How are the Intelligence APIs different from CAPTCHA verification?

CAPTCHA verification answers a single question, namely whether a specific session passed the challenge. The Intelligence APIs let you query risk signals for any IP at any point in your flow, without a widget or token. Use them server-side for signups, logins, password resets, payment events, API calls, or any decision where you want context about the request before acting on it. For Enterprise CAPTCHA customers, the same signals continue to be available through the `insights` field of the verification response.

What plan do I need to use the Intelligence APIs?

The Intelligence APIs are available starting with the Team plan. You create API keys in the CaptchaFox Portal under Settings → Keys → API Keys, and send them as a bearer token on each request. Enterprise plans additionally include the same risk details inside the CAPTCHA verification response through the `insights` field, so existing Enterprise integrations get the data without changing their CAPTCHA flow.

How is IP Risk Intelligence different from a regular IP geolocation lookup?

IP geolocation tells you where an IP is registered. IP Risk Intelligence tells you what kind of traffic the IP represents. The response includes geolocation and ASN data, but it also classifies the IP as clean, proxy, VPN, Tor, hosting, residential proxy, known bot, or mixed, with a numeric risk score, confidence values, and boolean signals. Proxy and bot detection draw on continuously updated provider data, including a residential proxy database built in-house from millions of IPs sourced from proxy networks.

Is the API GDPR-compliant and where is the data hosted?

The Intelligence APIs run on the same EU infrastructure in Germany as the rest of CaptchaFox. There are no cookies, no persistent storage of personal data tied to end users, and IP data is processed only for the risk evaluation it was sent for. This is the same privacy posture that CaptchaFox applies to its CAPTCHA product.

Back to insights

New Intelligence APIs now available

Last updated on May 5, 2026

Share this article

What's New?

IP Risk Intelligence helps you understand whether a request is coming from a regular user or from traffic such as a proxy, VPN, Tor exit node, hosting provider, residential proxy, or known bot traffic.

A single request returns:

Classification and risk assessment with a numeric score (0–100) and risk level
Network and location data including ASN, organization, country, city, and timezone
Proxy detection for datacenter, VPN, Tor, and residential proxy traffic with confidence and provider
Bot detection for known crawlers and AI tools
Boolean signals for quick rule evaluation

Use cases

Protect signups and logins. Account takeover and credential stuffing attacks today almost always run through proxy infrastructure. IP Risk Intelligence tells you whether a login attempt comes from a residential proxy, VPN, or Tor IP, so you can respond with email confirmation, a one-time code, or an additional CAPTCHA challenge. On signups, the same signal prevents large-scale fake account creation without blocking legitimate users.

Apply stricter rules to VPN and proxy traffic. Not all proxy traffic is malicious. Many users work behind corporate VPNs or protect their privacy. Instead of blocking this traffic outright, allow the login itself but require step-up verification for sensitive actions, like changing the email address, adding a payment method, withdrawing funds, or rotating API keys.

Categorize bots and crawlers. Not all bots are equal. You may want to allow search crawlers on public pages, gate AI training crawlers to specific content, and block automated scripts entirely from checkout, login, or password reset flows. The bot classification gives you the provider and category to enforce those rules without accidentally locking out legitimate crawlers.

Add friction only when needed. Every extra verification step costs conversion. With the risk score and boolean signals, you can build adaptive UX: clean IPs go straight through, medium risk gets a light challenge, and high risk is verified harder or blocked. Instead of picking one threshold that applies to all users, you react to the actual risk profile of each request.

Prevent abuse in your own workflows. Beyond login and signup, the signals are useful anywhere automated or anonymized traffic can cause damage: coupon redemptions, trial activations, comments, reviews, form submissions, or API calls.

Example request

Terminal

1curl https://api.captchafox.com/v1/intelligence/ip-risk/check \
2  -X POST \
3  -H "Authorization: Bearer YOUR_API_KEY" \
4  -H "Content-Type: application/json" \
5  -d '{"ip":"198.51.100.24"}'

Example response

JSON

1{
2  "classification": "residential_proxy",
3  "risk_level": "critical",
4  "risk_score": 86,
5  "ip": "198.51.100.24",
6  "version": 4,
7  "network": {
8    "asn": 14061,
9    "organization": "DigitalOcean, LLC",
10    "type": "hosting",
11    "mobile": false
12  },
13  "location": {
14    "country_code": "DE",
15    "country": "Germany",
16    "state": "Hesse",
17    "city": "Frankfurt",
18    "timezone": "Europe/Berlin"
19  },
20  "proxy": {
21    "confidence": "high",
22    "type": "residential",
23    "provider": "Bright Data",
24    "last_seen_at": "2025-01-10",
25    "percent_days_seen": 100
26  },
27  "signals": {
28    "proxy": true,
29    "vpn": false,
30    "tor": false,
31    "hosting": true,
32    "residential_proxy": true,
33    "blocklist_match": false
34  }
35}

Getting Started

Create an API key in the CaptchaFox Portal under Settings → Keys → API Keys and send it as a bearer token with each request. The full reference with all fields, classifications, and error codes is in the Intelligence APIs documentation.

FAQ

How are the Intelligence APIs different from CAPTCHA verification?
CAPTCHA verification answers a single question, namely whether a specific session passed the challenge. The Intelligence APIs let you query risk signals for any IP at any point in your flow, without a widget or token. Use them server-side for signups, logins, password resets, payment events, API calls, or any decision where you want context about the request before acting on it. For Enterprise CAPTCHA customers, the same signals continue to be available through the `insights` field of the verification response.
What plan do I need to use the Intelligence APIs?
The Intelligence APIs are available starting with the Team plan. You create API keys in the CaptchaFox Portal under Settings → Keys → API Keys, and send them as a bearer token on each request. Enterprise plans additionally include the same risk details inside the CAPTCHA verification response through the `insights` field, so existing Enterprise integrations get the data without changing their CAPTCHA flow.
How is IP Risk Intelligence different from a regular IP geolocation lookup?
IP geolocation tells you where an IP is registered. IP Risk Intelligence tells you what kind of traffic the IP represents. The response includes geolocation and ASN data, but it also classifies the IP as clean, proxy, VPN, Tor, hosting, residential proxy, known bot, or mixed, with a numeric risk score, confidence values, and boolean signals. Proxy and bot detection draw on continuously updated provider data, including a residential proxy database built in-house from millions of IPs sourced from proxy networks.
Is the API GDPR-compliant and where is the data hosted?
The Intelligence APIs run on the same EU infrastructure in Germany as the rest of CaptchaFox. There are no cookies, no persistent storage of personal data tied to end users, and IP data is processed only for the risk evaluation it was sent for. This is the same privacy posture that CaptchaFox applies to its CAPTCHA product.

About CaptchaFox

CaptchaFox is a GDPR-compliant solution based in Germany that protects websites and applications from automated abuse, such as bots and spam. Its distinctive, multi-layered approach utilises risk signals and cryptographic challenges to facilitate a robust verification process. CaptchaFox enables customers to be onboarded in a matter of minutes, requires no ongoing management and provides enterprises with long-lasting protection.

To learn more about CaptchaFox, talk to us or start integrating our solution with a free trial.