Check Malicious
IPs & Domains
TRY IT FREE ๐Ÿ‘‡

Comprehensive threat intelligence database with 500M+ malicious IPs, domains, phishing sites, malware, adware, and tracking domains. Our real-time cybersecurity blocklist API protects against vulnerabilities and cyber threats instantly.

Lennard
Wahab
Naveen
Artificery
dunsin
+75,440 generated reports by satisfied cyber analysts last month.

Trusted by leading organizations

Our platform delivers actionable intelligence that helps organizations stay ahead of cyber threats

Fujifilm
Kanton
PostHog
Wellingtown School
Westhaven

99.9%

Accuracy Rate

Detection accuracy in identifying malicious IPs and domains thanks to our advanced aggregation engine.

24/7

Real-Time Updates

Continuous monitoring and database updates to ensure you always have the latest threat intelligence.

500M+

Threat Records

Extensive database of malicious actors, scams, and suspicious entities across the globe.

80%

Faster Detection

Identify threats faster than traditional methods, reducing response time and potential damage.

The Most Comprehensive Threat Intelligence Database

500M+ verified malicious IPs, domains, and cyberthreat records from 600+ intelligence sources. Real-time blocklist API designed for modern cybersecurity teams.

Why Our Threat Intelligence Database Stands Out

Multi-Source Validation

Every threat is verified across multiple intelligence sources. Our cross-referencing system eliminates false positives and provides confidence scores for each detection.

Real-Time Blocklist Updates

Unlike static blocklists updated weekly, our database receives hourly updates. New phishing sites, malware domains, and malicious IPs are added within minutes of discovery.

Comprehensive Threat Context

Beyond simple blocklists, get rich threat intelligence including geolocation, ASN data, WHOIS information, SSL certificates, and historical behavior patterns.

Enterprise-Ready API

Sub-100ms response times, 99.9% uptime SLA, and unlimited scalability. Our cybersecurity API integrates seamlessly with firewalls, SIEM systems, and custom applications.

Start Protecting Your Infrastructure Today

Join thousands of security professionals using our threat intelligence database. Free tier available - no credit card required.

1,000 free API calls/month โ€ข No credit card โ€ข Instant access

Not Just Another Threat Intelligence API

We understand the challenges security teams face. Here's how we solve them.

Overwhelmed by False Positives?

Traditional threat intelligence often flags legitimate traffic, wasting your time and resources on investigating non-threats.

Our Solution

Our advanced curation process and machine learning algorithms ensure high accuracy with minimal false positives, so you can focus on real threats.

Outdated Threat Data?

Many threat databases are updated infrequently, leaving you vulnerable to newly identified malicious actors.

Our Solution

isMalicious provides real-time updates 24/7, ensuring you always have access to the latest threat intelligence from multiple trusted sources.

Fragmented Security Tools?

Managing multiple security tools and databases makes it difficult to get a comprehensive view of potential threats.

Our Solution

We aggregate data from numerous sources into one unified API, providing comprehensive threat intelligence in a single, easy-to-integrate solution.

Limited Threat Context?

Basic IP blocklists don't provide enough context to make informed security decisions about potential threats.

Our Solution

Our platform delivers detailed threat profiles including geolocation, reputation scores, SSL certificates, vulnerabilities, and historical data.

Everything You Need to Identify and Block Threats

Our advanced threat intelligence platform aggregates data from multiple trusted sources to give you comprehensive protection against the latest cyber threats, scams, and malicious actors.

We check if an IP address or domain is malicious or suspicious. You can use our API or use our website to check IPs and domains.

Protect your assets by watching them and getting notified when something malicious or suspicious related to it. Our aggregator engine is getting updated every day.

Use our API to benefits from our research and detection. This is especially useful if you are a security researcher or a SOC analyst.

Comprehensive Threat Intelligence at Your Fingertips

From real-time monitoring to detailed threat analysis, isMalicious provides all the tools you need to stay ahead of cyber threats and protect your digital assets.

  • Instant Threat Detection

    Get real-time threat assessment in milliseconds. Query any IP or domain and receive comprehensive security intelligence including reputation scores, geolocation, and threat history instantly.

  • Comprehensive Threat Profiles

    Access detailed intelligence including WHOIS data, SSL certificates, vulnerabilities, ASN information, abuse contacts, and historical threat patterns for informed decision-making.

  • Proactive Monitoring & Alerts

    Monitor your critical assets 24/7. Receive instant email notifications when watched IPs or domains show suspicious activity or threat status changes.

  • Advanced Similarity Search

    Discover related threats with fuzzy matching and similarity algorithms. Find malicious domains that mimic legitimate ones or identify coordinated attack patterns.

  • API-First Architecture

    RESTful API designed for developers. Comprehensive documentation, code examples in multiple languages, and straightforward integration with any tech stack.

  • Zero False Positives

    Advanced curation process and machine learning algorithms ensure high accuracy. Our multi-source validation eliminates false positives so you focus on real threats.

  • Enterprise-Grade Security

    Bank-level encryption, SOC 2 compliant infrastructure, and GDPR-ready data handling. Your queries and sensitive information remain completely confidential.

  • Unlimited Scalability

    Built for enterprise scale with 99.9% uptime SLA. Handle millions of queries per day without performance degradation, perfect for high-traffic applications.

  • Community-Powered Intelligence

    Benefit from collective security knowledge. Our crowd-sourced intelligence network continuously identifies emerging threats before they become widespread.

No credit card required ยท 14-day free trial ยท Cancel anytime

How Security Teams Use Our Threat Intelligence Database

From network perimeter defense to advanced threat hunting, our malicious IP database, domain blocklist, and vulnerability intelligence power security operations worldwide.

๐Ÿ”ฅ

Firewall & IDS/IPS Integration

Block malicious IPs at your network perimeter. Import our IP blocklist directly into your firewall rules (iptables, pfSense, Cisco ASA) or integrate with intrusion detection systems for automated threat blocking.

Real-time IP blocklist updates
DDoS protection
Automated blocking rules
๐Ÿ“ง

Email Security & Phishing Prevention

Protect your organization from phishing attacks. Our phishing database identifies malicious domains in emails, preventing credential theft and business email compromise attacks before they reach users.

Phishing domain detection
Link scanning
Email gateway integration
๐ŸŒ

Web Application Firewall (WAF)

Validate incoming requests against our malware database and domain blocklist. Block malicious traffic, prevent injection attacks, and protect your web applications with sub-100ms threat intelligence lookups.

Request validation
Bot detection
API threat blocking
๐Ÿ”

SIEM & Security Analytics

Enrich your security events with our comprehensive threat intelligence database. Integrate with Splunk, ELK, or QRadar to prioritize alerts, accelerate incident response, and detect advanced persistent threats.

Event enrichment
Alert prioritization
IOC validation
๐Ÿ›ก๏ธ

DNS Filtering & Ad Blocking

Deploy our domain blocklist with Pi-hole, AdGuard Home, or enterprise DNS servers. Block malicious domains, tracking scripts, adware networks, and invasive advertising at the DNS level for network-wide protection.

DNS-level blocking
Adware filtering
Privacy protection
๐ŸŽฏ

Threat Hunting & Research

Leverage our extensive cyberthreat database for proactive security investigations. Query vulnerabilities, track malware campaigns, and identify related threats with our advanced similarity search and historical data.

IOC lookup
Threat correlation
Historical analysis

Trusted by Security Professionals Worldwide

Our threat intelligence database and blocklist API protect organizations from:

500M+
Threat Records
600+
Intelligence Sources
99.9%
Uptime SLA
<100ms
Response Time

Complete Cybersecurity Protection

Whether you need a malicious IP database, phishing detection system, or comprehensive malware intelligence, our threat intelligence platform delivers accurate, actionable data to protect your infrastructure from cyber threats.

On-Premise CLI Solution

Enterprise-grade threat intelligence CLI built for maximum performance. Deploy in air-gapped environments, integrate with your CI/CD pipeline, or run automated security checks at scale.

terminal
# Update threat intelligence database
$ ismalicious update
Database update started.
Fetching source 1 of 500 - 00:01.234ms
Fetching source 2 of 500 - 00:00.987ms
...
Cleaning false positives...
Loaded 2,000,000 legitimate domains
Removed 1,234 legitimate domains
Database update completed in 05:23.456ms

# Check if a domain is malicious
$ ismalicious get malicious-domain.com
Found entry in domains.json: malicious-domain.com
Categories: malware phishing botnet

# Run in Docker
$ docker run -v $(pwd)/data:/app/data ismalicious/cli get 1.2.3.4
Entry not found: 1.2.3.4
  • Offline Database Operations

    Run threat intelligence checks completely offline with local JSON databases. No internet dependency once synchronized, perfect for air-gapped environments.

    ismalicious get domain.com
  • Multi-Source Aggregation

    Automatically fetches and combines data from 500+ threat intelligence sources. Single command updates your entire local database with the latest threats.

    ismalicious update
  • False Positive Filtering

    Advanced curation using Cloudflare Radar and top-1M domains lists. Removes legitimate domains automatically to ensure zero false positives in your threat database.

    Auto-cleans during update
  • Entity Extraction Engine

    Smart regex-based extraction supporting domains, IPv4, and IPv6 addresses. Handles multiple formats and automatically categorizes entities by threat type.

    Supports all IP/domain formats
  • High-Performance

    Built for maximum speed and efficiency. Optimized network operations with libcurl, parallel processing, and minimal memory footprint.

    Processes millions of entities
  • Cross-Platform Support

    Native binaries for Linux, macOS, and Windows. Docker images available for containerized deployments and seamless CI/CD integration.

    docker run ismalicious/cli
  • Category Classification

    Each threat is tagged with specific categories like malware, phishing, botnet, C2, and more. Enables precise filtering and threat-specific response workflows.

    JSON output with categories
  • License-Based Access

    Enterprise license validation system with online verification. Supports offline grace periods and flexible licensing for team deployments.

    Secured with license.txt
  • Debug & Performance Monitoring

    Built-in benchmarking tools with --debug flag. Track fetch times, processing speeds, and database operations for optimization and troubleshooting.

    ismalicious --debug update

Seamless Integration with Your Security Stack

isMalicious integrates effortlessly with leading firewalls, CDNs, and cloud platforms

Palo Alto

Firewall

Fortinet

Firewall

Cisco

Network Security

Check Point

Firewall

Cloudflare

CDN

AWS

Cloud

Azure

Cloud

Google Cloud

Cloud

Need a custom integration? Contact our team

Frequently asked questions

If you have anything else you want to ask, reach out to us.

    • What's the data distributed by the API?

      Security score, threat reputation, whois, geolocation, certificates, vulnerabilities, identifiers lists, similar suspicious entities...
    • What's the data retention duration limits?

      All data are refreshed 1 time a day to ensure data accuracy on a daily basis.
    • API Usage Limits & Restrictions

      - Anonymous: 1 request per minute (100/month)
      - Free Account: 5 requests per minute (100/month)
      - Basic (API Key): 60 requests per minute (100/month)
      - Pro Plan: 60 requests per minute (10,000/month)
      - Enterprise: 100 requests per minute (1,000,000/month)

      Need higher limits? Contact us for custom plans: contact@ismalicious.com
    • Why is the API rate limited?

      The API is rate limited to prevent abuse. If you need a higher rate limit, please contact us at contact@ismalicious.com
    • What about the cancel & refund policy?

      We do not offer refunds for any of our plans. If you have any issues with our service, please contact us at contact@ismalicious.com and we will do our best to assist you.
    • What integrations are available?

      We are currently working on integrations with top cybersecurity companies to provide a seamless experience to our users. Keep an eye on our roadmap to see what's coming next. Currently, we support CORTEX, offer a CLI version of isMalicious for on-premise use, and provide firewall exportable blocklist features.
    • Where is isMalicious based?

      isMalicious is a French company based in Europe.
    • Disclaimer of Responsibility for Usage

      isMalicious provides information and cyber threat scores based on aggregated and analyzed public datasets. However, we disclaim any responsibility for decisions made or actions taken based on this information. Users are encouraged to use this data as a supplement to their own security measures and to exercise their own professional judgment to assess risks and make appropriate decisions. isMalicious does not guarantee the complete absence of threats and cannot be held liable for any damages resulting from the use of our service.
    • How do I get support?

      If you need support, please contact us at contact@ismalicious.com

This website uses cookies to enhance your browsing experience, analyze site traffic, and serve better user experiences. By continuing to use this site, you consent to our use of cookies. Learn more in our cookie policy