Detect VPNs & block threats in real time
Enterprise-grade IP intelligence API. Identify VPNs, proxies, Tor nodes, and compromised IPs with sub-15ms latency and multi-source threat intelligence.
VPN Protocols
Avg Latency
Intel Feeds
Detection
Capabilities
Everything you need to secure your platform
VPN Detection
Identify connections from 12+ VPN protocols including OpenVPN, WireGuard, IKEv2, and commercial providers like NordVPN, ExpressVPN, and Surfshark.
Proxy Detection
Detect HTTP, SOCKS4/5, CGI, and residential proxies. Identify datacenter IPs masquerading as residential connections.
Tor Exit Node Blocking
Real-time Tor exit node database updated every 15 minutes. Block or flag traffic from the Tor network with zero false positives.
Geolocation Verification
Cross-reference claimed location with IP geolocation, timezone, and language settings to detect location spoofing attempts.
IP Reputation Scoring
Score every IP address against multiple threat intelligence sources. Historical abuse data, real-time analysis, and multi-source intelligence combined.
ASN Intelligence
Identify the autonomous system, hosting provider, and network type for any IP. Distinguish residential from datacenter traffic.
Connection Type Analysis
Determine if the connection is residential broadband, mobile cellular, datacenter hosted, or satellite — and flag mismatches.
Real-Time Updates
VPN server lists, Tor exit nodes, and proxy databases are updated continuously. New threats are detected within minutes.
Risk Scoring
Combine VPN, proxy, Tor, and geolocation signals into a single risk score. Configurable thresholds for blocking, challenging, or allowing.
How It Works
Up and running in 3 steps
Integrate
Add your API key to any stack in under 5 minutes. SDKs for Node.js, Python, Go, and more.
Query
Send any IP address to our endpoint. Get a risk score, action recommendation, and threat flags instantly.
Protect
Automatically block, challenge, or monitor suspicious traffic based on real-time intelligence.
Live Demo
Try it in real time
Enter any IP address or pick a sample to see LR Shield in action. Protected operator metrics are intentionally kept out of this public reference.
API Reference
Complete API documentation
Authenticate with your API key via the X-API-Key header. Base URL: https://api.lrdefender.lightningresearch.ai. Browser-facing examples stay on the `/api/v1/*` web proxy, while protected operator metrics are not shown here.
Quick Start
curl -s -H "X-API-Key: YOUR_API_KEY" \
https://api.lrdefender.lightningresearch.ai/v1/vpn-check/185.220.101.4Endpoints
Error Codes
400Bad Request401Unauthorized403Forbidden429Rate Limited500Server ErrorUse Cases
Built for real-world security
Geo-Compliance
Ensure users accessing your service are actually located in permitted jurisdictions. Detect and block geolocation spoofing for licensing compliance.
Ad Fraud Prevention
Identify click fraud and impression fraud from VPN and proxy networks. Ensure your ad spend reaches real users in real locations.
Content Licensing
Enforce regional content restrictions by detecting users who bypass geo-blocks with VPNs, proxies, or DNS tunneling.
Account Takeover Prevention
Flag login attempts from known VPN providers or Tor exit nodes. Require additional verification when network risk is elevated.
Ready to shield your platform?
Protect your platform with enterprise-grade threat intelligence. Deploy in minutes.