Three new allow lists were added to the ThreatSTOP Policy Builder. The following allow lists can be found under the “Allow” tab in the “Inbound Attacks (Servers)” category:
IP addresses for Nodeping website/server monitoring service. If you are a subscriber of Nodeping than these IPs should be allowed, otherwise, if you are not a subscriber - these can be used by malicious individuals to track your online status. The addresses in this feed were provided by Nodeping.com.
IP addresses for statuscake website/server monitoring service. If you are a subscriber of statuscake than these IPs should be allowed, otherwise, if you are not a subscriber - these can be used by malicious individuals to track your online status. The addresses in this feed were provided by statuscake.com.
IP addresses for uptimerobot website/server monitoring service. If you are a subscriber of uptimerobot than these IPs should be allowed, otherwise, if you are not a subscriber - these can be used by malicious individuals to track your online status. The addresses in this feed were provided by uptimerobot.com.
These targets are also available in the “Block” tabs to add to a policy. For users who don’t subscribe to nodeping, statuscake, or uptimerobot, blocking these IPs may make sense as these IPs might be abused and used to scan networks for vulnerabilities prior to an outright attack.