DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

Free Threat Intel for Your Firewall: Block Bad IPs in 5 Minutes

Patrick Duggan
Jan 25
2 min read

What You Get

Format	Endpoint	Description
Plain IP List	?format=txt	One IP per line
CSV	?format=csv	IP, confidence, actor, country
STIX 2.1	Default	Full threat intel context
Suricata	/detection-rules/suricata	IDS/IPS rules

Base URL: https://analytics.dugganusa.com/api/v1/stix-feed

Current blocklist: 2,500+ high-confidence malicious IPs, updated every 15 minutes.

Palo Alto (Panorama / NGFW)

Option 1: External Dynamic List (EDL)

Objects > External Dynamic Lists > Add

Name: DugganUSA-Blocklist Type: IP List Source: https://analytics.dugganusa.com/api/v1/stix-feed?format=txt Refresh Rate: 1 hour

Option 2: MineMeld Integration

# config.yml
feeds:
  - name: dugganusa
    source: https://analytics.dugganusa.com/api/v1/stix-feed?format=csv
    type: csv
    fields:
      indicator: 0
      confidence: 1
      actor: 2

Fortinet (FortiManager / FortiGate)

Option 1: Threat Feed Connector

Security Fabric > External Connectors > Create New

Name: DugganUSA-ThreatFeed Type: Threat Feed (IP Address) URI: https://analytics.dugganusa.com/api/v1/stix-feed?format=txt Refresh Rate: 60 minutes Status: Enabled ```

Option 2: FortiOS CLI

config system external-resource
  edit "DugganUSA-Blocklist"
    set type address
    set resource "https://analytics.dugganusa.com/api/v1/stix-feed?format=txt"
    set refresh-rate 60
  next
end

Cisco (Firepower / FMC)

Firepower Management Center

Objects > Object Management > Security Intelligence > Network Lists

Add Network List: Name: DugganUSA-Blocklist Type: URL URL: https://analytics.dugganusa.com/api/v1/stix-feed?format=txt Update Frequency: 1 hour

Check Point (SmartConsole / R81+)

Updatable Objects (External Feed)

SmartConsole > Objects > More > Network Feed

Name: DugganUSA-ThreatFeed URL: https://analytics.dugganusa.com/api/v1/stix-feed?format=txt Update Interval: 60 minutes Action on Update: Update Gateways ```

pfSense / OPNsense

pfBlockerNG (Recommended)

Firewall > pfBlockerNG > IP > IPv4

Name: DugganUSA_Blocklist State: ON Source: https://analytics.dugganusa.com/api/v1/stix-feed?format=txt Action: Deny Both Update Frequency: Every 1 hour ```

Quick Reference: Feed URLs

# Plain IP list (one per line)
https://analytics.dugganusa.com/api/v1/stix-feed?format=txt

Free for non-commercial use. Commercial use requires attribution to DugganUSA LLC.

Her name was Renee Nicole Good.

His name was Alex Jeffery Pretti.