We are happy to announce the release of 3 new targets, including updates to 3 existing ones. The new IPs derive from live attacks targeting online servers. This data is collected by the voluntary service, blocklist.de.

Blocklist.de collects data around attacks against live services, such as SSH, FTP, Apache and Mail Servers. The data comes from voluntary partners (over 3844 users) sending their attack reports. Blocklist.de reports over 70,000 attacks, every 12 hours, in real time. For more information about blocklist.de, visit their site at www.blocklist.de.


New data will be available via the following expert targets:

  • Attacks on Apache Servers: IP addresses, reported within the last 48 hours, that have ran attacks on Apache Servers.
  • Brute Force Attacks: IPs that attack Joomla, WordPress and other Web-login services with Brute-Force attempts.
  • Attacks on VOIP: IP addresses that tried to login into a SIP, VOIP or Asterisk-Server.

Updated data will also be added for the following targets:

  • UNIX Server – 2 – Will include all new IPs involving attacks against the following services: Brute Force Login attempts, FTP services, IMAP services, Apache Servers and different Mail services (such as Postfix and Exim).
  • Botnets - 2 – Will include all new IPs involving attacks by bots, such as Bad Bots (Bots that have posted a Spam-Comment on an Open Forum or Wiki page. Check out more information here)
  • SSH Crackers - Will include all new IPs attacking SSH services. (This is an Expert target)

If you manage your own servers, we recommend registering for an attack report account in the Blocklist.de community.

These targets will be available to our IP Firewall Service and DNS Firewall Service customers. If you are not currently subscribed to ThreatSTOP DNS FW and want to add these new targets, you can easily upgrade or get more info. by contacting us at 1-855-958-7867 or success@threatstop.com.