{"id":19044592,"url":"https://github.com/brakmic/sinkholes","last_synced_at":"2025-04-23T23:29:09.493Z","repository":{"id":43367624,"uuid":"91500689","full_name":"brakmic/Sinkholes","owner":"brakmic","description":":bug: Malware Sinkhole List in various formats","archived":false,"fork":false,"pushed_at":"2022-07-06T19:53:11.000Z","size":195,"stargazers_count":103,"open_issues_count":0,"forks_count":24,"subscribers_count":16,"default_branch":"master","last_synced_at":"2025-04-18T08:39:31.123Z","etag":null,"topics":["csv","infosec","malware","sinkhole","xlsx"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/brakmic.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-16T20:20:17.000Z","updated_at":"2025-03-14T07:38:13.000Z","dependencies_parsed_at":"2022-07-08T01:55:10.492Z","dependency_job_id":null,"html_url":"https://github.com/brakmic/Sinkholes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brakmic%2FSinkholes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brakmic%2FSinkholes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brakmic%2FSinkholes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brakmic%2FSinkholes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/brakmic","download_url":"https://codeload.github.com/brakmic/Sinkholes/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250531388,"owners_count":21445978,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csv","infosec","malware","sinkhole","xlsx"],"created_at":"2024-11-08T22:46:48.692Z","updated_at":"2025-04-23T23:29:09.469Z","avatar_url":"https://github.com/brakmic.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"### Malware Sinkhole List in different formats (xls, xlsx, csv, ods, json)\n\n\n![sinkhole_image](https://raw.githubusercontent.com/brakmic/Sinkholes/master/sinkhole.jpg)\n\n\nBased on data from Lesley Carhart's [article](https://tisiphone.net/2017/05/16/consolidated-malware-sinkhole-list/) `Consolidated Malware Sinkhole List`.\n\n**It's her work not mine!** \n\nI've only transferred the data to different formats. \n\nThe table below was created with this nice [online conversion tool](https://donatstudios.com/CsvToMarkdownTable).\n\n----\n\n### Pythons scripts for adding new rows to the list\n\nThanks to [@masq](https://github.com/masq) for the nice python scripts! \nCheck the [source header](https://github.com/brakmic/Sinkholes/blob/master/addition.py) on how to run them.\n\n----- \n\n| Organization | IP Ranges | Whois | Notes | | | | | | | \n|-------------------------|------------------|------------------------------------------------------|---------------------------------------------------------------------------------|--------------------------------------------------------------------|---------------------|-------------------|----------------|--|--| \n| Anubis | 195.22.26.192/26 | anubisnetworks.com | https://www.proofpoint.com/us/daily-ruleset-update-summary-2015-08-14 | | | | | | | \n| Arbor Networks ASERT | 23.253.126.58 168.181.184.35 | arbor-sinkhole.net | http://www.malwareurl.com/ns_listing.php?ns=ns1.arbor-sinkhole.net | | | | | | \n| Blacklab.io | 67.215.255.139 | sinkhole.blacklab.io | | | | | | | | \n| blacklistthisdomain | 106.187.96.49 81.166.122.234 | sinkhole.blacklistthisdomain.com | | | | | | | \n| Botnet Hunter | 52.5.245.208 | ec2-52-5-245-208.compute-1.amazonaws.com | | | | | | | | \n| CERT Polska | 148.81.111.111 148.81.111.91 148.81.111.114 | sinkhole.cert.pl | | | | | | \n| Conficker Working Group | 136.161.101.53 | conficker-sinkhole.com | | | | | | | | \n| Dr. Web | 91.233.244.106 | http://doc.emergingthreats.net/bin/view/Main/2016997 | | | | | | | | \n| Endgame | 166.78.144.80 | s01.snkhole.mal-ware.susp-nded.domain | http://www.kleissner.org | | | | | | | \n| Farsight | 104.244.12.0/22 | sinkhole-iad1-2.cwg.fsi.io | | | | | | | | \n| FBI | 142.0.36.234 | VolumeDrive | | | | | | | | \n| Fitsec | 193.166.255.171 | Funet CERT | | | | | | | | \n| Georgia Tech | 143.215.130.0/24 | Georgia Institute of Technology | | | | | | | | \n| Georgia Tech | 198.61.227.6 | Rackspace | www.kleissner.org | | | | | | | \n| Georgia Tech | 50.57.148.87 | Slicehost | www.kleissner.org | | | | | | | \n| Gladtech | 74.200.48.169 | sinkhole.gladtech.net | | | | | | | | \n| Helse CSIRT | 91.186.66.36 | NORWEGIAN-HEALTH-NETWORK | | | | | | | | \n| Hyas | 192.169.69.25 | sinkhole.hyas.com | | | | | | | | \n| Kaspersky | 93.159.228.22 95.211.172.143 | sinkhole.kaspersky.com | | | | | | | \n| MalwareDomains | 139.146.167.25 | Computer Problem Solving (CPS) | | | | | | | | \n| Microsoft | 131.253.18.11-12 | Microsoft | http://doc.emergingthreats.net/bin/view/Main/2016101 | | | | | | | \n| Microsoft | 199.2.137.0/24 | Microsoft | https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html | | | | | | | \n| Microsoft | 204.95.99.59 | Microsoft | https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html | | | | | | | \n| Microsoft | 207.46.90.0/24 | Microsoft | https://lists.emergingthreats.net/pipermail/emerging-sigs/2013-June/022148.html | | | | | | | \n| PublicDomainRegistry | 109.74.196.143 50.116.56.144 50.116.32.177 178.79.190.156 | Linode | www.kleissner.org | | | | \n| Shadowserver | 87.106.24.200 | sinkhole-00.shadowserver.org | | | | | | | | \n| Shadowserver | 87.106.26.9 | sinkhole-01.shadowserver.org | http://marc.info/?l=emerging-sigs\u0026m=135764068231008\u0026w=2 | | | | | | | \n| Shadowserver | 74.208.64.145 | sinkhole-02.shadowserver.org | | | | | | | | \n| Shadowserver | 74.208.64.191 | sinkhole-03.shadowserver.org | | | | | | | | \n| Shadowserver | 74.208.164.166 | sinkhole-04.shadowserver.org | | | | | | | | \n| Shadowserver | 212.227.55.84 | sinkhole.shadowserver.org | | | | | | | | \n| Shadowserver | 74.208.15.160 | sinkhole.shadowserver.org | | | | | | | | \n| Shadowserver | 74.208.15.97 | sinkhole.shadowserver.org | | | | | | | | \n| Shadowserver | 87.106.250.34 | sinkhole.shadowserver.org | http://marc.info/?l=emerging-sigs\u0026m=135764068231008\u0026w=2 | | | | | | | \n| Shadowserver | 87.106.86.28 | sinkhole.shadowserver.org | http://marc.info/?l=emerging-sigs\u0026m=135764068231008\u0026w=2 | | | | | | | \n| SIDN Labs | 176.58.104.168 | sinkhole.sidnlabs.nl | | | | | | | | \n| sinkhole.DK | 212.227.20.19 | sinkhole.dk | | | | | | | | \n| sinkhole.in | 86.124.164.25 | sinkhole.in | | | | | | | | \n| sinkhole.tech | 79.137.66.14 | http3.sinkhole.tech | | | | | | | | \n| sinkhole.tech | 95.211.174.92 | sinkhole.tech | | | | | | | | \n| sinkhole.tech | 144.217.254.3 | http4.sinkhole.tech | | | | | | | | \n| sinkhole.tech | 217.182.172.139 | http1.sinkhole.tech | | | | | | | | \n| sinkhole.tech | 144.217.74.156 | http2.sinkhole.tech | | | | | | | | \n| SISRA / Abuse.ch | 104.155.11.149 | this-domain-is-sinkholed-by.abuse.ch | | | | | | | | \n| Spamhaus | 208.43.245.213 173.192.192.10 199.231.211.108 198.98.120.157 192.42.116.41 87.255.51.229 | sl-reverse.com | | | \n| Team Cymru | 38.102.150.29 38.229.70.125 | conficker-sinkhole.net | | | | | | | \n| Torpig-Sinkhole | 212.227.55.84 87.106.240.162 87.106.140.254 87.106.141.15 | torpig-sinkhole.org | | | | | \n| Wapack Labs | 23.253.46.64 | https://wapacklabs.blogspot.com/2016/07/wapack-labs-sinkhole-results-18.html | | | | | | | \n| Zinkhole.org | 176.31.62.76 178.32.140.251 94.23.175.2 | suspended-domain.org | | | | | | \n| | | | | | | | | | | \n\n\n## Contributing\n\n[Contributing](https://github.com/brakmic/Sinkholes/blob/master/CONTRIBUTING.md)\n\n## Code of Conduct\n\n[Code of Conduct](https://github.com/brakmic/Sinkholes/blob/master/CODE_OF_CONDUCT.md)\n\n## License\n\n[MIT](https://github.com/brakmic/Sinkholes/blob/master/LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrakmic%2Fsinkholes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrakmic%2Fsinkholes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrakmic%2Fsinkholes/lists"}