Introduction
You have come to the right place if you want to
locate IP addresscheck if IP is infectedcheck if IP is spammycheck if IP is open or anonymous proxyprevent frauddetect disposable emailcheck if email is used for spamcheck if email is used for scamAntideo maintains up to date list of:
IP locationsproxy records (including Tor Project)infected IP rangesspam IP addressesspam emailsscam emailsfree email providersdisposable email providers
Antideo maintains large database with spam and scam records, IP locations and infected ranges, proxy records and many more. We are keeping our database updated regularly from various sources, as well as collecting some of the data ourself. Final result is millions of IP and email records kept up to date and free to use in a fair manner. We believe such database should be publicly available and free to use, and here’s why we encourage everyone to submit a new record of all known to them spam or scam IPs and emails. Together we can make internet a safer place to be.
API Queries limit
Our FREE plan offers strict limit of 10 requests per hour. Doing excessive API calls will risk your traffic to be dropped for 30 min. If you think our FREE plan is not enough for you, then please take a look at our soft limits subscription plans.
IP Address
Currently with only support IPv4 addresses. Works is in progress with including and IPv6 ranges as well. Please consult this documentation page for further information on when IPV6 address are going to be supported in our endpoints. The following are our two endpoints for IP address queries:
Location
GET | api.antideo.com/ip/location/{optional ip here}
{
"IP": "212.21.143.66",
"location": {
"latitude": 41.9403,
"longitude": 25.5694,
"accuracy": 1,
"city": "Haskovo",
"country": "Bulgaria",
"country_code": "BG"
}
}
If you don’t pass IP address we will return the result for your public IP. As IP ranges are announced on a daily bases, we are trying to keep our database as up to date and accurate as possible. All IP locations are approximate and should not be treated as exact house address. The fact that IP ranges assigned from RIPE (European IP Registrar) could be announced for use outside Europe makes it really hard to trace. We can’t rely on the registered address of the ASN either as more than likely some IP addresses will be allocated for use outside their city or even country. For this sole reason we are using third party locations list updated regularly.
In order to get the location of IP address you need to perform GET request to api.antideo.com/ip/location/ followed by the IP address. For example if you want to get the location of
212.21.143.66
you will need to send GET request to
api.antideo.com/ip/location/212.21.143.66
The response would be a JSON object containing the IP address along with another JSON object for its location. For example please take a look at our response object for the above query.
The location object has the following key/value pairs
| Key | Value type | Description |
|---|---|---|
| latitude | Float | The latitude of the Geo location |
| longitude | Float | The longitude of the Geo location |
| accuracy | Int | Approximate radius of the location in KM |
| city | String | Name of the city. (Could be empty!) |
| country | String | Country Name |
| country_code | String | ISO country code |
Health
GET | api.antideo.com/ip/health/{optional ip here}
{
"IP": "212.21.143.66",
"health": {
"toxic": false,
"proxy": false,
"spam": false
}
}
As we all know locating an IP address doesn’t solve your problems especially if you are in the online business and you’re trying to identify potentially fraudulent transactions. This was the reason why we created an API endpoint to give you full and detailed information about IP address. In order to perform health check query you need to make GET request to
api.antideo.com/ip/health/
followed by the IP address. For example if you want to check 212.21.143.66 you will need to send GET request to
api.antideo.com/ip/health/212.21.143.66
If you don’t pass IP address we will return the result for your public IP.
By querying this endpoint we will perform the following three health checks:
Toxic - we consider an IP address to be toxic if it’s part of hacked network, or is being used for unethical activities like SCAM for example. This check will only return a Boolean (true or false).
Proxy - this check will return FALSE if the IP address has not being detected as proxy. Our database includes thousands of records from Tor project and other publicly available proxy services. Only Tor project exit IPs will be marked as
anonymousproxy as all other routing IPs can’t be used as exit point therefor should never be treated as proxy. We keep our proxy records updated as frequent as possible as proxy servers appear all the time. In case of positive result you will get JSON object containing the type of the proxy (anonymous, open) and last seen date/time. For reference see the table below:Key Value Type Description type String anonymousoropendepending on proxy typelast_seen Date last seen date in format yyyy-mm-dd HH:mm:ssin GMT+1Spam - IP address could be part of a hacked network and used for SPAM and other unethical activities. That’s why we have separated this health check from our
Toxicresult. In order to get better understanding on how spammy an IP address is we will give you the count of the reports people have submitted for it and also its last seen date/time as follows:
| Key | Value Type | Description |
|---|---|---|
| times_reported | Int | Number of times reported |
| last_seen | Date | last seen date in format yyyy-mm-dd HH:mm:ss in GMT+1 |
IP Info
GET | api.antideo.com/ip/info/{optional ip here}
{
"IP": "23.34.192.5",
"host": "undefined",
"org": {
"name": "Bell Canada",
"asn": "AS577",
"asn_assigned": "19990303",
"country": "CA",
"registry": "arin",
"category": "mobile"
}
}
Same as with all other endpoints, if you don’t specify IP address we will return result for your public IP address. This endpoint maps IP address to ASN and gives you the following information:
IP- IP address for the returned result.host- hostname for the given IP address or ‘undefined’ if no hostname available.org- JSON object containing organization details or 'undefined’ if not available.
name- organization name or 'undefined’ of no name availableasn- Autonomous System Numberasn_assigned- Date above ASN has been assigned in 'yyyymmdd’ formatcountry- Registration countryregistry- one of the five Regional Internet Registries (RIRs): afrinic, apnic, arin, ripe or lacnic
| RIR | Description |
|---|---|
| afrinic | Africa Regional Internet Registry - www.afrinic.net |
| apnic | Asia Pacific Regional Internet Registry - www.apnic.net |
| arin | American Regional Internet Registry - www.arin.net |
| ripe | European Regional Internet Registry - www.ripe.net |
| lacnic | Latin America Regional Internet Registry - www.lacnic.net |
category- category of the organization responsible for given IP address: mobile, hosting, education, bank, government or undefined
| Category | Description |
|---|---|
| mobile | 3G, 4G providers and mobile operators. If a given mobile operator is also internet service provider, all of its IP addresses will categorized as mobile |
| hosting | VPS, VPN, Dedicated and shared hosting providers etc. |
| education | schools, colleges, universities etc. |
| bank | All banks with assigned ASN |
| government | Governments, institutions, local authorities etc. |
| undefined | Everything that doesn’t fall in any of the above categories |
Email Address Queries
GET | api.antideo.com/email/{email goes here}
{
"email": "info@gmail.com",
"free_provider": true,
"spam": false,
"scam": false,
"disposable": false
}
Email health check is very useful upon accepting signups, orders, restricting access to specific users etc. Send GET request to
api.antideo.com/email/
followed by the email you want to query. For example to perform a health check on
info@gmail.com
you will need to send GET request the following URL
api.antideo.com/email/info@gmail.com
By querying this endpoint you will get detailed overview on the health of the email your interested in. We will perform the following four important checks:
Free provider: you will get true or false result for this health check. We consider someone as free provider if you could signup and get an email address for free. Good example for free email provider would be Google’s email service GMail, Yahoo Mail and thousands more. Yes you heard that right, there is thousands of free email providers in our database.
Spam: this is another good health check we perform for you. Same as the spam health check we perform for a specific IP address in case of positive result you will get a JSON object with number of times this email was reported as spam and last seen date/time as follows:
| Key | Value Type | Description |
|---|---|---|
| times_reported | Int | Number of times reported |
| last_seen | Date | last seen date in format yyyy-mm-dd HH:mm:ss in GMT+1 |
- Scam: this is another bad activity a users could do with their email address. We have it as separate health check in our results. Identical to spam check in case of positive result you will see the number of times this email was repored as spam as well as last seen date/time in a JSON object or false if the email does not appear in your scam reports.
| Key | Value Type | Description |
|---|---|---|
| times_reported | Int | Number of times reported |
| last_seen | Date | last seen date in format yyyy-mm-dd HH:mm:ss in GMT+1 |
- Disposable emails: result of true or false will be given for this health check. Disposable emails are another good thing to look around for. This are emails people can use and throw away if they don’t want to receive spam, which is a very valid point. However you might want to block people using disposable emails to get your promo code, make orders (kinda positive indication of possible fraud) or when you’re building your email lists, as they’re useless and as the name says 'disposable’ people use them once and throw them away. We leave this up to you on how to handle this health check, but at the end of the day we though it’s useful to have this in as well :)
Phone validation
Phone validation endpoint is powerfull tool to help you filter out invalid numbers. It will validate wide range of both national and international numbers worldwide. Use it with landline, mobile, toll free, VoIP etc. For example today a valid mobile number is required within the registration process in some platforms, then SMS is sent and user have to type it in to complete its registration. Allowing invalid numbers can increase the number of bogus users, abandonment of registration and it will costs more to send SMS to invalid numbers that wont be delivered. At very least using Antideo Phone validation endpoint will help differentiate between mobile, landline and other types of phone numbers.
Validate international numbers
GET | api.antideo.com/phone/{phone number}
{
"phone": "+442012345678",
"valid": true,
"type": "FIXED_LINE",
"location": "London",
"timezones": [
"Europe\/London"
],
"formats": {
"E164": "+442012345678",
"national": "020 1234 5678",
"international": "+44 20 1234 5678"
}
}
Normally international phone numbers start with either 00 or + then followed by the country code and the phone number. In almost all cases the leading zero from the local phone number is dropped.
If we use the following phone number +442012345678 the leading + indicates the beggining of international phone number followed by the country code, in this case 44 and then the local number 02012345678. As you can see the leading zero from the local number has been dropped. For example this rule does not apply to Italian phone numbers.
If we are to validate +442012345678 then we need to send GET request to api.antideo.com/phone/ followed by the phone number, and the final URL will be
api.antideo.com/phone/+442012345678
From the JSON response we can see that this is a valid fixed line number, located in London. We can also see that its timezone is Europe/London.
Validate national/local numbers
GET | api.antideo.com/phone/{country code}/{phone number}
{
"phone": "0831234567",
"valid": true,
"type": "MOBILE",
"location": "Ireland",
"carrier": "3",
"timezones": [
"Europe\/Dublin"
],
"formats": {
"E164": "+353831234567",
"national": "083 123 4567",
"international": "+353 83 123 4567"
}
}
National or local phone numbers can be also used for validation. In order to validate such numbers a two letter country code in ISO 3166 format is also required.
For example to validate the following Irish mobile number 0831234567 we need to send a GET request to api.antideo.com/phone/ followed by the country code IE and then 0831234567.
Final URL would look like
api.antideo.com/phone/ie/0831234567
From the JSON response we can see that this is a valid mobile number, located anywhere in Ireland, and its carrier is 3. We can also see that its timezone is Europe/Dublin.
Errors
Our API uses the following error codes:
| Error Code | Meaning |
|---|---|
| 400 | Bad Request – Your request sucks |
| 401 | Unauthorized – Your API key is wrong |
| 404 | Not Found – The specified endpoint could not be found |
| 405 | Method Not Allowed – You tried to access our endpoint with an invalid method |
| 429 | Too Many Requests – You’re making too many requests! Slow down! |
| 500 | Internal Server Error – We had a problem with our server. Try again later. |
| 503 | Service Unavailable – We’re temporarially offline for maintanance. Please try again later. |