TotalHash.com
Check if a host/domain or IP is malicious according to TotalHash.com.
malwaredomainlist.com
Check if a host/domain, IP or netblock is malicious according to malwaredomainlist.com.
Amazon S3 Bucket Finder
Search for potential Amazon S3 buckets associated with the target and attempt to list their contents.
AlienVault IP Reputation
Check if an IP or netblock is malicious according to the AlienVault IP Reputation database.
abuse.ch
Check if a host/domain, IP or netblock is malicious according to abuse.ch.
Emerging Threats
Check if a netblock or IP is malicious according to emergingthreats.net.
![LOGO sfp open passive dns database](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_open_passive_dns_database.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=e80716048d192ff7bc8881af5ae98c32 500w)
Open Passive DNS Database
Obtain passive DNS information from pdns.daloo.de Open passive DNS database.
![LOGO sfp builtwith](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_builtwith.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=84019e0dc97a7d4a7dd6fb5afea23ea5 500w)
BuiltWith
Query BuiltWith.com's Domain API for information about your target's web technology stack, e-mail addresses and more.
![LOGO sfp cleantalk](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_cleantalk.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=25d679af907fed55ea9bfb0380f42dfd 500w)
CleanTalk Spam List
Check if a netblock or IP address is on CleanTalk.org's spam IP list.
![LOGO sfp h1nobbdde](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_h1nobbdde.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=f1d5bd2565b23dabe562a57019a79a8e 500w)
HackerOne
Check external vulnerability scanning/reporting service h1.nobbd.de to see if the target is listed.
![LOGO sfp bambenek](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_bambenek.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=bd842585a77587836518d73e7ca137e7 500w)
Bambenek C&C List
Check if a host/domain or IP appears on Bambenek Consulting's C&C tracker lists.
![Logo hybridanalysis](https://intel471.imgix.net/Spiderfoot/Modules/logo-hybridanalysis.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=8ab6dbbe27a5f1748ba23c8c4c52146c 500w)
Hybrid Analysis
Search Hybrid Analysis for domains and URLs related to the target.
![LOGO sfp haveibeenpwned](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_haveibeenpwned.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=d1802bcdf2bd5c28255c46ede2020210 500w)
HaveIBeenPwned
Check HaveIBeenPwned.com for hacked e-mail addresses identified in breaches.
![LOGO sfp azureblobstorage](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_azureblobstorage.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=b3c335bdb54adfbdc3c75721375e2aea 500w)
Azure Blob Finder
Search for potential Azure blobs associated with the target and attempt to list their contents.
![LOGO sfp googleobjectstorage](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_googleobjectstorage.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=545823f739238e2e243f20b904ee6d06 500w)
Google Object Storage Finder
Search for potential Google Object Storage buckets associated with the target and attempt to list their contents.
![Logo spur](https://intel471.imgix.net/Spiderfoot/Modules/logo-spur.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=c7c3e07bd1a65fb1882877006e55f0dc 500w)
spur.us
Obtain information about any malicious activities involving IP addresses found
![LOGO sfp intelx](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_intelx.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=130eeb3b058b627b1c9c4f052e63dbe4 500w)
IntelligenceX
Obtain information from IntelligenceX about identified IP addresses, domains, e-mail addresses and phone numbers.
![LOGO sfp ipstack](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_ipstack.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=92299af22fe2f424f2b86fd3a2ba69f4 500w)
ipstack
Identifies the physical location of IP addresses identified using ipstack.com.
![Logo bitcoinabuse](https://intel471.imgix.net/Spiderfoot/Modules/logo-bitcoinabuse.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=69ebc556c61853625e3054bccd549a3d 500w)
BitcoinAbuse
Check Bitcoin addresses against the bitcoinabuse.com database of suspect/malicious addresses.
![LOGO sfp numverif](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_numverif.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=ebf8b5e18b21e4e47d289e04c68f3b2b 500w)
numverify
Lookup phone number location and carrier information from numverify.com.
![LOGO sfp voipbl](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_voipbl.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=88bc38432da0cf11bb12a31e9c362344 500w)
VoIPBL OpenPBX IPs
Check if an IP or netblock is an open PBX according to VoIPBL OpenPBX IPs.
![Logo default](https://intel471.imgix.net/Spiderfoot/Modules/logo-default.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=e4155af05c84851015ef65b04d616c95 500w)
Onion.link
Search Tor 'Onion City' search engine for mentions of the target domain.
![LOGO sfp grep a](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_grep_a.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=02d8f9b5262143eabbec9294388b337b 500w)
grep.app
Search grep.app API for links and emails related to the specified domain.
![LOGO sfp spamco](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_spamco.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=87fbf291ed18bdc26a1e6f9795c4533e 500w)
SpamCop
Query various spamcop databases for open relays, open proxies, vulnerable servers, etc.
![LOGO sfp xforce](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_xforce.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=c98b5c2c4fd18b093cd02aac5d919171 500w)
XForce Exchange
Obtain IP reputation and passive DNS information from IBM X-Force Exchange
![LOGO sfp multiprox](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_multiprox.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=eef8a584d9db04ac5de507abb07749f5 500w)
multiproxy.org Open Proxies
Check if an IP is an open proxy according to multiproxy.org' open proxy list.
![Logo projectdiscovery](https://intel471.imgix.net/Spiderfoot/Modules/logo-projectdiscovery.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=5ec1963d906133d31bfbc218e75ce306 500w)
Project Discovery Chaos
Search for hosts/subdomains using chaos.projectdiscovery.io
![LOGO sfp dnsgre](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_dnsgre.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=a71702f734fe3846b4405a0ad8bee93a 500w)
DNSGrep
Obtain Passive DNS information from Rapid7 Sonar Project using DNSGrep API.
![LOGO sfp psbdm](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_psbdm.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=25f7f3e96f2c374a28490df912ce0e85 500w)
Psbdmp
Check psbdmp.cc (PasteBin Dump) for potentially hacked e-mails and domains.
![LOGO sfp flickr](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_flickr.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=f447898df8238414fffb9c242b51f314 500w)
Flickr
Search Flickr for domains, URLs and emails related to the specified domain.
![LOGO sfp clearbit](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_clearbit.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=3dea3369652da72e67bd9c4cf224620a 500w)
Clearbit
Check for names, addresses, domains and more based on lookups of e-mail addresses on clearbit.com.
![LOGO sfp talosintel](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_talosintel.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=02abab6b0c2b7c0b2190d15a01fbb2c8 500w)
Talos Intelligence
Check if a netblock or IP is malicious according to talosintelligence.com.
![LOGO sfp botscout](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_botscout.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=557dfe4642a5cffd26c8a3eb84f08ac4 500w)
BotScout
Searches botscout.com's database of spam-bot IPs and e-mail addresses.
![LOGO sfp zoneh](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_zoneh.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=b678502eb478f76f27b280bbe79170a1 500w)
Zone-H Defacement Check
Check if a hostname/domain appears on the zone-h.org 'special defacements' RSS feed.
![LOGO sfp digitaloceanspace](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_digitaloceanspace.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=6a300c04b78354e9c08721ae325f53fd 500w)
Digital Ocean Space Finder
Search for potential Digital Ocean Spaces associated with the target and attempt to list their contents.
![Logo developers google com safebrowser](https://intel471.imgix.net/Spiderfoot/Modules/logo-developers-google.com-safebrowser.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=6064cae99f479bd8959606ca9af8c775 500w)
Google SafeBrowsing
Check if the URL is included on any of the Safe Browsing lists.
![LOGO sfp abuseipdb](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_abuseipdb.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=b748d84982ab5da71f1207f5689f4b33 500w)
AbuseIPDB
Check if an IP address is malicious according to AbuseIPDB.com blacklist.
![LOGO sfp binaryedge](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_binaryedge.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=3f9a8f30a76e72a73e35a5fbf49902a7 500w)
BinaryEdge
Obtain information from BinaryEdge.io Internet scanning systems, including breaches, vulnerabilities, torrents and passive DNS.
![LOGO sfp crt](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_crt.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=79eefe8866f8633bf39e21ecc41e245e 500w)
Certificate Transparency
Gather hostnames from historical certificates in crt.sh.
![Logo api c99 nl](https://intel471.imgix.net/Spiderfoot/Modules/logo-api.c99.nl.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=39a6439cd9ad44f08142b254a675d2a2 500w)
C99
Queries the C99 API which offers various data (geo location, proxy detection, phone lookup, etc).
![Logo default](https://intel471.imgix.net/Spiderfoot/Modules/logo-default.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=e4155af05c84851015ef65b04d616c95 500w)
Greensnow
Check if a netblock or IP address is malicious according to greensnow.co.
![LOGO sfp cloudflaredns](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_cloudflaredns.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=2891d4cb0178cec103f4f73521dc76a1 500w)
CloudFlare Malware DNS
Check if a host would be blocked by CloudFlare Malware-blocking DNS
![Logo emailcrawl](https://intel471.imgix.net/Spiderfoot/Modules/logo-emailcrawl.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=080714ae2dd5b2f4223172d57474dd22 500w)
EmailCrawlr
Search EmailCrawlr for email addresses and phone numbers associated with a domain.
![LOGO sfp riskiq](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_riskiq.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=cca1be8ec7d001d15672e8bd3db8ceb5 500w)
RiskIQ
Obtain information from RiskIQ's (formerly PassiveTotal) Passive DNS and Passive SSL databases.
![LOGO sfp malwaredomains](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_malwaredomains.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=4b5457d5db443cfdbabf7dc2cb2facfd 500w)
malwaredomains.com
Check if a host/domain is malicious according to malwaredomains.com.
![LOGO sfp darksearch](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_darksearch.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=29d6416d23363d3414cfba456075a806 500w)
Darksearch
Search the Darksearch.io Tor search engine for mentions of the target domain.
![LOGO sfp spyonweb](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_spyonweb.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=31dfba78b3ca9ac96a1723fccaea7795 500w)
SpyOnWeb
Search SpyOnWeb for hosts sharing the same IP address, Google Analytics code, or Google Adsense code.
![Logo onyphe](https://intel471.imgix.net/Spiderfoot/Modules/logo-onyphe.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=6cc88c9c949a565e11c5ad2d8b8f85cb 500w)
Onyphe
Check Onyphe data (threat list, geo-location, pastries, vulnerabilities) about a given IP.
![LOGO sfp blockchain](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_blockchain.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=18eb2adef0136087ca14336190a7a839 500w)
Blockchain
Queries blockchain.info to find the balance of identified bitcoin wallet addresses.
![LOGO sfp googlemaps](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_googlemaps.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=f107643e82923cba6e2091bfc0b70b5d 500w)
Google Maps
Identifies potential physical addresses and latitude/longitude coordinates.
![LOGO sfp watchguard](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_watchguard.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=961631ff20847ce0c443b744ca71de99 500w)
Watchguard
Check if an IP is malicious according to Watchguard's reputationauthority.org.
![LOGO sfp spamhaus](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_spamhaus.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=5a207de51f3714a9ba0b5402332c8df6 500w)
Spamhaus
Query the Spamhaus databases for open relays, open proxies, vulnerable servers, etc.
![LOGO sfp wikipediaedits](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_wikipediaedits.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=a53911818bf4f61749d20d82bf9a1a76 500w)
Wikipedia Edits
Identify edits to Wikipedia articles made from a given IP address or username.
![Logo default](https://intel471.imgix.net/Spiderfoot/Modules/logo-default.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=e4155af05c84851015ef65b04d616c95 500w)
Twilio
Obtain information from Twilio about phone numbers. Ensure you have the Caller Name add-on installed in Twilio.
![LOGO sfp ripe](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_ripe.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=10f8a1cbd5c3b77ff8b5ea6ec54d7339 500w)
RIPE
Queries the RIPE registry (includes ARIN data) to identify netblocks and other info.
![LOGO sfp cybercrimetracker](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_cybercrimetracker.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=3bc203ea4f42f7de736d159943c6ccac 500w)
cybercrime-tracker.net
Check if a host/domain or IP is malicious according to cybercrime-tracker.net.
![LOGO sfp openstreetma](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_openstreetma.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=30b62114a96e550c28e2e93e7dce2714 500w)
OpenStreetMap
Retrieves latitude/longitude coordinates for physical addresses from OpenStreetMap API.
![LOGO sfp spyse](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_spyse.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=f4f46438dd2471e33fb9771b5894358d 500w)
Spyse
SpiderFoot plug-in to search Spyse API for IP address and domain information.
![Logo gstatic](https://intel471.imgix.net/Spiderfoot/Modules/logo-gstatic.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=8d21de89071ca14ef320e8c4d0ede3a2 500w)
Social Media Profile Finder
Tries to discover the social media profiles for human names identified.
![Logo bitcoinwhoswho](https://intel471.imgix.net/Spiderfoot/Modules/logo-bitcoinwhoswho.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=ebfec9cc7c86754ec7b8846fefb3bc30 500w)
Bitcoin Who's Who
Check for Bitcoin addresses against the Bitcoin Who's Who database of suspect/malicious addresses.
![LOGO sfp googlesearch](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_googlesearch.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=54db0ffe5efe4a00f1fb110fee236e00 500w)
Obtain information from the Google Custom Search API to identify sub-domains and links.
![LOGO sfp openbugbount](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_openbugbount.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=f4c78b3fe357b506eed557edd7007419 500w)
Open Bug Bounty
Check external vulnerability scanning/reporting service openbugbounty.org to see if the target is listed.
![LOGO sfp onionsearchengine](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_onionsearchengine.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=413626d300711c9faa0a86b1c662ac3c 500w)
Onionsearchengine.com
Search Tor onionsearchengine.com for mentions of the target domain.
![LOGO sfp threatcrowd](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_threatcrowd.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=3d48ecb587c17ba29a756b16eb7ec610 500w)
ThreatCrowd
Obtain information from ThreatCrowd about identified IP addresses, domains and e-mail addresses.
![LOGO sfp ipinfo](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_ipinfo.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=19dbb50eb1b9fe89fe6472ef10e70105 500w)
IPInfo.io
Identifies the physical location of IP addresses identified using ipinfo.io.
![LOGO sfp uceprotect](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_uceprotect.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=323e52f39e30037f551689f383e2d218 500w)
UCEPROTECT
Query the UCEPROTECT databases for open relays, open proxies, vulnerable servers, etc.
![LOGO sfp dronebl](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_dronebl.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=5c756fbd1b0934e43addfca81fd75a5d 500w)
DroneBL
Query the DroneBL database for open relays, open proxies, vulnerable servers, etc.
![LOGO sfp circllu](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_circllu.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=285938e73c6b22888aaa92b2fa42eaa3 500w)
CIRCL.LU
Obtain information from CIRCL.LU's Passive DNS and Passive SSL databases.
![LOGO sfp fsecure riddler](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_fsecure_riddler.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=404e15e08dd4263d4d26e827cec89889 500w)
F-Secure Riddler.io
Obtain network information from F-Secure Riddler.io API.
![LOGO sfp iknowwhatyoudownload](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_iknowwhatyoudownload.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=5c3a6d4cab239af651fa5c7ed8a3f36a 500w)
iknowwhatyoudownload.com
Check iknowwhatyoudownload.com for IP addresses that have been using BitTorrent.
![Logo default](https://intel471.imgix.net/Spiderfoot/Modules/logo-default.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=e4155af05c84851015ef65b04d616c95 500w)
Maltiverse
Obtain information about any malicious activities involving IP addresses
![LOGO sfp archiveorg](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_archiveorg.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=01f7638121d52f96ab7dc0a5b57215de 500w)
Archive.org
Identifies historic versions of interesting files/pages from the Wayback Machine.
![LOGO sfp threatminer](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_threatminer.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=581c8d2ee884e2bf2ce22c2e89440aed 500w)
ThreatMiner
Obtain information from ThreatMiner's database for passive DNS and threat intelligence.
![LOGO sfp sorbs](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sfp_sorbs.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=7523c5ac208fe0423afb544adbc32eb3 500w)
SORBS
Query the SORBS database for open relays, open proxies, vulnerable servers, etc.
![LOGO sociallinks](https://intel471.imgix.net/Spiderfoot/Modules/LOGO-sociallinks.png?auto=compress%2Cformat&fit=clip&fm=webp&q=80&w=500&s=e5967e68ed01909a9f7bad25a388dc79 500w)
Social Links
Queries mtg-bi.com (Social Links) to gather intelligence from social media platforms and dark web.