Ipblocklist
IP list full of bad IPs - Updated every 2H
Install / Use
/learn @bitwire-it/IpblocklistREADME
IP Blocklist
<a href="https://www.buymeacoffee.com/Matis7" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: 41px !important;width: 174px !important;box-shadow: 0px 3px 2px 0px rgba(190, 190, 190, 0.5) !important;-webkit-box-shadow: 0px 3px 2px 0px rgba(190, 190, 190, 0.5) !important;" ></a>
This project provides aggregated IP blocklists for inbound and outbound traffic, updated every 2 hours. It includes exclusions for major public DNS resolvers to prevent legitimate services from being blocked.
Live Statistics
How to Use These Lists
These are standard text files and can be used with most modern firewalls, ad-blockers, and security tools.
🛡️ inbound.txt (Inbound Blocklist)
- What it is: A list of IPs/networks with a bad reputation for initiating malicious connections. This includes sources of spam, scanning, brute-force attacks (SSH, RDP), and web exploits.
- Use Case: Protect your public-facing servers and services (web servers, mail servers, game servers, etc.).
- How to use: Apply this list to your firewall's WAN IN or INPUT chain to DROP or REJECT all incoming traffic from these sources.
☢️ outbound.txt (Outbound Blocklist)
- What it is: A list of known malicious destination IPs. This includes C2 (Command & Control) servers, botnet controllers, malware drop sites, and phishing hosts.
- Use Case: Prevent compromised devices on your internal network (like a laptop or IoT device) from contacting malicious servers.
- How to use: Apply this list to your firewall's LAN OUT or OUTPUT chain to BLOCK or LOG all outgoing traffic to these destinations.
Self-hosted runners
The workflow update.yml take a lot of time to complete, for this reason i started a Self-hoster runner to pick up the job, if you want to setup the action please add it to your forked repository
Setup Self-hosted runners
Acknowledgements
🪨 borestad • foundational blocklists 🚀 Code contributions
❤️ Our sponsors • making this project possible
- mraxu
- Hareen
- Alexandru Balmus
- blockstreamtechnologies.llc
License
Code
The source code (including update_tables.py) is licensed under the MIT License. See LICENSE for details.
Data
The aggregated blocklists (inbound.txt, outbound.txt, etc.) are derivative works containing data from multiple sources.
Usage of these lists is subject to the licenses of the original data providers. - Many sources (e.g., Spamhaus) prohibit commercial use of their data without a separate agreement.
- Therefore, the aggregated data in this repository is provided under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) license.
Attribution: This project relies on data from:
- borestad/blocklist-abuseipdb
- borestad/firehol-mirror
- stamparm/ipsum
- ShadowWhisperer/IPs
- romainmarcoux/malicious-ip
- romainmarcoux/malicious-outgoing-ip
- elliotwutingfeng/ThreatFox-IOC-IPs
- binarydefense.com
- bruteforceblocker.com
- darklist.de
- dan.me.uk Tor List
- Emerging Threats
- Spamhaus DROP
- CINSscore
- CriticalPathSecurity
- C2 Tracker
Related Skills
healthcheck
338.0kHost security hardening and risk-tolerance configuration for OpenClaw deployments
node-connect
338.0kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
prose
338.0kOpenProse VM skill pack. Activate on any `prose` command, .prose files, or OpenProse mentions; orchestrates multi-agent workflows.
frontend-design
83.4kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
