AR

Abuse Radar Threat Feed

Sanitized threat intelligence from monitored infrastructure.

Abuse intelligence, cleaned for public use.

Collector signals are normalized into a public-safe feed with source details, usernames, hostnames, and raw logs removed.

The Abuse Radar Threat Feed publishes sanitized SSH abuse, mail brute force, credential guessing, and leak trap signals for defenders who need current IP threat intelligence without exposing private infrastructure logs. IP context can be checked against the AbuseIPDB reference while this page keeps bulk IP lookup links out of the table to avoid noisy external-link counts.

Use the sections below to check an IP, review active signals, download blocklists, and integrate the public JSON API.

Latest signal2026-06-11 13:45 GMT+8
Unique records3251
Total detections3967
Active records3135
Last 24h28
Leak signals2842
Geo pending0
Total visitors235
Current visitors1
3851Active signals

Attack Mix

Active detections grouped by public-safe category.

This mix helps separate SSH attacks, mail authentication abuse, leak trap hits, and other abuse patterns before reviewing individual IP records.

SSH attacks577
Mail brute/auth46
Leak trap3228
Other0

Country Signal Map

Approximate country placement from IP geolocation. Point size follows detection volume.

The map is a quick geographic view of current threat feed activity and should be treated as operational context, not attribution.

Live Threat Flow

Collector Health

  • SSH Sensor 012026-06-11 13:45 GMT+8Live
  • SSH Sensor 022026-06-11 12:13 GMT+8Live
  • Leak Trap Sensor 012026-06-11 12:00 GMT+8Warm
  • Mail Sensor 012026-06-11 10:15 GMT+8Warm
  • SSH Sensor 032026-06-11 09:54 GMT+8Warm
  • SSH Sensor 042026-06-11 07:39 GMT+8Warm
  • Mail Sensor 022026-06-10 12:55 GMT+8Quiet

Latest Geo Signals

  • 167.71.239.213India INSuspicious SSH authentication attempts · 2026-06-11 13:45 GMT+8
  • 114.247.140.114China CNSuspicious SSH authentication attempts · 2026-06-11 13:37 GMT+8
  • 114.35.183.71Taiwan TWSuspicious SSH authentication attempts · 2026-06-11 12:13 GMT+8
  • 45.80.185.37Costa Rica CRLeak trap address contacted · 2026-06-11 12:00 GMT+8
  • 77.90.185.239Germany DESuspicious mail authentication attempts · 2026-06-11 10:15 GMT+8
  • 180.93.237.138Vietnam VNLeak trap address contacted · 2026-06-11 09:55 GMT+8
  1. ChinaCN922
  2. IndiaIN642
  3. Republic of KoreaKR324
  4. RussiaRU235
  5. United StatesUS215
  6. BrazilBR171
  7. NetherlandsNL113
  8. TaiwanTW112
  9. MalaysiaMY100
  10. SwedenSE78

Plain IP Blocklists

One IP per line, no reason, source, username, or raw log details.

Choose shorter windows for aggressive blocking or longer windows when you want broader coverage from the active Abuse Radar feed.

10 daysRecent high-signal IPs12 downloads 15 daysBalanced block window11 downloads 30 daysExtended active feed13 downloads

Signal Ledger

The signal ledger lists the latest active and archived records with reason, country context, first seen time, last seen time, and blocklist eligibility.

IPReasonSeverityIP DetailFirst SeenLast SeenDetectionsFeed
Leak trap address contacted Medium China (CN)Chinanet 2026-06-09 10:00 GMT+82 days ago 2026-06-09 10:00 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)Chinanet 2026-06-09 07:22 GMT+82 days ago 2026-06-09 07:22 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium Ireland (IE)Three Ireland hutchison Limited 2026-06-09 03:26 GMT+82 days ago 2026-06-09 03:26 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Unicom China1 Backbone 2026-06-09 02:59 GMT+82 days ago 2026-06-09 02:59 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-09 02:35 GMT+82 days ago 2026-06-09 02:35 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-09 02:23 GMT+82 days ago 2026-06-09 02:23 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-07 19:20 GMT+83 days ago 2026-06-09 00:32 GMT+82 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-05-14 18:58 GMT+827 days ago 2026-06-09 00:04 GMT+82 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-08 23:40 GMT+82 days ago 2026-06-08 23:40 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium United Kingdom (GB)Hutchison g UK Limited 2026-06-08 23:25 GMT+82 days ago 2026-06-08 23:25 GMT+82 days ago 3 10/15/30d lists
Suspicious SSH authentication attempts Medium United Kingdom (GB)Hutchison g UK Limited 2026-06-08 23:17 GMT+82 days ago 2026-06-08 23:17 GMT+82 days ago 3 10/15/30d lists
Leak trap address contacted Medium Singapore (SG)Alibaba us Technology Co., Ltd. 2026-06-08 23:05 GMT+82 days ago 2026-06-08 23:05 GMT+82 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)Chinanet 2026-06-08 19:31 GMT+82 days ago 2026-06-08 19:31 GMT+82 days ago 3 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)Chinanet 2026-06-08 16:43 GMT+83 days ago 2026-06-08 16:43 GMT+83 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium Indonesia (ID)Telekomunikasi Indonesia pt 2026-06-08 15:17 GMT+83 days ago 2026-06-08 15:17 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium China (CN)China Unicom China1 Backbone 2026-05-27 14:55 GMT+815 days ago 2026-06-08 15:00 GMT+83 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-08 14:59 GMT+83 days ago 2026-06-08 14:59 GMT+83 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium Indonesia (ID)Prime Link Communication, Pt 2026-06-08 14:49 GMT+83 days ago 2026-06-08 14:49 GMT+83 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts High China (CN)China Mobile Communications Corporation 2026-06-03 19:04 GMT+87 days ago 2026-06-08 14:47 GMT+83 days ago 4 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-08 14:27 GMT+83 days ago 2026-06-08 14:27 GMT+83 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts High China (CN)China Telecom group 2026-05-29 00:02 GMT+813 days ago 2026-06-08 12:30 GMT+83 days ago 5 10/15/30d lists
Suspicious SSH authentication attempts Medium Indonesia (ID)Neuviz Net 2026-05-02 00:12 GMT+81 month ago 2026-06-08 11:25 GMT+83 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts Medium Spain (ES)VODAFONE ESPANA S.A.U. 2026-05-07 13:26 GMT+81 month ago 2026-06-08 10:42 GMT+83 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)China Mobile Communications Corporation 2026-06-08 10:28 GMT+83 days ago 2026-06-08 10:28 GMT+83 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium Republic of Korea (KR)Korea Telecom 2026-05-05 17:44 GMT+81 month ago 2026-06-08 10:06 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium United States (US)Amazon.com, Inc. 2026-06-08 06:55 GMT+83 days ago 2026-06-08 06:55 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium India (IN)Reliance Jio Infocomm Limited 2026-05-28 06:30 GMT+814 days ago 2026-06-08 06:35 GMT+83 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)Chinanet 2026-06-08 06:05 GMT+83 days ago 2026-06-08 06:05 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium Hong Kong (HK)Alibaba us Technology Co., Ltd. 2026-06-08 05:40 GMT+83 days ago 2026-06-08 05:40 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium Russia (RU)Krivets Sergey Sergeevich 2026-05-25 03:25 GMT+817 days ago 2026-06-08 05:35 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium India (IN)Bharti Airtel Limited 2026-05-24 23:10 GMT+817 days ago 2026-06-08 05:35 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium India (IN)Bharat Sanchar Nigam LTD 2026-05-26 18:10 GMT+815 days ago 2026-06-08 05:35 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium Russia (RU)Pjsc Megafon 2026-06-08 05:35 GMT+83 days ago 2026-06-08 05:35 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium Republic of Korea (KR)Lg Hellovision Corp. 2026-05-24 19:00 GMT+817 days ago 2026-06-08 05:35 GMT+83 days ago 3 10/15/30d lists
Leak trap address contacted Medium Kenya (KE)Wananchi Group kenya Limited 2026-05-25 23:00 GMT+816 days ago 2026-06-08 05:35 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium Australia (AU)Tpg Internet Pty LTD 2026-05-25 15:50 GMT+817 days ago 2026-06-08 05:00 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium India (IN)Gujarat Telelink Pvt LTD 2026-05-24 03:00 GMT+818 days ago 2026-06-08 03:05 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted High Malaysia (MY)Digi Telecommunications Sdn Bhd., Digi Internet Exchange 2026-05-18 02:45 GMT+824 days ago 2026-06-08 02:50 GMT+83 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts High Spain (ES)VODAFONE ESPANA S.A.U. 2026-05-25 08:01 GMT+817 days ago 2026-06-08 02:31 GMT+83 days ago 4 10/15/30d lists
Leak trap address contacted Medium United States (US)Amazon.com, Inc. 2026-06-08 01:15 GMT+83 days ago 2026-06-08 01:15 GMT+83 days ago 1 10/15/30d lists
Suspicious SSH authentication attempts Medium Vietnam (VN)Viettel Group 2026-06-05 23:04 GMT+85 days ago 2026-06-08 00:57 GMT+83 days ago 2 10/15/30d lists
Suspicious SSH authentication attempts High China (CN)China Telecom group 2026-05-05 03:15 GMT+81 month ago 2026-06-08 00:46 GMT+83 days ago 4 10/15/30d lists
Suspicious SSH authentication attempts Medium China (CN)Wenzhou, Zhejiang Province, P.R.CHINA. 2026-06-08 00:32 GMT+83 days ago 2026-06-08 00:32 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium Ivory Coast (CI)Orange C te D ivoire 2026-05-29 23:40 GMT+812 days ago 2026-06-07 23:45 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium Mozambique (MZ)Movitel, SA 2026-05-24 23:35 GMT+817 days ago 2026-06-07 23:40 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium India (IN)Bharti Airtel 2026-05-27 23:15 GMT+814 days ago 2026-06-07 23:20 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium Republic of Korea (KR)Korea Telecom 2026-06-07 22:15 GMT+83 days ago 2026-06-07 22:15 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted Medium Republic of Korea (KR)Korea Telecom 2026-05-25 19:10 GMT+816 days ago 2026-06-07 22:15 GMT+83 days ago 2 10/15/30d lists
Leak trap address contacted Medium Taiwan (TW)Mobile Business Group 2026-06-07 21:10 GMT+83 days ago 2026-06-07 21:10 GMT+83 days ago 1 10/15/30d lists
Leak trap address contacted High India (IN)Bharti Airtel Limited 2026-05-02 02:50 GMT+81 month ago 2026-06-07 21:10 GMT+83 days ago 4 10/15/30d lists
Showing 50 of 3135 matched records. Page 2 of 63.