Lookup with our blacklist API for FREE!
Minimal and Simple Anti-Abuse API for Everyone.
Our Blacklist API helps you know what users are legit or not.
Our Blacklist API helps you know what users are legit or not.
Free Sign up Log in
Find out in advance if your users will be good customers
Our anti-abuse API helps you know immediately if a user’s IP address, domain or email address is blacklisted so you can decide whether to block it or not.

API for searching IPs, domains and emails blacklisted for abuse or fraud
We search the web for the best and most reliable blacklists and blocking lists. We extract, cleanse, aggregate and settle dozens of IP, domain and email blacklists around the world to help you know if the source is reliable or not.
OSINT Threat Intelligence
We analyze IP addresses, emails and domains for scoring based on our blacklists and algorithms. We test multiple parameters in real time to help developers and cybersecurity analysts make the best decisions.


Real-time alerts
Get ahead of your customers and find out which IP addresses are blacklisted as soon as it happens thanks to our real-time alert services. From a handful of IP addresses to a full range of Autonomous Systems networks
Customizable blacklist search API
Some blacklists are stricter than other ones, and not all companies need to be as restrictive as others. Choose the level of trustworthiness that best suits your needs. And, of course, adjust it as your needs evolve.


Always the best latency to your closest servers
Get the response your application needs in milliseconds with our entire constellation of servers deployed around the world.
Apility.io at a glance
Defend yourself! Use our anti abuse API in your apps and services!
IP addresses
Emails
Blacklists



Swiss Knife OSINT Threat Intelligence API
Get all the features you need to keep your users’ activity under control from a single service.
Identify a user as malicious
Find those users who try to abuse your service before it costs you money without impacting your on-boarding requirements.
OSINT Threat Intelligence as a Service
Check multiple blacklists of IP addresses, domains, and email messages from a single, unified management interface, either from the control panel, API or clients available.
Updated abuse blacklists in Realtime
Our lists are updated hourly from multiple sources. Don’t waste your time searching for unknown sources and implementing ad-hoc parsing and search processes.
GDPR data processing compliant
We understand that you are giving us data that can contain personal information. We have applied all the necessary measures to guarantee your data is processed safely.
Real-time alerts
It is no longer necessary to check every day whether your IP or the customers’ IP addresses have been blacklisted. Add your IP address list or CIDR and we will notify you when they are blacklisted straightaway.
Email Verification and Validation Service
We assess the legitimacy of an email address through a combination of scoring techniques with our own algorithms.
Our most popular plans
DEVELOPER
from $7.50 /mo
1000 Daily requests
200 hits per minute rate limit
16 Real-time alerts
24 hours of historical data retention
STARTUP
from $75 /mo
40000 Daily requests
800 hits per minute rate limit
4096 Real-time alerts
30 days of historical data retention
ENTERPRISE
from $600 /mo
640000 Daily requests
6400 hits per minute rate limit
2097152 Real-time alerts
Unlimited historical data retention
Hourly downloadable blacklists
Telephone support
Want to know all the plans and details about pricing and payment methods?
Consume our API with different clients
It does not matter if you are a developer, a system administrator, a DevOps or a cyber analyst. You will find the best way to use our API.
REST API
The best way to get the most out of all the features of our API. Read our detailed documentation to get started.
Python Client API
We’re a Python house. If you want to integrate our API into your applications, you can use the API bindings we use for our internal developments. Read our docs!
Command Line interface
If you are a console warrior, this tool is perfect for you. Take full advantage of our API right from your favorite shell on Windows, Mac or Linux. Go and install it!.
Google Spreadsheet add-on
It doesn’t matter if you have no technical background, you can install our Google Spreadsheet add-on and use our API right on your own spreadsheets. Go and get it!
NGINX integration
If you want to have your infrastructure under your control, you can integrate our API with the NGINX web server to use it as a WAF service. . Read our examples!
AWS CloudFront/Lambda@Edge or Cloudflare Workers integration
If you like cutting-edge technologies like Serverless, you’ll enjoy the ease of integration of Cloudflare Workers or AWS CloudFront/Lambda@Edge.
Here you have some documents to help you get started
Frecuently Asked Questions
Send us an email if you could not find a suitable answer to your question here.
What is Apility.io?
This is a collection of OSINT Threat Intelligence tools offered “as a Service” to help Product Managers, IT Departments, Enterprises and Start-ups know more about their potential visitors, users and customers.
What is a Hit?
A Hit is how Apility.io measures system usage. When you or your service request information from an API endpoint, one or more Hits will be consumed. Depending on the API endpoint type, it will consume a single Hit or several Hits. You can read more about the FAQ section of our Knowledge Base.
Can I use the API for free?
Yes, if you do not wish to register, you can try the API in anonymous mode. But we strongly recommend that you register and enjoy our Always Free Plan.
You can learn the differences between an Anonymous and a Free account here.
What is a Plan?
A Plan is a recurring subscription to our service. Depending on your Plan, you will have more or less Hits available daily, and more or less real-time alarms to use. You’ll also have more retention time for your data, and other management capabilities. Learn how our Plans and Pricing model works.
Do you store all the requests and responses?
Yes, we believe that an Analytics and Big Data tool helps to better understand user behavior. You can use our tools in the control panel, but we strongly recommend that you import your data into your favorite Big Data and/or Analytics solution.
How much data can you store?
Depending on your subscription plan, your account will allow a longer data retention period. From 1 day for the DEVELOPER plan to an unlimited retention period for the ENTERPRISE plan.
Do you provide a Data Processing Agreement for your clients?
Yes, we sure do. Please send your request for a DPA to privacy@apility.io.
Are you GDPR ready?
Apìlity.io’s platform is GDPR ready. If your company determines that you are subject to the GDPR and you do not yet have in place a Data Processing Agreement (DPA) with us, please send your request for a DPA to privacy@apility.io.
Latest Blog Posts

New Domain Blacklist November 2018: CoinBlockerLists cryptomining domains
We incorporate a new domain blacklist: COINBLOCKER-DOMAINS. CoinBlocker is a collection of lists that can help prevent illegal cryptomining in the browser or other applications. Most cryptocurrencies are generated through the process known as “mining.” Much like traditional mining operations, these procedures require the use of energy and resources to complete a process which yields a financial reward. In the case of cryptocurrency mining, the energy required is electricity and computing power. Lurking behind the legitimate cryptocurrency mining community is another group of individuals and organizations that try to mine for crypto using illicit methods.
Read more
Metadata services: more information and details about our blacklists
More and more companies are integrating our API with their cybersecurity products or directly into their applications or services. And we love it! Now we want to go one step further and help our customers and partners learn more about the blacklists we handle with a new extension of our API: Metadata services.
Read more
New IP Blacklist October 2018: IPCATV4-DC – Datacenter IP space
This month we have a new list that should not be considered harmful, but can help cybersecurity analysts and SecOps to find out if an IP can be malicious. The IPCATV4-DC is a list of IPv4 address that corresponds to datacenters, co-location centers, shared and virtual web hosting providers. In other words, IP addresses that end web consumers should not be using.
Read more