Apility.io Command Line Interface (CLI) tool
Introduction
Apility.io can be defined as Threat Intelligence SaaS for developers and product companies that want to know in realtime if their existing or potential users have been classified as 'abusers' by one or more of these lists.
Automatic extraction processes extracts all the information in realtime, keeping the most up to date data available, saving yourself the hassle of extract and update regularly all these lists and the data.
What does Apility.io offer?
Apility.io offers an extremely simple and minimalistic API to access in realtime to these lists and do the following simple question about the resource?
Is this IP, domain or email stored in any blacklist?
The answers to this question can be:
- YES: The resource can be found in an abusers' list. This is a bad resource.
- NO: The resource cannot be found in any abusers' list. This is a clean resource.
A bad resource implies some kind of action from developers' side. A clean resource does not need any action from their side.
What does Apility.io CLI offer?
The Command Line Interface offers a tool to take advantage of all the features of the API right from the command line interface of the user's favourite Operating System. The Apility.io CLI has been tested on Microsoft Windows, Apple macOS and several popular GNU/Linux distributions. But if the Operating system can execute Python, it can run the CLI.
Supported Python Versions
This client is supported for Python 2 and 3, for versions 2.7+ and 3.4+ respectively. It is recommended that Python 2 users use python 2.7.9+ to take advantage of the SSL Certificate Validation feature that is not included in earlier versions.
Installation
PIP
A user can install the Apility.io CLI with pip:
$ pip install apilityio-cli
EASY_INSTALL
A user install the Apility.io CLI with easy_install too:
$ easy_install apilityio-cli
Verify installation
To verify if the command has been succesfully installed, the user can open a terminal in the target Operating System and type the apility command as follows:
$ apility
usage: apility [-h] [--apikey APIKEY] [--config CONFIG]
[--format {XML,CSV,TEXT,JSON}]
[--tableonly TABLEONLY] [--rows ROWS] [--page PAGE]
[--timestamp TIMESTAMP]
{badip,baddomain,bademail,geoip,asip,asnum,whoisip,historyip,historydomain,historyemail,getquarantine}
parameter
apility: error: the following arguments are required: command, parameter
If the command is not found in the PATH of the user's session probably the tool has not been installed correctly. Please contact our support team or check our issue tracker.
Use the CLI without an API KEY (anonymous mode)
If the user does not provide a valid API KEY the CLI tool will work in anonymous mode. In this mode the API has a limit of 100 hits per day and per IP address, enough for quick testing and sporadic use. If the user needs more hits then he/she has to register in our site and obtain a valid API KEY. The FREE plan allows 250 hits per day. If you need more hits per day you should consider an upgrade to some our paid plans.
Use the CLI with an API KEY
If the user already has a valid API KEY then he/she has to pass it with the CLI. There are three different ways to do it:
- Use the --apikey optional parameter in every single command executed.
- Create an environment variable called APILITYIO_API_KEY and assign the API KEY before executing any command.
- Write a configuration file readable by the command line tool.
--apikey optional parameter
The easiest way to pass the API KEY to the command line has the trade off of adding parameters to the command that can be unnecesary. Example:
$ apility badip 1.2.3.4 --apikey=USER_API_KEY
+---+------------+-------------------+
| ! | IP ADDRESS | BLACKLISTS |
+---+------------+-------------------+
| ! | 1.2.3.4 | STOPFORUMSPAM-365 |
| | | STOPFORUMSPAM-90 |
| | | STOPFORUMSPAM-180 |
+---+------------+-------------------+
APILITYIO_API_KEY environment variable.
Using a environment variable hides the token from prying eyes. Example:
$ APILITYIO_API_KEY=USER_API_KEY
$ apility badip 1.2.3.4
+---+------------+-------------------+
| ! | IP ADDRESS | BLACKLISTS |
+---+------------+-------------------+
| ! | 1.2.3.4 | STOPFORUMSPAM-365 |
| | | STOPFORUMSPAM-90 |
| | | STOPFORUMSPAM-180 |
+---+------------+-------------------+
Configuration files
The CLI try to read several configuration files following this workflow:
- apilityio.conf file in the same directory where the command is launched. It has the highest priority.
- .apilityio file in the same directory where the command is launched.
- .apility.io file in the $HOME directory of the user executing the command. It has the lowest priority.
This configuration file only contains a section CLIENT and several parameters:
[CLIENT]
api_key=USER_API_KEY
protocol=CONNECTION PROTOCOL: http OR https (LOWECASE)
host=API ENDPOINT HOST. BY DEFAULT IS api.apility.net
CLI Optional Parameters
The mandatory parameters will be explained in detail in the next section, but there are a set of optional parameters that are common to all or several mandatory parameters:
- --apikey: As explained before, it's possible to pass the API KEY right in the command line as a parameter.
- --config: If the configuration file is located or named not following the conventions.
- --format: The command line can export the information in four different formats:
- TEXT: Key/value or Tabular text output depending on the number of results and the parameter --tableonly.
- CSV: Tabular comma-separated output. Strings are inside double quotes and lists of elements are separated by semicolons.
- JSON: Direct dump of the JSON format used by the REST API.
- XML: Transformation of the JSON format to XML.
- --tableonly: If the commands only return one result then the Text output is formated as a Key/Value table. If the command returns more than one result the Text output is formated as pure tabular format where the first row is the header with the field names. If this paramater is passed with the value TRUE then the Key/Value format is overriden even when the command only returns one result.
- --rows: If the command returns multiple items it can limit the number of items per page with this command. Only applies to some commands.
- --page: If the command returns multiple items it can paginate the results. Only applies to some commands.
- --timestamp: If the command returns multiple items it can limit the timestamp of the results. Only applies to some commands. In milliseconds.
CLI commands
badip IP_ADDRESSES
Check if an IP address or a list of IP addresses belong to any list of the blacklist databases of Apility.io. It also returns the blacklists where the IP addresses were found. IP addresses are passed as a comma-separated list. For details about all fields returned by the call read https://apility.io/apidocs/#ip-check.
Example single IP address:
$ apility badip 1.2.3.4
+---+------------+-------------------+
| ! | IP ADDRESS | BLACKLISTS |
+---+------------+-------------------+
| ! | 1.2.3.4 | STOPFORUMSPAM-365 |
| | | STOPFORUMSPAM-90 |
| | | STOPFORUMSPAM-180 |
+---+------------+-------------------+
Example multiple IP addresses:
$ apility badip 1.2.3.4,8.8.8.8,1.1.1.1,0.0.0.1
+---+------------+-------------------+
| ! | IP ADDRESS | BLACKLISTS |
+---+------------+-------------------+
| ! | 1.2.3.4 | STOPFORUMSPAM-365 |
| | | STOPFORUMSPAM-90 |
| | | STOPFORUMSPAM-180 |
| | 1.1.1.1 | |
| ! | 0.0.0.1 | TEAMCYMRU-BOGONS |
| | | IANA-BOGONS |
| | 8.8.8.8 | |
+---+------------+-------------------+
Example multiple IP addresses CSV output:
apility badip 1.2.3.4,8.8.8.8,1.1.1.1,0.0.0.1 --format=CSV
"IP ADDRESS","BLACKLISTS"
"1.1.1.1",""
"0.0.0.1","TEAMCYMRU-BOGONS;IANA-BOGONS"
"1.2.3.4","STOPFORUMSPAM-365;STOPFORUMSPAM-90;STOPFORUMSPAM-180"
"8.8.8.8",""
Example multiple IP addresses JSON output:
apility badip 1.2.3.4,8.8.8.8,1.1.1.1,0.0.0.1 --format=JSON
{
"response": [
{
"blacklists": "",
"ip": "1.1.1.1"
},
{
"blacklists": "TEAMCYMRU-BOGONS,IANA-BOGONS",
"ip": "0.0.0.1"
},
{
"blacklists": "STOPFORUMSPAM-365,STOPFORUMSPAM-90,STOPFORUMSPAM-180",
"ip": "1.2.3.4"
},
{
"blacklists": "",
"ip": "8.8.8.8"
}
]
}
Example multiple IP addresses XML output:
apility badip 1.2.3.4,8.8.8.8,1.1.1.1,0.0.0.1 --format=XML
<?xml version="1.0" ?>
<root>
<response>
<ip value="1.1.1.1">
<blacklists/>
</ip>
<ip value="0.0.0.1">
<blacklists>TEAMCYMRU-BOGONS,IANA-BOGONS</blacklists>
</ip>
<ip value="1.2.3.4">
<blacklists>STOPFORUMSPAM-365,STOPFORUMSPAM-90,STOPFORUMSPAM-180</blacklists>
</ip>
<ip value="8.8.8.8">
<blacklists/>
</ip>
</response>
</root>
baddomain DOMAINS
Check if a domain or a list of Domain and its MX and NS records belong to any list of the blacklist databases of Apility.io. It returns a list of the scoring and blacklists where the Domains info were found. For details about all fields returned by the call read https://apility.io/apidocs/#domain-check.
Example single domain:
$ apility badip baddomain mailinator.com
+-----------------------+-------------------------+
| KEY | VALUE |
+-----------------------+-------------------------+
| SCORE | -2 |
| DOMAIN | mailinator.com |
| DOMAIN SCORE | -2 |
| DOMAIN BLACKLISTS | LISINGE-DED |
| | DEA |
| | MARTENSON-DED |
| | IVOLO-DED |
| MX BLACKLISTS | LISINGE-DED |
| | IVOLO-DED |
| | MARTENSON-DED |
| | DEA |
| MX HOSTS | mail.mailinator.com |
| | mail2.mailinator.com |
| NS BLACKLISTS | |
| NS HOSTS | james.ns.cloudflare.com |
| | betty.ns.cloudflare.com |
| DOMAIN IP | 104.25.199.31 |
| DOMAIN IP SCORE | -1 |
| DOMAIN IP BLACKLISTS | LISINGE-DED-IP |
| | IVOLO-DED-IP |
| | MARTENSON-DED-IP |
| DOMAIN IP QUARANTINED | False |
| SOURCE IP | 79.156.253.222 |
| SOURCE IP SCORE | 0 |
| SOURCE IP BLACKLISTS | |
| SOURCE IP QUARANTINED | False |
+-----------------------+-------------------------+
Example multiple domains:
$ apility badip baddomain mailinator.com,apility.io,google.com
+-------+----------------+--------------+-------------------+---------------+----------+-------------------------+-------------------------+----------------+-----------------+----------------------+-----------------------+----------------+-----------------+----------------------+-----------------------+
| SCORE | DOMAIN | DOMAIN SCORE | DOMAIN BLACKLISTS | MX BLACKLISTS | MX HOSTS | NS BLACKLISTS | NS HOSTS | DOMAIN IP | DOMAIN IP SCORE | DOMAIN IP BLACKLISTS | DOMAIN IP QUARANTINED | SOURCE IP | SOURCE IP SCORE | SOURCE IP BLACKLISTS | SOURCE IP QUARANTINED |
+-------+----------------+--------------+-------------------+---------------+----------+-------------------------+-------------------------+----------------+-----------------+----------------------+-----------------------+----------------+-----------------+----------------------+-----------------------+
| -2 | mailinator.com | -1 | LISINGE-DED | LISINGE-DED | | mail2.mailinator.com | betty.ns.cloudflare.com | 104.25.198.31 | -1 | LISINGE-DED-IP | False | 79.156.253.222 | 0 | | False |
| | | | DEA | IVOLO-DED | | mail.mailinator.com | james.ns.cloudflare.com | | | IVOLO-DED-IP | | | | | |
| | | | MARTENSON-DED | MARTENSON-DED | | | | | | MARTENSON-DED-IP | | | | | |
| | | | IVOLO-DED | DEA | | | | | | | | | | | |
| 0 | apility.io | 0 | | | | aspmx.l.google.com | pam.ns.cloudflare.com | 35.189.121.53 | 0 | | False | 79.156.253.222 | 0 | | False |
| | | | | | | alt1.aspmx.l.google.com | alex.ns.cloudflare.com | | | | | | | | |
| | | | | | | alt2.aspmx.l.google.com | | | | | | | | | |
| | | | | | | aspmx2.googlemail.com | | | | | | | | | |
| | | | | | | aspmx3.googlemail.com | | | | | | | | | |
| 0 | google.com | 0 | | | | alt4.aspmx.l.google.com | ns2.google.com | 209.85.202.113 | 0 | | False | 79.156.253.222 | 0 | | False |
| | | | | | | aspmx.l.google.com | ns3.google.com | | | | | | | | |
| | | | | | | alt1.aspmx.l.google.com | ns4.google.com | | | | | | | | |
| | | | | | | alt2.aspmx.l.google.com | ns1.google.com | | | | | | | | |
| | | | | | | alt3.aspmx.l.google.com | | | | | | | | | |
+-------+----------------+--------------+-------------------+---------------+----------+-------------------------+-------------------------+----------------+-----------------+----------------------+-----------------------+----------------+-----------------+----------------------+-----------------------+
Tabular can be hard to read, but it's possible to export the data to CSV, JSON and XML to import in your favourite editor.
bademail EMAILS
Check if an email or a list of Emails including all tests performed to the Domain plus a full SMTP test on the remote server. It returns the global scoring of each Email and each scoring per test performed. For details about all fields returned by the call read https://apility.io/apidocs/#email-check.
Example single email:
$ apility badip bademail test@mailinator.com
+------------------------+-------------------------+
| KEY | VALUE |
+------------------------+-------------------------+
| SCORE | -3 |
| EMAIL | test@mailinator.com |
| DOMAIN SCORE | -1 |
| DOMAIN BLACKLISTS | IVOLO-DED |
| | DEA |
| | LISINGE-DED |
| | MARTENSON-DED |
| MX BLACKLISTS | LISINGE-DED |
| | DEA |
| | MARTENSON-DED |
| | IVOLO-DED |
| MX HOSTS | mail.mailinator.com |
| | mail2.mailinator.com |
| NS BLACKLISTS | |
| NS HOSTS | james.ns.cloudflare.com |
| | betty.ns.cloudflare.com |
| EMAIL SCORE | 0 |
| EMAIL BLACKLISTS | |
| DOMAIN IP | 104.25.199.31 |
| DOMAIN IP SCORE | -1 |
| DOMAIN IP BLACKLISTS | LISINGE-DED-IP |
| | IVOLO-DED-IP |
| | MARTENSON-DED-IP |
| DOMAIN IP QUARANTINED | False |
| SOURCE IP | 79.156.253.222 |
| SOURCE IP SCORE | 0 |
| SOURCE IP BLACKLISTS | |
| SOURCE IP QUARANTINED | False |
| ADDRESS SCORE | 0 |
| ADDRESS IS ROLE | False |
| ADDRESS IS WELL FORMED | True |
| SMTP SCORE | 0 |
| SMTP EXIST MX | True |
| SMTP EXIST ADDRESS | True |
| SMTP CATCH ALL | True |
| IS FREEMAIL SCORE | 0 |
| IS FREEMAIL | False |
| IS DISPOSABLE SCORE | -1 |
| IS DISPOSABLE | True |
+------------------------+-------------------------+
Example multiple emails:
$ apility badip bademail mailinator.com,apility.io,google.com
+-------+-------------------------------------+--------------+-------------------+---------------+----------+-------------------------+-------------------------+-------------+------------------+---------------+-----------------+----------------------+-----------------------+----------------+-----------------+----------------------+-----------------------+---------------+-----------------+------------------------+------------+---------------+--------------------+----------------+-------------------+-------------+---------------------+---------------+
| SCORE | EMAIL | DOMAIN SCORE | DOMAIN BLACKLISTS | MX BLACKLISTS | MX HOSTS | NS BLACKLISTS | NS HOSTS | EMAIL SCORE | EMAIL BLACKLISTS | DOMAIN IP | DOMAIN IP SCORE | DOMAIN IP BLACKLISTS | DOMAIN IP QUARANTINED | SOURCE IP | SOURCE IP SCORE | SOURCE IP BLACKLISTS | SOURCE IP QUARANTINED | ADDRESS SCORE | ADDRESS IS ROLE | ADDRESS IS WELL FORMED | SMTP SCORE | SMTP EXIST MX | SMTP EXIST ADDRESS | SMTP CATCH ALL | IS FREEMAIL SCORE | IS FREEMAIL | IS DISPOSABLE SCORE | IS DISPOSABLE |
+-------+-------------------------------------+--------------+-------------------+---------------+----------+-------------------------+-------------------------+-------------+------------------+---------------+-----------------+----------------------+-----------------------+----------------+-----------------+----------------------+-----------------------+---------------+-----------------+------------------------+------------+---------------+--------------------+----------------+-------------------+-------------+---------------------+---------------+
| 0 | company@apility.io | 0 | | | | aspmx.l.google.com | alex.ns.cloudflare.com | 0 | | 35.189.121.53 | 0 | | False | 79.156.253.222 | 0 | | False | 0 | False | True | 0 | True | True | False | 0 | False | 0 | False |
| | | | | | | aspmx2.googlemail.com | pam.ns.cloudflare.com | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | aspmx3.googlemail.com | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | alt2.aspmx.l.google.com | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | alt1.aspmx.l.google.com | | | | | | | | | | | | | | | | | | | | | | |
| -3 | test@mailinator.com | -1 | IVOLO-DED | LISINGE-DED | | mail.mailinator.com | james.ns.cloudflare.com | 0 | | 104.25.198.31 | -1 | LISINGE-DED-IP | False | 79.156.253.222 | 0 | | False | 0 | False | True | 0 | True | True | True | 0 | False | -1 | True |
| | | | DEA | DEA | | mail2.mailinator.com | betty.ns.cloudflare.com | | | | | IVOLO-DED-IP | | | | | | | | | | | | | | | | |
| | | | LISINGE-DED | MARTENSON-DED | | | | | | | | MARTENSON-DED-IP | | | | | | | | | | | | | | | | |
| | | | MARTENSON-DED | IVOLO-DED | | | | | | | | | | | | | | | | | | | | | | | | |
| -1 | joenqptami@539a685ce18.bounceme.net | 0 | | | | | | 0 | | | 0 | | False | 79.156.253.222 | 0 | | False | 0 | False | True | -1 | False | False | False | 0 | False | 0 | False |
+-------+-------------------------------------+--------------+-------------------+---------------+----------+-------------------------+-------------------------+-------------+------------------+---------------+-----------------+----------------------+-----------------------+----------------+-----------------+----------------------+-----------------------+---------------+-----------------+------------------------+------------+---------------+--------------------+----------------+-------------------+-------------+---------------------+---------------+
Tabular can be hard to read, but it's possible to export the data to CSV, JSON and XML to import in your favourite editor.
geoip IP_ADDRESSES
Get the IP address geo-location information of a given IP address or list of IP addresses. For details about all fields returned by the call read https://apility.io/apidocs/#geo-ip-look-up.
Example single IP address:
$ apility geoip 212.231.122.11
+----------------------+-------------------+
| KEY | VALUE |
+----------------------+-------------------+
| IP ADDRESS | 212.231.122.11 |
| LONGITUDE | 40.4172 |
| LATITUDE | -3.684 |
| HOSTNAME | |
| CONTINENT | EU |
| COUNTRY | ES |
| REGION | |
| CITY | |
| POSTAL CODE | |
| TIME ZONE | |
| ACCURACY RADIUS | 500 |
| CONTINENT_GEONAME_ID | 6255148 |
| COUNTRY_GEONAME_ID | 2510769 |
| REGION_GEONAME_ID | -1 |
| CITY_GEONAME_ID | -1 |
| ASN | 15704 |
| AS NAME | Xtra Telecom S.A. |
| AS COUNTRY | ES |
| AS NETWORKS | 31.222.80.0/20 |
| | 31.222.88.0/24 |
...
| | 212.231.250.0/24 |
| | 213.94.0.0/18 |
+----------------------+-------------------+
Example multiple IP addresses:
$ apility geoip 9.9.9.9,8.8.8.8,1.1.1.1
+------------+-----------+--------------------+----------+-----------+---------+----------+----------+-------------+---------------------+-----------------+----------------------+--------------------+-------------------+-----------------+-------+--------------------+------------+------------------+
| IP ADDRESS | LONGITUDE | LATITUDE | HOSTNAME | CONTINENT | COUNTRY | REGION | CITY | POSTAL CODE | TIME ZONE | ACCURACY_RADIUS | CONTINENT_GEONAME_ID | COUNTRY_GEONAME_ID | REGION_GEONAME_ID | CITY_GEONAME_ID | ASN | AS NAME | AS COUNTRY | AS NETWORKS |
+------------+-----------+--------------------+----------+-----------+---------+----------+----------+-------------+---------------------+-----------------+----------------------+--------------------+-------------------+-----------------+-------+--------------------+------------+------------------+
| 9.9.9.9 | 48.8582 | 2.3387000000000002 | | EU | FR | | | | Europe/Paris | 1000 | 6255148 | 3017382 | -1 | -1 | 19281 | QUAD9-AS-1 - Quad9 | US | |
| 8.8.8.8 | 37.751 | -97.822 | | NA | US | | | | | 1000 | 6255149 | 6252001 | -1 | -1 | 15169 | Google LLC | US | 8.8.4.0/24 |
| | | | | | | | | | | | | | | | | | | 8.8.8.0/24 |
...
| | | | | | | | | | | | | | | | | | | 216.252.220.0/24 |
| | | | | | | | | | | | | | | | | | | 216.252.222.0/24 |
| 1.1.1.1 | -37.7 | 145.1833 | | OC | AU | Victoria | Research | 3095 | Australia/Melbourne | 1000 | 6255151 | 2077456 | 2145234 | 2151718 | 13335 | Cloudflare Inc | US | 1.0.0.0/24 |
| | | | | | | | | | | | | | | | | | | 1.1.1.0/24 |
...
| | | | | | | | | | | | | | | | | | | 199.21.96.0/22 |
| | | | | | | | | | | | | | | | | | | 199.27.132.0/24 |
+------------+-----------+--------------------+----------+-----------+---------+----------+----------+-------------+---------------------+-----------------+----------------------+--------------------+-------------------+-----------------+-------+--------------------+------------+------------------+
asip IP_ADDRESSES
Get the Autonomous System information of a given IP address or list of IP addresses. For details about all fields returned by the call read https://apility.io/apidocs/#autonomous-system-look-up.
Example single IP address:
$ apility asip 9.9.9.9
+-------------+--------------------+
| KEY | VALUE |
+-------------+--------------------+
| IP ADDRESS | 9.9.9.9 |
| ASN | 19281 |
| AS NAME | QUAD9-AS-1 - Quad9 |
| AS COUNTRY | US |
| AS NETWORKS | |
+-------------+--------------------+
Example multiple IP addresses:
$ apility asip 9.9.9.9,8.8.8.8,1.1.1.1
+------------+-------+--------------------+------------+------------------+
| IP ADDRESS | ASN | AS NAME | AS COUNTRY | AS NETWORKS |
+------------+-------+--------------------+------------+------------------+
| 9.9.9.9 | 19281 | QUAD9-AS-1 - Quad9 | US | |
| 8.8.8.8 | 15169 | Google LLC | US | 8.8.4.0/24 |
| | | | | 8.8.8.0/24 |
| | | | | 8.34.208.0/21 |
...
| | | | | 216.252.220.0/24 |
| | | | | 216.252.222.0/24 |
| 1.1.1.1 | 13335 | Cloudflare Inc | US | 1.0.0.0/24 |
| | | | | 1.1.1.0/24 |
...
| | | | | 199.21.96.0/22 |
| | | | | 199.27.132.0/24 |
+------------+-------+--------------------+------------+------------------+
asnum AS_NUMBERS
Get the Autonomous System information of a given AS Number or list of AS Numbers. For details about all fields returned by the call read https://apility.io/apidocs/#autonomous-system-look-up.
Example single AS number:
$ apility asnum 19281
+-------------+--------------------+
| KEY | VALUE |
+-------------+--------------------+
| ASN | 19281 |
| AS NAME | QUAD9-AS-1 - Quad9 |
| AS COUNTRY | US |
| AS NETWORKS | |
+-------------+--------------------+
Example multiple AS numbers:
$ apility asnum 19281,15169,13335
+-------+--------------------+------------+------------------+
| ASN | AS NAME | AS COUNTRY | AS NETWORKS |
+-------+--------------------+------------+------------------+
| 19281 | QUAD9-AS-1 - Quad9 | US | |
| 15169 | Google LLC | US | 8.8.4.0/24 |
| | | | 8.8.8.0/24 |
...
| | | | 216.252.220.0/24 |
| | | | 216.252.222.0/24 |
| 13335 | Cloudflare Inc | US | 1.0.0.0/24 |
| | | | 1.1.1.0/24 |
...
| | | | 199.21.96.0/22 |
| | | | 199.27.132.0/24 |
+-------+--------------------+------------+------------------+
whoisip IP_ADDRESS
Get the WHOIS information of a given IP address. For details about all fields returned by the call read https://apility.io/apidocs/#whois-query.
Example:
$ apility whoisip 9.9.9.9
+-----------------------+----------------------------------------------------------------------------------------------------------+
| KEY | VALUE |
+-----------------------+----------------------------------------------------------------------------------------------------------+
| IP ADDRESS | 9.9.9.9 |
| ASN | 19281 |
| ASN CIDR | 9.9.9.0/24 |
...
| | Description: Copyright 1997-2018, American Registry for Internet Numbers, Ltd. |
| | Links: |
+-----------------------+----------------------------------------------------------------------------------------------------------+
historyip IP_ADDRESS [--page=PAGE_NUMBER] [--rows=ROWS_PER_PAGE] [--timestamp=END_SEARCH_TIME]
Get the list of transactions of a given IP address in our database. For experts who wish to know the historical activity of the given IP address in our database. For details about all fields returned by the call read https://apility.io/apidocs/#resource-history.
Example:
$ apility historyip 1.2.3.4 --rows=5
+---------------+------------+---------+-------------------+-------------------+
| TIMESTAMP | IP ADDRESS | COMMAND | BLACKLIST CHANGES | BLACKLISTS |
+---------------+------------+---------+-------------------+-------------------+
| 1531952716955 | 1.2.3.4 | rem | UCEPROTECT-LEVEL1 | STOPFORUMSPAM-365 |
| | | | | STOPFORUMSPAM-180 |
| | | | | STOPFORUMSPAM-90 |
| 1530155042672 | 1.2.3.4 | rem | STOPFORUMSPAM-30 | STOPFORUMSPAM-365 |
| | | | | UCEPROTECT-LEVEL1 |
| | | | | STOPFORUMSPAM-180 |
| | | | | STOPFORUMSPAM-90 |
| 1529908758047 | 1.2.3.4 | add | UCEPROTECT-LEVEL1 | STOPFORUMSPAM-365 |
| | | | | STOPFORUMSPAM-30 |
| | | | | UCEPROTECT-LEVEL1 |
| | | | | STOPFORUMSPAM-180 |
| | | | | STOPFORUMSPAM-90 |
| 1529893785318 | 1.2.3.4 | rem | UCEPROTECT-LEVEL1 | STOPFORUMSPAM-365 |
| | | | | STOPFORUMSPAM-30 |
| | | | | STOPFORUMSPAM-180 |
| | | | | STOPFORUMSPAM-90 |
| 1528081288202 | 1.2.3.4 | rem | STOPFORUMSPAM-7 | STOPFORUMSPAM-365 |
| | | | | STOPFORUMSPAM-30 |
| | | | | UCEPROTECT-LEVEL1 |
| | | | | STOPFORUMSPAM-180 |
| | | | | STOPFORUMSPAM-90 |
+---------------+------------+---------+-------------------+-------------------+
historydomain DOMAIN [--page=PAGE_NUMBER] [--rows=ROWS_PER_PAGE] [--timestamp=END_SEARCH_TIME]
Get the list of transactions of a given Domain in our database. For experts who wish to know the historical activity of the given domain in our database. For details about all fields returned by the call read https://apility.io/apidocs/#resource-history.
Example:
$ apility historydomain historydomain getfortniteapk.com --rows=5
+---------------+--------------------+---------+----------------------------------+----------------------------------+
| TIMESTAMP | DOMAIN | COMMAND | BLACKLIST CHANGES | BLACKLISTS |
+---------------+--------------------+---------+----------------------------------+----------------------------------+
| 1533614590795 | getfortniteapk.com | add | SQUIDBLACKLIST-MALICIOUS-DOMAINS | SQUIDBLACKLIST-MALICIOUS-DOMAINS |
| 1533528178680 | getfortniteapk.com | rem | SQUIDBLACKLIST-MALICIOUS-DOMAINS | |
| 1533269082869 | getfortniteapk.com | add | SQUIDBLACKLIST-MALICIOUS-DOMAINS | SQUIDBLACKLIST-MALICIOUS-DOMAINS |
| 1532923315824 | getfortniteapk.com | rem | SQUIDBLACKLIST-MALICIOUS-DOMAINS | |
| 1532750773430 | getfortniteapk.com | add | SQUIDBLACKLIST-MALICIOUS-DOMAINS | SQUIDBLACKLIST-MALICIOUS-DOMAINS |
+---------------+--------------------+---------+----------------------------------+----------------------------------+
historyemail EMAIL [--page=PAGE_NUMBER] [--rows=ROWS_PER_PAGE] [--timestamp=END_SEARCH_TIME]
Get the list of transactions of a given Email in our database. For experts who wish to know the historical activity of the given Email in our database. For details about all fields returned by the call read https://apility.io/apidocs/#resource-history.
Example:
$ apility historydomain historyemail test@mailinator.com --rows=5
+---------------+---------------------+---------+-------------------+-------------------+
| TIMESTAMP | EMAIL | COMMAND | BLACKLIST CHANGES | BLACKLISTS |
+---------------+---------------------+---------+-------------------+-------------------+
| 1533527521294 | test@mailinator.com | rem | STOPFORUMSPAM-365 | |
| 1518463557410 | test@mailinator.com | add | STOPFORUMSPAM-365 | STOPFORUMSPAM-365 |
+---------------+---------------------+---------+-------------------+-------------------+
getquarantine [IP|COUNTRY|CONTINENT|ASN]
Get the list of IP addresses, Countries, Continents or Autonoumous Systems in the quarantine. Quarantine is a private exclusion lists based on user IP address properties. For details about all fields returned by the call read https://apility.io/apidocs/#quarantined-objects.
Example of IP addresses in the quarantine:
$ apility getquaratine ip
+-----------------+-------+
| IP | TTL |
+-----------------+-------+
| 104.128.136.110 | 80395 |
| 203.122.33.35 | 80442 |
| 1.2.3.4 | -1 |
+-----------------+-------+
The TTL (Time To Live) column is the time in seconds that the resource (IP address, Country, Continent or AS) will stay in the quarantine. -1 means forever and any positive number is a countdown until zero when the resource will expire.
Example of countries in the quarantine:
$ apility getquaratine country
+---------+-----+
| COUNTRY | TTL |
+---------+-----+
| AQ | -1 |
+---------+-----+
Countries can be any ISO-3166-1 country code.
Example of continents in the quarantine:
$ apility getquaratine continent
+-----------+-----+
| CONTINENT | TTL |
+-----------+-----+
| EU | -1 |
+-----------+-----+
Continents codes can be EU, AS, NA, AF, AN, SA, OC.
Example of Autonomous Systems in the quarantine:
$ apility getquaratine asn
+-------+-----+
| ASN | TTL |
+-------+-----+
| 13339 | -1 |
+-------+-----+
API Documentation
This CLI has been built around the python library. You can read the Python Library documentation here: http://apilityio-python-lib.readthedocs.io/en/latest/
You can also read the original REST API specification here: https://apility.io/apidocs
Contact Us
Do you have an issue using the Apilityio Client Libraries? Or perhaps some feedback for how we can improve them? Feel free to let us know on our issue tracker
