IP Blacklist LookupIP Blacklist Lookup API

OnlineCredit Usage:5 per callRefreshed Just now
avg: 636ms|p50: 594ms|p75: 664ms|p90: 748ms|p99: 916ms

Overview

To use IP Blacklist Lookup, you need an API key. You can get one by creating a free account and visiting your dashboard.

GET Endpoint

URL
https://api.apiverve.com/v1/ipblacklistlookup

Example

How to call the IP Blacklist Lookup API in different programming languages.

cURL Request
curl -X GET \
  "https://api.apiverve.com/v1/ipblacklistlookup?ip=185.220.101.1" \
  -H "X-API-Key: your_api_key_here"
JavaScript (Fetch API)
const response = await fetch('https://api.apiverve.com/v1/ipblacklistlookup?ip=185.220.101.1', {
  method: 'GET',
  headers: {
    'X-API-Key': 'your_api_key_here',
    'Content-Type': 'application/json'
  }
});

const data = await response.json();
console.log(data);
Python (Requests)
import requests

headers = {
    'X-API-Key': 'your_api_key_here',
    'Content-Type': 'application/json'
}

response = requests.get('https://api.apiverve.com/v1/ipblacklistlookup?ip=185.220.101.1', headers=headers)

data = response.json()
print(data)
Go (net/http)
package main

import (
    "fmt"
    "io"
    "net/http"

)

func main() {
    req, _ := http.NewRequest("GET", "https://api.apiverve.com/v1/ipblacklistlookup?ip=185.220.101.1", nil)

    req.Header.Set("X-API-Key", "your_api_key_here")
    req.Header.Set("Content-Type", "application/json")

    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    body, _ := io.ReadAll(resp.Body)
    fmt.Println(string(body))
}
Example Response
{
  "status": "ok",
  "error": null,
  "data": {
    "ipAddress": "185.220.101.1",
    "isIPBlacklisted": true,
    "inbound": {
      "found": true,
      "description": "IP is known for malicious inbound activity (spam, scanning, brute-force attacks)"
    },
    "outbound": null,
    "threatLevel": "high",
    "ipDetails": {
      "ip": "185.220.101.1",
      "country": "DE",
      "region": "BY",
      "timezone": "Europe/Berlin",
      "city": "Nuremberg",
      "coordinates": [
        49.4478,
        11.0683
      ],
      "countryName": "Germany",
      "regionName": "Bavaria",
      "postalCode": "90403",
      "continent": "EU",
      "continentName": "Europe",
      "accuracyRadius": 20
    }
  }
}

Authentication

The IP Blacklist Lookup API requires authentication via API key. Include your API key in the request header:

Required Header
X-API-Key: your_api_key_here

Learn more about authentication →

Interactive API Playground

Test the IP Blacklist Lookup API directly in your browser with live requests and responses.

Parameters

The following parameters are available for the IP Blacklist Lookup API:

Check IP Against Blocklists

ParameterTypeRequiredDescriptionDefaultExample
ipstringrequired
The IP address to check against blocklists
Format: ip (e.g., 185.220.101.1)
-185.220.101.1

Response

The IP Blacklist Lookup API returns responses in JSON, XML, YAML, and CSV formats. The JSON response is shown in the Example section above; alternative formats below.

Other Response Formats

XML Response
200 OK
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <status>ok</status>
  <error xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
  <data>
    <ipAddress>185.220.101.1</ipAddress>
    <isIPBlacklisted>true</isIPBlacklisted>
    <inbound>
      <found>true</found>
      <description>IP is known for malicious inbound activity (spam, scanning, brute-force attacks)</description>
    </inbound>
    <outbound xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
    <threatLevel>high</threatLevel>
    <ipDetails>
      <ip>185.220.101.1</ip>
      <country>DE</country>
      <region>BY</region>
      <timezone>Europe/Berlin</timezone>
      <city>Nuremberg</city>
      <coordinates>
        <coordinate>49.4478</coordinate>
        <coordinate>11.0683</coordinate>
      </coordinates>
      <countryName>Germany</countryName>
      <regionName>Bavaria</regionName>
      <postalCode>90403</postalCode>
      <continent>EU</continent>
      <continentName>Europe</continentName>
      <accuracyRadius>20</accuracyRadius>
    </ipDetails>
  </data>
</response>
YAML Response
200 OK
status: ok
error: null
data:
  ipAddress: 185.220.101.1
  isIPBlacklisted: true
  inbound:
    found: true
    description: >-
      IP is known for malicious inbound activity (spam, scanning, brute-force
      attacks)
  outbound: null
  threatLevel: high
  ipDetails:
    ip: 185.220.101.1
    country: DE
    region: BY
    timezone: Europe/Berlin
    city: Nuremberg
    coordinates:
      - 49.4478
      - 11.0683
    countryName: Germany
    regionName: Bavaria
    postalCode: '90403'
    continent: EU
    continentName: Europe
    accuracyRadius: 20
CSV Response
200 OK
keyvalue
ipAddress185.220.101.1
isIPBlacklistedtrue
inbound{found:true,description:IP is known for malicious inbound activity (spam, scanning, brute-force attacks)}
outbound
threatLevelhigh
ipDetails{ip:185.220.101.1,country:DE,region:BY,timezone:Europe/Berlin,city:Nuremberg,coordinates:[49.4478,11.0683],countryName:Germany,regionName:Bavaria,postalCode:90403,continent:EU,continentName:Europe,accuracyRadius:20}

Response Structure

All API responses follow a consistent structure with the following fields:

FieldTypeDescriptionExample
statusstringIndicates whether the request was successful ("ok") or failed ("error")ok
errorstring | nullContains error message if status is "error", otherwise nullnull
dataobject | nullContains the API response data if successful, otherwise null{...}

Learn more about response formats →

Response Data Fields

When the request is successful, the data object contains the following fields:

Response fields marked with Premium are available exclusively on paid plans.View pricing
FieldTypeSample ValueDescription
ipAddressstring"185.220.101.1"
The IP address that was checked
isIPBlacklistedbooleantrue
Whether IP appears on any known blocklists
inboundPremiumobject{...}
Inbound threat assessment for attacker/spam sources
â”” foundbooleantrue
Whether IP is on inbound attacker blocklist
â”” descriptionstring"IP is known for malicious inbound activity (spam, scanning, brute-force attacks)"
Description of inbound threat type if found
outboundPremiumobjectnull
Outbound threat assessment for malicious destinations
threatLevelPremiumstring"high"
Overall threat severity assessment level
ipDetailsPremiumobject{...}
Geolocation details for the IP address
â”” ipstring"185.220.101.1"
The queried IP address
â”” countrystring"DE"
Two-letter country code of IP location
â”” regionstring"BY"
Region/state code of IP location
â”” timezonestring"Europe/Berlin"
Timezone of IP geolocation
â”” citystring"Nuremberg"
City name of IP location
â”” coordinatesarray[49.4478, ...]
Latitude and longitude coordinates of IP
â”” countryNamestring"Germany"
Full country name of IP location
â”” regionNamestring"Bavaria"
Full region/state name of IP location
â”” postalCodestring"90403"
Postal code of IP geolocation
â”” continentstring"EU"
Continent code of IP location
â”” continentNamestring"Europe"
Full continent name of IP location
â”” accuracyRadiusnumber20
Accuracy radius in kilometers for IP geolocation

Headers

Only X-API-Key is required. Optional headers include Accept for response format negotiation (JSON, XML, or YAML), User-Agent, and X-Request-ID for request tracing. See all request headers →

GraphQL AccessALPHA

Access IP Blacklist Lookup through GraphQL to combine it with other API calls in a single request. Query only the ip blacklist lookup data you need with precise field selection, and orchestrate complex data fetching workflows.

Test IP Blacklist Lookup in the GraphQL Explorer to confirm availability and experiment with queries.

Credit Cost: Each API called in your GraphQL query consumes its standard credit cost.

GraphQL Endpoint
POST https://api.apiverve.com/v1/graphql
GraphQL Query Example
query {
  ipblacklistlookup(
    input: {
      ip: "185.220.101.1"
    }
  ) {
    ipAddress
    isIPBlacklisted
    inbound {
      found
      description
    }
    outbound
    threatLevel
    ipDetails {
      ip
      country
      region
      timezone
      city
      coordinates
      countryName
      regionName
      postalCode
      continent
      continentName
      accuracyRadius
    }
  }
}

Note: Authentication is handled via the x-api-key header in your GraphQL request, not as a query parameter.

CORS Support

The IP Blacklist Lookup API accepts cross-origin requests from any origin, so it can be called directly from browser-based applications without a proxy. See CORS support →

Rate Limiting

IP Blacklist Lookup requests are throttled per minute on the Free plan and unthrottled on paid plans. Exceeding the limit returns 429 Too Many Requests; rate-limit usage is reported in the X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset response headers. See per-plan limits and best practices →

Error Codes

The IP Blacklist Lookup API uses standard HTTP status codes — 200 on success, 400 for invalid parameters, 401 for missing or invalid keys, 403 for insufficient credits, 429 for rate-limit exhaustion, and 500/503 for server-side issues. Each error response includes an X-Request-ID header you can quote when contacting support. See full error handling guide →

SDKs for IP Blacklist Lookup

Official IP Blacklist Lookup packages on npm, PyPI, NuGet, and JitPack — plus a Postman collection and an OpenAPI spec. See the SDK guide →

No-Code Integrations

IP Blacklist Lookup works with Zapier, Make, Pipedream, n8n, and Power Automate using the same API key. See setup guides →

Frequently Asked Questions

How do I get an API key for IP Blacklist Lookup?
Sign up for a free account at dashboard.apiverve.com. Your API key will be automatically generated and available in your dashboard. The same key works for IP Blacklist Lookup and all other APIVerve APIs. The free plan includes 1,000 credits plus a 500 credit bonus.
How many credits does IP Blacklist Lookup cost?

Each successful IP Blacklist Lookup API call consumes credits based on plan tier. Check the pricing section above for the exact credit cost. Failed requests and errors don't consume credits, so you only pay for successful ip blacklist lookup lookups.

Can I use IP Blacklist Lookup in production?

The free plan is for testing and development only. For production use of IP Blacklist Lookup, upgrade to a paid plan (Starter, Pro, or Mega) which includes commercial use rights, no attribution requirements, and guaranteed uptime SLAs. All paid plans are production-ready.

Can I use IP Blacklist Lookup from a browser?
Yes! The IP Blacklist Lookup API supports CORS with wildcard configuration, so you can call it directly from browser-based JavaScript without needing a proxy server. See the CORS section above for details.
What happens if I exceed my IP Blacklist Lookup credit limit?

When you reach your monthly credit limit, IP Blacklist Lookup API requests will return an error until you upgrade your plan or wait for the next billing cycle. You'll receive notifications at 80% and 95% usage to give you time to upgrade if needed.

What's Next?

Continue your journey with these recommended resources

Was this page helpful?