Data Collection

Shadowserver maintains one of the largest repositories of security information in the world, storing trillions of historic malicious network connections and indexing many petabytes of threat data. We freely share targeted information with vetted governments, network owners, CSIRTs and others – revealing security exposures, highlighting malicious activity and providing a global vantage point to address emerging threats.

Common Questions

Can I opt out of your scanning activity?

You’re free to opt out at any time. To do so, email dnsscan@shadowserver.org and list the specific CIDRs you would like to have removed. (You’ll need to prove that you’re the verifiable owner of these CIDRs.)

How can I access my reports?

You can subscribe to custom reports here. Full answer »

How are reports delivered?

We currently have a few types of delivery, depending upon your subscription for your area of responsibility. Full answer »

How are reports formatted?

The available format for reports is comma separated variable (CSV) files. The timestamps in the reports are always represented in UTC+0.

More frequently asked questions »
Help us make the Internet more secure
Help us make the Internet more secure

The Shadowserver Foundation offers all services free of charge, for public benefit. We don’t sell data. Our revenue comes from sponsorships, grants, and charitable donations.

Become a sponsor

Other Services

Network Reporting
Network Reporting

We send daily custom reports to over 6900 vetted subscribers, helping network owners, national governments, Fortune 500 companies, and others identify their security exposures.

Our network reporting services »
Investigation Support
Investigation Support

We support targeted cyber security investigations with insights and capabilities that our partners need, handling sensitive circumstances discreetly and in strict confidence.

Our investigation support services »