Rating ISP to detect potential attacks and IOCs sources

I have been working and researching how to classify ISP based on different factors and finally I am able to share a written article ( https://sckipt.com/ub3-c4-k1how-non-secure-isps-aid-attackers-in-evading-detection/ ) explaining all my insights about it. It includes, how to monitor or react against possible attacks from a same ISP, use ISP as a new type of IOC (further than IPs, URL, Domains and FileHashes) and others ones explained in detail. I hope you enjoy the article and I let you the query to rate ISP by on sign-in attempts.