⚠️ High-Risk ASNs & Threat Sources
Explore Autonomous System Numbers (ASNs) frequently associated with abuse, VPN/proxy services, and malicious activity based on our threat intelligence feeds.
Note: Being listed as "high-risk" doesn't mean all IPs from these ASNs are malicious. These networks often host legitimate services alongside potentially abusive ones. Always verify individual IP reputation.
High-Risk Autonomous Systems
Common VPS provider used for abuse due to easy provisioning
Sample IPs from this ASN
Large cloud provider frequently used for hosting malicious infrastructure
VPS provider with streamlined signup often abused by threat actors
Sample IPs from this ASN
Popular VPS provider for both legitimate and malicious use
Sample IPs from this ASN
European hosting provider often used for bulletproof hosting
Sample IPs from this ASN
Large European hosting provider with diverse abuse patterns
Chinese cloud provider with global presence
Hosting provider associated with VPN and proxy services
Sample IPs from this ASN
Known for hosting VPN exit nodes and proxy services
Sample IPs from this ASN
Amsterdam datacenter commonly used for European abuse operations
Sample IPs from this ASN
Threat Categories
Our threat intelligence covers multiple categories of potentially risky IP addresses.
Tor Exit Nodes
IP addresses acting as Tor network exit points
VPN Endpoints
Known commercial and residential VPN service endpoints
Open Proxies
Public proxy servers and relay endpoints
Botnet C2
Known command and control infrastructure
Spam Sources
IPs identified in email spam campaigns
Port Scanners
IPs performing reconnaissance and port scanning
Understanding Risk Levels
Networks with significant abuse history, often used for VPN/proxy services with minimal verification.
Large cloud providers where abuse occurs but represents a small fraction of overall traffic.
Networks with occasional abuse reports but generally good reputation and responsive abuse handling.