DNS Blocklists

---

DNS Blocklists provides real-time information about whether an IP address is listed on one or more DNS-based blocklists (DNSBLs). It is used to identify and filter out sources of spam, malware, and other malicious activities.

Results may be returned immediately (from cache) or indicate that processing is ongoing; if so, re-query until the results are complete.

This endpoint is the new version of the blocklist endpoint, and was developed upon requests from the community. In a nutshell, these are main motivations behind switching from blocklist to dns-blocklist:

• The blocklist endpoint had 3 blocklists, and it was not working real-time.
• The new dns-blocklist has more blocklists, it scales better, and has the ability of real-time querying.

GET /data/dns-blocklists/data.json?resource=193.0.0.0

Try it

Parameters

Key	Value	Info	Required
resource	IP address	IP address to check across supported DNS-based blocklists (DNSBLs). This must be a single, valid IP address.	YES

Data Output

The data output for this endpoint provides a summary of the blocklist status for the queried IP address.

Key	Info
blocklists	A map of the specific DNS blocklists where the IP address was found. Always present, regardless of processing status. If the IP address is not on any blocklist, this list will be empty. Each record has the following fields: Field Description name Identifier of the DNS blocklist operator Organization or entity that runs and maintains the blocklist url URL pointing to the official website or a page with more information about the blocklist, including its policies and removal procedures.
data	A map keyed by blocklist ID with the current lookup results for those blocklists. Present when results have been collected; otherwise may be empty while processing is pending. Each record has the following fields: Field Description query_time Timestamp (ISO8601) when the lookup was performed. status Organization or entity that runs and maintains the blocklist. The values that are returned include: - listed: The resource is on the blocklist. - notlisted: The resource is not on the blocklist. - failed: The DNS lookup failed. - unsupported: The resource type is not supported for lookup. - toomanyrequesttoday: The request has been rate-limited.
pending_results	Boolean indicating whether lookups are still running in the backend. When true, not all results may be available yet. Re-query to fetch updates until this becomes false.
parameters	Parameters that were used while querying the service. It has the following fields: Field Description resource Timestamp (ISO8601) when the lookup was performed. earliest_time Timestamp of the earliest lookup result. latest_time Timestamp of the latest lookup result.

Code Examples

cURL

curl --location --request GET "https://stat.ripe.net/data/dns-blocklists/data.json?resource=193.0.0.0"

JS

const requestOptions = {
    method: 'GET',
};

fetch("https://stat.ripe.net/data/dns-blocklists/data.json?resource=193.0.0.0", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));

Available versions for this endpoint:

1.0 (current)