Skip to main content

Product

Blocklist Feeds IP Opzoeken Live Statistieken

Bronnen

API Documentatie Leren Hoe Het Werkt Bezwaar Indienen

Bedrijf

Over Ons Contact

Taal

en nl de es fr ua
Inloggen Aan de slag
Gratis Downloads

Blocklist Feeds

Hoogvertrouwelijke, regelmatig bijgewerkte blocklists. Gratis te gebruiken, geen registratie vereist.

161,019

Actieve IPs

1,364,367

Signalen

15min

Updates

4

Categorieën

Door Fraudcache data te gebruiken, ga je akkoord met onze juridische voorwaarden:

Voorwaarden Privacy Acceptabel Gebruik Data Gebruik Disclaimer

Beschikbare Feeds

Platte tekst, één IP per regel

Gecombineerde Feed

Alle kwaadaardige IPs uit alle categorieën in één feed

161,019
fraudcache-all.txt 4 minuten geleden
API https://fraudcache.com/api/v1/check/{ip}
TXT https://fraudcache.com/feeds/fraudcache-all.txt
Download fraudcache-all.txt

DNS Blocklist (DNSBL)

Realtime IP-lookups via DNS - perfect voor mailservers

DNS
bl.fraudcache.com
127.0.0.3

Spam

127.0.0.4

Web Attack

127.0.0.5

Scanner

127.0.0.6

Botnet C2

Bekijk DNSBL Documentatie

Spam IPs

E-mail spam, SMTP misbruik, bulk messaging

50,205
fraudcache-spam-ips.txt 4 minuten geleden
API https://fraudcache.com/api/v1/check/{ip}
TXT https://fraudcache.com/feeds/fraudcache-spam-ips.txt
Download fraudcache-spam-ips.txt

Web Aanvallen

SQLi, XSS, credential stuffing, exploits

24,964
fraudcache-web-attacks.txt 4 minuten geleden
API https://fraudcache.com/api/v1/check/{ip}
TXT https://fraudcache.com/feeds/fraudcache-web-attacks.txt
Download fraudcache-web-attacks.txt

Scanners

Poortscanning, SSH/RDP brute force

39,293
fraudcache-scanners.txt 4 minuten geleden
API https://fraudcache.com/api/v1/check/{ip}
TXT https://fraudcache.com/feeds/fraudcache-scanners.txt
Download fraudcache-scanners.txt

Botnet C2

Command & control infrastructuur

46,557
fraudcache-botnet-c2.txt 4 minuten geleden
API https://fraudcache.com/api/v1/check/{ip}
TXT https://fraudcache.com/feeds/fraudcache-botnet-c2.txt
Download fraudcache-botnet-c2.txt

Feed Formaat

Alle feeds zijn platte tekstbestanden met één IP-adres per regel. Regels die beginnen met # zijn opmerkingen en worden overgeslagen bij het parseren.

fraudcache-spam-ips.txt 
# Fraudcache Spam Feed
# Generated: 2026-01-27T19:44:55+01:00
# Category: spam
# Entries: 161,019
# License: Free for any use
#
192.0.2.1
192.0.2.15
198.51.100.5
198.51.100.42
203.0.113.88
203.0.113.200
2001:db8::1
2001:db8:85a3::8a2e:370:7334
Integratiehandleiding

Eenvoudige Integratie

Werkt met elke firewall, mailserver, of beveiligingstool die IP blocklists accepteert.

1 Download de Feeds

Met cURL

Meest gebruikte methode, beschikbaar op alle Linux/macOS systemen

# Download spam feed
curl -o /etc/fraudcache/spam.txt \
  https://fraudcache.com/feeds/fraudcache-spam-ips.txt

# Download all feeds
curl -o /etc/fraudcache/spam.txt https://fraudcache.com/feeds/fraudcache-spam-ips.txt
curl -o /etc/fraudcache/web_attack.txt https://fraudcache.com/feeds/fraudcache-web-attacks.txt
curl -o /etc/fraudcache/scanner.txt https://fraudcache.com/feeds/fraudcache-scanners.txt
curl -o /etc/fraudcache/botnet_c2.txt https://fraudcache.com/feeds/fraudcache-botnet-c2.txt

Met wget

Alternatief voor cURL, geweldig voor scripting

# Download spam feed
wget -O /etc/fraudcache/spam.txt \
  https://fraudcache.com/feeds/fraudcache-spam-ips.txt

# Download with timestamping (only if newer)
wget -N -P /etc/fraudcache/ \
  https://fraudcache.com/feeds/fraudcache-spam-ips.txt

2 Automatische Updates Instellen

Cron Job (Aanbevolen: Elke 15 Minuten)

Houd je blocklists up-to-date met automatische updates

# Create the update script
cat > /usr/local/bin/update-fraudcache.sh << 'EOF'
#!/bin/bash
DIR="/etc/fraudcache"
BASE_URL="https://fraudcache.com/feeds"

mkdir -p $DIR

# Download all feeds
curl -sf -o "$DIR/spam.txt.tmp" "$BASE_URL/fraudcache-spam-ips.txt" && \
  mv "$DIR/spam.txt.tmp" "$DIR/spam.txt"
curl -sf -o "$DIR/web_attack.txt.tmp" "$BASE_URL/fraudcache-web-attacks.txt" && \
  mv "$DIR/web_attack.txt.tmp" "$DIR/web_attack.txt"
curl -sf -o "$DIR/scanner.txt.tmp" "$BASE_URL/fraudcache-scanners.txt" && \
  mv "$DIR/scanner.txt.tmp" "$DIR/scanner.txt"
curl -sf -o "$DIR/botnet_c2.txt.tmp" "$BASE_URL/fraudcache-botnet-c2.txt" && \
  mv "$DIR/botnet_c2.txt.tmp" "$DIR/botnet_c2.txt"

# Optional: Reload firewall rules after update
# systemctl reload firewalld
# /usr/local/bin/reload-ipset.sh
EOF

chmod +x /usr/local/bin/update-fraudcache.sh

# Add to crontab (run every 15 minutes)
echo "*/15 * * * * root /usr/local/bin/update-fraudcache.sh" > /etc/cron.d/fraudcache

3 Integreer met Je Infrastructuur 

# Install ipset if not already installed
apt-get install ipset  # Debian/Ubuntu
yum install ipset      # CentOS/RHEL

# Create the ipset (hash:net supports CIDR notation too)
ipset create fraudcache-spam hash:net hashsize 65536 maxelem 1000000
ipset create fraudcache-attacks hash:net hashsize 65536 maxelem 1000000

# Load IPs into the set
curl -sf https://fraudcache.com/feeds/fraudcache-spam-ips.txt | \
  grep -v '^#' | grep -v '^$' | while read ip; do
    ipset add fraudcache-spam "$ip" 2>/dev/null
  done

# Add iptables rule to drop matching traffic
iptables -I INPUT 1 -m set --match-set fraudcache-spam src -j DROP
iptables -I INPUT 1 -m set --match-set fraudcache-attacks src -j DROP

# Save rules to persist across reboots
ipset save > /etc/ipset.conf
iptables-save > /etc/iptables.rules

Tip: Gebruik ipset swap om de set atomisch bij te werken zonder verbindingen te verbreken.

# Create nftables set and rules
nft add table inet filter
nft add set inet filter fraudcache { type ipv4_addr\; flags interval\; }
nft add set inet filter fraudcache6 { type ipv6_addr\; flags interval\; }

# Add drop rule
nft add rule inet filter input ip saddr @fraudcache drop
nft add rule inet filter input ip6 saddr @fraudcache6 drop

# Load IPs from feed
curl -sf https://fraudcache.com/feeds/fraudcache-spam-ips.txt | \
  grep -v '^#' | grep -v '^$' | while read ip; do
    if [[ $ip == *":"* ]]; then
      nft add element inet filter fraudcache6 { "$ip" }
    else
      nft add element inet filter fraudcache { "$ip" }
    fi
  done
# Step 1: Convert feed to nginx geo format
curl -sf https://fraudcache.com/feeds/fraudcache-spam-ips.txt | \
  grep -v '^#' | grep -v '^$' | \
  awk '{print $1 " 1;"}' > /etc/nginx/fraudcache-spam.conf

# Step 2: Add to nginx.conf (http block)
geo $is_spam {
    default 0;
    include /etc/nginx/fraudcache-spam.conf;
}

# Step 3: Use in your server block
server {
    listen 80;
    server_name example.com;
    
    if ($is_spam) {
        return 403 "Access denied";
    }
    
    # ... rest of config
}

# Step 4: Reload nginx
nginx -t && systemctl reload nginx
# Step 1: Download feed (strip comments)
curl -sf https://fraudcache.com/feeds/fraudcache-spam-ips.txt | \
  grep -v '^#' | grep -v '^$' > /etc/haproxy/fraudcache-spam.lst

# Step 2: haproxy.cfg configuration
frontend http_front
    bind *:80
    bind *:443 ssl crt /etc/haproxy/certs/

    # Load blocklist ACL
    acl is_spam src -f /etc/haproxy/fraudcache-spam.lst
    acl is_attacker src -f /etc/haproxy/fraudcache-attacks.lst
    
    # Block matching IPs
    http-request deny deny_status 403 if is_spam
    http-request deny deny_status 403 if is_attacker
    
    # Or silently tarpit them
    # http-request tarpit if is_spam
    
    default_backend servers

# Step 3: Reload HAProxy
haproxy -c -f /etc/haproxy/haproxy.cfg && \
  systemctl reload haproxy
# Create a script to ban all IPs from feed
cat > /usr/local/bin/fraudcache-f2b.sh << 'EOF'
#!/bin/bash
JAIL="fraudcache"

# Fetch and ban each IP
curl -sf https://fraudcache.com/feeds/fraudcache-scanners.txt | \
  grep -v '^#' | grep -v '^$' | while read ip; do
    fail2ban-client set $JAIL banip "$ip" 2>/dev/null
  done
EOF

chmod +x /usr/local/bin/fraudcache-f2b.sh

# Create fail2ban jail (/etc/fail2ban/jail.d/fraudcache.conf)
[fraudcache]
enabled = true
filter = 
banaction = iptables-allports
maxretry = 1
findtime = 86400
bantime = 86400
# Script to add rules to UFW
cat > /usr/local/bin/ufw-fraudcache.sh << 'EOF'
#!/bin/bash

# Download and add each IP
curl -sf https://fraudcache.com/feeds/fraudcache-botnet-c2.txt | \
  grep -v '^#' | grep -v '^$' | while read ip; do
    ufw insert 1 deny from "$ip" to any comment "Fraudcache"
  done
EOF

chmod +x /usr/local/bin/ufw-fraudcache.sh

# Note: UFW can be slow with many rules.
# For large blocklists, use ipset instead.

Note: UFW is not recommended for large blocklists. Use iptables+ipset for better performance.

# Generate .htaccess deny rules
echo "Order Allow,Deny" > /var/www/.htaccess-fraudcache
echo "Allow from all" >> /var/www/.htaccess-fraudcache

curl -sf https://fraudcache.com/feeds/fraudcache-web-attacks.txt | \
  grep -v '^#' | grep -v '^$' | \
  awk '{print "Deny from " $1}' >> /var/www/.htaccess-fraudcache

# Include in your main .htaccess
Include /var/www/.htaccess-fraudcache

# Or use mod_authz_host (Apache 2.4+)
# Require not ip 192.0.2.1

4 Beste Praktijken

Update Elke 15 Min

Feeds worden regelmatig ververst. Synchroniseer elke 15-30 minuten voor beste bescherming.

Vertrouw Botnet C2

C2 IPs zijn geverifieerde infrastructuur. Blokkeer met hoge vertrouwen.

Rate-Limit Scanners

Overweeg rate-limiting in plaats van scanner IPs volledig te blokkeren.

Behandel False Positives

Heb een proces voor legitiem verkeer dat ten onrechte wordt geblokkeerd. Link naar ons bezwaarformulier.

Real-Time Lookups Nodig?

Gebruik de Fraudcache API voor enkele IP checks, batch lookups, en gedetailleerde threat intelligence. Gratis tier inbegrepen.

Bekijk Docs Krijg API Key