Detect VPN, Proxy and Tor Users in Your Backend
Many developers search for a reliable VPN detection API or IP geolocation API.
Example: Detect VPN users
curl -H "X-API-Key: YOUR_API_KEY" \
https://myip.casa/api/pro/security
Whether you are building a SaaS platform, marketplace, or developer tool, identifying anonymized traffic can help prevent:
- bot activity
- account abuse
- scraping
- fraud attempts
One common signal used in backend systems is IP intelligence.
In this article we’ll look at how developers can quickly detect VPN, proxy, Tor, and datacenter connections using a simple API.
Client Request
↓
Backend Server
↓
MyIP.casa API
↓
VPN / Proxy / Tor Detection
Step 1 — Retrieve the public IP
The first step is simply detecting the client’s public IP address.
Example request:
curl https://myip.casa/api/ip
Example response:
{
"ip": "198.51.100.42"
}
This endpoint works without authentication and is useful for debugging or basic integrations.
Step 2 — Detect VPN, Proxy and Tor users
To analyze the network origin of a request, you can use the security endpoint.
Example:
curl -H "X-API-Key: YOUR_API_KEY" \
https://myip.casa/api/pro/security
Example response:
{
"ip": "203.0.113.25",
"network": {
"asn_org": "US Broadband Inc.",
"connection_type": "residential"
},
"security": {
"is_datacenter": false,
"is_proxy": false,
"is_tor": false,
"is_vpn": false,
"risk_level": "Low",
"risk_score": 0
}
}
With this data, your backend can easily apply rules such as:
- blocking Tor exit nodes
- limiting datacenter traffic
- requiring verification for VPN users
Step 3 — Retrieve full IP intelligence
For deeper analysis, you can retrieve a full IP profile including geolocation, ASN data, and threat signals.
Example request:
curl -H "X-API-Key: YOUR_API_KEY" \
https://myip.casa/api/pro/details
The response includes:
- city and country
- ASN and network organization
- connection type (residential, hosting, etc.)
- VPN and proxy detection
- security risk score
These signals are commonly used in fraud detection pipelines and traffic analysis systems.
Bulk IP analysis
If you need to analyze multiple IP addresses (for example from logs), you can use the bulk endpoint.
POST /api/pro/bulk
Example request:
curl -X POST https://myip.casa/api/pro/bulk \
-H "Content-Type: application/json" \
-H "X-API-Key: YOUR_API_KEY" \
-d '{"ips":["198.51.100.10","198.51.100.42"]}'
This allows security teams to analyze up to 50 IPs per request.
Getting started
You can explore the full developer documentation here:
To access the private endpoints and security signals, generate an API key:
Final thoughts
Understanding where requests originate from has become an important signal for modern backend systems.
Whether you want to detect VPN users, identify datacenter traffic, or enrich logs with geolocation data, IP intelligence APIs make it easy to integrate these signals into your applications.
If you're experimenting with IP intelligence, you can start testing the API instantly using the public endpoint.
Top comments (0)