👨‍💻Threat Detector

We provide detailed and accurate Timezone data, adjusted for DST where applicable.

Sample Response

"threat_detector": {
    "is_abuser": true,
    "is_attacker": false,
    "is_bogon": false,
    "is_cloud_provider": false,
    "is_proxy": false,
    "is_relay": false,
    "is_tor": false,
    "is_tor_exit": false,
    "is_vpn": false,
    "is_anonymous": false,
    "is_threat": true
},

Field	Description
is_abuser	is true if the IP address is a known source of abuse i.e. spam, harvesters, registration bots and other nuisance bots etc
is_attacker	is true if an IP address is a known source of malicious activity, i.e. attacks, malware, botnet activity etc
is_bogon	Boolean indicating whether the IP Address is a Bogon: an unassigned, unaddressable IP address.
is_cloud_provider	Boolean indicating whether the IP address is used for hosting purposes (e.g. a node from Akamai, Cloudflare, Google Cloud Platform, Amazon EC2, and more).
is_proxy	Boolean indicating whether the IP Address is a known proxy. It includes HTTP/HTTPS/SSL/SOCKS/CONNECT and transparent proxies.
is_relay	Boolean indicating whether the IP Address is a known relay. Relay IP addresses are not designed to bypass geo-controls but instead pool multiple users behind the same IP. At this time, only Apple Private Relay IP addresses are detected.
is_tor	Boolean indicating whether the IP Address is a Tor relay: exit relay node, middle relay node or a bridge.
is_tor_exit	Boolean indicating whether the IP Address is a Tor exit relay node.
is_vpn	Returns true when the IP address under search is used by a Virtual Private Network (VPN), false otherwise. VPNs encrypt internet traffic and disguise online identity.
is_anonymous	Boolean with true value if is_proxy, is_tor OR is_vpn is satisfied.
is_threat	Boolean with true value if is_abuser or is_attacker is satisfied. The field is_cloud_provider is not considered. It is up to you to combine this last field with a logical OR or not