👨‍💻Threat Detector

We provide detailed and accurate Timezone data, adjusted for DST where applicable.

Sample Response

"threat_detector": {
    "is_abuser": true,
    "is_attacker": false,
    "is_bogon": false,
    "is_cloud_provider": false,
    "is_proxy": false,
    "is_relay": false,
    "is_tor": false,
    "is_tor_exit": false,
    "is_vpn": false,
    "is_anonymous": false,
    "is_threat": true
},

Field Description

Field	Description
is_abuser	is true if the IP address is a known source of abuse i.e. spam, harvesters, registration bots and other nuisance bots etc
is_attacker	is true if an IP address is a known source of malicious activity, i.e. attacks, malware, botnet activity etc
is_bogon	Boolean indicating whether the IP Address is a Bogon: an unassigned, unaddressable IP address.
is_cloud_provider	Boolean indicating whether the IP address is used for hosting purposes (e.g. a node from Akamai, Cloudflare, Google Cloud Platform, Amazon EC2, and more).
is_proxy	Boolean indicating whether the IP Address is a known proxy. It includes HTTP/HTTPS/SSL/SOCKS/CONNECT and transparent proxies.
is_relay	Boolean indicating whether the IP Address is a known relay. Relay IP addresses are not designed to bypass geo-controls but instead pool multiple users behind the same IP. At this time, only Apple Private Relay IP addresses are detected.
is_tor	Boolean indicating whether the IP Address is a Tor relay: exit relay node, middle relay node or a bridge.
is_tor_exit	Boolean indicating whether the IP Address is a Tor exit relay node.
is_vpn	Returns `true` when the IP address under search is used by a Virtual Private Network (VPN), `false` otherwise. VPNs encrypt internet traffic and disguise online identity.
is_anonymous	Boolean with `true` value if `is_proxy`, `is_tor` OR `is_vpn` is satisfied.
is_threat	Boolean with `true` value if `is_abuser` or `is_attacker` is satisfied. The field `is_cloud_provider` is not considered. It is up to you to combine this last field with a logical OR or not

is_abuser

is true if the IP address is a known source of abuse i.e. spam, harvesters, registration bots and other nuisance bots etc

is_attacker

is true if an IP address is a known source of malicious activity, i.e. attacks, malware, botnet activity etc

is_bogon

Boolean indicating whether the IP Address is a Bogon: an unassigned, unaddressable IP address.

is_cloud_provider

Boolean indicating whether the IP address is used for hosting purposes (e.g. a node from Akamai, Cloudflare, Google Cloud Platform, Amazon EC2, and more).

is_proxy

Boolean indicating whether the IP Address is a known proxy. It includes HTTP/HTTPS/SSL/SOCKS/CONNECT and transparent proxies.

is_relay

Boolean indicating whether the IP Address is a known relay. Relay IP addresses are not designed to bypass geo-controls but instead pool multiple users behind the same IP. At this time, only Apple Private Relay IP addresses are detected.

is_tor

Boolean indicating whether the IP Address is a Tor relay: exit relay node, middle relay node or a bridge.

is_tor_exit

Boolean indicating whether the IP Address is a Tor exit relay node.

is_vpn

Returns true when the IP address under search is used by a Virtual Private Network (VPN), false otherwise. VPNs encrypt internet traffic and disguise online identity.

is_anonymous

Boolean with true value if is_proxy, is_tor OR is_vpn is satisfied.

is_threat

Boolean with true value if is_abuser or is_attacker is satisfied. The field is_cloud_provider is not considered. It is up to you to combine this last field with a logical OR or not

PreviousCurrency NextCompany

Last updated 1 year ago