Risk score and type labels for an IP (proxy / VPN / hosting / Tor)
• Accepts IPv4 (1.1.1.1), IPv6 (2606::1) or a domain (example.com)
• Returns a 0–100 risk score, a risk band and type labels
• Flags proxies / VPNs, datacenter / hosting and Tor exit nodes
• Every verdict ships with its evidence and weight for auditing
IP reputation lookup combines several signals — an upstream proxy / VPN flag, datacenter / hosting ranges, the Tor exit-node list, and ASN / ISP ownership — into a 0–100 risk score for an IPv4 or IPv6 address, together with type labels (proxy / vpn / hosting / tor / residential) and the evidence behind each verdict.
Common uses: deciding in a risk / anti-fraud flow whether a visitor is behind a proxy / VPN, spotting datacenter egress behind bulk sign-ups or abuse, attaching a risk score to sensitive actions like login or checkout, and integrating it as a developer data API into your own risk pipeline.
The score is a capped (max 100) sum of signal weights: a Tor exit carries the most weight, a proxy / VPN flag next, a known abuse / bulletproof-hosting ASN a moderate signal, and a plain datacenter / hosting IP the weakest. An IP with no risk signal at all is treated as residential and scores 0. Every matched signal is listed under Evidence with its weight, so the result is fully explainable.
A datacenter / hosting IP is not fraud by itself, but real end-user traffic rarely originates directly from cloud hosts, so it is a weak risk signal (low weight). Whether to block should combine the business context with other signals rather than rely on a single label.
Tor exit detection is based on the public Tor exit-node list. Exit nodes churn daily, so the list is refreshed on a schedule from the canonical bulk exit list (cached for resilience) and swapped in live, with an embedded snapshot as the startup fallback.
Yes. The public endpoint is GET /v1/ip/reputation?q=<IP>. Anonymous calls are rate-limited per IP to prevent bulk scraping; calls made with an API key count against your account's API quota and usage billing and are rate-limited per key.