Threat Infrastructure Monitor

Newly-staged malicious payloads and the bulletproof & sanctioned hosting that enables them — tracked from the open CrimsonVector BPH research dataset. All indicators are defanged.

Recently observed command-and-control, droppers, and staging infrastructure stood up on tracked bulletproof / sanctioned networks. Confirmed and analyst-approved findings only.

The shape of the tracked dataset: enforcement pressure by authority, risk tiering, operational status, and the upstream networks that keep these providers reachable.

Sanctions designations, seizures, and takedowns affecting tracked providers, most recent first.

The full bulletproof / sanctioned / threat-enabling hosting dataset. Click a column header to sort.

Source of truth: BPH_Master.csv in the open BPH_Research repository. Rebuilt daily.