NOTE: apart tags, all these feeds are freely available to any user of the platform.
Tracked threatlist feeds list
The following sources of feeds are available in category threatlist:
By source field
- category:threatlist source:alienvault
- category:threatlist source:binarydefense
- category:threatlist source:dan
- category:threatlist source:dataplane
- category:threatlist source:emergingthreats
- category:threatlist source:greensnow
- category:threatlist source:openphish
- category:threatlist source:phishtank
- category:threatlist source:torproject
- category:threatlist source:uceprotect
- category:threatlist source:urlhaus
The following source is one of ONYPHE’s own threat feed:
By threatlist field
- category:threatlist threatlist:“Alienvault - Reputation”
- category:threatlist threatlist:“Binarydefense - IP blacklist”
- category:threatlist threatlist:“Dan - Tor nodes”
- category:threatlist threatlist:“Dataplane - SSH client”
- category:threatlist threatlist:“Dataplane - SSH pwauth”
- category:threatlist threatlist:“Emergingthreats - Compromised IPs”
- category:threatlist threatlist:“Emergingthreats - Spamhaus, DShield and Abuse.ch”
- category:threatlist threatlist:“Greensnow - IP blacklist”
- category:threatlist threatlist:“Openphish - feed”
- category:threatlist threatlist:“Phishtank - online valid”
- category:threatlist threatlist:“Torproject - Tor relays”
- category:threatlist threatlist:“Uceprotect - IP blacklist level-1”
- category:threatlist threatlist:“Uceprotect - IP blacklist level-2”
- category:threatlist threatlist:“Uceprotect - IP blacklist level-3”
- category:threatlist threatlist:“Urlhaus - malware URLs”
The following threatlist is one of ONYPHE’s own threat feed:
By type field
By tag field
Several tags are provided and can be used for filtering, they are self-explanatory:
tag:benign
tag:botnet
tag:compromised
tag:malicious
tag:malware
tag:malware::malwaredownload
tag:mirai
tag:phishing
tag:worm
Using multiple tags in the same request:
Excluding a tag: