FPS: 60
Player
0
:
CPU
0
Mouse/Touch to control • ESC to exit • H for help

Controls

How to Play

Move your paddle with the mouse and prevent the ball from hitting your goal. First to 15 points wins!

Controls
🖱️Move paddle
pPause / Resume
hShow this help
escClose game
🎮 Easter Eggs
uCycle speed units
ctrl+shift+gFPS display
💡 If your mouse leaves the game area, an AI takes over your paddle. The handicap system adjusts paddle sizes when a player falls far behind.
Open Source & Free

LetsEncrypt crowdList

Community-based IP whitelist for LetsEncrypt validation servers. Protect your firewall without opening port 80 to the world.

API Documentation Quick Start

Fast & Cached

60 seconds response cache for optimal performance

Verified IPs

Only verified LetsEncrypt server IPs

OPNsense Ready

Optimized for URL Table Alias Import

Free

Publicly available without registration

Why does this tool exist?

Let's Encrypt is fantastic – but there's a problem for firewall administrators.

Our Motivation

Let's Encrypt is fantastic – free SSL certificates for everyone! But there's a problem: Let's Encrypt does not publish an official list of its validation server IPs. This is a real obstacle for administrators who protect their servers with firewalls and IP blacklists.

The Security Dilemma:
Open port 80 for EVERYONE – just so Let's Encrypt can validate? That contradicts every security concept!
Our Solution:
The crowdList collects and verifies Let's Encrypt validation server IPs – community-based and transparent.
Honeypot Server (March 2026):
Since March 2026, we operate our first honeypot server dedicated solely to generating Let's Encrypt certificates to systematically capture validation IPs. This significantly increases data quality.
Community wanted!
The more servers use our collector script, the more complete and current the IP list becomes. Help out – install the script on your server!
About this API Data sources and verification

Data Source

The data comes from access logs of various servers that handle LetsEncrypt HTTP-01 challenges. Every IP that performs an ACME challenge request is automatically captured and added to the community list.

last_access: Shows the last time an IP performed an ACME challenge. Updated on each new access. Basis for the ?days=X filter.

Verified IPs

IPs from servers with API key. Highest trust level – recommended for production firewalls.

Unverified IPs

IPs from anonymous reports. Can be reviewed by admins in the dashboard.

Firewall Recommendation: For OPNsense or similar firewalls we recommend ?filter=verified (default). For maximum coverage, ?filter=all can be used.

Live Statistics

Current numbers of our community-based IP collection

0
Total IPs
0
Verified IPs

Cumulative IP Growth

Active Verified IPs per Month

Active IPs (last 30 days)

Verified vs. Unverified Trend

API Calls per Day (last 30 days)

API Documentation

All endpoints, parameters and response formats

Quick Start Get started instantly without registration

The simplest usage – no API key, no registration needed:

curl https://le.crowdlist.dev/api/get/plain

Returns a plain text list of all verified IPs – one IP per line. Perfect for OPNsense URL Table Alias.

API Endpoints Available REST endpoints

Plain Text

GET /api/get/plain

Returns IPs as plain text (one IP per line). Ideal for firewall imports.

JSON

GET /api/get/json

Returns IPs as JSON array with details (IP, PTR, verified, last_access).

Submit

POST /api/submit

Submit IPs (JSON body). Without API key as unverified, with API key as verified.

Statistics

GET /api/stats
Query Parameters
Parameter Values Default Description
filter verified, unverified, all verified Filters by verification status
days 1-365 90 Only IPs from last X days (based on last_access)
Response Headers
Header Description Example
X-Total-IPs Number of returned IPs 8
X-Filter Filter used verified
X-Cache Cache status HIT or MISS
X-Cache-Age Cache age in seconds 23s
X-RateLimit-Remaining Remaining requests 7

Code Examples

Usage Examples Copy-ready examples for all endpoints

1. Get Plain Text

https://le.crowdlist.dev/api/get/plain
response
23.178.112.100
66.133.109.36
34.211.5.78
...

2. Get JSON

https://le.crowdlist.dev/api/get/json
json
{
  "success": true,
  "filter": "verified",
  "count": 8,
  "ips": [
    {
      "ip": "23.178.112.100",
      "ptr": "e100.i.lencr.org",
      "verified": true,
      "last_access": "2025-01-15 14:23:01"
    }
  ]
}

3. With days filter (e.g. last 30 days)

https://le.crowdlist.dev/api/get/plain?days=30
Filters by last_access – only IPs that were active in the last X days.

4. Statistics

https://le.crowdlist.dev/api/stats
json
{
  "success": true,
  "stats": {
    "total_ips": 245,
    "verified_ips": 212,
    "active_30_days": 198
  }
}

5. curl examples

bash
1# Get plain text
2curl -s https://le.crowdlist.dev/api/get/plain
3
4# Get JSON and format with jq
5curl -s https://le.crowdlist.dev/api/get/json | jq '.ips[].ip'
6
7# Only IPs from last 7 days
8curl -s "https://le.crowdlist.dev/api/get/plain?days=7"
9
10# Save directly to file
11curl -s https://le.crowdlist.dev/api/get/plain -o /tmp/letsencrypt-ips.txt
Rate Limiting & Caching

Rate Limit

  • 10 Requests per minute per IP
  • HTTP 429 when exceeded
  • Retry-After header shows wait time

Response Cache

  • 60 seconds Cache-TTL
  • X-Cache Header: HIT or MISS
  • Separate caches per filter+format combination

Integration

OPNsense Firewall

Automatic whitelisting of LetsEncrypt validation servers for ACME challenges

config
1Path: Firewall → Aliases → Add
2Type: URL Table (IPs)
3URL: https://le.crowdlist.dev
4Refresh: 1 day

API Integration

Programmatic access for custom monitoring or automation systems

python
1import requests
2
3response = requests.get(
4 'https://le.crowdlist.dev/api/get/json',
5 params={'filter': 'all', 'days': 30}
6)
7data = response.json()

Log Parser Script

Automate IP collection on your server

Script Setup Download, configuration and cronjob

Download Script

The script can be downloaded directly from this URL:

https://le.crowdlist.dev/scripts/crowdlist-collector.sh

Usage

bash
1# Generate JSON only (without API submission)
2./crowdlist-collector.sh
3
4# Send JSON directly to API (unverified, without API key)
5./crowdlist-collector.sh --reporting
6
7# Send JSON to API with authentication (verified)
8export API_KEY="your-api-key-here"
9./crowdlist-collector.sh --reporting
Note: The script is functional without API key and delivers unverified IPs then. For production environments, we recommend using an API key.
Need API key?
If you need an API key for verified IP reports, please contact:

Automation via Cron

The script should be executed automatically daily:

Variant 1: With API reporting (without API key, unverified)

crontab
1# Execute script directly from URL
257 1 * * * wget -qO- https://le.crowdlist.dev/scripts/crowdlist-collector.sh | bash -s -- --reporting >> /var/log/letsencrypt-parser.log 2>&1

Variant 2: With API reporting and API key (verified)

crontab
1# Save script locally and execute with API key
229 3 * * * export API_KEY="your-api-key-here"; /opt/crowdlist-collector.sh --reporting >> /var/log/letsencrypt-parser.log 2>&1

Variant 3: Without API reporting (local output only)

crontab
1# Generate JSON only and save locally
210 3 * * * /opt/crowdlist-collector.sh > /var/log/letsencrypt-ips.json 2>&1

Automatic Installation

For quick installation, you can use this one-liner: