Product Details

What is the Spamhaus Intelligence API?

The Spamhaus Intelligence API (SIA) is an API that allows you to easily access our IP reputation datasets for integration into your existing infrastructure, including threat intelligence platforms, websites, analysis and reporting mechanisms.

Who can use SIA?

Anyone who needs to provide context around IP addresses that are compromised or sending spam.

How to deploy

Visit our technical documentation for access details and additional technical information regarding SIA.

Pricing

Based on the number of queries per month and second, prices start at $5,000 per year. Contact our sales team for further details.

Developer License

Developers wishing to take the time to explore, build and test with the data can sign-up for free access to SIA via our Developer License, with up to 5,000 queries per month.

What data is included?

SIA provides access to live and historical metadata relating to IP addresses that indicate compromise and/or are emitting spam.  These IPs are listed either on the Spamhaus eXploits Blocklist (eXBL) and/or the eCSS Blocklist (eCSS).

eXBL

This dataset focuses on compromised devices. Our research team lists IP addresses showing indications of malware, Trojan or worm infections, devices controlled by botnets command and controllers (C&Cs), along with third-party exploits, such as open proxies.

This dataset on average contains 7.5 million listings, with up to 75,000 newly observed IPs added every 24 hours.

eCSS

This dataset is specific to SMTP traffic, only listing port-25 based detections. Potential triggers for a listing include unsolicited emails, having poor email marketing list hygiene, or sending out malicious emails due to compromised accounts or content management systems (CMS).

This dataset contains between 300,000 – 1.5 million listings, with up to 285,000 new listings added every 24 hours.