Detect VPN, Proxy and Tor Users in Your Backend
Source: Dev.to
Detect VPN, Proxy and Tor Users in Your Backend
Many developers search for a reliable VPN detection API or IP geolocation API.
Example: Detect VPN users
curl -H "X-API-Key: YOUR_API_KEY" \
https://myip.casa/api/pro/securityIdentifying anonymized traffic can help prevent:
- bot activity
- account abuse
- scraping
- fraud attempts
One common signal used in backend systems is IP intelligence. In this article we’ll look at how developers can quickly detect VPN, proxy, Tor, and datacenter connections using a simple API.
Step 1 — Retrieve the public IP
The first step is simply detecting the client’s public IP address.
Example request
curl https://myip.casa/api/ipExample response
{
"ip": "198.51.100.42"
}This endpoint works without authentication and is useful for debugging or basic integrations.
Step 2 — Detect VPN, Proxy and Tor users
To analyze the network origin of a request, use the security endpoint.
Example request
curl -H "X-API-Key: YOUR_API_KEY" \
https://myip.casa/api/pro/securityExample response
{
"ip": "203.0.113.25",
"network": {
"asn_org": "US Broadband Inc.",
"connection_type": "residential"
},
"security": {
"is_datacenter": false,
"is_proxy": false,
"is_tor": false,
"is_vpn": false,
"risk_level": "Low",
"risk_score": 0
}
}With this data, your backend can easily apply rules such as:
- blocking Tor exit nodes
- limiting datacenter traffic
- requiring verification for VPN users
Step 3 — Retrieve full IP intelligence
For deeper analysis, retrieve a full IP profile including geolocation, ASN data, and threat signals.
Example request
curl -H "X-API-Key: YOUR_API_KEY" \
https://myip.casa/api/pro/detailsThe response includes:
- city and country
- ASN and network organization
- connection type (residential, hosting, etc.)
- VPN and proxy detection
- security risk score
These signals are commonly used in fraud detection pipelines and traffic analysis systems.
Bulk IP analysis
If you need to analyze multiple IP addresses (e.g., from logs), use the bulk endpoint.
Endpoint
POST /api/pro/bulkExample request
curl -X POST https://myip.casa/api/pro/bulk \
-H "Content-Type: application/json" \
-H "X-API-Key: YOUR_API_KEY" \
-d '{"ips":["198.51.100.10","198.51.100.42"]}'This allows security teams to analyze up to 50 IPs per request.
Getting started
Explore the full developer documentation:
Generate an API key to access private endpoints and security signals:
Final thoughts
Understanding where requests originate from has become an important signal for modern backend systems. Whether you want to detect VPN users, identify datacenter traffic, or enrich logs with geolocation data, IP intelligence APIs make it easy to integrate these signals into your applications. You can start testing the API instantly using the public endpoint.