Stay ahead of cyber threats with our intelligence feeds
Our daily Threat Intelligence Data Feeds give you actionable insights into the latest cyber threats, including malware, phishing, C2 (C&C), botnets, and other malicious activity. Choose from raw data feeds or pre-filtered feeds that seamlessly integrate with your security systems, allowing you to quickly detect and respond to threats and safeguard your business.
- 1.5M+
- IPs
- 6.8M+
- Domains
- 1M+
- URLs
- 600K+
- File hashes
Use Cases
Threat Intelligence Database provide the data to improve many aspects of information security. By providing lists of known threats, the feeds enable identification, monitoring, flagging and blocking them, in addition to allowing performing cybersecurity research and analysis.
Security Tools
Saas Platforms
Firewalls & Denylists
We cover the following threat types
Every IoC is attributed with a threat type. There are 9 threat types present in the data feed:
Attack
Malicious activity detected from the host. For example, SSH brute-force, etc.
Botnet
A host was detected as an actor in a group of connected hosts that perform malicious activities (botnet).
C2 (C&C)
The host is a known botnet's "Command and Control" server.
Malware
The IoC is related to malicious software distribution. It can be a host or a URL serving the malware.
Phishing
The indicator, usually a domain name or URL, is involved in Phishing activity;
Suspicious
IoC's activity hasn't been verified to be of malicious nature. For instance, it may be a host scraping websites, sending large amounts of ICMP queries, etc.;
Generic
IoC has been involved in some form of malicious activity but couldn't be classified into one of the other categories.
Spam
A host engaged in sending spam.
Tor
A host acts as a TOR exit node
Our Threat Intelligence data sources
By combining data from the following multiple sources, our Threat Intelligence Data Feed provides you with a comprehensive and accurate view of the threat landscape, enabling you to take proactive steps to protect your organization from cyber threats.
Server log analysis
We analyze server logs to identify potential threats, such as suspicious activity or unauthorized access attempts.
Honeypots
We use honeypots, which are decoy systems designed to attract attackers, to gather intelligence about the latest attack methods and techniques.
OSINT
We gather threat intelligence from open sources, such as social media, forums, and blogs, to stay on top of emerging threats and trends.
Abuse reports (ISPs)
We monitor abuse reports from internet service providers (ISPs) to identify potential threats and malicious activity.
Our own researches
Our team of experts conducts their own research to identify and analyze new and emerging threats, as well as to provide in-depth analysis of existing threats.
Database samples
We provide daily data in CSV and JSON formats. The data includes denylists, malicious domains, IPs, CIDR, hashes, and more.
Free sample
Full sample
Pricing plans for all team sizes
Threat Intelligence Data Feeds provide daily data in CSV and JSON formats. The data includes denylists, malicious domains, suspicious IPs, CIDRs, malware hashes, and more.
You’ll be in good company





Connect to the threat pulse with the streaming version
Since we continuously receive new IoCs, we can also provide access to the streaming version of this product. In this case, you will receive new records with the lowest delay. Please contact us for details.
Contact Us
Got a technical issue? Want to send feedback about data feeds? Need details about our plans? Let us know.