Sinkholes
Sinkholes copied to clipboard
Published
20 hours ago •
brakmic
brakmic
:bug: Malware Sinkhole List in various formats
Malware Sinkhole List in different formats (xls, xlsx, csv, ods, json)
Based on data from Lesley Carhart's article Consolidated Malware Sinkhole List.
It's her work not mine!
I've only transferred the data to different formats.
The table below was created with this nice online conversion tool.
Pythons scripts for adding new rows to the list
Thanks to @masq for the nice python scripts! Check the source header on how to run them.
| Organization | IP Ranges | Whois | Notes | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Anubis | 195.22.26.192/26 | anubisnetworks.com | https://www.proofpoint.com/us/daily-ruleset-update-summary-2015-08-14 | ||||||
| Arbor Networks ASERT | 23.253.126.58 168.181.184.35 | arbor-sinkhole.net | http://www.malwareurl.com/ns_listing.php?ns=ns1.arbor-sinkhole.net | ||||||
| Blacklab.io | 67.215.255.139 | sinkhole.blacklab.io | |||||||
| blacklistthisdomain | 106.187.96.49 81.166.122.234 | sinkhole.blacklistthisdomain.com | |||||||
| Botnet Hunter | 52.5.245.208 | ec2-52-5-245-208.compute-1.amazonaws.com | |||||||
| CERT Polska | 148.81.111.111 148.81.111.91 148.81.111.114 | sinkhole.cert.pl | |||||||
| Conficker Working Group | 136.161.101.53 | conficker-sinkhole.com | |||||||
| Dr. Web | 91.233.244.106 | http://doc.emergingthreats.net/bin/view/Main/2016997 | |||||||
| Endgame | 166.78.144.80 | s01.snkhole.mal-ware.susp-nded.domain | http://www.kleissner.org | ||||||
| Farsight | 104.244.12.0/22 | sinkhole-iad1-2.cwg.fsi.io | |||||||
| FBI | 142.0.36.234 | VolumeDrive | |||||||
| Fitsec | 193.166.255.171 | Funet CERT | |||||||
| Georgia Tech | 143.215.130.0/24 | Georgia Institute of Technology | |||||||
| Georgia Tech | 198.61.227.6 | Rackspace | www.kleissner.org | ||||||
| Georgia Tech | 50.57.148.87 | Slicehost | www.kleissner.org | ||||||
| Gladtech | 74.200.48.169 | sinkhole.gladtech.net | |||||||
| Helse CSIRT | 91.186.66.36 | NORWEGIAN-HEALTH-NETWORK | |||||||
| Hyas | 192.169.69.25 | sinkhole.hyas.com | |||||||
| Kaspersky | 93.159.228.22 95.211.172.143 | sinkhole.kaspersky.com | |||||||
| MalwareDomains | 139.146.167.25 | Computer Problem Solving (CPS) | |||||||
| Microsoft | 131.253.18.11-12 | Microsoft | http://doc.emergingthreats.net/bin/view/Main/2016101 | ||||||
| Microsoft | 199.2.137.0/24 | Microsoft | https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html | ||||||
| Microsoft | 204.95.99.59 | Microsoft | https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html | ||||||
| Microsoft | 207.46.90.0/24 | Microsoft | https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html | ||||||
| PublicDomainRegistry | 109.74.196.143 50.116.56.144 50.116.32.177 178.79.190.156 | Linode | www.kleissner.org | ||||||
| Shadowserver | 87.106.24.200 | sinkhole-00.shadowserver.org | |||||||
| Shadowserver | 87.106.26.9 | sinkhole-01.shadowserver.org | http://marc.info/?l=emerging-sigs&m=135764068231008&w=2 | ||||||
| Shadowserver | 74.208.64.145 | sinkhole-02.shadowserver.org | |||||||
| Shadowserver | 74.208.64.191 | sinkhole-03.shadowserver.org | |||||||
| Shadowserver | 74.208.164.166 | sinkhole-04.shadowserver.org | |||||||
| Shadowserver | 212.227.55.84 | sinkhole.shadowserver.org | |||||||
| Shadowserver | 74.208.15.160 | sinkhole.shadowserver.org | |||||||
| Shadowserver | 74.208.15.97 | sinkhole.shadowserver.org | |||||||
| Shadowserver | 87.106.250.34 | sinkhole.shadowserver.org | http://marc.info/?l=emerging-sigs&m=135764068231008&w=2 | ||||||
| Shadowserver | 87.106.86.28 | sinkhole.shadowserver.org | http://marc.info/?l=emerging-sigs&m=135764068231008&w=2 | ||||||
| SIDN Labs | 176.58.104.168 | sinkhole.sidnlabs.nl | |||||||
| sinkhole.DK | 212.227.20.19 | sinkhole.dk | |||||||
| sinkhole.in | 86.124.164.25 | sinkhole.in | |||||||
| sinkhole.tech | 79.137.66.14 | http3.sinkhole.tech | |||||||
| sinkhole.tech | 95.211.174.92 | sinkhole.tech | |||||||
| sinkhole.tech | 144.217.254.3 | http4.sinkhole.tech | |||||||
| sinkhole.tech | 217.182.172.139 | http1.sinkhole.tech | |||||||
| sinkhole.tech | 144.217.74.156 | http2.sinkhole.tech | |||||||
| SISRA / Abuse.ch | 104.155.11.149 | this-domain-is-sinkholed-by.abuse.ch | |||||||
| Spamhaus | 208.43.245.213 173.192.192.10 199.231.211.108 198.98.120.157 192.42.116.41 87.255.51.229 | sl-reverse.com | |||||||
| Team Cymru | 38.102.150.29 38.229.70.125 | conficker-sinkhole.net | |||||||
| Torpig-Sinkhole | 212.227.55.84 87.106.240.162 87.106.140.254 87.106.141.15 | torpig-sinkhole.org | |||||||
| Wapack Labs | 23.253.46.64 | https://wapacklabs.blogspot.com/2016/07/wapack-labs-sinkhole-results-18.html | |||||||
| Zinkhole.org | 176.31.62.76 178.32.140.251 94.23.175.2 | suspended-domain.org | |||||||
brakmic