Introducing Advanced Threat Lookup
In today’s ever-evolving digital landscape, organizations need real-time, high-precision intelligence to combat cyber threats effectively. Whether you’re a hosting provider, security researcher, financial institution, or enterprise looking to proactively mitigate risks, our new Advanced Threat Lookup API empowers you with granular, on-demand threat intelligence like never before.
Unlike static threat feeds, the Advanced Threat Lookup API provides live insights directly from FraudGuard.io’s Attack Correlation Engine (ACE)—allowing you to investigate, filter, and track threats with laser precision based on specific parameters such as ASN, ASN Organization, ISP, organization, country, ISO country code, connection type, threat classification, and risk level.
Who is this for?
- Hosting Providers & ISPs – Monitor for compromised infrastructure and abuse within your network.
- Cybersecurity Teams – Strengthen threat detection & response by identifying high-risk IPs.
- Financial Institutions & E-Commerce – Prevent fraudulent access attempts before they happen.
- SaaS & Enterprise IT – Filter out malicious traffic from datacenter proxies, botnets, and attackers.
- Researchers & SOC Analysts – Perform in-depth investigations on attack trends & threat sources.
Advanced Threat Lookup: How It Works
This API gives you complete control over your threat intelligence queries. With 11 powerful filters, you can drill down into billions of attack records and extract exactly what you need.
Available Query Parameters
| Parameter | Description | Example |
|---|---|---|
ASN (asn) |
Filter by one or multiple Autonomous System Numbers (ASNs) | asn=14061,16509 |
ASN Organization (asn_organization) |
Search by ASN owner name (fuzzy search supported) | asn_organization=DigitalOcean |
ISP (isp) |
Search by Internet Service Provider (fuzzy search supported) | isp=Amazon |
Organization (organization) |
Match a company/entity operating the IPs | organization=Cloudflare |
Country (country) |
Filter by country name (fuzzy search supported) | country=Germany |
ISO Code (isocode) |
Filter by two-letter country codes | isocode=US,DE,GB |
Connection Type (connection_type) |
Filter by network type (see full list below) | connection_type=Cellular,Corporate |
Threat Type (threat) |
Filter by specific attack classification | threat=honeypot_tracker,abuse_tracker |
Risk Level (risk) |
Filter by risk severity (1-5) | risk=2,3,4,5 |
Limit (limit) |
Define result count per request (1-1000) | limit=100 |
Offset (offset) |
Paginate through large result sets | offset=200 |
Real-World Use Cases: How You Can Leverage This API
Hosting Providers & ISPs: Detect & Mitigate Abuse in Your Network
Example: A hosting provider wants to monitor honeypot-detected abuse originating from its ASN.
GET /advanced-threat-lookup?asn_organization=DigitalOcean&threat=honeypot_tracker
How this helps: Proactively identify malicious users abusing cloud resources for attacks.
Cybersecurity Teams: Block High-Risk VPN, Proxy, and Datacenter Traffic
Example: A SOC analyst wants to filter out high-risk IPs from datacenters and proxies.
GET /advanced-threat-lookup?connection_type=Corporate&risk=5
How this helps: Prevent attackers from using anonymized traffic sources to bypass security controls.
Financial Institutions: Stop Fraudulent Logins from High-Risk Countries
Example: A bank needs to block fraudulent logins from high-risk geolocations.
GET /advanced-threat-lookup?isocode=RU,CN,IR&risk=4,5
How this helps: Adds an extra layer of fraud prevention by restricting risky access attempts.
E-Commerce & SaaS: Protect Against Account Takeovers
Example: An e-commerce business wants to detect spam & botnet activity from compromised ISPs.
GET /advanced-threat-lookup?isp=Comcast,AT&T&threat=spam_tracker,botnet_tracker
How this helps: Prevents automated fraud attempts & account takeovers before they happen.
Connection Types Supported
FraudGuard.io classifies traffic based on its origin. The Advanced Threat Lookup API allows filtering based on network type:
- Cable/DSL – Standard consumer broadband connections.
- Cellular – Mobile networks (3G, 4G, 5G, LTE, etc.).
- Corporate – Business-class IP ranges.
- Unknown – Unclassified IPs or mixed traffic sources.
🚀 Start Using Advanced Threat Lookup Today
🔹 Already a FraudGuard.io customer? This API is now available for Enterprise users!
🔹 New to FraudGuard.io? Sign up today and get access to real-time threat intelligence.
🔹 Read the full API docs: Advanced Threat Lookup API Documentation
💡 Have questions or need help? Reach out to us at hello@fraudguard.io!