Dashboard Get API key
Use case · Fraud detection

Stop trial abuse and signup fraud at the edge.

The majority of trial abuse, stuffed carts, and bot signups come from three IP types: commercial VPNs, residential proxies, and datacenter hosts. Every IP-Atlas response flags them — on every plan.

The three signals that pull the most weight

FieldWhy it matters
is_vpnTrue if the IP is on a known commercial VPN ASN or range. High-signal for "user hiding location".
is_datacenterTrue if the IP is on AWS/GCP/Azure/DO/Hetzner/etc. A human shouldn't be signing up from a VPS.
asnThe network. Combine with your own allow/deny list of known hosting and proxy networks.

Pattern 1 — Hard block at signup

Reject signups from datacenter or VPN IPs outright. One HTTP call per signup; adds ~20 ms to the critical path.

// Node — signup middleware
import { IPAtlas } from '@trellisdigitalservices/ip-atlas';
const ipa = new IPAtlas({ apiKey: process.env.IPATLAS_KEY });

app.post('/signup', async (req, res) => {
  const ip = req.headers['cf-connecting-ip'] || req.ip;
  const r  = await ipa.lookup(ip);
  if (r.is_datacenter || r.is_vpn) {
    return res.status(403).json({ error: 'Please sign up from your normal network.' });
  }
  // ... proceed
});

This is the strictest setting. About 0.3% of real users will be caught (corporate VPNs, travellers on mobile hotspots). For anything where false positives matter, use Pattern 2.

Pattern 2 — Risk score, hand-off to step-up auth

Don't block — score, then route suspicious traffic into captcha / SMS verification.

function riskScore(ipData, signup) {
  let score = 0;
  if (ipData.is_datacenter) score += 60;
  if (ipData.is_vpn)        score += 40;
  if (signup.email.endsWith('[email protected]')) score += 50;
  if (signup.country !== ipData.country) score += 20;
  return score; // >70 = step-up, >100 = block
}

Pattern 3 — Batch-enrich your signup log daily

Don't gate the request path on a third-party API. Log the raw IP, and every night run the day's signups through /v1/batch to flag post-hoc.

# Python — nightly enrichment
from ipatlas import IPAtlas
c = IPAtlas(api_key=os.environ["IPATLAS_KEY"])

for chunk in chunked(todays_signup_ips, 100):
    batch = c.lookup_batch(chunk)
    for r in batch["results"]:
        if r.get("is_datacenter") or r.get("is_vpn"):
            mark_for_review(r["ip"])

Plans that fit

Signup volume < 60K/month → Free. Signup volume 60K–2M/month → Developer ($19). Above that → Startup. Every plan gets the same fields.

Start free Privacy-detection detail →