/Sinkholes

:bug: Malware Sinkhole List in various formats

Primary LanguagePythonMIT LicenseMIT

Malware Sinkhole List in different formats (xls, xlsx, csv, ods, json)

sinkhole_image

Based on data from Lesley Carhart's article Consolidated Malware Sinkhole List.

It's her work not mine!

I've only transferred the data to different formats.

The table below was created with this nice online conversion tool.


Pythons scripts for adding new rows to the list

Thanks to @masq for the nice python scripts! Check the source header on how to run them.


Organization IP Ranges Whois Notes
Anubis 195.22.26.192/26 anubisnetworks.com https://www.proofpoint.com/us/daily-ruleset-update-summary-2015-08-14
Arbor Networks ASERT 23.253.126.58 168.181.184.35 arbor-sinkhole.net http://www.malwareurl.com/ns_listing.php?ns=ns1.arbor-sinkhole.net
Blacklab.io 67.215.255.139 sinkhole.blacklab.io
blacklistthisdomain 106.187.96.49 81.166.122.234 sinkhole.blacklistthisdomain.com
Botnet Hunter 52.5.245.208 ec2-52-5-245-208.compute-1.amazonaws.com
CERT Polska 148.81.111.111 148.81.111.91 148.81.111.114 sinkhole.cert.pl
Conficker Working Group 136.161.101.53 conficker-sinkhole.com
Dr. Web 91.233.244.106 http://doc.emergingthreats.net/bin/view/Main/2016997
Endgame 166.78.144.80 s01.snkhole.mal-ware.susp-nded.domain http://www.kleissner.org
Farsight 104.244.12.0/22 sinkhole-iad1-2.cwg.fsi.io
FBI 142.0.36.234 VolumeDrive
Fitsec 193.166.255.171 Funet CERT
Georgia Tech 143.215.130.0/24 Georgia Institute of Technology
Georgia Tech 198.61.227.6 Rackspace www.kleissner.org
Georgia Tech 50.57.148.87 Slicehost www.kleissner.org
Gladtech 74.200.48.169 sinkhole.gladtech.net
Helse CSIRT 91.186.66.36 NORWEGIAN-HEALTH-NETWORK
Hyas 192.169.69.25 sinkhole.hyas.com
Kaspersky 93.159.228.22 95.211.172.143 sinkhole.kaspersky.com
MalwareDomains 139.146.167.25 Computer Problem Solving (CPS)
Microsoft 131.253.18.11-12 Microsoft http://doc.emergingthreats.net/bin/view/Main/2016101
Microsoft 199.2.137.0/24 Microsoft https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html
Microsoft 204.95.99.59 Microsoft https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html
Microsoft 207.46.90.0/24 Microsoft https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html
PublicDomainRegistry 109.74.196.143 50.116.56.144 50.116.32.177 178.79.190.156 Linode www.kleissner.org
Shadowserver 87.106.24.200 sinkhole-00.shadowserver.org
Shadowserver 87.106.26.9 sinkhole-01.shadowserver.org http://marc.info/?l=emerging-sigs&m=135764068231008&w=2
Shadowserver 74.208.64.145 sinkhole-02.shadowserver.org
Shadowserver 74.208.64.191 sinkhole-03.shadowserver.org
Shadowserver 74.208.164.166 sinkhole-04.shadowserver.org
Shadowserver 212.227.55.84 sinkhole.shadowserver.org
Shadowserver 74.208.15.160 sinkhole.shadowserver.org
Shadowserver 74.208.15.97 sinkhole.shadowserver.org
Shadowserver 87.106.250.34 sinkhole.shadowserver.org http://marc.info/?l=emerging-sigs&m=135764068231008&w=2
Shadowserver 87.106.86.28 sinkhole.shadowserver.org http://marc.info/?l=emerging-sigs&m=135764068231008&w=2
SIDN Labs 176.58.104.168 sinkhole.sidnlabs.nl
sinkhole.DK 212.227.20.19 sinkhole.dk
sinkhole.in 86.124.164.25 sinkhole.in
sinkhole.tech 79.137.66.14 http3.sinkhole.tech
sinkhole.tech 95.211.174.92 sinkhole.tech
sinkhole.tech 144.217.254.3 http4.sinkhole.tech
sinkhole.tech 217.182.172.139 http1.sinkhole.tech
sinkhole.tech 144.217.74.156 http2.sinkhole.tech
SISRA / Abuse.ch 104.155.11.149 this-domain-is-sinkholed-by.abuse.ch
Spamhaus 208.43.245.213 173.192.192.10 199.231.211.108 198.98.120.157 192.42.116.41 87.255.51.229 sl-reverse.com
Team Cymru 38.102.150.29 38.229.70.125 conficker-sinkhole.net
Torpig-Sinkhole 212.227.55.84 87.106.240.162 87.106.140.254 87.106.141.15 torpig-sinkhole.org
Wapack Labs 23.253.46.64 https://wapacklabs.blogspot.com/2016/07/wapack-labs-sinkhole-results-18.html
Zinkhole.org 176.31.62.76 178.32.140.251 94.23.175.2 suspended-domain.org

Contributing

Contributing

Code of Conduct

Code of Conduct

License

MIT