Abuse intelligence, cleaned for public use.
Collector signals are normalized into a public-safe feed with source details, usernames, hostnames, and raw logs removed.
The Abuse Radar Threat Feed publishes sanitized SSH abuse, mail brute force, credential guessing, and leak trap signals for defenders who need current IP threat intelligence without exposing private infrastructure logs. IP context can be checked against the AbuseIPDB reference while this page keeps bulk IP lookup links out of the table to avoid noisy external-link counts.
Use the sections below to check an IP, review active signals, download blocklists, and integrate the public JSON API.
Latest signal2026-06-13 00:40 GMT+8
Unique records3260
Total detections3994
Active records3129
Last 24h29
Leak signals2845
Geo pending0
Total visitors240
Current visitors1
3863Active signals
Attack Mix
Active detections grouped by public-safe category.
This mix helps separate SSH attacks, mail authentication abuse, leak trap hits, and other abuse patterns before reviewing individual IP records.
SSH attacks592
Mail brute/auth47
Leak trap3224
Other0
Country Signal Map
Approximate country placement from IP geolocation. Point size follows detection volume.
The map is a quick geographic view of current threat feed activity and should be treated as operational context, not attribution.
Live Threat Flow
Collector Health
- Leak Trap Sensor 012026-06-13 00:40 GMT+8Live
- SSH Sensor 012026-06-13 00:14 GMT+8Live
- SSH Sensor 022026-06-12 22:19 GMT+8Live
- SSH Sensor 032026-06-12 20:27 GMT+8Live
- Mail Sensor 012026-06-12 04:40 GMT+8Warm
- SSH Sensor 042026-06-11 23:22 GMT+8Quiet
- Mail Sensor 022026-06-11 10:15 GMT+8Quiet
Latest Geo Signals
23.175.248.21United States USLeak trap address contacted · 2026-06-13 00:40 GMT+8223.104.82.140China CNSuspicious SSH authentication attempts · 2026-06-13 00:14 GMT+895.89.149.179Germany DESuspicious SSH authentication attempts · 2026-06-12 22:19 GMT+891.92.241.54Netherlands NLLeak trap address contacted · 2026-06-12 20:35 GMT+8115.231.40.125China CNSuspicious SSH authentication attempts · 2026-06-12 20:27 GMT+831.24.155.180Spain ESLeak trap address contacted · 2026-06-12 18:10 GMT+8
- ChinaCN924
- IndiaIN641
- Republic of KoreaKR326
- RussiaRU235
- United StatesUS216
- BrazilBR172
- TaiwanTW115
- NetherlandsNL113
- MalaysiaMY100
- SwedenSE78
Plain IP Blocklists
One IP per line, no reason, source, username, or raw log details.
Choose shorter windows for aggressive blocking or longer windows when you want broader coverage from the active Abuse Radar feed.
Signal Ledger
The signal ledger lists the latest active and archived records with reason, country context, first seen time, last seen time, and blocklist eligibility.
| IP | Reason | Severity | IP Detail | Last Seen | Detections | Feed |
|---|---|---|---|---|---|---|
| Suspicious SSH authentication attempts | Low | China (CN)China Mobile Communications Corporation | 2026-05-27 10:51 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)China Mobile | 2026-05-27 10:50 GMT+816 days ago | 2 | 30d list only | |
| Leak trap address contacted | Medium | Taiwan (TW)Mobile Business Group | 2026-05-27 10:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Malaysia (MY)Digi Telecommunications Sdn Bhd., Digi Internet Exchange | 2026-05-27 10:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | India (IN)Bharat Sanchar Nigam LTD | 2026-05-27 10:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | India (IN)Bharti Airtel Limited | 2026-05-27 10:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)INSYS LLC | 2026-05-27 10:40 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Taiwan (TW)UNION BROADBAND NETWORK | 2026-05-27 10:40 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)JSC TIMEWEB | 2026-05-27 10:40 GMT+816 days ago | 1 | 30d list only | |
| Suspicious SSH authentication attempts | Medium | Indonesia (ID)Telekomunikasi Indonesia pt | 2026-05-27 10:38 GMT+816 days ago | 3 | 30d list only | |
| Leak trap address contacted | Medium | United States (US)Comcast Cable Communications, LLC | 2026-05-27 10:30 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | United States (US)Comcast Cable Communications, LLC | 2026-05-27 10:25 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Malaysia (MY)Digi Telecommunications Sdn Bhd., Digi Internet Exchange | 2026-05-27 10:25 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)China Mobile Communications Corporation | 2026-05-27 10:20 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Republic of Korea (KR)Korea Telecom | 2026-05-27 10:05 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Brazil (BR)TELEF NICA BRASIL S.A | 2026-05-27 10:05 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)No. 1,jin rong Street | 2026-05-27 10:05 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | United States (US)Charter Communications INC | 2026-05-27 10:05 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)Pjsc Rostelecom | 2026-05-27 10:05 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)Pjsc Rostelecom | 2026-05-27 10:00 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Brazil (BR)TELEF NICA BRASIL S.A | 2026-05-27 09:55 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Malaysia (MY)Digi Telecommunications Sdn Bhd., Digi Internet Exchange | 2026-05-27 09:55 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | United States (US)Comcast Cable Communications, LLC | 2026-05-27 09:50 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | United States (US)Cox Communications Inc. | 2026-05-27 09:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | India (IN)Bharti Airtel Limited | 2026-05-27 09:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)JSC Rde Unico | 2026-05-27 09:45 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)No. 1,jin rong Street | 2026-05-27 09:45 GMT+816 days ago | 1 | 30d list only | |
| Suspicious SSH authentication attempts | Medium | China (CN)Chinanet | 2026-05-27 09:45 GMT+816 days ago | 4 | 30d list only | |
| Leak trap address contacted | Medium | Taiwan (TW)Mobile Business Group | 2026-05-27 09:40 GMT+816 days ago | 2 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)Chinanet | 2026-05-27 09:35 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)Chinanet | 2026-05-27 09:35 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | India (IN)Aironet Broadband Private Limited | 2026-05-27 09:30 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)CNC Group CHINA1 Guangdong Province Network | 2026-05-27 09:25 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Malaysia (MY)Digi Telecommunications Sdn Bhd., Digi Internet Exchange | 2026-05-27 09:25 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | India (IN)Bharti Airtel Limited | 2026-05-27 09:25 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)Pjsc Rostelecom | 2026-05-27 09:20 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Belize (BZ)Belize Telemedia Limited | 2026-05-27 09:20 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Greece (GR)Nova Telecommunications Media Single Member S.a | 2026-05-27 09:05 GMT+816 days ago | 1 | 30d list only | |
| Suspicious SSH authentication attempts | Medium | Thailand (TH)Triple T Broadband Public Company Limited | 2026-05-27 08:49 GMT+816 days ago | 4 | 30d list only | |
| Leak trap address contacted | Medium | Russia (RU)Pjsc Moscow City Telephone Network | 2026-05-27 08:45 GMT+816 days ago | 2 | 30d list only | |
| Suspicious SSH authentication attempts | Medium | China (CN)China Mobile Communications Corporation | 2026-05-27 08:41 GMT+816 days ago | 3 | 30d list only | |
| Leak trap address contacted | Medium | Malaysia (MY)Digi Telecommunications Sdn Bhd., Digi Internet Exchange | 2026-05-27 08:35 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Republic of Korea (KR)Korea Telecom | 2026-05-27 08:35 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)China Mobile Communications Corporation | 2026-05-27 08:35 GMT+816 days ago | 1 | 30d list only | |
| Suspicious mail authentication attempts | High | Kenya (KE)Airtel Networks Kenya Limited | 2026-05-27 08:30 GMT+816 days ago | 10 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)China Mobile Communications Corporation | 2026-05-27 08:25 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)China Unicom China1 Backbone | 2026-05-27 08:20 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | Vietnam (VN)Viettel Group | 2026-05-27 08:20 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | India (IN)Ultranet Services Private Limited | 2026-05-27 08:20 GMT+816 days ago | 1 | 30d list only | |
| Leak trap address contacted | Medium | China (CN)China Mobile | 2026-05-27 08:20 GMT+816 days ago | 1 | 30d list only |
Showing 50 of 3129 matched records. Page 30 of 63.