"Going where no man has gone before .... probably..."
'Probably the biggest and most comprehensive open source Internet IPv4 address audit project ever... mapping the entire IPv4 Internet address space'
** As of 06 March 2026, this repository had over 2.91 billion public Internet IPv4 addresses mapped.**
These files present a large range of public Internet IPv4 provider/country to address lookup. It's a bit like a 'reverse WHOIS', where you have the country or organisation / provider name and can reference these files to find the associated IPv4 addresses.
These files are in the .p2p file format which is compatible with Peerblock and Peerguardian. The file format consists of the following markdown (in most cases);
_STARTADDRESS - END ADDRESS - DETAILS (all free text) STARTADDRESS-ENDADDRESS_
In some cases, the free text may be in CIDR format. Most entries include the details along with the date that it was recorded.
The files are all plain text format and readable using Notepad, Notepad++, Vim, etc. They have been lovingly hand created and maintained since 2006 by the author using both manual and semi-automated methods.
Use cases include;
- Deny IPv4 from specific countries (GEOIP), network providers or Government / Military
- Allow IPv4 from specific countries (GEOIP), network providers or Government / Military
- You have a firewall which is DENY ALL, and wish to 'punch a few holes in it' for specific providers or organisations (ORGIP) - you may find your network provider listed here.
- You wish to block network access from a specific provider / organisation (ORGIP).
- OSINT - Discovery of an IPv4 address from an organisation name.
- You want to launch a port scan and ensure certain organisations or countries are excluded to reduce the risk of complaints from less tolerant targets.
- Hardening your infrastructure by applying filtering to reduce the possibility of a cyber-attack.
- To limit outbound Internet traffic to only specific providers or countries (helps to lock down hosts which are compromised and are attempting to 'phone home' to their Command and Control (C&C / C2) server).
- WAF bypass. Configure your WAF/IPS/IDS to respond in a different manner depending on the source inbound IP address.
- Anti-spam filtering. Configure your packet-based firewall to block specific IP address ranges for SMTP or configure your SMTP receiver to allow or deny specific IP ranges. You could also make use of a host-based firewall.
- Whitelist IP address ranges for SMTP greylisting or DNSBL bypass.
- Search for large ranges of potentially unused IP addresses - Some large providers are now making offers for the transfer of some of these previously unused IPv4 address blocks.
- Azure Conditional Access Policies which make use of IPv4 addresses. Azure offers GEOIP but not ORGIP.
- Target audience - You already know who your target audience is (for your servers), so these lists could help you restrict access accordingly.
- Fraud prevention - As part of a 'defense-in-depth' strategy, if you provide services to clients, using these lists could help to work out the risk profile of an IP address.
- Filtering of source IP addresses to your authoritative name servers. If DNS records can't be resolved, it makes it harder for an attacker to find your hosts. This can help to reduce spam.
- Reduction of impact of a DDOS attack, by blocking ranges that you may consider to be high risk.
The lists can be adapted to suit your needs and the information within applied to commercial enterprise-grade and open source firewalls.
NOTE1: Some country lists may not be fully populated due to recording the IPv4 addresses instead against a provider / organisation. Use both the country and the org lists for your maximum enjoyment.
NOTE2: The IPv4 address space allows for a maximum of 4,294,967,296 IP addresses. Once the reserved IPv4 addresses have been deducted from this value, this will give the actual amount of useable public Internet routable IPv4 addresses that can be used. According to the authors bad math ;-), the calculated number of actual usable routable public Internet IPv4 addresses are 3,684,258,432.
NOTE3: The file UNASSIGNED.p2p refers to IP addresses that are not assigned to any organisation. It is not expected to receive any traffic from these ranges.
NOTE4: The file RESERVED.p2p refers to IP addresses that are reserved and there would not normally be any reason for any of these IP address ranges to be assigned to a public Internet-facing interface.
NOTE5: If you find your IP address(es) listed here, be assured that all information was discovered using OSINT methodologies including WHOIS, Google or a bit of reverse DNS...
NOTE6: Some records list an IP address range as 'being in the EU'. From a data sovereignty perspective its not considered as being very helpful, so all IP addresses listed are attributed to a country. If you shared data with an entity over the public Internet, it would be expected to know which country the IP address resides at which would indicate the data custodian and their country.
NOTE7: Some WHOIS records can contradict others. So for example an IP address could be recorded, but when a lookup is performed a few octets up, a whole netblock can be recorded to a different country or provider. In these instances the author has tried to perform additional research to get a better understanding of the data provided.
Disclaimer; No warranty is given for any inaccuracies, loss of service or otherwise. The term IP and IPv4 are used interchangeably. Some WHOIS records can contradict others and some WHOIS records state the IP address in the the 'EU', and the lists here try to match with an actual country, as opposed to a region. Also sometimes, WHOIS records state a specific country, and a traceroute proves otherwise, but of course this may be due to dynamic routing.... Everything listed here was recorded from a United Kingdom IP address... My hovercraft is always full of eels.
Also - see https://en.wikipedia.org/wiki/PeerGuardian
Best Regards, F1lby. 'The curator of all things IPV4 and other stuff'
"No subnets were harmed in the making of this repository"