Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages AI Deep Research
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

New gTLD Intelligence Services (NGIS)
New gTLD Intelligence Services (NGIS)

Independent, evidence-based DNS and abuse intelligence for applicants, advisors, governments, and counsel participating in the ICANN 2026 New gTLD Program.

Research
Monitoring
White-Label
Predictive Threat Intelligence Feeds
Predictive Threat Intelligence Feeds

Predictive threat intelligence is your best first line of defense. Subscribe to the feeds to strengthen your cybersecurity posture. Contact us today for more information.

WhoisXML API Internet Infrastructure
Internet Infrastructure

Unlock integrated intelligence on Internet properties and their ownership, infrastructure, and other attributes.

Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Attack Surface Discovery API
Attack Surface Discovery API

Uncover entire attack surfaces with this API to embed asset discovery, vulnerability scanning, and technology metadata into your platform. Now in early access.

MCP Server
MCP Server

Talk to our APIs using LLMs. Connect your preferred LLM to WhoisXML API and simply chat about WHOIS, DNS, threat intelligence, and more.

Jake AI
Jake AI

I’m your Domain Intelligence Assistant. I make it easy to explore WHOIS, DNS, and threat data from WhoisXML API — I’m cloud-based, fast, and always ready to help.

WhoisXML API Domain Intelligence Advisor (via ChatGPT)
WhoisXML API Domain Intelligence Advisor (via ChatGPT)

A custom GPT for WHOIS, DNS, IP, and threat intelligence research. Connects ChatGPT directly to WhoisXML API to enable fast, conversational investigations and domain insights.

Discover what you really pay for when buying commercial Internet intelligence data.

Download now
×
Contact Us

The Internet Abuse Signal Collective (IASC)

The IASC is a collaborative network of organizations and experts joining forces to fight cyber threats through intelligence sharing.


We bring together diverse data sources and expertise to create a unified, data-driven view of the internet, enabling deeper insights, faster detection, and better defense against emerging threats.

Join the IASC
2.7M+Calls to C2 infrastructure logged in 30 days
4.1B+IP & WiFi Signals
160+Threat groups monitored
2.2M+Honeypot attacked events logged in 30 days
99K+SSID matches linked to infected devices

Who We Are

The IASC is a collaborative network built on data sharing. Each member contributes unique data — and gets access to a broader pool of intelligence than they could ever create on their own.

Our partners include:

  • Registrars & Registries
  • DNS resolvers
  • Internet service providers
  • CERTs & CSIRTs
  • Cybersecurity vendors
  • Threat intelligence teams
  • Industry experts

Each partner brings a different piece of the puzzle, creating a complete view of the internet. Together, we help each other identify, understand, and combat persistent and emerging cyber threats more effectively than any single organization possibly could alone.

IASC partner network
Join the IASC
Including partnerships such as:
Access Now
Attaxion
CleanDNS
Darksight Analytics
DNSAudit
EU Disinfolab
Global Signal Exchange
NCPTF
Rexxfield
ScamAdviser

What We Do

The IASC gathers, unifies, and shares data across partners so that they can use it to make the cyber world safer. Individually, each partner has only a partial view—but together, we create a more complete and accurate picture of online activity. This collective approach enables partners to detect, investigate, and mitigate cyber threats more effectively.

  • Threat Research

    Threat Research

    Uncovering large-scale campaigns, infrastructure, and attacker behavior by analyzing patterns across aggregated data sources.

  • Cyber Defense

    Cyber Defense

    Enabling stronger defenses by identifying indicators of compromise, adding rich context to threat events, and detecting attack patterns across the internet.

  • Threat Intelligence

    Threat Intelligence

    Aggregating and enriching data from diverse sources to produce actionable intelligence on emerging threats and malicious activity.

  • Investigations

    Investigations

    Supporting deeper investigations with enriched, cross-source intelligence that reveals hidden connections and accelerates analysis.

IASC News and Updates

Threat actor monitoring:
Asset Discovery, Attribution, and the Shift Toward Exposure and Risk Management in Modern Security Programs
A conversation with Jeff Foley, Amass leader and Senior Advisor for External Exposure Research, Internet Abuse Signal Collective
How Access Now Improved Incident Response for Human Rights Defenders
Access Now cuts phishing investigation time by 60% on its Digital Security Helpline using WhoisXML API's WHOIS API and MCP Server via Gemini CLI.
Turning Internet Abuse Signals into Coordinated Action in LAC
An interview with Gonzalo Romero on Internet abuse coordination, governance, and strengthening digital trust across Latin America and the Caribbean.
WhoisXML API Joins DEATHCon 2025
Alex Ronquillo and Ed Gibbs joined hundreds of detection engineering experts at DEATHCon 2025. Here’s a recap of the event’s major themes.
WhoisXML API Participates in the FIRST 2025 Technical Colloquium
WhoisXML API’s Ed Gibbs participated in the FIRST’s Mexico City Technical Colloquium and spoke about modern threat hunting using DNS and NetFlow telemetry.
Locating Missing Children through Collaboration
Learn how the National Child Protection Task Force (NCPTF) found 25 missing children in a multi-organizational operation that included WhoisXML API.
Darksight Analytics Improves Attribution in an Investment Fraud Investigation
Learn how WhoisXML API helped a Darksight Analytics investigator analyze a network of invoice factories involved in a fraud scheme.
WhoisXML API Is Now a Global Signal Exchange (GSE) Partner
WhoisXML API has joined the Global Signal Exchange (GSE) community to empower anti-fraud professionals with predictive threat intelligence.
WhoisXML API Attends the ICANN82 Community Forum
WhoisXML API attended ICANN82 to engage in key cross-community talks and gain insights from the event's major sessions and leaders.
WhoisXML API Presents Global DNS Trends at Europol
WhoisXML API shows how leveraging a satellite view of the global DNS can help identify, expand, and contextualize potential counterfeit domains. Read the report now.
Webinar | Investigating Misinformation: Analyze Iranian-Owned Domains Using WhoisXML API
In this webinar, WhoisXML API and Maltego experts will take a deeper look into these websites and connections between them using the capabilities of Maltego and historical WHOIS data from WhoisXML API.
GeoGuard and WhoisXML API Partnership: The Dark Side of VPN Use Explored
The research aimed to detect malicious IP addresses in IP blocks associated with VPN usage. The findings could serve as a warning to both cloud users and service providers.

Work With Us

The IASC welcomes new partners and data contributions. Share your data — and get access to unique internet intelligence in return.

Domain names

Domain history

GeoSpatial IP Intelligence

GeoSpatial IP Intelligence

WiFi Intelligence

WiFi Intelligence

Global honeypot threat intelligence

Global honeypot threat intelligence

DNS & NetFlow traffic flows

DNS & NetFlow traffic flows

Command & control attack infrastructure

Command & control attack infrastructure

Malware infrastructure

Malware infrastructure

Phishing attack infrastructure

Phishing attack infrastructure

Malvertising & spam websites

Malvertising & spam websites

Credential harvesting page paths

Credential harvesting page paths

Domain, IP, URL IoCs

net org com

DNS History

IP addresses

Email addresses

Registrants

R

Brands

Corporate firmographic data

Corporate firmographic data

IASC Welcomes New Partners

  • Data exchange

    Data exchange

    Contribute your organization’s unique data and gain access to the broader IASC intelligence pool. By combining datasets across partners, this model creates a richer, more complete view of internet activity — benefiting all participants through shared visibility and insights.

  • Research contribution

    Research contribution

    Use IASC data to support cybersecurity research, investigations, or publications. If IASC data can support your research, we encourage you to reach out and explore collaboration opportunities.

  • Data access

    Data access

    Access IASC data to enhance your security, research, or product capabilities. If your ability to contribute data is limited, flexible arrangements can be explored — reach out to discuss how IASC data can support your needs while aligning with the collective’s mission.

Partner with the IASC

Media Coverage

The Hacker News
Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb
Dark Reading
Attackers Use New Tool to Scan for React2Shell Exposure
BankInfoSecurity
Nation-State and Cybercrime Exploits Tied to React2Shell
Cyber Security News
ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload
OSINord
The Mystery of Nadia Marcinko: Epstein’s Alleged Right Hand and Her Digital Trail
GBHackers
React2Shell Vulnerability Exploited in the Wild, Analysts Warn
News.QQ.com
蠕虫式XMRig挖矿活动使用BYOVD漏洞利用和基于时间的逻辑炸弹
SecurityAffairs
Wormable XMRig campaign leverages BYOVD and timed kill switch for stealth
RedHotCyber
State-Sponsored “ILovePoop” Toolkit Targets Global Giants via React2Shell Vulnerability
Sina.com.cn
蠕虫式XMRig挖矿活动使用BYOVD漏洞利用和基于时间的逻辑炸弹
MalwareTips
Attackers Use New Tool to Scan for React2Shell Exposure

Frequently Asked Questions

What is the IASC?

The Internet Abuse Signal Collective, or the IASC is a data-sharing collaborative network led by WhoisXML API that brings together organizations to exchange internet telemetry and threat intelligence.

Its goal is to combine data from multiple sources to get a clearer, more complete view of internet activity and use that to detect, investigate, and mitigate cyber threats more effectively than any single organization could on its own.

How does the IASC work?

The IASC operates by collecting and correlating data contributed by its partners. Each participant shares unique data and, in return, gains access to a broader pool of intelligence. The scope of access depends on the level and value of contribution, creating a collaborative data exchange that benefits all members.

What are the requirements to become a partner?

Organizations across commercial, government, and non-commercial sectors can apply to become an IASC partner as long as it has relevant data, expertise, or capabilities to contribute. The IASC is built on mutual collaboration — partners share what they can and gain access to a wider range of intelligence in return. IASC also welcomes individual contributors.

What kind of data can partners contribute?

Partners can contribute a wide range of internet and threat-related data. It includes:

  • domain and IP intelligence
  • DNS and network traffic
  • malware and phishing infrastructure
  • spam signals
  • Indicators of compromise
  • honeypot data
  • geolocation insights

And more. Essentially, it could be any data that helps build a clearer picture of the global online activity and threats.

Can partners use IASC data for their own internal security?

Yes. The goal of the IASC is to enable data sharing so that each individual partner can do more with the help of IASC data than without it. Partners are encouraged to use IASC data to strengthen their own security, conduct research, and enhance cybersecurity products or operations. All data must be used responsibly and for legitimate purposes aligned with combating cyber threats under established IASC guidelines.

What benefits do partners get from joining the IASC?

Partners gain access to a diverse and enriched pool of data that goes beyond what any single organization can collect on its own. The level of access is flexible and generally scales with contribution. To align data sharing and access with your organization’s goals, IASC representatives work directly with partners to define the best collaboration model.

Can research institutions participate?

Yes. The IASC welcomes research groups and independent researchers. If you are interested in contributing or using IASC data for research, you can reach out to explore collaboration opportunities.

Trusted by
the smartest
companies