At Apility.io we gather different blacklists/blocklists from multiple sources to let our users lookup for malicious IP addresses, domains, and URLs from a single access point.
We are always looking for new sources of data to aggregate into our database. We started with free and open license data sources, but last month we added our first paid data sources.
So my question is: what data sources of IP addresses, domains, URLs, and emails are you using in your IR tasks? It does not matter if it’s free or paid resources, backed by a company or a community. Or if they are offered as downloadable content, raw data, as a service…