billford
commented
4 years ago After looking at it a little bit (and prematurely fixing the regex) you are correct. They've added some protections so, going forward, we will only be supporting the paid version of the API. This is the right thing to do in accordance with their wishes.
When attempting to pull events from ipvoid I am unable to return any results. I am always provided with "[-] No IPVoid Results". I was going out of my way to use the command "-s ipvoid" to only use ipvoid since it does not require an API key according to the documentation.
It's possible this has been busted for a while. The scraping may no longer be working since IPvoid now appears to have a paid-for API key.
I was able to confirm that the regex for "ipvoid_status" and "ipvoid_blacklist" are working correctly.
I was testing with the IP "185.175.93.104" which is currently top attacker on SANS right now (https://isc.sans.edu/sources.html) which is blacklisted. https://www.ipvoid.com/ip-blacklist-check/