Strengthen your
threat intelligence
with the iQ Abuse Feed

An extensive and current repository of malicious domains, IPs & URLs curated by domain industry veterans. Flexible access methods + APIs, filters or logic to accommodate your use case.

Continuously Updated
Low False Positive rate
Current and Historical reports
Quality Assured

2 Million Active Reports

The size of the repository differs from day to day, but contains over 2 million active abuse reports and over 14 million historical reports.

Curated and Categorized

Our repository only contains reports from curated sources and currently contains eight main categories including phishing, malware, botnets, spam, and scams.

Meticulosity Maintained

The abuse feed is constantly maintained and watched to detect anomalies and ward off data pollution by a dedicated team of domain industry veterans.

Active Abuse Reports

Current reports for Domain Names, URLs, and IPs that are posing a threat now!

2M+

Abuse Reports

1.4M+

Unique Domains

800+

TLDs

Historical Abuse Reports

Historical reports that have been resolved, but can be used for forensics and research.

14M+

Abuse Reports

8M+

Unique Domains

1,500+

TLDs

Abuse Categories

The iQ Abuse Feed contains reports for the following categories.

Phishing

Fraudulent attempt to obtain sensitive information

Malware

Distribution of software intended to damage systems or networks

Botnet

Networks of devices used to carry out scams and cyberattacks

Scam

Fraudulent or deceptive act or operation, fake webshops

Spam

Unsolicited emails sent to multiple recipients

Hacked

Sites that have been compromised by hackers

Suspicious

Signs of suspicious traits detected

How to access the Feed

The iQ Abuse Feed can be accessed in several different ways. We can also easily customize APIs, Filters or Logic to accommodate your use case.

API Direct Scan

Lookup single IPs, URLs or Domains through the API and get all current and historical reports in return.

Hashed Database

Download a database of hashes that allows for local lookups to determine if there might be a report. When you find a match, use the API to confirm and to get further details.

File Download

Download a full copy of the Abuse Feed repository using Rsync or SFTP for local lookups and custom integrations.

Subscription Types

Flexible access plans to address small or large scale needs

API Direct ScanHash DatabaseFull Feed Access
Lookup single IP, URL or Domains (for low volumes)Local database for matching, Lookup API for Full Details.Access to the full iQ Abuse Repository
API Access
Current and Historical Reports
Local LookupsPartial
Full Feed Access
PricingPer API CallPer API CallFixed Fee
Find Out More!Request Quote!Contact us!

Who are we?

The iQ Abuse Feed is curated and maintained by iQ Global AS. We are a global team of domain industry veterans that provide trusted cybersecurity, business intelligence, and consulting services.

Learn More

Interested in our Abuse Feed?

Contact us at [email protected] and let's discuss how we can work together.