Your customers expect an AI-blocking category inside your product. We deliver 16,024+ classified domains across 18 categories, in nine formats, updated daily and licensed for OEM redistribution.
Every DNS filter, SWG, and NGFW ships with content categories — gambling, adult, malware, phishing, social media. AI tools are the first major new category since the smartphone era.
The AI-tool landscape is not a static list of a few dozen services. It spans tens of thousands of domains across chatbots, code generators, image synthesizers, voice cloners, and more.
New domains appear daily as startups launch, established companies add AI features, and open-source projects deploy hosted instances.
OEM partners typically ship the AI-blocking category in their next release cycle. Customers see a new "AI Tools" category in the policy dashboard — complete with granular subcategories.
Security products vary in how they ingest domain intelligence. We deliver the same classified data in nine formats — no conversion middleware needed.
| Format | Use Case | Target Product |
|---|---|---|
| JSON | Full metadata per domain | SWGs, endpoint agents, custom apps |
| CSV | Spreadsheet-compatible tooling | Legacy proxies, manual import |
| RPZ | Response Policy Zone files | BIND, Knot, PowerDNS Recursor |
| Hosts | OS-level blocking agents | Endpoint agents, sysadmin scripts |
| Plain-text domain list | One domain per line | Firewalls, proxies, EDLs |
| BIND zone | Full zone file format | BIND DNS servers |
| dnsmasq | dnsmasq config format | dnsmasq-based resolvers |
| Unbound | local-zone format | Unbound DNS resolvers |
| SURBL | SURBL-compatible lists | Anti-spam and URL filtering |
Each format includes the same underlying data. Domain coverage, categorization, and confidence scores are consistent across all outputs.
RPZ is the most operationally efficient option for DNS resolver vendors. Load the zone file directly into any RPZ-compatible resolver.
openai.com automatically covers chat.openai.com, api.openai.com, and any future subdomains.
; RPZ zone file — AI Tools Blocklist ; Generated: 2026-07-09T06:00:00Z ; Domains: 16,024+ ; Load this as a response-policy zone in BIND or compatible resolvers $TTL 300 @ IN SOA localhost. root.localhost. ( 2026070901 ; serial (YYYYMMDDNN) 3600 ; refresh 600 ; retry 604800 ; expire 300 ) ; minimum TTL IN NS localhost. ; Text & Language — General Assistants & Chatbots chat.openai.com CNAME . ; block (NXDOMAIN) *.chat.openai.com CNAME . ; wildcard subdomains claude.ai CNAME . *.claude.ai CNAME . gemini.google.com CNAME . bard.google.com CNAME . ; Image & Visual — Image Generation midjourney.com CNAME . *.midjourney.com CNAME . leonardo.ai CNAME . *.leonardo.ai CNAME .
The feed is delivered through a RESTful API secured with Bearer token authentication. Every OEM partner receives a dedicated API key scoped to their license tier.
All endpoints accept a format parameter — the same endpoint returns JSON, CSV, RPZ, or any supported format.
Authorization header. Keys are long-lived with no forced rotation schedule.
Rate limits are designed for OEM workloads, not retail API consumers. All responses are gzip-compressed by default.
5,000 req/hr. Under 200 ms P95 latency.
Ideal for real-time DNS query enrichment on cache miss.
~18 MB gzipped. Under 8s P95 download time.
Use for initial ingestion and monthly consistency checks.
Typically under 150 KB per day.
The backbone of daily sync operations.
The delta endpoint is the operational backbone of OEM integration. Request only records that changed since your last sync — no full download required.
A typical daily delta contains 50–500 domain changes. The response is structured into three arrays that map cleanly to database operations:
New AI tools discovered by our classification pipeline, with full metadata. Maps to INSERT.
Domains whose category, confidence, or risk tier changed after product pivots. Maps to UPDATE.
Domains no longer classified as AI tools — shut down or changed purpose. Maps to DELETE.
Prefer push over polling? Register a webhook URL in the partner dashboard.
feed_version and generated timestamp for tracking.
Run a full-feed consistency check once per month. Download the complete dataset, compare against your local category database, and reconcile any discrepancies from missed deltas, partial syncs, or database corruption.
#!/bin/bash # OEM sync script — runs daily via cron at 06:30 UTC # Fetches delta, applies changes to local category DB, updates checkpoint set -euo pipefail API_KEY="YOUR_OEM_API_KEY" API_BASE="https://api.aitoolsblocklist.com/v1" STATE_DIR="/var/lib/your-product/ai-feed" LAST_SYNC=$(cat "$STATE_DIR/last-sync.txt") # Fetch delta since last successful sync curl -sf -H "Authorization: Bearer $API_KEY" \ "$API_BASE/feed/delta?since=$LAST_SYNC&format=json" \ -o "$STATE_DIR/delta.json" # Parse counts for logging ADDED=$(jq '.added | length' "$STATE_DIR/delta.json") MODIFIED=$(jq '.modified | length' "$STATE_DIR/delta.json") REMOVED=$(jq '.removed | length' "$STATE_DIR/delta.json") # Apply additions and modifications to category database jq -r '(.added + .modified)[] | [.domain, .primary_category, .subcategory, .confidence, .risk_tier] | @csv' \ "$STATE_DIR/delta.json" | category-db-import --category=ai-tools --upsert # Remove deactivated domains jq -r '.removed[].domain' "$STATE_DIR/delta.json" \ | category-db-remove --category=ai-tools # Update sync checkpoint jq -r '.timestamp' "$STATE_DIR/delta.json" > "$STATE_DIR/last-sync.txt" echo "AI feed sync complete: +$ADDED ~$MODIFIED -$REMOVED domains" # Monthly full-feed consistency check (runs on 1st of each month) if [ $(date +%d) = "01" ]; then curl -sf -H "Authorization: Bearer $API_KEY" \ "$API_BASE/feed?format=json&status=active" \ -o "$STATE_DIR/full-feed.json" category-db-reconcile --category=ai-tools --source="$STATE_DIR/full-feed.json" echo "Monthly consistency reconciliation complete" fi
OEM partners embed our feed into products serving thousands of end customers. Feed downtime or data-quality issues propagate directly to your customer base.
Precision over recall — false positives generate support tickets and erode trust. Our multi-stage pipeline minimizes them.
Uptime SLA
False Positive Rate
Probation Window
Domains Scanned Daily
| Score Range | Evidence Strength | Typical Domains |
|---|---|---|
| 0.95 – 1.00 | Unambiguous | Dedicated AI tools with clear product pages, API docs, and user interfaces |
| 0.80 – 0.94 | Solid with some ambiguity | Dual-purpose sites where AI is significant but not the exclusive feature |
| Below 0.80 | Excluded from feed | Insufficient evidence to classify with production-grade confidence |
This provides the optimal balance between coverage and accuracy. If your product exposes the threshold as a customer-configurable parameter, end users gain fine-grained sensitivity control — a differentiating feature competitors with flat blocklists cannot offer.
This is not a retail API subscription — it is a data-licensing agreement for vendors who embed the feed into commercial products.
For partners who require complete brand separation:
feeds.yourproduct.com) with your TLS certificate.
Volume pricing is based on formats and update frequency — not your customer count. Growth is never penalized.
A partner needing JSON and RPZ with daily updates pays a fixed annual fee whether they serve 100 or 100,000 downstream customers.
Integration differs by product architecture. These patterns reflect what our most successful OEM partners have implemented across dozens of production deployments.
Consume the RPZ format. Load directly into BIND, Unbound, Knot, or proprietary resolvers.
Map our 18 categories to your internal IDs. Expose subcategories in dashboards for shadow-AI analytics.
Consume the JSON feed. Load into your URL classification DB alongside existing categories.
Leverage confidence scores, risk tiers, and data-handling flags for DLP integration.
Consume plaintext or EDL-formatted feeds. Palo Alto PAN-OS and FortiGate natively support external domain lists.
Category-specific feed URLs enable per-category security rules.
Distribute via your existing content-update channel. Enforce at the local DNS resolver, hosts-file, or browser-extension level.
JSON provides full metadata for local policy evaluation without network dependency.
A flat domain list tells your product whether a domain is an AI tool. Our enriched feed tells it what kind, how confident, how it handles data, and when it appeared.
Each domain is classified as high, medium, or low risk based on data-handling practices, input sensitivity, and content retention.
| Risk Tier | Description | Examples |
|---|---|---|
| High | Processes and stores freeform user content in the cloud | Chatbots, code assistants, image generators accepting proprietary assets |
| Medium | Cloud-processed but limited data retention | AI search engines, summarization tools, translation services |
| Low | Local processing or no input data retained | AI spell-checkers, grammar tools, local classification models |
Exposing risk tiers in your policy interface lets administrators create tiered policies without manually reviewing each tool.
The first_seen and last_verified timestamps enable time-based policies and reporting.
Block AI tools less than 30 days old — newly launched tools often have immature security practices and unknown data-handling policies.
Show the rate of new AI-tool discovery over time — correlates with the pace of shadow-AI adoption in your customers' workforce.
We provide a 30-day technical evaluation with full API access, all output formats, and a dedicated integration engineer. Most partners ship the AI-tools category within one release cycle.
Tell us about your security product and integration requirements. We will provide API credentials and a 30-day technical evaluation within 24 hours.