Help Center/API & Integration/Using the IP lookup response

API & Integration

Using the IP lookup response

How to interpret and act on lookup results in your application.


Acting on risk scores

Use the risk_score field (0–100) to drive your application logic:

Score RangeRisk LevelRecommended Action
0–20LowAllow normally
21–40Medium-lowLog for review
41–60MediumAdd extra verification (CAPTCHA, email confirm)
61–80HighFlag for manual review, hold order
81–100CriticalBlock or challenge immediately

Checking threat flags

const result = await fetch('https://predax.io/api/v1/check/ip', {
  method: 'POST',
  headers: {
    'X-API-Key': process.env.PREDAX_API_KEY,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ ip }),
}).then(r => r.json());

const { is_tor, is_vpn, risk_score } = result.classification;

if (is_tor || is_vpn) {
  // Require additional verification
}

if (risk_score > 70) {
  // Block or flag for review
}

Best practices

  • See our Best Practices guide for detailed recommendations
  • Start with logging only before enforcing blocks
  • Combine IP intelligence with other signals (email, device fingerprint)
  • Use the Playground to test specific IPs before setting thresholds