Skip to main content
[GET]
{{baseUrl}}/api/v1/fraud/ip
HeaderTypeDescription
AppIdstringCreate an app to get your app ID on dashboard here
AuthorizationstringPrivate/secret key. Use <key> not Bearer <key>

​
Query parameter

ParameterTypeDescriptionRequired
ip_addressstringIP Addressrequired

​
Sample response

Response

{
  "entity": {
    "report": {
      "ip": "2.58.56.101",
      "blacklists": {
        "detections": 11,
        "engines_count": 85,
        "detection_rate": "13%",
        "scantime": "0.92"
      },
      "information": {
        "reverse_dns": "powered.by.rdp.sh",
        "continent_code": "EU",
        "continent_name": "Europe",
        "country_code": "DE",
        "country_name": "Germany",
        "country_currency": "EUR",
        "country_calling_code": "49",
        "region_name": "Hamburg",
        "city_name": "Hamburg",
        "latitude": 53.575321197509766,
        "longitude": 10.015339851379395,
        "isp": "1337 Services GmbH",
        "asn": "AS210558"
      },
      "anonymity": {
        "is_proxy": false,
        "is_webproxy": false,
        "is_vpn": false,
        "is_hosting": false,
        "is_tor": true
      },
      "risk_score": {
        "result": 100
      }
    },
    "success": true
  }
}

​
Response Fields

FieldTypeDescription
entityobjectContains the IP screening result
entity.reportobjectFull risk report for the screened IP address
entity.report.ipstringThe IP address that was screened
entity.report.blacklistsobjectBlacklist detection results across threat intelligence engines
entity.report.blacklists.detectionsintegerNumber of engines that flagged the IP as malicious
entity.report.blacklists.engines_countintegerTotal number of threat intelligence engines queried
entity.report.blacklists.detection_ratestringPercentage of engines that flagged the IP
entity.report.blacklists.scantimestringTime taken to complete the blacklist scan in seconds
entity.report.informationobjectGeolocation and network details for the IP
entity.report.information.reverse_dnsstringReverse DNS hostname for the IP address
entity.report.information.continent_codestringTwo-letter continent code (e.g., β€œEU”, β€œNA”)
entity.report.information.continent_namestringFull name of the continent
entity.report.information.country_codestringISO 3166-1 alpha-2 country code
entity.report.information.country_namestringFull name of the country
entity.report.information.country_currencystringCurrency code used in the country
entity.report.information.country_calling_codestringInternational calling code for the country
entity.report.information.region_namestringName of the region or state
entity.report.information.city_namestringName of the city
entity.report.information.latitudenumberGeographic latitude coordinate
entity.report.information.longitudenumberGeographic longitude coordinate
entity.report.information.ispstringInternet Service Provider name
entity.report.information.asnstringAutonomous System Number identifying the network
entity.report.anonymityobjectAnonymity and proxy detection results
entity.report.anonymity.is_proxybooleantrue if the IP is identified as a proxy server
entity.report.anonymity.is_webproxybooleantrue if the IP is identified as a web-based proxy
entity.report.anonymity.is_vpnbooleantrue if the IP is identified as a VPN endpoint
entity.report.anonymity.is_hostingbooleantrue if the IP belongs to a hosting or data center provider
entity.report.anonymity.is_torbooleantrue if the IP is a known Tor exit node
entity.report.risk_scoreobjectOverall risk assessment
entity.report.risk_score.resultintegerRisk score from 0 (no risk) to 100 (highest risk)
entity.successbooleantrue if the screening completed successfully