IPQS
Rust Database Reader
About the Rust Database Reader

The Rust database reader allows your Rust application to use the on-premise IPQS IP reputation database and make informed decisions about IP addresses.

Installation

Run the following Cargo command in your project directory:

cargo add ipqs_db_reader

 

Usage

The following example shows how you can use the Rust database reader in your application to determine if an IP address is a proxy.

Make sure to include the release option cargo build --release when compiling, as this will greatly speed up searches.

The feature to serialize the Record struct into JSON is enabled by default. This feature requires serde and serde_json as dependencies. If you do not need to serialize results and would like to build with no external dependencies (other than the Rust Standard Library), disable default features.

Note: Each database only holds either IPv4 or IPv6 data. Therefore, you may need two instances of the reader available depending on your use case.

 

Methods

Some of these methods may be unavailable depending on which database file you receive. If the method in question is unavailable in your database, the method will return Option::None.

Implementations Description
pub fn is_proxy(&self) -> Option<bool> Is this IP address suspected to be a proxy? (SOCKS, Elite, Anonymous, VPN, Tor, etc.)
pub fn is_vpn(&self) -> Option<bool> Is this IP suspected of being a VPN connection? This can include data center ranges which can become active VPNs at any time. The "proxy" status will always be true when this value is true.
pub fn is_tor(&self) -> Option<bool> Is this IP suspected of being a TOR connection? This can include previously active TOR nodes and exits which can become active TOR exits at any time. The "proxy" status will always be true when this value is true.
pub fn is_crawler(&self) -> Option<bool> Is this IP associated with a confirmed crawler from any of the following search engines: Baidu, Google, Bing, Yahoo, Yandex, Sogou, Exabot, DuckDuckGo, Facebook, Twitter, Pinterest, Naver, UptimeRobot, AppleBot, ArchiveBot, CoccocBot, YisouBot, PetalBot, ByteDance, or MailRU.
pub fn is_bot(&self) -> Option<bool> Indicates if bots or non-human traffic has recently used this IP address to engage in automated fraudulent behavior. Provides stronger confidence that the IP address is suspicious.
pub fn recent_abuse(&self) -> Option<bool> This value will indicate if there has been any recently verified abuse across our network for this IP address. Abuse could be a confirmed chargeback, compromised device, fake app install, or similar malicious behavior within the past few days.
pub fn is_blacklisted(&self) -> Option<bool> This value will indicate if the IP has been blocklisted by multiple third-party agencies for spam, abuse or fraud.
pub fn is_private(&self) -> Option<bool> This value will indicate if the IP is a private, nonrouteable IP address.
pub fn is_private(&self) -> Option<bool> This value will indicate if the IP is likely owned by a mobile carrier.
pub fn has_open_ports(&self) -> Option<bool> This value will indicate if the IP has recently had open (listening) ports.
pub fn has_open_ports(&self) -> Option<bool> This value will indicate if the IP is likely owned by a hosting provider or is leased to a hosting company.
pub fn active_vpn(&self) -> Option<bool> Identifies active VPN connections used by popular VPN services and private VPN servers.
pub fn active_tor(&self) -> Option<bool> Identifies active TOR exits on the TOR network.
pub fn active_tor(&self) -> Option<bool> Indicates if this IP is likely to be a public access point such as a coffee shop, college or library.
pub fn active_tor(&self) -> Option<bool>

The suspected type of connection for this IP address. Returns one of: "Residential", "Mobile", "Corporate", "Data Center", "Education", or "Unknown".

pub fn abuse_velocity(&self) -> &str

How frequently the IP address is engaging in abuse across the IPQS threat network. Values can be "high", "medium", "low", or "none".

pub fn country(&self) -> Option<&str>

Two character country code of IP address or "N/A" if unknown.

pub fn city(&self) -> Option<&str>

City of IP address if available or "N/A" if unknown.

pub fn isp(&self) -> Option<&str>

ISP if one is known. Otherwise "N/A".

pub fn region(&self) -> Option<&str>

Region (or State) if one is known. Otherwise "N/A".

pub fn organization(&self) -> Option<&str>

Organization if one is known. Can be parent company or sub company of the listed ISP. Otherwise "N/A".

pub fn asn(&self) -> Option<u64>

Autonomous System Number if one is known. Zero if nonexistent.

pub fn timezone(&self) -> Option<&str>

Timezone of IP address if available or "N/A" if unknown.

pub fn timezone(&self) -> Option<&str>

Latitude of IP address if available or 0.00 if unknown.

pub fn longitude(&self) -> Option<f32>

Longitude of IP address if available or 0.00 if unknown.

pub fn fraud_score(&self, strictness: Strictness) -> Option<u32>

Returns the fraud score associated with the IP address corresponding to the given strictness. Strictness can be one of: Strictness::{Zero, One, Two, Three}. Some databases may contain only 1 entry, others all 4. We recommend starting at Strictness::Zero, the lowest strictness setting, and increasing to Strictness::One depending on your levels of fraud. Levels greater than Strictness::One have a very high risk of false-positives. If a fraud score corresponding to the given strictness does not exist, this method will return Option::None.

Ready to eliminate fraud?

Start fighting fraud now with 5,000 Free Lookups!

We're happy to answer any questions or concerns.

Chat with our fraud detection experts any day of the week.

Call us at: (800) 713-2618