Updated Regularly | Free to Use | Verified Malicious Domains
Overview
Our Malware & Phishing Blocklist is a carefully curated list of known malicious domains, collected from reputable public threat intelligence sources, Infosec communities, and user submissions.
π Available via: https://lists.cyberhost.uk/malware.txt
π License: CC BY-SA 4.0
Blocklist Details (Live)
Want more stats? Check out the Blocklist Bot on Mastodon
β What Makes This Blocklist Different?
Verified: Each domain is tagged with the original intelligence source and date of inclusion.
Concise: Focused on quality over quantity - no unnecessary bulk.
Open: Contributions and false positive reports are welcome via the contact form below.
Tested with:
AdGuard Home
Pi-hole
pfBlockerNG
uBlock Origin
π About the List
Only domains not starting with # are malicous - the domain source and date will be included on commented lines using #.
All newly submitted domains are cross-checked against the Cloudflare Radar Top Domains list to help reduce false positives. If a domain appears in that list, it undergoes additional analysis.
πFrequently Asked Questions
How often should I pull the blocklist?
The blocklist is updated several times a day. For optimal protection, re-download it every 1 to 6 hours. This ensures you're covered against the latest threats as they're added.
How is this blocklist maintained?
Domains are added based on confirmed malicious activity from threat intel, infosec communities and user submissions. Each entry is checked against the Cloudflare Top Domains list-if a domain is widely used, itβs reviewed more carefully to avoid false positives.
How widely used is the list?
The blocklist sees strong usage across the community - on Sundays, we average 45,000 downloads from over 15,000 unique IPs during Pi-holeβs scheduled updates.
Weekdays typically see around 35,000 downloads from 3,000 unique IPs.
Can I sponsor this project?
Yes - sponsorship helps cover infrastructure costs (VPS & bandwidth) and supports continued development along with maintenance of the blocklist.
If you're a company or individual who finds value in the feed, we welcome your support. Get in touch to discuss recurring or one-time sponsorship options. Weβre open to offering visibility in return, if relevant.
βοΈ Buy me a coffee
Why is files[.]catbox[.]moe blocked?
files[.]catbox[.]moe is currently blocked because it is repeatedly used to distribute malware, despite having some legitimate use cases. Threat actors frequently abuse this service, which increases the overall risk to users relying on our blocklist for protection.
While we recognize that a small number of users may have valid reasons to access the domain, it's safer for those users to allowlist it manually after assessing the risk in their specific environment.
Examples of files[.]catbox[.]moe abuse:
Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
Targeted Malware Campaign Exploits Job-Seeking Developers
Detecting Malware Disguised as OneNote with Threat Intelligence
π Domain Lookup Tool
Search the list to find the intel source and date added: