IP & Domain Threat Intelligence Report

Automate what you just tested manually

Use the same intelligence in your SOC, firewalls, or apps via API and STIX/TAXII feeds.

Frequently asked questions

Is the isMalicious threat report free?

Yes. You can run free threat intelligence reports on IPs, domains, URLs, file hashes, emails, phones, and crypto wallets without a credit card. Registered users get 30 API calls per month on the free tier.

What can I check with the threat report?

For IPs and domains: reputation, WHOIS, DNS, geo, ASN, SSL, CVEs, ransomware, Safe Browsing, and AI analysis from 500+ sources. Emails, phones, and wallets use dedicated scam-intelligence scoring on the same /report page.

How accurate is the reputation scoring?

isMalicious cross-correlates 500+ professional and community sources with confidence scoring and source attribution. Conflicting signals are surfaced separately rather than producing a single opaque verdict, so analysts can tune thresholds for their environment.

Is my search query stored or shared?

Lookups are processed to generate your report. We do not publish individual query URLs for indexing, and authenticated users can review their lookup history in the dashboard. See our privacy policy for full data handling details.

Can I automate checks via API?

Yes. The same reputation engine powers the REST API, bulk endpoints, streaming feeds, and webhooks documented at /api-docs. Start free with 30 calls/month and scale to Pro or Enterprise for higher volume.

How is this different from VirusTotal or AbuseIPDB?

Unlike single-purpose tools, isMalicious correlates IP, domain, URL, hash, CVE, and ransomware context in one report with sub-second response times. Compare alternatives at /vs or read detailed comparisons on our blog.