Explore OpenCTI or OpenAEV platform with 30 days Free Trial!
XTM Hub by FiligranSign In

Emerging Threats Blockrules Compromised IPs

Infrastructure & Attack Surface Visibility
Detection & Response Enablement

Overview

This text feed and mapper ingests recently reported compromised IPs from https://rules.emergingthreats.net/blockrules/compromised-ips.txt

This CSV feed ingester is designed to automatically fetch and process lists of compromised IP addresses from Emerging Threats. The feed contains IP addresses that have been identified as compromised or involved in malicious activities, updated regularly by the Emerging Threats team. By ingesting this data into OpenCTI, security teams can enhance their threat intelligence capabilities with up-to-date information on potentially dangerous network infrastructure. This allows for improved detection and blocking of connections to or from these compromised systems, significantly strengthening an organization's security posture and reducing the risk of network intrusions.

Basic information

Filigran
Damian Skeeles
CSV Feeds
April 13, 2026
200+
100+

    We use cookies to make the XTM Hub work, understand how it's used, and improve your experience. Strictly necessary cookies are always on. With your consent, we also use optional cookies for functionality, performance and analytics, and marketing. You can accept all, reject all, or choose which optional cookies to allow. You can change your preferences at any time via "Cookie settings". See our Cookie Policy for more information.