This API endpoint allows you to perform Proxy Detection and IP reputation checks on behalf of your users in an almost identical fashion to our standard API structure.
IP & Proxy Checks
About IP & Proxy Checks in Custom Integrations
Request URL
| Warning: For security reasons, you should only call this API server-side. |
You can use the following URL to submit IP addresses to the IP Reputation and Proxy Detection API:
Request Parameters
| Parameter | Description | Example Value / Format | |
| key | Required. Your site's domain or the domain that requested this integration. | google.com | |
| secret | Required. Your user's current secret created during the authentication process. | char(128) | |
| ip | Required. The IP you wish to perform a proxy/ip validation check against. | IPv4 or IPv6 address in dot/colon notation. | |
| strictness | How in depth (strict) do you want this query to be? Higher values take longer to process and may provide a higher false-positive rate. We recommend starting at "0", the lowest strictness setting, and increasing to "1" or "2" depending on your levels of fraud. | integer, 0 - 5 | |
| user_agent | You can optionally provide us with the user agent string (browser). This allows us to run additional checks to see if the user is a bot or running an invalid browser. This allows us to evaluate the risk of the user as judged in the fraud_score. |
string | |
| user_language | You can optionally provide us with the user's language header. This allows us to evaluate the risk of the user as judged in the fraud_score. |
string | |
| fast | When this parameter is enabled our API will not perform certain forensic checks that take longer to process. Enabling this feature greatly increases the API speed without much impact on accuracy. This option is intended for services that require decision making in a time sensitive manner and can be used for any strictness level. | boolean, string (true or false) | |
| mobile | You can optionally specify that this lookup should be treated as a mobile device. Recommended for mobile lookups that do not have a user agent attached to the request.
|
boolean, string (true or false) | |
| allow_public_access_points | Bypasses certain checks for IP addresses from education and research institutions, schools, and some corporate connections to better accommodate audiences that frequently use public connections. | boolean, string (true or false) | |
| transaction_strictness | Adjusts the weights for penalties applied due to irregularities and fraudulent patterns detected on order and transaction details that can be optionally provided on each API request. This feature is only beneficial if you are passing order and transaction details. A table is available further down the page with supported transaction variables. | integer, 0 - 2 |
Response Parameters
| Note: Only JSON responses are available from this API. |
| Parameter | Description | Format |
| message | Description of the status of this call. May contain errors if errors exist. | text |
| success | Boolean result of if the request was successful or not. | boolean |
| proxy | Is this IP address suspected to be a proxy? (SOCKS, Elite, Anonymous, VPN, Tor, etc.) | boolean |
| host | Hostname of the IP address if one is available. | string |
| ISP | ISP if one is known. Otherwise N/A. | string |
| Organization | Organization if one is known. Can be parent company or sub company of the listed ISP. Otherwise N/A. | string |
| ASN | Autonomous System Number if one is known. Otherwise N/A. | string |
| country_code | Two character country code of IP address or N/A if unknown. | string |
| city | City of IP address if available or N/A if unknown. | string |
| region | Region (state) of IP address if available or N/A if unknown. | string |
| timezone | Timezone of IP address if available or N/A if unknown. | string |
| latitude | Latitude of IP address if available or N/A if unknown. | string |
| longitude | Longitude of IP address if available or N/A if unknown. | string |
| is_crawler | Is this IP associated with a confirmed crawler such as Googlebot or Bingbot, based on hostname or IP address verification? | boolean |
| recent_abuse | This value will indicate if there has been any recently verified abuse across our network for this IP address. Abuse could be a confirmed chargeback, compromised device, fake app install, or similar malicious behavior within the past few days. | boolean |
| vpn | Is this IP suspected of being a VPN connection? (proxy will always be true if this is true) | boolean |
| tor | Is this IP suspected of being a Tor connection? (proxy will always be true if this is true) | boolean |
| mobile | Is this user agent a mobile browser? (will always be false if the user agent is not passed in the API request) | boolean |
| fraud_score | The overall fraud score of the user based on the IP, user agent, language, and any other optionally passed variables. We recommend that any fraud score equal to or over 75 be treated as a risky user. | float |
| request_id | A unique identifier for this request that can be used to lookup the request details or send a postback conversion notice. | string |
| operating_system | Operating system name and version or N/A if unknown. Requires the user_agent variable in the API Request. | string |
| browser | Browser name and version or N/A if unknown. Requires the user_agent variable in the API Request. | string |
| device_brand | Brand name of the device or N/A if unknown. Requires the user_agent variable in the API Request. | string |
| device_model | Model name of the device or N/A if unknown. Requires the user_agent variable in the API Request. | string |
| transaction_details | Additional scoring variables for risk analysis are available when transaction data is passed through the API request. These variables are also useful for scoring physical addresses, phone numbers, usernames, transaction info, and similar data passed with the API request. The following transaction variables are returned as booleans, and null when the necessary transaction parameters are not passed with the API request. For instance, not passing the billing_email will return valid_billing_email as null.
|
object |
| errors | Array of errors which occurred while attempting to process this request. | array of strings |
Order & Transaction Fraud Scoring
You can analyze additional user data for orders, transactions, lead generation, and user information to enhance Fraud Scores. The following fields are entirely optional and provide additional data that you can use to detect fraudulent patterns and behavior. Any additional data beyond the IP address greatly improves the detection of high-risk users.
The API displays risk analysis on transaction data in the transaction_details object. If only one address is available for the user or transaction, enter the address data into the shipping or billing variables, rather than entering the same address in both variables. Passing the email address also contributes to detecting fraudulent users. However, the API will only perform a light abuse check. Performing a full lookup with our Email Verification API will provide greater detail and accuracy. You can ignore any variables listed below that are irrelevant to your requirements.
| Key | Description | Expected Values |
| billing_first_name | The customer's billing first name. | String |
| billing_last_name | The customer's billing last name. | String |
| billing_company | The customer's billing company. | String |
| billing_country | The customer's billing country name or billing country ISO-Alpha2. (EG: United States or US) | String |
| billing_address_1 | The customer's billing street address part 1. | String |
| billing_address_2 | The customer's billing street address part 2. | String |
| billing_city | The customer's billing city. | String |
| billing_region | The customer's billing region or state. | String |
| billing_postcode | The customer's billing postcode or zipcode. | String / Number |
| billing_email | The customer's billing email address. | String |
| billing_phone | The customer's billing 11 to 14 digit phone number. (If less than 10 digits provided, the country code will be guessed by our AI.) | Number |
| shipping_first_name | The customer's shipping first name. | String |
| shipping_last_name | The customer's shipping last name. | String |
| shipping_company | The customer's shipping company. | String |
| shipping_country | The customer's shipping country name or shipping country ISO-Alpha2. (EG: United States or US) | String |
| shipping_address_1 | The customer's shipping street address part 1. | String |
| shipping_address_2 | The customer's shipping street address part 2. | String |
| shipping_city | The customer's shipping city. | String |
| shipping_region | The customer's shipping region or state. | String |
| shipping_postcode | The customer's shipping postcode or zipcode. | String / Number |
| shipping_email | The customer's shipping email address. | String |
| shipping_phone | The customer's shipping 11 to 14 digit phone number. (If less than 10 digits provided, the country code will be guessed by our AI.) | Number |
| username | The customer's username. | String |
| password_hash | For security reasons and following industry best practices, a SHA256 hash of the user's password for better user analysis. | SHA256 / string |
| credit_card_bin | First six digits of the credit or debit card, referred to ask the Bank Identification Number. | Number |
| credit_card_hash | For security reasons and following industry best practices, a SHA256 hash of the credit card number is accepted to check against blacklisted cards. | SHA256 / string |
| credit_card_expiration_month | Two letter format of the credit card's expiration month. For example, May would be "05". | Number |
| credit_card_expiration_year | Two letter format of the credit card's expiration year. For example, 2022 would be "22". | Number |
| avs_code | One letter Address Verification Service (AVS) response code provided by the credit card processor or bank. A full list of acceptable response codes can be viewed here. | Number |
| cvv_code | One letter Card Verification Value (CVV2) response code provided by the credit card processor or bank. A full list of acceptable response codes can be viewed here. | Number |
| order_amount | Total balance of the entire order without currency symbols. | Number |
| order_quantity | Quantity of items for this order. | Number |
| recurring | Is this a recurring order that automatically rebills? | boolean |
| recurring_times | If this is a recurring order, then how many times has this recurring order rebilled? For example, if this is the third time the user is being billed, please enter this value as "3". If this is the initial recurring order, please leave the value as blank or enter "1". | Number |
EXAMPLE CODE