Malicious IPs, IP ranges and Domains January 22, 2022, 04:48:55 pm They are in different formats.General/Combinedhttps://www.binarydefense.com/banlist.txthttps://rules.emergingthreats.net/blockrules/compromised-ips.txthttps://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txthttps://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netsethttps://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netsethttps://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netsethttps://lists.blocklist.de/lists/all.txtBotnetshttps://sslbl.abuse.ch/blacklist/sslipblacklist.txthttps://feodotracker.abuse.ch/downloads/ipblocklist.txtSpamhause DROP lists (Dont Route Or Peer)https://www.spamhaus.org/drop/drop.txthttps://www.spamhaus.org/drop/edrop.txthttps://www.spamhaus.org/drop/dropv6.txtAllegedly missing IPs in other listshttps://ozgur.kazancci.com/ban-me.txtSSH attackershttps://lists.blocklist.de/lists/22.txthttps://lists.blocklist.de/lists/ssh.txthttps://lists.blocklist.de/lists/bruteforcelogin.txtFTP attackershttps://lists.blocklist.de/lists/21.txthttps://lists.blocklist.de/lists/ftp.txthttps://lists.blocklist.de/lists/proftpd.txtHTTP/Apache attackershttps://lists.blocklist.de/lists/80.txthttps://lists.blocklist.de/lists/443.txthttps://lists.blocklist.de/lists/apache.txtSMTP/E-Mail Attackershttps://lists.blocklist.de/lists/25.txthttps://lists.blocklist.de/lists/110.txthttps://lists.blocklist.de/lists/143.txthttps://lists.blocklist.de/lists/993.txthttps://lists.blocklist.de/lists/email.txthttps://lists.blocklist.de/lists/mail.txthttps://lists.blocklist.de/lists/imap.txthttps://lists.blocklist.de/lists/courierimap.txthttps://lists.blocklist.de/lists/courierpop3.txthttps://lists.blocklist.de/lists/pop3.txthttps://lists.blocklist.de/lists/postfix.txtVOIP/SIP Attackershttps://lists.blocklist.de/lists/asterisk.txthttps://lists.blocklist.de/lists/sip.txtIRC / Botshttps://lists.blocklist.de/lists/ircbot.txthttps://lists.blocklist.de/lists/bots.txtShodanhttps://isc.sans.edu/api/threatlist/shodan/ (add ?json or ?csv for a different format than xml)Per country/continenthttps://github.com/firehol/blocklist-ipsets/tree/master/geolite2_countryhttps://github.com/firehol/blocklist-ipsets/tree/master/ip2location_countryhttps://github.com/firehol/blocklist-ipsets/tree/master/ipdeny_countryhttps://github.com/firehol/blocklist-ipsets/tree/master/ipip_countryDatacentershttps://github.com/firehol/blocklist-ipsets/blob/master/datacenters.netset (old)Tor exit nodeshttps://github.com/firehol/blocklist-ipsets/blob/master/tor_exits.ipsethttps://isc.sans.edu/api/threatlist/torexit (add ?json or ?csv for a different format than xml)https://check.torproject.org/exit-addressesSome other feeds: https://isc.sans.edu/api/threatfeeds/Make sure to only pick ones that have had updates recently. Rest will return an error that they are not maintained.When you choose a feed, for example "Scanners Operated by Onyphe.io", you open the url with the type at the end, for example: https://isc.sans.edu/api/threatlist/onyphe or for "Rapid 7 Project Sonar" - https://isc.sans.edu/api/threatlist/rapid7sonarAnd some IPs from one of the links with the title "Top Attackers" (selectel, ipvolume, novogara, digitalocean, clouvider, etc.)194.147.140.0/2492.63.197.0/2445.155.205.0/2494.232.46.0/2445.146.165.0/24167.248.133.0/2489.248.165.0/2445.143.200.0/24185.193.91.0/24185.236.11.0/24195.54.161.0/2479.124.62.0/24195.54.160.0/24192.241.223.0/2489.248.168.0/2492.118.161.0/24192.241.224.0/2446.161.27.0/245.180.211.0/24192.241.222.0/24
Re: Malicious IPs, IP ranges and Domains Reply #1 – January 22, 2022, 04:49:07 pm Check if listed in multiple blacklists:https://www.blockedservers.comUnknown malicious:https://pastebin.com/u/rdp_snitchSpam score per ASN:http://www.uceprotect.net/en/l3charts.php
Re: Malicious IPs, IP ranges and Domains Reply #2 – January 22, 2022, 04:49:20 pm Here are some blocklistshttps://github.com/trick77/ipset-blacklisthttps://firebog.nethttps://filterlists.comhttps://blocklistproject.github.io/Lists/https://github.com/notracking/hosts-blocklistshttps://github.com/StevenBlack/hostshttps://github.com/Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklisthttps://threatfeeds.iohttps://dbl.oisd.nlhttps://gitlab.com/The_Quantum_Alpha/the-quantum-ad-listhttps://zerodot1.gitlab.io/CoinBlockerLists/hosts_browserhttps://github.com/fonic/ipfilter
Re: Malicious IPs, IP ranges and Domains Reply #3 – January 22, 2022, 04:49:32 pm Stop forum spam IP addresses:https://github.com/X4BNet/lists_stopforumspam/blob/main/ipv4.txt"System based on +500 blacklists and 5 external intelligences to detect internet potencially malicious hosts":https://github.com/carlospolop/MalwareWorld
Re: Malicious IPs, IP ranges and Domains Reply #4 – January 22, 2022, 04:49:44 pm Quote from: zurigora on June 03, 2021, 07:34:10 pmQuoteStop forum spam IP addresses:https://github.com/X4BNet/lists_stopforumspam/blob/main/ipv4.txt"System based on +500 blacklists and 5 external intelligences to detect internet potencially malicious hosts":https://github.com/carlospolop/MalwareWorldLots of good lists on https://github.com/X4BNet/
Re: Malicious IPs, IP ranges and Domains Reply #5 – January 22, 2022, 04:49:56 pm Quote from: Admin on June 04, 2021, 06:17:28 amQuoteLots of good lists on https://github.com/X4BNet/I am unsure of how the VPN list decides on which ASN's to use as only ProtonVPN is used to get IPs.
Re: Malicious IPs, IP ranges and Domains Reply #6 – January 22, 2022, 04:50:08 pm A lot of IP lists here: https://github.com/stamparm/maltrail/tree/master/trails/feedshttps://github.com/stamparm/maltrail/tree/master/trails/static
Re: Malicious IPs, IP ranges and Domains Reply #7 – January 22, 2022, 04:50:20 pm NextDNS's lists:https://github.com/nextdns/metadata
Re: Malicious IPs, IP ranges and Domains Reply #8 – January 22, 2022, 04:50:33 pm https://report.cs.rutgers.edu/DROP/ (from https://report.cs.rutgers.edu/mrtg/drop/dropstat.cgi?start=-86400)
Re: Malicious IPs, IP ranges and Domains Reply #9 – January 22, 2022, 04:50:45 pm Countries and ASNs: https://github.com/cyberhubarchive/archive/blob/master/AntiDDoS/cloudflare_ruleset.bash
Re: Malicious IPs, IP ranges and Domains Reply #10 – January 22, 2022, 04:50:57 pm https://github.com/astryzia/stalkerware-urls
Re: Malicious IPs, IP ranges and Domains Reply #11 – January 22, 2022, 04:51:09 pm https://phishing.army/
Re: Malicious IPs, IP ranges and Domains Reply #12 – January 22, 2022, 04:51:21 pm https://github.com/0n1cOn3/nso-blacklist
Re: Malicious IPs, IP ranges and Domains Reply #13 – January 22, 2022, 04:51:33 pm Quote from: Admin on July 20, 2021, 08:03:45 amQuotehttps://github.com/0n1cOn3/nso-blacklistAlso https://github.com/AmnestyTech/investigations/tree/master/2021-07-18_nso
Re: Malicious IPs, IP ranges and Domains Reply #14 – January 22, 2022, 04:51:45 pm https://gist.github.com/opus-x/3e673a9d5db2a214df05929a4eee6a57 Spotify