLOCKLIST.DE
this hour blocklist_de
this hour blocklist_de_apache
this hour blocklist_de_bots
this hour blocklist_de_bruteforce
this hour blocklist_de_ftp
this hour blocklist_de_imap
this hour blocklist_de_mail
this hour blocklist_de_sip
this hour blocklist_de_ssh
this hour blocklist_de_strongips
--------------------------------------------------------------------------------
BLOCKLIST.NET.UA
now blocklist_net_ua
--------------------------------------------------------------------------------
BLUELIV.COM
older errors blueliv_crimeserver_last
older blueliv_crimeserver_last_1d
older blueliv_crimeserver_last_2d
older blueliv_crimeserver_last_30d
older blueliv_crimeserver_last_7d
older errors blueliv_crimeserver_online
older errors blueliv_crimeserver_recent
--------------------------------------------------------------------------------
BOTSCOUT.COM
now botscout
now botscout_1d
now botscout_30d
now botscout_7d
--------------------------------------------------------------------------------
BOTVRIJ.EU
older botvrij_dst
older botvrij_src
--------------------------------------------------------------------------------
CHARLES HALEY
this hour haley_ssh
--------------------------------------------------------------------------------
CIDR-REPORT.ORG
older errors cidr_report_bogons
--------------------------------------------------------------------------------
CLEANTALK
today cleantalk
today cleantalk_1d
today cleantalk_30d
today cleantalk_7d
today errors cleantalk_new
today cleantalk_new_1d
today cleantalk_new_30d
today cleantalk_new_7d
this week cleantalk_top20
today errors cleantalk_updated
today cleantalk_updated_1d
today cleantalk_updated_30d
today cleantalk_updated_7d
--------------------------------------------------------------------------------
COINBLOCKERLISTS
older coinbl_hosts
older coinbl_hosts_browser
older coinbl_hosts_optional
older errors coinbl_ips
--------------------------------------------------------------------------------
COLLECTIVE INTELLIGENCE NETWORK SECURITY
this hour ciarmy
--------------------------------------------------------------------------------
CRUZIT.COM
today cruzit_web_attacks
--------------------------------------------------------------------------------
CYBER THREAT ALLIANCE
older cta_cryptowall
--------------------------------------------------------------------------------
CYBERCRIME
today cybercrime
--------------------------------------------------------------------------------
DAN.ME.UK
this hour dm_tor
--------------------------------------------------------------------------------
DANGER.RULEZ.SK
older errors bruteforceblocker
--------------------------------------------------------------------------------
DARKLIST.DE
this week errors darklist_de
--------------------------------------------------------------------------------
DATAPLANE.ORG
older errors dataplane_dnsrd
older errors dataplane_dnsrdany
older errors dataplane_dnsversion
older errors dataplane_sipinvitation
older errors dataplane_sipquery
older errors dataplane_sipregistration
older errors dataplane_sshclient
older errors dataplane_sshpwauth
older errors dataplane_vncrfb
--------------------------------------------------------------------------------
DRONEBL.ORG
now dronebl_anonymizers
older dronebl_auto_botnets
older dronebl_autorooting_worms
this week dronebl_compromised
older dronebl_ddos_drones
older dronebl_dns_mx_on_irc
today dronebl_irc_drones
older dronebl_unknown
today dronebl_worms_bots
--------------------------------------------------------------------------------
DSHIELD.ORG
today dshield
today dshield_1d
today dshield_30d
today dshield_7d
older dshield_top_1000
--------------------------------------------------------------------------------
DYNDNS.ORG
today dyndns_ponmocup
--------------------------------------------------------------------------------
EMERGING THREATS
this week et_block
older et_botcc
this week et_compromised
this week et_dshield
this week et_spamhaus
this week et_tor
--------------------------------------------------------------------------------
ESENTIRE
older esentire_14072015_com
older esentire_14072015q_com
older esentire_22072014a_com
older esentire_22072014b_com
older esentire_22072014c_com
older esentire_atomictrivia_ru
older esentire_auth_update_ru
older esentire_burmundisoul_ru
older esentire_crazyerror_su
older esentire_dagestanskiiviskis_ru
older esentire_differentia_ru
older esentire_disorderstatus_ru
older esentire_dorttlokolrt_com
older esentire_downs1_ru
older esentire_ebankoalalusys_ru
older esentire_emptyarray_ru
older esentire_fioartd_com
older esentire_getarohirodrons_com
older esentire_hasanhashsde_ru
older esentire_inleet_ru
older esentire_islamislamdi_ru
older esentire_krnqlwlplttc_com
older esentire_maddox1_ru
older esentire_manning1_ru
older esentire_misteryherson_ru
older esentire_mysebstarion_ru
older esentire_smartfoodsglutenfree_kz
older esentire_venerologvasan93_ru
older esentire_volaya_ru
--------------------------------------------------------------------------------
FIREHOL
now firehol_abusers_1d
4 hours firehol_abusers_30d
now firehol_anonymous
today firehol_level1
now firehol_level2
this hour firehol_level3
now firehol_level4
now firehol_proxies
today firehol_webclient
4 hours firehol_webserver
--------------------------------------------------------------------------------
FREE PROXY LIST
this hour socks_proxy
this hour socks_proxy_1d
this hour socks_proxy_30d
this hour socks_proxy_7d
now sslproxies
4 hours sslproxies_1d
4 hours sslproxies_30d
this hour sslproxies_7d
--------------------------------------------------------------------------------
GPF COMICS
older errors gpf_comics
--------------------------------------------------------------------------------
GRAPHICLINEWEB
older graphiclineweb
--------------------------------------------------------------------------------
GREENSNOW.CO
now greensnow
--------------------------------------------------------------------------------
H3X.EU
older errors asprox_c2
--------------------------------------------------------------------------------
HPHOSTS
older errors hphosts_ats
older errors hphosts_emd
older errors hphosts_exp
older errors hphosts_fsa
older errors hphosts_grm
older errors hphosts_hfs
older errors hphosts_hjk
older errors hphosts_mmt
older errors hphosts_pha
older errors hphosts_psh
older errors hphosts_wrz
--------------------------------------------------------------------------------
IBLOCKLIST.COM
older iblocklist_abuse_palevo
older iblocklist_abuse_spyeye
older iblocklist_abuse_zeus
4 hours iblocklist_ads
older iblocklist_badpeers
older iblocklist_bogons
today iblocklist_ciarmy_malicious
today iblocklist_cidr_report_bogons
today iblocklist_cruzit_web_attacks
older iblocklist_dshield
today iblocklist_edu
older iblocklist_exclusions
older iblocklist_fornonlancomputers
older iblocklist_forumspam
older iblocklist_hijacked
older iblocklist_iana_multicast
older iblocklist_iana_private
older iblocklist_iana_reserved
older iblocklist_isp_aol
older iblocklist_isp_att
older iblocklist_isp_cablevision
older iblocklist_isp_charter
older iblocklist_isp_comcast
older iblocklist_isp_embarq
older iblocklist_isp_qwest
older iblocklist_isp_sprint
older iblocklist_isp_suddenlink
older iblocklist_isp_twc
older iblocklist_isp_verizon
today iblocklist_level1
4 hours iblocklist_level2
this week iblocklist_level3
older iblocklist_malc0de
today iblocklist_onion_router
older iblocklist_org_activision
older iblocklist_org_apple
older iblocklist_org_blizzard
older iblocklist_org_crowd_control
older iblocklist_org_electronic_arts
older iblocklist_org_joost
older iblocklist_org_linden_lab
older iblocklist_org_logmein
older iblocklist_org_microsoft
older iblocklist_org_ncsoft
older iblocklist_org_nintendo
older iblocklist_org_pandora
older iblocklist_org_pirate_bay
older iblocklist_org_punkbuster
older iblocklist_org_riot_games
older iblocklist_org_sony_online
older iblocklist_org_square_enix
older iblocklist_org_steam
older iblocklist_org_ubisoft
older iblocklist_org_xfire
older iblocklist_pedophiles
older iblocklist_proxies
older iblocklist_rangetest
older iblocklist_spamhaus_drop
older iblocklist_spider
today iblocklist_spyware
older iblocklist_webexploit
this week iblocklist_yoyo_adservers
--------------------------------------------------------------------------------
IBM X-FORCE EXCHANGE
older xforce_bccs
--------------------------------------------------------------------------------
IMPROWARE ANTISPAM
older errors iw_spamlist
older errors iw_wormlist
--------------------------------------------------------------------------------
IP BLACKLIST CLOUD
older ipblacklistcloud_recent
older ipblacklistcloud_recent_1d
older ipblacklistcloud_recent_30d
older ipblacklistcloud_recent_7d
older ipblacklistcloud_top
--------------------------------------------------------------------------------
IP2LOCATION.COM
today ip2proxy_px1lite
--------------------------------------------------------------------------------
MALC0DE.COM
older errors malc0de
--------------------------------------------------------------------------------
MALWAREDOMAINLIST.COM
older errors malwaredomainlist
--------------------------------------------------------------------------------
MAXMIND.COM
older anonymous
older maxmind_proxy_fraud
older satellite
--------------------------------------------------------------------------------
MYIP.MS
4 hours myip
--------------------------------------------------------------------------------
NICK GALBREATH
older datacenters
--------------------------------------------------------------------------------
NIX SPAM
older errors nixspam
--------------------------------------------------------------------------------
NORMSHIELD.COM
older normshield_all_attack
older normshield_all_bruteforce
older normshield_all_ddosbot
older normshield_all_dnsscan
older normshield_all_spam
older normshield_all_suspicious
older normshield_all_wannacry
older normshield_all_webscan
older normshield_all_wormscan
older normshield_high_attack
older normshield_high_bruteforce
older normshield_high_ddosbot
older normshield_high_dnsscan
older normshield_high_spam
older normshield_high_suspicious
older normshield_high_wannacry
older normshield_high_webscan
older normshield_high_wormscan
--------------------------------------------------------------------------------
NOTHINK.ORG
older errors nt_malware_dns
older errors nt_malware_http
older errors nt_malware_irc
older errors nt_ssh_7d
--------------------------------------------------------------------------------
NULLSECURE.ORG
older errors nullsecure
--------------------------------------------------------------------------------
PACKETMAIL.NET
older errors packetmail
older errors packetmail_emerging_ips
older errors packetmail_mail
older errors packetmail_ramnode
--------------------------------------------------------------------------------
PROJECTHONEYPOT.ORG
4 hours php_commenters
4 hours php_commenters_1d
4 hours php_commenters_30d
4 hours php_commenters_7d
today php_dictionary
today php_dictionary_1d
today php_dictionary_30d
today php_dictionary_7d
today php_harvesters
today php_harvesters_1d
today php_harvesters_30d
today php_harvesters_7d
today php_spammers
today php_spammers_1d
today php_spammers_30d
today php_spammers_7d
--------------------------------------------------------------------------------
PROXYLISTS.NET
older proxylists
older proxylists_1d
older proxylists_30d
older proxylists_7d
--------------------------------------------------------------------------------
PROXZ.COM
older proxz
older proxz_1d
older proxz_30d
older proxz_7d
--------------------------------------------------------------------------------
PUSHING INERTIA
older pushing_inertia_blocklist
--------------------------------------------------------------------------------
SBLAM.COM
older errors sblam
--------------------------------------------------------------------------------
SNORT.ORG LABS
older errors snort_ipfilter
--------------------------------------------------------------------------------
SORBS.NET
older sorbs_anonymizers
older sorbs_dul
older sorbs_escalations
older sorbs_new_spam
older sorbs_noserver
older sorbs_recent_spam
older sorbs_smtp
older sorbs_web
older sorbs_zombie
--------------------------------------------------------------------------------
SPAMHAUS.ORG
today spamhaus_drop
this week spamhaus_edrop
--------------------------------------------------------------------------------
STOPFORUMSPAM.COM
today stopforumspam
today stopforumspam_180d
this hour stopforumspam_1d
this hour stopforumspam_30d
4 hours stopforumspam_365d
today stopforumspam_7d
4 hours stopforumspam_90d
older stopforumspam_toxic
--------------------------------------------------------------------------------
TAICHUNG EDUCATION CENTER
older errors taichung
--------------------------------------------------------------------------------
TALOSINTEL.COM
older errors talosintel_ipfilter
--------------------------------------------------------------------------------
TEAM CYMRU
older bogons
today fullbogons
--------------------------------------------------------------------------------
THE LASHBACK UNSUBSCRIBE BLACKLIST
older errors lashback_ubl
--------------------------------------------------------------------------------
THREAT CROWD
older threatcrowd
--------------------------------------------------------------------------------
TORPROJECT.ORG
older errors tor_exits
older tor_exits_1d
older tor_exits_30d
older tor_exits_7d
--------------------------------------------------------------------------------
TURRIS
older errors turris_greylist
--------------------------------------------------------------------------------
URANDOM.US.TO
older errors urandomusto_dns
older errors urandomusto_ftp
older errors urandomusto_http
older errors urandomusto_mailer
older errors urandomusto_ntp
older errors urandomusto_rdp
older errors urandomusto_smb
older errors urandomusto_ssh
older errors urandomusto_telnet
older errors urandomusto_unspecified
older errors urandomusto_vnc
--------------------------------------------------------------------------------
URLVIR.COM
older errors urlvir
--------------------------------------------------------------------------------
US CERT
older errors uscert_hidden_cobra
--------------------------------------------------------------------------------
VOIPBL.ORG
4 hours voipbl
--------------------------------------------------------------------------------
VXVAULT
this week vxvault
--------------------------------------------------------------------------------
XROXY.COM
this hour xroxy
this hour xroxy_1d
4 hours xroxy_30d
4 hours xroxy_7d
--------------------------------------------------------------------------------
YOYO.ORG
older errors yoyo_adservers
YOUR CLOCK IS WRONG!
Your computer clock seems wrong! Some calculations may be wrong.
Please sync your clock.
AGGREGATED DATA...
The IPs in this list are aggregated by us. The source list either has no
retention at all (i.e. it lists IPs just once and they are lost at the next
refresh), or its retention is too low, or it would be interesting to know the
IPs that pass through the original list in longer durations. So we decided to
aggregate several updates together.
If you use this IP list in production systems, keep in mind this aggregation
introduces a significant drawback: To unlist an IP, once it is in the
aggregation log, you will either have to whitelist it using your own means, or
wait for the aggregation period to expire so that it will be unlisted
automatically.
ABOUT FIREHOL_LEVEL1
This IP list is a composition of other IP lists.
The objective is to create a blacklist that can be safe enough to be used on all
systems, with a firewall, to block access entirely, from and to its listed IPs.
The key prerequisite for this cause, is to have no false positives. All IPs
listed should be bad and should be blocked, without exceptions.
To accomplish this, we include the following IP lists:
* FULLBOGONS - THE UNROUTABLE IPS
fullbogons includes IPs that should not be routable in the Internet. It
includes bogons which lists private and reserved IPs, but it also includes
IPs that are allocated to a local registry, but they are not currently
assinged to any one, ISP, corporation, or end user.
fullbogons should be 100% safe, it should never include a false positive and
should never give you a complaint from an end user or customer. Of course it
needs to be up to date.
* SPAMHAUS DROP AND EDROP - DON'T ROUTE OR PEER IPS
According to Spamhaus, DROP and EDROP are advisory "drop all traffic" lists,
consisting of netblocks that are "hijacked" or leased by professional spam or
cyber-crime operations (used for dissemination of malware, trojan
downloaders, botnet controllers). The spamhaus_drop and spamhaus_edrop lists
are designed for use by firewalls and routing equipment to filter out the
malicious traffic from these netblocks.
The spamhaus_drop list will not include any IP address space under the
control of any legitimate network - even if being used by "the spammers from
hell".
spamhaus_edrop is an extension of the spamhaus_drop list that includes
suballocated netblocks controlled by spammers or cyber criminals.
spamhaus_edrop is meant to be used in addition to the direct allocations on
the spamhaus_drop list.
When implemented at a network or ISP's 'core routers', spamhaus_drop and
spamhaus_edrop will help protect the network from spamming, scanning,
harvesting, DNS-hijacking and DDoS attacks originating on rogue netblocks.
Spamhaus strongly encourages the use of spamhaus_drop and spamhaus_edrop by
tier-1s and backbones.
In my personal experience, Spamhaus is very responsive cleaning up these
lists when it receives complaints.
* DSHIELD - THE TOP 20 ATTACKING CLASS-C
dshield summarizes the top 20 attacking class C (/24) subnets over the last
three days. This sounds like many false positives are included. They are not,
and this is why:
dshield.org, or better The Internet Storm Center of SANS Institute, collects
firewall and IDS logs from hundreds of thousands of computers around the
globe. You can submit yours too! The dshield IP list includes only the top 20
class-C, i.e. it always lists 5120 IPs only. The rate of change of these top
20 class-C is so high, that most of them are listed for just 15 mins. Check
it. Goto to the dshield page and take a look on the second chart (the
"changes history" chart). Out of the 5120 IPs listed, about 3000 of them
expire on every update.
To visualize it even better, check the dshield_1d list. This one aggregates
all IPs listed by dshield, for 24 hours. Check its unique IPs count. 60k to
120k unique IPs pass through dshield every day.
So, if it has a so aggressive change rate, is it usefull at all? The whole
idea of dshield is to follow the storm as close as possible. And they are
doing a great job accoplishing it.
* MALWARE LISTS - THE COMMAND AND CONTROL IPS
There are several malware lists that are very focused. They only track IPs
that are actively used by specific malwares or trojans. These lists are
usualy very small and they even reach zero IP count if the malware is
vanished.
We include most the Abuse.ch and Bambenek Consulting lists. Namely:
* feodo
* sslbl
* zeus_badips
* bambenek_c2 which includes all Bambenek Consulting lists
These lists do suffer from some false positives, but not for dynamic IP
users. The only false positives I ever found on these malware lists was on
hosting providers that share the same IP among many sites. If a site is
hosting a malware or trojan monitored by these lists, then the IP of that
site and therefore all the other sites that share the same IP will be
blocked.
firehol_level1 is updated automatically every time any of its IP lists is
updated. If you use FireHOL's update-ipsets.sh, you can just enable it and it
will be composed directly from the individual lists, on your computer.
Otherwise, you can download it from github.
I would love to hear any comments for this list. So please, let me know if you
have any.
--------------------------------------------------------------------------------
EVOLUTION OF FIREHOL_LEVEL1
Each time the IP list is changed, modified, or updated we keep track of its size
(both number of entries and number of unique IPs matched). Using this
information we can detect what the list maintainers do, get an idea of the list
trend and its maintainers habbits.
Using the chart below we attempt to answer these questions:
* HOW MANY ENTRIES DOES IT HAVE?
If you are going to use this IP list as a blocklist / blacklist at a
firewall, its size can be important for the performance of the firewall.
Keep in mind that the performance of Linux netfilter / iptables firewalls
that use ipsets (like FireHOL does), is not affected by the size of an ipset.
Any number of entries can be added and the firewall will just do one lookup
for every packet checked against the ipset. Linux ipsets are affected only by
the number of different subnets in an ipset. FireHOL solves this by
automatically reducing the number of unique subnets on all hash:net ipsets
(check this article for more information on how this is done).
* HOW MANY UNIQUE IPS DOES IT MATCH?
The number of unique IPs matched by an IP list, determines the effectiveness
of the blacklist / blocklist.
Generally, smaller IP lists are more focused and safer to use as firewall
blacklists / blocklists. Fewer unique IPs means fewer possible false
positives.
On the other hand a very small list will not provide a significant level of
protection.
* IS IT UPDATED FREQUENTLY AND REGULARLY?
We need IP lists that are well maintained, frequently and regularly.
In the chart below, every point is updated only when the list maintainers add
IPs to, or remove IPs from the IP list, so even if the number of unique IPs
remains the same, a point in the chart indicates that something changed in
it. The exact number of unique IPs added and removed with each update can be
seen on the chart next to the one below.
The frequency of updates is irrelevant to the retention policy of the IP
list. We will examine its retention below in the sections below.
* DOES IT HAVE A CONSISTENT SIZE THROUGH TIME?
We don't want surprises. Sudden increases or decreases is generally an
indication of poor maintainance.
Of course, there are cases where an IP list will by definition have sudden
changes in its size.
The chart below shows the last 500 updates, of the IP list.
* Entries is the number of entries the ipset has.
* UniqueIPs is the number of unique IPs the ipset matches.
Created with Highcharts 10.2.1Number of Unique IPsNumber of IPset EntriesChart
context menufirehol_level1 Historyevolution of unique IPs and
entriesUniqueIPsEntries6. Jun20. Jun4. Jul18. Jul1. Aug15. Aug29. Aug0
IPs100000000 IPs200000000 IPs300000000 IPs400000000 IPs500000000 IPs600000000
IPs700000000 IPsHighcharts.com
The chart below shows the change history of the IP list, i.e. the number of
unique IPs added and removed with each update.
Using the chart below we attempt to answer these questions:
* HOW MUCH OF THIS IP LIST IS CHANGED ON EVERY UPDATE?
There are IP lists that, although they have an almost constant size, they
change their contents almost entirely on every update.
In other cases, similar IP lists have minimal incremental updates.
The following chart attempts to visualize this.
Created with Highcharts 10.2.1Number of Unique IPsChart context
menufirehol_level1 Changes Historychanges history of unique
IPsAddedIPsRemovedIPs6. Jun20. Jun4. Jul18. Jul1. Aug15. Aug29. Aug-400000
IPs-300000 IPs-200000 IPs-100000 IPs0 IPs100000 IPsHighcharts.com
--------------------------------------------------------------------------------
COUNTRY MAP OF FIREHOL_LEVEL1
Each time an ipset is updated we check it against the MaxMind GeoLite2 country,
the IPDeny.com country, the IP2Location.com Lite country and the IPIP.net
country databases, to find the list's unique IPs per country.
Using the maps below we attempt to answer these questions:
* WHICH COUNTRIES DOES IT CURRENTLY MATCH?
If you are going to install this IP list as a blocklist / blacklist at a
firewall, it is important to know which countries will be mainly affected,
since you are going to block access from/to these IPs.
All lists suffer from false positives to some degree, so using this IP list
at your firewall might block some of your users or customers.
* WHERE DO THE ATTACKERS OR THE ABUSERS COME FROM?
Some lists focus only on specific regions of the world. The following map
illustrates this. It is a heat map of the list's focus.
* MaxMind.com GeoLite2
* IPDeny.com
* IP2Location.com Lite
* IPIP.net
Created with Highcharts 10.2.1Chart context menuZoom in+Zoom out-firehol_level1
Country Mapmapped with geolite2 geo-country DB110010k1M100M10…Unique
IPsCopyright (c) 2022 Highsoft AS, Based on data from Natural
EarthHighcharts.com © Natural Earth
Loading ipdeny map...
Loading ip2location map...
Loading ipip map...
--------------------------------------------------------------------------------
AGE OF IPS LISTED IN FIREHOL_LEVEL1
The age of each IP in the list is shown below. The time shown is calculated in
realtime; it will be refreshed as time passes, even if the list is not updated.
Using the chart below we attempt to answer these questions:
* WHAT IS THE CURRENT AGE OF THE IPS LISTED?
Most lists include IPs that match some criteria (e.g. an attack or abuse is
detected originated from the IP in question). Once an IP is listed, it
remains listed for a pre-defined amount of time, unless it matches the
criteria again, in which case its expiration time is refreshed.
Many lists announce the duration they list IPs. Many don't and almost all
lists have exceptions that do not follow the announced rules.
A false positive is in place when an IP that was properly detected and added
to the list, was released and re-used by another person, before being
unlisted from the list. Since the world is full of dynamic IP users, false
positives is the biggest problem of blocklist / blacklists.
In the chart below we show the exact age of the IPs currently listed. Small
ages are good. Long ages are not necessarily bad. Normally, longer ages
should only be a small part of the list's size.
Pay attention to the 50% mark. This is the average age of the IPs in the
list. Pay also attention to the 75% (most probable) and the 90% (expected
max) marks.
* DOES THE LIST INCLUDE ANY STATIC DATA?
The ideal age chart of a well maintained IP list should a straight line from
the bottom left corner, to the upper right corner of the chart.
Of course, this is affected by the pressure of different attacks and possibly
the different listing policies for different types of attacks.
In general though, this chart should be as granural as possible.
Long horizontal lines indicate either sustaining attacks, or unreasonably
high listing policies.
Created with Highcharts 10.2.1IPs age in hours% of IPs currently listedChart
context menufirehol_level1 Age of IPsAge of 614,479,616 currently listed IPs
monitoring its age since Fri Jun 19 2015 07:26:23 GMT+0000 (GMT)IPs with age up
to this hour (cumulative)IPs with age in this
hour820857992113851925272232264234494659066861802589429470103021111411786126181413015275161461701017354176071870019674208742476226305286333028234389377460
%25 %50 %75 %100 %Highcharts.com
--------------------------------------------------------------------------------
RETENTION POLICY OF FIREHOL_LEVEL1
The retention policy of the list shows the duration IPs were listed, when they
were listed. This is calculated every time the list maintainers remove an IP
from the list. The chart below shows the retention policy detected, since we
started monitoring the list (it is not limited to a certain timeframe).
Using the chart below we attempt to answer these questions:
* WHEN ARE IPS BEING REMOVED FROM THE LIST?
This chart shows data for the past IPs, currently unlisted.
The vertical parts of the "stair steps" in this chart, indicate periods of
intensive IPs cleanup. This is their retention policy.
If the chart contains more than one "stair steps", the list has many
different retention policies.
Created with Highcharts 10.2.1IPs retention in hours% of past IPsChart context
menufirehol_level1 Retention PolicyRetention of not currently listed IPs for
175,861,487 IPs removed, 100.00 % of 175,861,487 IPs added since we started
monitoring it (Fri Jun 19 2015 07:26:23 GMT+0000 (GMT))Retention of past IPs up
to this hour (cumulative)Retention of past IPs for this hour<
119267141183171903805717619561155137916432272266731493659424848545518633680168948981211087122641393715264165362007221728237922711231384360680
%25 %50 %75 %100 %Highcharts.com
--------------------------------------------------------------------------------
OVERLAPS OF FIREHOL_LEVEL1 WITH OTHER IP LISTS
Using the chart below we attempt to answer these questions:
* IS THE LIST A DERIVATIVE OF OTHER LISTS?
Check the column Their %. A high percentage in this column, indicates that
the IP list of that row is included in firehol_level1.
* IS THE LIST INCLUDED IN ANY OTHER LIST?
Check the column This %. A high percentage in this column, indicates that
firehol_level1 is included in the IP list of that row.
* DOES THE LIST SHARE IPS WITH OTHER LISTS?
Focus on the last two columns: Their % and This %. These two percentages show
the percentage of overlap this list has with other IP lists.
Using the comparison table, we can easily find out that, for example, abuse
is often initiated from anonymizing IPs (like open proxies) and malwares.
In the table below we compare firehol_level1 with all other lists. If a list is
not shown in the following table, it does not have any common IPs with
firehol_level1.
* Unique IPs is the unique IPs each ipset has.
* Common IPs is the number of unique IPs common to firehol_level1 and each
ipset.
* Their % the percentage: common IPs vs. the unique IPs of each row ipset.
* This % is the percentage: common IPs vs. the unique IPs of firehol_level1
(having 614,479,616 unique IPs).
* Category
* List
* Unique IPs
* Common IPs
* Their %
* This %
* JSON
* XML
* CSV
* TXT
* SQL
* Ms-Excel
Loading, please wait...
Category
List
Unique IPs
Common IPs
Their %
This %
unroutablefullbogons596,869,888596,869,888100.00%97.13%unroutableiblocklist_cidr_report_bogons603,454,544592,990,71298.27%96.50%unroutablecidr_report_bogons605,125,864592,989,17697.99%96.50%unroutablebogons592,708,608592,708,608100.00%96.46%unroutableiblocklist_bogons645,673,639544,973,82384.40%88.69%unroutableiblocklist_iana_reserved536,870,912536,870,912100.00%87.37%reputationiblocklist_fornonlancomputers302,055,424302,055,424100.00%49.16%unroutableiblocklist_iana_multicast268,435,456268,435,456100.00%43.69%unroutableiblocklist_iana_private51,643,64651,643,390100.00%8.40%attackset_block17,278,22017,145,60099.23%2.79%reputationspamhaus_drop17,141,76017,141,760100.00%2.79%attacksiblocklist_spamhaus_drop17,338,36817,141,76098.87%2.79%attackset_spamhaus17,272,83217,141,76099.24%2.79%reputationiblocklist_level2337,907,5958,632,4482.55%1.40%reputationiblocklist_level3137,010,6274,529,2953.31%0.74%reputationiblocklist_level1723,114,4302,867,7190.40%0.47%attacksfirehol_level49,341,0392,247,90624.06%0.37%attacksiblocklist_hijacked8,802,0482,241,28025.46%0.36%malwarebbcan177_ms15,269,9732,162,71241.04%0.35%organizationsiblocklist_edu227,991,292783,9840.34%0.13%spamsorbs_zombie1,903,876723,96838.03%0.12%reputationspamhaus_edrop497,408497,408100.00%0.08%attacksfirehol_webserver60,487,496320,2570.53%0.05%reputationpushing_inertia_blocklist60,462,830320,2560.53%0.05%spamsorbs_dul375,474,21047,2800.01%0.01%organizationsiblocklist_ads886,68717,4161.96%0.00%anonymizersfirehol_anonymous2,313,02217,1830.74%0.00%anonymizersfirehol_proxies2,300,85017,1740.75%0.00%anonymizersip2proxy_px1lite2,299,99717,1710.75%0.00%organizationsdatacenters95,959,47610,2400.01%0.00%abusestopforumspam_365d616,1158,7211.42%0.00%organizationsiblocklist_isp_sprint6,310,5708,1920.13%0.00%spamsorbs_web6,375,0295,5400.09%0.00%attacksfirehol_level229,2545,17217.68%0.00%attacksfirehol_level330,4545,14316.89%0.00%attacksdshield_7d10,2405,12050.00%0.00%attacksdshield_30d12,2885,12041.67%0.00%attacksdshield_1d6,6565,12076.92%0.00%attacksdshield5,1205,120100.00%0.00%reputationiblocklist_spyware339,2994,1001.21%0.00%attackset_dshield5,1203,84075.00%0.00%abusestopforumspam_180d311,4613,5171.13%0.00%abusefirehol_abusers_30d190,1142,3401.23%0.00%abusestopforumspam170,6852,1481.26%0.00%abusestopforumspam_90d170,7992,1381.25%0.00%abuseblocklist_net_ua102,1831,8031.76%0.00%malwaredronebl_worms_bots236,3381,4310.61%0.00%abusedronebl_irc_drones978,3461,3110.13%0.00%anonymizersdronebl_anonymizers1,369,2831,2700.09%0.00%spamsorbs_recent_spam555,4381,0340.19%0.00%abusestopforumspam_toxic120,9231,0240.85%0.00%abusestopforumspam_30d67,0159521.42%0.00%reputationiblocklist_ciarmy_malicious15,0007364.91%0.00%reputationciarmy15,0007274.85%0.00%abusebotscout_30d22,7086142.70%0.00%abusestopforumspam_7d25,5884041.58%0.00%reputationturris_greylist9,6142782.89%0.00%reputationiblocklist_pedophiles847,8892560.03%0.00%abusebotscout_7d8,1062142.64%0.00%reputationnullsecure29,4392120.72%0.00%abusefirehol_abusers_1d8,6622032.34%0.00%attacksvoipbl43,2311860.43%0.00%attacksdronebl_compromised70,1431750.25%0.00%abusestopforumspam_1d6,9531702.44%0.00%attackshaley_ssh55,6371580.28%0.00%abusecleantalk_30d12,6341391.10%0.00%spamsorbs_anonymizers610,2631280.02%0.00%abusesblam7,8951211.53%0.00%abusecleantalk_updated_30d6,0191201.99%0.00%organizationscoinbl_hosts10,506950.90%0.00%malwarehphosts_emd59,204920.16%0.00%attacksblueliv_crimeserver_last_30d87,551560.06%0.00%reputationhphosts_psh44,781550.12%0.00%attacksblocklist_de19,501540.28%0.00%attacksblueliv_crimeserver_last_7d77,098530.07%0.00%attacksgreensnow5,500510.93%0.00%abusebotscout_1d1,844492.66%0.00%attacksblueliv_crimeserver_last_2d71,293470.07%0.00%spamsorbs_new_spam35,967450.13%0.00%spamlashback_ubl37,994450.12%0.00%attacksblueliv_crimeserver_recent64,076450.07%0.00%reputationpacketmail3,986431.08%0.00%organizationsyoyo_adservers9,942420.42%0.00%organizationsiblocklist_yoyo_adservers9,661420.43%0.00%attacksdataplane_sshclient23,463410.17%0.00%attacksblueliv_crimeserver_last_1d58,312350.06%0.00%attackstaichung2,658321.20%0.00%attacksiblocklist_cruzit_web_attacks13,343310.23%0.00%attackscruzit_web_attacks12,825300.23%0.00%reputationhphosts_fsa24,764280.11%0.00%reputationbds_atif926283.02%0.00%attacksdataplane_sipquery1,182272.28%0.00%organizationshphosts_ats13,037250.19%0.00%abusecleantalk_new_30d7,249240.33%0.00%abusecleantalk_7d3,200240.75%0.00%attacksblocklist_de_ssh7,174230.32%0.00%abusecleantalk_updated_7d1,568211.34%0.00%reputationpacketmail_ramnode2,502190.76%0.00%attacksblocklist_de_mail10,374170.16%0.00%attacksblocklist_de_imap2,080170.82%0.00%attacksurandomusto_rdp1331511.28%0.00%spamphp_dictionary_30d1,201151.25%0.00%attacksblueliv_crimeserver_last24,381140.06%0.00%attackset_compromised352133.69%0.00%attacksblueliv_crimeserver_online15,628130.08%0.00%anonymizerssocks_proxy_30d10,059120.12%0.00%attacksdataplane_sshpwauth20,155120.06%0.00%organizationsbitcoin_nodes_30d13,210120.09%0.00%spamnixspam17,135110.06%0.00%anonymizerset_tor5,997110.18%0.00%attacksdronebl_ddos_drones2,656110.41%0.00%reputationdronebl_auto_botnets10,848110.10%0.00%attacksdataplane_dnsrd1,638110.67%0.00%attacksblocklist_de_apache8,780110.13%0.00%attacksurandomusto_smb451022.22%0.00%spamphp_spammers_30d1,301100.77%0.00%abusecleantalk_1d491102.04%0.00%abusecleantalk497102.01%0.00%attacksblocklist_de_bruteforce791101.26%0.00%anonymizersdm_tor6,05190.15%0.00%abusecleantalk_updated_1d25093.60%0.00%abusecleantalk_updated25093.60%0.00%spamphp_commenters_30d1,18480.68%0.00%anonymizersiblocklist_onion_router1,37880.58%0.00%organizationsbitcoin_nodes_7d8,38180.10%0.00%organizationsbitcoin_nodes_1d6,69680.12%0.00%organizationsbitcoin_nodes6,08680.13%0.00%attacksurandomusto_dns67710.45%0.00%attacksnormshield_high_attack54971.28%0.00%attacksnormshield_all_attack54971.28%0.00%attacksdronebl_autorooting_worms1,82260.33%0.00%attacksdataplane_vncrfb3,84260.16%0.00%organizationscoinbl_ips1,39060.43%0.00%attacksurandomusto_ntp7256.94%0.00%reputationhphosts_pha2,47450.20%0.00%malwareesentire_smartfoodsglutenfree_kz2,67450.19%0.00%malwarebambenek_banjori13653.68%0.00%attacksurandomusto_ftp15242.63%0.00%spamphp_harvesters_30d43940.91%0.00%abusegpf_comics3,26140.12%0.00%malwareesentire_manning1_ru6,82440.06%0.00%malwareesentire_maddox1_ru11,34540.04%0.00%malwareesentire_downs1_ru7,23140.06%0.00%malwareesentire_dorttlokolrt_com23,66440.02%0.00%malwareesentire_22072014c_com1,28940.31%0.00%malwareesentire_22072014b_com1,28840.31%0.00%malwareesentire_22072014a_com1,29040.31%0.00%malwareesentire_14072015q_com57540.70%0.00%malwareesentire_14072015_com57940.69%0.00%anonymizersproxylists_7d8,26330.04%0.00%
Showing 1 to 150 of 220 rows150
* 150
* 300
records per page
* «
* ‹
* 1
* 2
* ›
* »
--------------------------------------------------------------------------------
COMMENTS ON FIREHOL_LEVEL1
--------------------------------------------------------------------------------
The data on this site were last updated 6 minutes ago
on Fri Sep 02 2022 07:24:33 GMT+0000 (GMT)
2015-2017 Costa Tsaousis, for FireHOL a firewall for humans!.
The data on this page are automatically generated using FireHOL's
update-ipsets.sh (for downloading the lists from their sources and generating
the data for this site), which utilizes iprange (for comparing and manipulating
IP lists). Both are part of FireHOL, which is provided under GPL v2, so you are
free to get, use, adapt and re-distribute.
This site is provided as-is, without any warranty. IP Lists are a property of
their maintainers.
This site is a single static page, with all its data uploaded as static JSON and
CSV files every time an IP List is updated. For the final result, it utilizes IP
data and web services provided by third parties. It uses IP lists and related
data provided and maintained by their respective owners (mentioned together with
each IP list), IP-to-country geolocation data provided by maxmind.com
(GeoLite2), ipdeny.com, ip2location.com (Lite) and ipip.net, javascript chart
libraries provided by highcharts.com, comments engine provided by disqus.com,
social media sharing buttons provided by shareaholic.com, the HTML, CSS and JS
framework bootstrap, the bootstrap-table component, icons provided by
iconsdb.com and it uses several services provided by github.
×
ABOUT THIS SITE
This site aggregates, analyzes, compares and documents publicly available IP
Feeds, with a focus on attacks and abuse. It is automatically generated and
maintained using open source software (check the wiki), that can be installed
and run on your systems too, to download all IP lists directly from their
maintainers, process them and re-generate the site and its data.
Special care has been given to make this analysis as scientific and objective as
possible, respecting the hard work of the security teams, security companies and
security professionals who offer these IP lists to the rest of us.
Of course, security is achieved with a lot more than IP lists. And not all IP
lists included here should be used for blocking traffic at a firewall or border
router. Many of them, should be used, for example, to influence the way
applications handle clients, or help in the development of further threat
analysis.
Unfortunatelly, the InfoSec industry still considers as a standard industry
practice the trade of Threat Intelligence for money.
This is disappointing.
Why?
Threat Intelligence requires knowledge, skills and sophisticated tools to be
effective. Instead of selling these skills and tools, security firms selling
threat intel state clearly they have valid information that identifies
criminals. But they want money to reveal it.
This is contradictory to what we consider acceptable, if it was about criminal
activity other than cyber.
So, I have concluded that either the InfoSec industry has a severe cultural
fault, or they have nothing. The super duper feeds they advertise are just a
marketing tool to attract customers. They sell an illusion...
Many will argue that collecting threat intel is expensive.
Of course it is!
Then, you will also accept it if someone opens an online shop to sell
information about a gang that breaks houses in your neighbor, as long as it cost
them enough to acquire this information. Yes?
To my understanding Threat Intelligence cannot be effective when it is treated
as Intellectual Property.
Hopefully, many security companies and professionals agree and openly distribute
the result of their hard work.
Close