Blocklists

Although Nefarious Laboratories prefers a default deny approach to security, we maintain blocklists for those who prefer a default allow policy. The included blacklists define corporations by ASN, allowing administrators to block an entire IP range.

Amazon AS16509

Apple AS714

Facebook AS32934

Google AS15169

Microsoft AS8075

Note that these corporations operate hosting services, and blocking corporate IP ranges may prevent users and devices from accessing third-party domains which are unaffiliated with these corporations.

Cryptojacking Domains
000webhostapp.com 0x1f4b0.com 12finance.com 18-plus.net 1q2w3.fun 1q2w3.life 1q2w3.website 2giga.dowload 2giga.link 8jd2lfsq.me a-o.ninja aalbbh84.info ad-miner.com adless.io adplusplus.fr adrenali.gq afminer.com ajcryptominer.com ajplugins.com akubebas.com akvideo.stream allfontshere.press altavista.ovh altcointalk.co.uk amazingcoin.net amhixwqagiz.ru analytics.blue andlache.com apdrive.win appelamule.com appspot.com arizona-miner.tk aservices.party assetscdn.stream aster18cdn.nl audioknigi.club auroramine.com authedmine.com autologica.ga averoconnector.com azvjudwr.info bablace.com baiduccdn1.com basepush.com baywttgdhe.download becanium.com beetv.net befirstcdn.com berateveng.ru bestcoin.cc bestcoinsignals.com bestmobiworld.com bestsecurepractice.com bewaslac.com bewhoyouare.gq bezoglasa.online bhzejltg.info biberukalap.com bitbucket.io bitcoinadvertisers.com bitcoiner.win bitcoinpile.com bitcoinplus.com bitcoinremote.com bitcoins-live.ru bitcoinsmsxpress.com bitmain.com bjorksta.men bmnadutub.ru bmst.pw bowithow.com bplaced.net brominer.com bsyauqwerd.party butcalve.com candid.zone capodannoinversilia.com cashbeet.com ccvwtdtwyu.trade cdn-analytics.pl cdn-code.host cdn-jquery.host cfcdist.gdn cfcdist.loan cfcnet.gdn chainblock.science chmproxy.bid cieh.mx clod.pw cloudcdn.gdn cloudcoins.biz cloudcoins.co cnhv.co co.nf coin-have.com coin-hive.com coin-media.com coin-service.com coin-services.info coin.team coinbase-ca.com coinblind.com coindirect.io coiner.site coinerra.com coingive.com coinhiv.com coinhive-manager.com coinhive-proxy.party coinhive.com coinhive.info coinhive.net coinhive.org coinhiveproxy.com coinhiver.com coinhives.com coinhove.com coinimp.com coinisrsdelivery.com coinive.com coinjive.com coinlab.biz coinminerz.com coinnebula.com coinnuggets.co coinpirate.cf coinpot.co coinrail.io coinsaxis.com coinsden.com coinsspb.com cointraffic.io coinurl.com coinvisitor.com coinwebmining.com coinworker.com com.br com.pl cookiescript.info cookiescriptcdn.pro cpu2cash.link cpufan.club creadordedinero.com cryptaloot.pro crypto-loot.com crypto-pool.fr crypto-webminer.com cryptoassetfunding.com cryptobara.com cryptocoinabout.com cryptocoinjs.com cryptofgore.com cryptoloot.pro cryptonight.wasm cryptonoter.com cryptosearch.site cryptoswap.biz cryptotab.net cryweb.github.io crywebber.github.io csgocpu.com ctlrnwbv.ru cuev.in cutcoins.com d-ns.ga d1e1rbybdt265x.cloudfront.net d3iz6lralvg77g.cloudfront.net d8acddffe978b5dfcae6.date datasecu.download ddns.net de-mi-nis-ner.info de-mi-nis-ner2.info de-ner-mi-nis4.info deepc.cc devappgrant.space didnkinrab.com digxmr.com directprimal.com djfhwosjck.bid dle-news.pw dmdamedia.hu dmitrovna.github.io doctorcoin.ru dogecoingon.ga doubleclick1.xyz doubleclick2.xyz doubleclick3.xyz doubleclick4.xyz doubleclick5.xyz doubleclick6.xyz duckdns.org dynamic-dns.net dynya-may.github.io dzizsih.ru earncoins.club edgeno.de eflbruwqt.ru elthamely.com emparecoin.ro encoding.ovh ermaseuc.ru estream.nu estream.to etacontent.com eth-pocket.com eth-pocket.de eth-pocket.eu ethtrader.de etlrsq.ru etzbnfuigipwvs.ru eucsoft.com evengparme.com ewtuyytdf45.com exblog.jp exdynsrv.com f1tbit.com fatisin.ru fifa-coins.online fili.tv filmgoo.org firmware.center flashx.cc flowplayer.space formulawire.com free-crypto.info free.fr freebitcoinfaucet.website freecontent.bid freecontent.date freecontent.loan freecontent.racing freecontent.stream freshrefreshnerer186.info freshrefreshnerer186rb.info ftp0118.info futeboltv.com g-content.bid g1thub.com gasolina.ml gatcoins.io gemius.pl getcryptotab.com github.io gnrdomimplementation.com goldoffer.online goodkino.biz goodolddownloads.com googleanalytcs.com goredirect.party graftpool.ovh gramombird.com gratisblog.biz greenindex.dynamic-dns.net gridcash.net gridiogrid.com gus.host gustaver.ddns.net h-cdn.com hallaert.online hashforcash.us hashing.win hatcalter.com hatevery.info hegrinhar.com hemnes.win herphemiste.com hhb123.tk hjnbvg.ru hlpidkr.ru hodlers.party hodling.faith hostingcloud.science iaheyftbsn.review igrid.org imhvlhaelvvbrq.ru info.pl infogenservice.com ingorob.com instepstat.info interestingz.pw intersportv.com inwemo.com irrrymucwxjl.ru istlandoll.com japveny.ru jlzebszkilcz.ru joyreactor.cc jqcdn.download jquery-cdn.download jquery-uim.download jroqvbvw.info jsccnn.com jscdndel.com jsecoin.com jshosting.bid juststatic.info jwduahujge.ru jyhfuqoh.info kalipasindra.online kdmkauchahynhrs.ru kdowqlpt.info kedtise.com kickass.cd kinohabr.net kinoprofi.org kissdoujin.com kisshentai.net kiwifarms.net kjli.fi ksimdw.ru kucoin.com l33tsite.info lambdafoobar.de leadcoins.network leadscoins.network lecoindesfashionistas.com ledhenone.com ledinund.com lewd.ninja listat.biz lmodr.biz losital.ru ltstyov.ru machieved.com makerstat.info marcycoin.org mas-onjs.github.io mataharirama.xyz mebablo.com mepirtedic.com mercadbitcoins.com mercadobitcoin-online.com mi-de-ner-nis3.info minecrunch.co minemytraffic.com minercry.pt minero.cc minero.pw minescripts.info minexmr.stream minr.pw mollnia.com monerise.com monero-miner.com monerominer.rocks monitoringservice.co monkeyminer.net moonify.io moonsade.com morningdigit.com msg-2.me munero.me mutuza.win my-deltaplan.github.io my-rigs.com myeffect.net nablabee.com nahnoji.cz najsiejfnc.win nametraff.com nddmcconmqsy.ru nebabrop.com nerdorium.org nerohut.com netlify.com never.ovh nextbdom.ru nexttime.ovh nimiqtest.net ningtoldrop.ru noblock.pro norespar.ru now.sh nullrefexcep.com ogondkskyahxa.ru oinkinns.tk okexysylgzo.ru oload.info omine.org openkatalog.com page.tl panelsave.com papoto.com pazl1.ru pcejuyhjucmkiny.ru pdheuryopd.loan pearno.com pertholin.com pizz-tuna.github.io playerassets.info plexcoin.info pokemoncoins.com povw1deo.com powvideo.net ppoi.org pr0gramm.com premiumstats.xyz projectpoi.com punchsub.net pzoifaum.info questionfly.com rapidvideo.com razacoin.com rbkshort.info reactor.cc realnetwrk.com reasedoper.pw reauthenticator.com refreshnerer27.info refreshnerer27rb.info refunevent.com rencohep.com renhertfo.com retadint.com rewards-litecoin.win rineventrec.com rintindown.com rintinwa.com rmawm7mw.top rocks.io ron.si rove.cl rowherthat.ru rtraccoin1.com rtrcoin1.com rtrpropcoin1.com safelinkconverter.com salamaleyum.com salon.com scaleway.ovh sen-to-zdrowie.ml sentemanactri.com serie-vostfr.com serv1swork.com server19.com sharing-is-caring.info shopbitcoin.ru shrink-service.it sickrage.ca sighash.info silimbompom.com skencituer.com sleazyneasy.com smartoffer.site snahome.com sparechange.io sptlkiyjsglayc.ru stackpathdns.com stati.bid stati.in static-cnt.bid staticsfs.host statistic.date str1kee.com streamplay.me streamplay.to sunhd.info surge.sh swiftmining.win synconnector.com tc-clicks.com techhome-js.github.io telecoin.de teramill.com terethat.ru tgtvbngp.ru thathislitt.ru thatresha.com thebitcoincode.com thecriptonews.us thehopepage.org thelifeisbinary.ddns.net thenewcoin.com thersprens.com thevideo.ch thevideo.me thevideo.us todogecoin.biz toftofcal.com tokyodrift.ga torrent.pw traffic-gate-service.info traffic-info-service.info traffic-optical-service.info traffic-service.info traffic-tech-service.info tubetitties.com tulip18.com turnsocial.com ugmfvqsu.ru ulnawoyyzbljc.ru ultra-cdn.pl unrummaged.com uoldid.ru update-your-pc.info upgraderservices.cf vcfs6ip5h6.bid veritrol.com verresof.com videoplayer2.xyz vidfile.net vidoza.net vidtod.me vidzi.tv vkcdnservice.com voumxy.ru vuryua.ru vuuwd.com vzhjnorkudcxbiy.com vzzexalcirfgrf.ru wearesaudis.net webassembly.stream webmine.cz webmine.pro webminepool.com webminepool.tk webminerpool.com webmining.co whathyx.com whysoserius.club wifi-panel.com wildianing.ru wilf.cn witthethim.com wmemsnhgldd.ru wmtech.website wnmyerzbjhu.ru wp-monero-miner.de wqgkainysj.ru wronpeci.com wrxgandsfcz.ru xbasfbno.info xgefmxd.ru xmg.cool xmr.cool xmrminingproxy.com xmrmsft.com xssrmimmnq.ru xvideosharing.site yoaabgvkm.ru yourporn.sexy yqaywudifu.date zaloapp.com zavzlen.ru zivbxion.ru zndaowjdnf.stream zona.video zzqhsrg.ru
Inferior Passwords

We recommend blocking all included passwords in every public-facing web application. The included passwords are at least 8 characters in length, as shorter passwords should be banned.

11111111 12345678 123456789 1234567890 !@#$%^&* aa123456 access14 adobe123 Bar12345Bar12345 baseball bigdaddy butthead cocacola computer correcthorsebatterystaple corvette danielle dolphins einstein firebird football hardcore iloveyou internet jennifer ji32k7au4a83 marlboro maverick mercedes michelle midnight mistress mountain nicholas password password1 password12 password123 photoshop princess qwerty123 qwertyui redskins redwings rush2112 samantha scorpion srinivas startrek starwars steelers sunshine superman swimming Tr0ub4dor&3 trustno1 victoria whatever xxxxxxxx zaq1zaq1
DNSmasq Example Rules (for Domains)

While a hosts file /etc/hosts requires a complete listing of every subdomain, a DNSmasq configuration file /etc/dnsmasq.conf can block domains and their respective subdomains in a single line, for example,

address=/evildomain.com/0.0.0.0

IPTables Example Rules (for ASNs)
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] #Amazon -A OUTPUT -s 8.18.145.0/24 -j DROP #Apple -A OUTPUT -s 17.0.0.0/21 -j DROP #Facebook -A OUTPUT -s 31.13.24.0/21 -j DROP #Google -A OUTPUT -s 8.8.4.0/24 -j DROP #Microsoft -A OUTPUT -s 13.64.0.0/11 -j DROP COMMIT