The SSL IP Blacklist contains all hosts (IP addresses) that SSLBL has seen in the past 30 days and identified as being associated with a malicious SSL certificate.
Abuse.ch SSL Blacklist Feed
- Details
- Content
- Dependencies
- Version History
The SSL IP Blacklist contains all hosts (IP addresses) that SSLBL has seen in the past 30 days and identified as being associated with a malicious SSL certificate.
Integrations
| Name | Description |
|---|---|
| abuse.ch SSL Blacklist Feed |
Integrations
| Name | Description |
|---|---|
| abuse.ch SSL Blacklist Feed | The SSL IP Blacklist contains all hosts (IP addresses) that SSLBL has seen in the past 30 days and identified as being associated with a malicious SSL certificate. |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Aggregated Scripts | By: Cortex XSOAR |
1.1.32 - R3980324 (June 26, 2025)
- 40476
- 40337
Download
Integrations
abuse.ch SSL Blacklist Feed
- Starting June 30th 2025, abuse.ch is requiring a new authentication method with 'Auth-Key' header.
This release adds the new required param 'Auth-Key'.
For more information on how to create an 'Auth-Key', see the Integration Documentation. - Updated the Docker image to: demisto/python3:3.12.8.3720084.
- 40476
- 40337
Download
1.1.25 - 7122577 (December 10, 2023)
- 31123
Download
Integrations
abuse.ch SSL Blacklist Feed
Fixed an issue where indicators were expiring due to prolonged periods of inactivity in the data source by implementing a solution that enforces a bi-daily update for existing indicators, even if the corresponding resource hasn't been updated.
- 31123
Download
1.1.18 - 2912810 (May 12, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.4.29342.
1.1.17 - 2781556 (April 19, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated formatting of integration parameters.
1.1.16 - 2674843 (March 30, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Added type validations and other internal code improvements.
1.1.15 - 2635166 (March 23, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.1.27636.
1.1.14 - 2507216 (March 3, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.1.26972.
1.1.13 - 2347248 (February 2, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.1.25933.
1.1.12 - 2258554 (January 15, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.11 - 2214870 (January 6, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Fixed an issue where adding the headers If-None-Match and If-Modified-Since to requests was not compatible with Cortex XSOAR with a version below 6.5.0.
1.1.10 - 2201332 (January 4, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.9.25564.
1.1.9 - R2146019 (December 21, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.8.24399.
1.1.8 - 1882648 (November 2, 2021)
Integrations
abuse.ch SSL Blacklist Feed
New noUpdate flagging when fetching indicators using ETAG and Last-Modified headers from the feed response.
1.1.7 - 7640590 (September 16, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.7.24076.
1.1.6 - 7465883 (September 5, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.6.24019.
1.1.5 - 400461 (July 20, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Upgraded the Docker image to: demisto/python3:3.9.6.22912.
1.1.4 - 392682 (July 5, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Improved implementation of the timestamp conversion to ISO format.
1.1.3 - 384775 (June 14, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Upgraded the Docker image to: demisto/python3:3.9.5.21272.
1.1.2 - 371040 (May 30, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.1 - 349049 (May 6, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.0 - 334155 (April 22, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Added support for relations between indicators.
1.0.8 - R319880 (April 5, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.32 - R3980324 (June 26, 2025)
- 40476
- 40337
Download
Integrations
abuse.ch SSL Blacklist Feed
- Starting June 30th 2025, abuse.ch is requiring a new authentication method with 'Auth-Key' header.
This release adds the new required param 'Auth-Key'.
For more information on how to create an 'Auth-Key', see the Integration Documentation. - Updated the Docker image to: demisto/python3:3.12.8.3720084.
- 40476
- 40337
Download
1.1.25 - 7122577 (December 10, 2023)
- 31123
Download
Integrations
abuse.ch SSL Blacklist Feed
Fixed an issue where indicators were expiring due to prolonged periods of inactivity in the data source by implementing a solution that enforces a bi-daily update for existing indicators, even if the corresponding resource hasn't been updated.
- 31123
Download
1.1.18 - 2912810 (May 12, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.4.29342.
1.1.17 - 2781556 (April 19, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated formatting of integration parameters.
1.1.16 - 2674843 (March 30, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Added type validations and other internal code improvements.
1.1.15 - 2635166 (March 23, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.1.27636.
1.1.14 - 2489272 (February 28, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.1.26972.
1.1.13 - 2348598 (February 2, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.10.1.25933.
1.1.12 - 2316504 (January 27, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Fixed an issue where adding the headers If-None-Match and If-Modified-Since to requests was not compatible with Cortex XSOAR with a version below 6.5.0.
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.10 - 2201332 (January 4, 2022)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.9.25564.
1.1.9 - R2146019 (December 21, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.8.24399.
1.1.8 - 1882648 (November 2, 2021)
Integrations
abuse.ch SSL Blacklist Feed
New noUpdate flagging when fetching indicators using ETAG and Last-Modified headers from the feed response.
1.1.7 - 7640590 (September 16, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.7.24076.
1.1.6 - 7465883 (September 5, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Updated the Docker image to: demisto/python3:3.9.6.24019.
1.1.5 - 400461 (July 20, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Upgraded the Docker image to: demisto/python3:3.9.6.22912.
1.1.4 - 392682 (July 5, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Improved implementation of the timestamp conversion to ISO format.
1.1.3 - 384775 (June 14, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Upgraded the Docker image to: demisto/python3:3.9.5.21272.
1.1.2 - 371040 (May 30, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.1 - 349049 (May 6, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
1.1.0 - 334155 (April 22, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Added support for relations between indicators.
1.0.8 - R319880 (April 5, 2021)
Integrations
abuse.ch SSL Blacklist Feed
- Maintenance and stability enhancements.
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | July 7, 2020 | |
| Last Release | March 22, 2026 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
