IPQS
NodeJS Database Reader
About the NodeJS Database Reader

The NodeJS database reader allows your NodeJS framework to use the on-premise IPQS IP reputation database and make informed decisions about IP addresses.

Installation

Install via npm

You can easily install the NodeJS database reader using npm:

npm install node_js_ipqs_db_reader 

 

Install Manually

Alternatively, you can manually install the NodeJS database reader from source available on the IPQS GitHub.

Usage

The following example shows how you can use the NodeJS database reader in your application to determine the originating country of an IP address:

 

Note: Each database only holds either IPv4 or IPv6 data. Therefore, you may need two instances of the reader available depending on your use case.

 

Fields

Some of these fields may be unavailable depending on which database file you receive. If the field in question is unavailable in your database, the field will default to null.

Field Type Description
record.isProxy bool Is this IP address suspected to be a proxy? (SOCKS, Elite, Anonymous, VPN, Tor, etc.)
record.isVPN bool Is this IP suspected of being a VPN connection? This can include data center ranges which can become active VPNs at any time. The "proxy" status will always be true when this value is true.
record.isTOR bool Is this IP suspected of being a TOR connection? This can include previously active TOR nodes and exits which can become active TOR exits at any time. The "proxy" status will always be true when this value is true.
record.isCrawler bool Is this IP associated with a confirmed crawler from any of the following search engines: Baidu, Google, Bing, Yahoo, Yandex, Sogou, Exabot, DuckDuckGo, Facebook, Twitter, Pinterest, Naver, UptimeRobot, AppleBot, ArchiveBot, CoccocBot, YisouBot, PetalBot, ByteDance, or MailRU.
record.isBot bool Indicates if bots or non-human traffic has recently used this IP address to engage in automated fraudulent behavior. Provides stronger confidence that the IP address is suspicious.
record.recentAbuse bool This value will indicate if there has been any recently verified abuse across our network for this IP address. Abuse could be a confirmed chargeback, compromised device, fake app install, or similar malicious behavior within the past few days.
record.isBlacklisted bool This value will indicate if the IP has been blocklisted by multiple third-party agencies for spam, abuse or fraud.
record.isPrivate bool This value will indicate if the IP is a private, nonrouteable IP address.
record.isMobile bool This value will indicate if the IP is likely owned by a mobile carrier.
record.hasOpenPorts bool This value will indicate if the IP has recently had open (listening) ports.
record.isHostingProvider bool This value will indicate if the IP is likely owned by a hosting provider or is leased to a hosting company.
record.activeVPN bool Identifies active VPN connections used by popular VPN services and private VPN servers.
record.activeTOR bool Identifies active TOR exits on the TOR network.
record.publicAccessPoint bool Indicates if this IP is likely to be a public access point such as a coffee shop, college or library.
record.connectionType.raw int

A numerical representation for the suspected type of connection for this IP address. It is generally reccomended you call the ConnectionType() function listed below instead of using this value, but it is available as an option.

# Enum Description
1 Residential IP
2 Mobile IP
3 Corporate IP
4 Data Center IP
5 Educational IP
record.connectionType.toString() string

A string representation for the suspected type of connection for this IP address. (Residential, Mobile, Corporate, Data Center, Education or Unknown)

record.abusevelocity.raw int

How frequently the IP address is engaging in abuse across the IPQS threat network. Can be used in combination with the Fraud Score to identify bad behavior. It is generally reccomended you call the AbuseVelocity() function listed below instead of using this value, but it is available as an option.

# Enum Description
0 No Recent Abuse
1 Low Recent Abuse IP
2 Medium Recent Abuse IP
3 High Recent Abuse IP
record.abuseVelocity.toString() int

How frequently the IP address is engaging in abuse across the IPQS threat network. Values can be "high", "medium", "low", or "none".

record.country string

Two character country code of IP address or "N/A" if unknown.

record.city string

City of IP address if available or "N/A" if unknown.

record.ISP string

ISP if one is known. Otherwise "N/A".

record.organization string

Organization if one is known. Can be parent company or sub company of the listed ISP. Otherwise "N/A".

record.ASN int

Autonomous System Number if one is known. Zero if nonexistent.

record.timezone string

Timezone of IP address if available or "N/A" if unknown.

record.latitude float

Latitude of IP address if available or 0.00 if unknown.

record.longitude float

Longitude of IP address if available or 0.00 if unknown.

record.fraudScore.getFraudScore(level) int

Returns the fraud score for the "strictness level" specified and can be 0, 1 or 2. Some databases may contain 1 entry, others all 3. It is reccomended that you use the lowest strictness for Fraud Scoring. Increasing this value will expand the tests we perform. Levels 2+ have a higher risk of false-positives.

Ready to eliminate fraud?

Start fighting fraud now with 5,000 Free Lookups!

We're happy to answer any questions or concerns.

Chat with our fraud detection experts any day of the week.

Call us at: (800) 713-2618