- About the IPQS APIs
- Proxy & VPN Detection API
- Email Verification API
- Phone Number Validation API
- Malicious URL Scanner API
- Device Fingerprint API
- Mobile Device Fingerprinting SDK
- Gaming Fraud Detection SDK
- Dark Web Leak API
- Malware File Scanner API
- Request List API
- Fraud Reporting API
- Account Management APIs
- Bulk Validation CSV
- Allowlist Blocklist APIs
- Plugins Platforms Integrations
- IP Reputation Database
- IP Address Abuse Feed
- Email Verification Database
-
Custom Integrations
- Getting Started
- Authentication
- Refresh Secret
- IP & Proxy Checks
- Email Verification Checks
- Phone Number Validity Checks
- Device Tracker
- List Device Trackers
- Device Tracker Statistics
- Login Tokens
- Overview Statistics
- Recent Proxy Statistics
- Recent Email Statistics
- Fraud Reporting
- Retrieve Requests by ID
- Country List API Documentation
- Release Notes
About
Detect temporary emails and prevent disposable email addresses (DEA) with a straightforward API request that provides real-time risk scoring. Stop fake accounts and sign-up fraud with filtering for disposable email services. Our disposable domain blocklists are updated multiple times per hour with new services that provide temporary emails so you can quickly blocklist new threats.
You can add the disposable email detection API to your registration and checkout pages for complete protection against fraudulent email addresses and fake accounts. In addition to the email address, additional user information, such as IP address, phone number, and other user data, can be scored.
Lower Fraud Rates & Abusive Users
Protect your site from fraudulent users and abuse with complete email risk scoring. Detect abusive emails recently seen across the IPQS threat network. This can include valid email addresses recently used for chargebacks, sign-up fraud, application fraud, and similar user abuse. This service is an extension of the Email Verification API.
Request URLs
You can use the following URLs to submit email addresses to the Email Verification API. Replace USER_EMAIL_HERE with the email address to analyze.
JSON
https://www.ipqualityscore.com/api/json/email/YOUR_API_KEY_HERE/USER_EMAIL_HERE
XML
https://www.ipqualityscore.com/api/xml/email/YOUR_API_KEY_HERE/USER_EMAIL_HERE
Response Examples
Success Responses
This is an example success response in JSON format.
{
"valid": true,
"disposable": false,
"recent_abuse": false,
"fraud_score":25,
"leaked": false,
"first_seen": {
"human": "3 months ago",
"timestamp": 1568061634,
"iso": "2019-09-09T16:40:34-04:00"
},
"domain_age": {
"human": "3 months ago",
"timestamp": 1568061634,
"iso": "2019-09-09T16:40:34-04:00"
},
"success": true,
"sanitized_email": "validated@example.com",
"request_id": "4JAer3sX6rF3PO"
}
This is an example success response in XML format.
<result>
<valid>true</valid>
<disposable>false</disposable>
<recent_abuse>false</recent_abuse>
<fraud_score>25</fraud_score>
<leaked>false</leaked>
<first_seen>
<human>3 months ago</human>
<timestamp>1568061634</timestamp>
<iso>2019-09-09T16:40:34-04:00</iso>
</first_seen>
<domain_age>
<human>3 months ago</human>
<timestamp>1568061634</timestamp>
<iso>2019-09-09T16:40:34-04:00</iso>
</domain_age>
<sanitized_email>validated@example.com</sanitized_email>
<success>true</success>
<request_id>4JAer3sX6rF3PT</request_id>
</result>
Error Responses
Example errors that you may encounter when accessing our API due to an exhausted credit balance or an invalid email address.
{
"success":false,
"message":"You have insufficient credits to make this query. Please contact IPQualityScore support if this error persists.",
"request_id":"4OTORR352FU0p"
}
{
"success":false,
"message":"Invalid email address. Please check the email and try again.",
"request_id":"4OTORR4EWpl0m"
}
Response Parameters
Any time the disposable email address API returns disposable as true or recent_abuse as true, it is safe to treat the email address as fraudulent.
| Field | Description | Possible Values |
|---|---|---|
| valid | Does this email address appear valid? | boolean |
| disposable | Is this email suspected of belonging to a temporary or disposable mail service? These are usually associated with fraudsters and scammers. | boolean |
| leaked | Was this email address associated with a recent database leak from a third party? Leaked accounts pose a risk as they may have become compromised during a database breach. | boolean |
| recent_abuse | This value indicates if there has been any recently verified abuse across our network for this email address. Abuse could be a confirmed chargeback, fake signup, compromised device, fake app install, or similar malicious behavior within the past few days. | boolean |
| fraud_score | The overall Fraud Score of the user based on the email's reputation and recent behavior across the IPQS threat network. Fraud Scores >= 75 are suspicious but not necessarily fraudulent. | float |
| first_seen | An object containing fields related to when IPQS first saw the email address. | |
| domain_age | An object containing fields related to when the domain was registered. | |
| sanitized_email | Sanitized email address with all aliases and masking removed, such as multiple periods for "gmail.com". | string |
| request_id | A unique identifier for this request that can be used to look up the request details or send a postback conversion notice. | string |
| success | Was the request successful? | boolean |
| message | A generic status message, either "success" or an error notice. | string |
| errors | An array of errors that occurred while attempting to process this request. | array of strings |
first_seen fields
| Field | Description | Possible Values |
|---|---|---|
| human | A human description of how long it's been since IPQS first analyzed this email address. (Ex: 3 months ago) | string or null |
| timestamp | The unix time since epoch when this email was first analyzed by IPQS. (Ex: 1568061634) | integer |
| iso | The time this email was first analyzed by IPQS in ISO8601 format (Ex: 2019-09-09T16:40:34-04:00) | string |
domain_age fields
| Field | Description | Possible Values |
|---|---|---|
| human | A human description of when this domain was registered. (Ex: 3 months ago) | string or null |
| timestamp | The unix time since epoch when this domain was first registered. (Ex: 1568061634) | integer |
| iso | The time this domain was registered in ISO8601 format (Ex: 2019-09-09T16:40:34-04:00) | string |
// Your API Key.
$key = 'YOUR_API_KEY_HERE';
// The email you wish to validate.
$email = 'noreply@ipqualityscore.com';
/*
* Set the maximum number of seconds to wait for a reply
* from an email service provider. If speed is not a concern
* or you want higher accuracy we recommend setting this in
* the 20 - 40 second range in some cases. Any results which
* experience a connection timeout will return the "timed_out"
* variable as true. Default value is 7 seconds.
*/
$timeout = 1;
/*
* If speed is your major concern set this to true,
* but results will be less accurate.
*/
$fast = 'false';
/*
* Adjusts abusive email patterns and detection rates
* higher levels may cause false-positives (0-2)
$abuse_strictness = 0;
// Create parameters array.
$parameters = array(
'timeout' => $timeout,
'fast' => $fast,
'abuse_strictness' => $abuse_strictness
);
// Format our parameters.
$formatted_parameters = http_build_query($parameters);
// Create our API URL.
$url = sprintf(
'https://www.ipqualityscore.com/api/json/email/%s/%s?%s',
$key,
$email,
$formatted_parameters
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, $timeout);
$json = curl_exec($curl);
curl_close($curl);
// Decode the result into an array.
$result = json_decode($json, true);
// Check to see if our query was successful.
if(isset($result['success']) && $result['success'] === true){
*- Example 1: Flag disposable and abusive emails
*
* if(
* ($result['recent_abuse'] === true || $result['disposable'] === true)
* ){
* echo "Email is abusive or disposable, high chance of fraud.";
* } else {
* echo "Email is clean.";
* }
*/
}
import json
import requests
# You may need to install Requests pip
# python -m pip install requests
class IPQS:
key = "YOUR_API_KEY_HERE"
def email_validation_api(self, email: str, vars: dict={}) -> dict:
url = "https://www.ipqualityscore.com/api/json/email/%s/%s" % (self.key, email)
x = requests.get(url, params = vars)
return json.loads(x.text)
if __name__ == "__main__":
#The email you wish to validate.
email = 'noreply@ipqualityscore.com'
"""
Set the maximum number of seconds to wait for a reply
from an email service provider. If speed is not a concern
or you want higher accuracy we recommend setting this in
the 20 - 40 second range in some cases. Any results which
experience a connection timeout will return the "timed_out"
variable as true. Default value is 7 seconds.
"""
timeout = 1
"""
If speed is your major concern set this to true,
but results will be less accurate.
"""
fast = 'false'
"""
Adjusts abusive email patterns and detection rates
higher levels may cause false-positives (0-2)
"""
abuse_strictness = 0;
#custom feilds
additional_params = {
'timeout' : timeout,
'fast' : fast,
'abuse_strictness' : abuse_strictness
}
ipqs = IPQS()
result = ipqs.email_validation_api(email, additional_params)
# Check to see if our query was successful.
if 'success' in result and result['success']:
#Example 1: Flag disposable and abusive emails
if result['recent_abuse'] == True or result['disposable'] == True:
print('Email is abusive or disposable, high chance of fraud.')
else:
print('Email is clean.')