Skip to content

ssinger99/ipsum

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 

Repository files navigation

Logo

License

About

IPsum is a threat intelligence feed based on 30+ different publicly available lists of suspicious and/or malicious IP addresses. All lists are automatically retrieved and parsed on a daily (24h) basis and the final result is pushed to this repository. List is made of IP addresses together with a total number of (black)list occurrence (for each). Greater the number, lesser the chance of false positive detection and/or dropping in (inbound) monitored traffic. Also, list is sorted from most (problematic) to least occurent IP addresses.

As an example, to get a fresh and ready-to-deploy auto-ban list of "bad IPs" that appear on at least 3 (black)lists you can run:

curl --compressed https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt 2>/dev/null | grep -v "#" | grep -v -E "\s[1-2]$" | cut -f 1

If you want to try it with ipset, you can do the following:

sudo su
apt -qq install iptables ipset
ipset -q flush ipsum
ipset -q create ipsum hash:net
for ip in $(curl --compressed https://raw.githubusercontent.com/stamparm/ipsum/master/ipsum.txt 2>/dev/null | grep -v "#" | grep -v -E "\s[1-2]$" | cut -f 1); do ipset add ipsum $ip; done
iptables -I INPUT -m set --match-set ipsum src -j DROP

In directory levels you can find preprocessed raw IP lists based on number of blacklist occurrences (e.g. levels/3.txt holds IP addresses that can be found on 3 or more blacklists).

Wall of Shame (2021-05-12)

IP DNS lookup Number of (black)lists
171.25.193.77 tor-exit1-readme.dfri.se 11
171.25.193.78 tor-exit4-readme.dfri.se 10
171.25.193.20 tor-exit0-readme.dfri.se 10
185.213.155.169 - 9
185.220.102.243 185-220-102-243.torservers.net 9
185.220.102.247 185-220-102-247.torservers.net 9
81.161.63.103 - 9
89.234.157.254 marylou.nos-oignons.net 9
185.191.124.151 - 9
23.129.64.235 - 9
195.144.21.219 torex5.fissionrelays.net 9
185.165.168.229 - 9
185.220.103.7 anatkamm.tor-exit.calyxinstitute.org 9
185.220.102.253 tor-exit-relay-7.anonymizing-proxy.digitalcourage.de 9
64.113.32.29 tor.t-3.net 9
185.220.102.250 tor-exit-relay-4.anonymizing-proxy.digitalcourage.de 9
185.220.101.207 - 9
104.244.79.172 tor1.prismless.org 8
62.210.105.116 62-210-105-116.rev.poneytelecom.eu 8
185.220.102.4 communityexit.torservers.net 8
185.220.102.245 185-220-102-245.torservers.net 8
185.220.102.240 185-220-102-240.torservers.net 8
185.220.102.242 185-220-102-242.torservers.net 8
185.220.102.248 tor-exit-relay-2.anonymizing-proxy.digitalcourage.de 8
185.220.102.249 tor-exit-relay-3.anonymizing-proxy.digitalcourage.de 8
159.65.46.12 - 8
23.129.64.236 - 8
23.129.64.232 - 8
178.20.55.18 marcuse-2.nos-oignons.net 8
178.20.55.16 marcuse-1.nos-oignons.net 8
162.247.72.199 jaffer.tor-exit.calyxinstitute.org 8
209.127.17.242 - 8
104.244.77.95 - 8
192.42.116.16 tor-exit.hartvoorinternetvrijheid.nl 8
192.42.116.13 this-is-a-tor-exit-node-hviv113.hviv.nl 8
185.36.81.58 - 8
198.144.120.234 - 8
185.220.101.215 - 8
185.220.101.216 - 8
66.230.230.230 - 8
209.141.34.95 lv1.nixnet.xyz 8
162.247.74.27 turing.tor-exit.calyxinstitute.org 8
162.247.74.217 perry.fellwock.tor-exit.calyxinstitute.org 8
104.244.73.205 LuxembourgTor5.lu 8
185.36.81.184 - 8
198.98.51.151 NewYorkTor2.us 8
185.56.80.65 onion.xor.sc 8
178.165.72.177 178-165-72-177-kh.maxnet.ua 8
199.195.254.81 NewYorkTor1.uk 8
209.127.17.234 - 8
162.247.74.74 wiebe.tor-exit.calyxinstitute.org 8
89.163.243.88 ca011.calcit.dedicated.server-hosting.expert 8
45.153.160.2 - 8
185.220.103.111 - 8
89.163.252.230 ca262.calcit.dedicated.server-hosting.expert 8
162.247.74.201 kunstler.tor-exit.calyxinstitute.org 8
185.191.124.152 - 8
185.220.101.1 - 8
18.27.197.252 wholesomeserver.media.mit.edu 8
5.199.143.202 ca235.calcit.dedicated.server-hosting.expert 8
23.129.64.251 - 8
198.96.155.3 exit.tor.uwaterloo.ca 8
5.104.110.89 ca248.calcit.dedicated.server-hosting.expert 8
185.220.102.8 185-220-102-8.torservers.net 8
198.144.121.93 - 8
77.247.181.165 politkovskaja.torservers.net 8
77.247.181.163 lumumba.torservers.net 8
185.220.103.5 chelseamanning.tor-exit.calyxinstitute.org 8
185.247.224.14 tor-exit-ro.letztermensch.com 8
171.25.193.25 tor-exit5-readme.dfri.se 8
198.144.120.177 - 8
185.191.124.143 - 8
185.220.102.254 tor-exit-relay-8.anonymizing-proxy.digitalcourage.de 8
222.168.30.19 - 8
45.129.56.200 - 8
185.220.101.198 - 8
185.220.101.197 - 8
185.220.101.194 - 8
185.220.101.193 - 8
89.163.252.30 srv1016.dedicated.server-hosting.expert 8
23.129.64.240 - 8
46.182.21.248 tor-exit-relay.anonymizing-proxy.digitalcourage.de 8
185.220.101.206 - 8
185.220.101.208 - 8
185.220.101.204 - 8
80.67.172.162 algrothendieck.nos-oignons.net 8
209.141.54.71 - 7
107.189.10.237 tor-exit-readme.donpablo.me 7
8.209.221.61 - 7
198.98.57.207 tor3.friendlyexitnode.com 7
5.2.77.22 - 7
185.220.102.7 185-220-102-7.torservers.net 7
92.246.84.133 - 7
209.141.49.67 backup.adtoo.net 7
120.224.50.233 - 7
209.141.61.58 server3.bananasystem.com 7
185.220.102.244 185-220-102-244.torservers.net 7
185.220.102.241 185-220-102-241.torservers.net 7
91.132.147.168 netcupDE.tor-exit.de 7
23.129.64.239 - 7
162.247.74.206 rosaluxemburg.tor-exit.calyxinstitute.org 7
103.14.38.130 - 7
185.38.175.72 - 7
195.206.107.147 - 7
213.74.22.134 host-213-74-22-134.superonline.net 7
209.141.54.195 tor1.friendlyexitnode.com 7
46.59.65.88 h-65-88.A785.priv.bahnhof.se 7
209.141.54.56 - 7
185.130.44.108 tor-exit-se1.privex.cc 7
209.141.45.189 tor2.friendlyexitnode.com 7
27.122.59.100 - 7
185.101.35.79 vps-79.35.101.185.stwvps.net 7
209.141.43.13 web1.feedbk.co.il 7
198.98.57.230 - 7
162.247.74.216 phoolandevi.tor-exit.calyxinstitute.org 7
104.244.77.101 LuxembourgTor8.lu 7
104.244.72.168 LuxembourgTor7.lu 7
91.148.147.214 - 7
209.141.36.52 us-mitigation.johntechsolutions.com 7
209.141.42.231 tor.relay.com 7
62.102.148.69 - 7
62.102.148.68 - 7
89.163.150.213 ca144.calcit.dedicated.server-hosting.expert 7
185.233.100.23 elenagb.nos-oignons.net 7
179.43.167.228 - 7
89.163.252.12 srv1358.dedicated.server-hosting.expert 7
185.220.102.246 185-220-102-246.torservers.net 7
185.220.100.247 tor-exit-8.zbau.f3netze.de 7
81.161.63.100 - 7
185.38.175.71 - 7
205.185.117.149 tor-exit.greektor.net 7
107.189.10.42 tor-exit.demfloro.ru 7
45.133.1.158 - 7
143.110.236.87 - 7
185.34.33.2 tor.laquadrature.net 7
209.141.40.69 - 7
163.172.213.212 trenecito.noconname.org 7
45.133.1.115 - 7
162.247.74.202 djb.tor-exit.calyxinstitute.org 7
162.247.74.204 billsf.tor-exit.calyxinstitute.org 7
45.125.65.45 - 7
193.32.126.161 - 7
106.13.171.106 - 7
45.144.225.119 - 7
185.191.124.153 - 7
185.191.124.150 - 7
212.83.172.70 212-83-172-70.rev.poneytelecom.eu 7
51.195.166.168 ip168.ip-51-195-166.eu 7
104.244.77.122 LuxembourgTor9.lu 7
62.210.37.82 62-210-37-82.rev.poneytelecom.eu 7
209.141.54.197 exit-3.tor.prevarinite.com 7
23.129.64.250 - 7
162.247.74.213 snowden.tor-exit.calyxinstitute.org 7
167.71.153.244 - 7
106.13.28.142 - 7
23.154.177.66 - 7
185.220.103.8 mariellefranco.tor-exit.calyxinstitute.org 7
185.216.32.130 mail6.squareitmedia.com 7
198.251.84.74 tor-exit-06.nonanet.net 7
185.220.102.252 tor-exit-relay-6.anonymizing-proxy.digitalcourage.de 7
185.220.102.251 tor-exit-relay-5.anonymizing-proxy.digitalcourage.de 7
23.129.64.201 - 7
144.172.118.4 Houston.Texas4Tor.com 7
212.21.66.6 tor-exit-4.all.de 7
165.227.154.137 - 7
95.128.43.164 exit-1.fr.tor.aquaray.com 7
105.203.195.68 host-105.203.195.68.etisalat.com.eg 7
23.129.64.242 - 7
83.97.20.189 189.20.97.83.ro.ovo.sc 7
141.98.252.163 - 7
198.98.51.189 tor.teitel.net 7
23.154.177.131 - 7
185.220.101.141 - 7
178.128.226.2 - 7
185.220.101.205 - 7
185.220.101.203 - 7
185.220.101.200 - 7

About

Daily feed of bad IPs (with blacklist hit scores)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published