API, tests, and data for anti-fraud and bot detection

Device and browser info offers a range of tests, datasets, and APIs related to (anti) fraud and bot detection. These tests focus on identifying information about your device (browser fingerprinting), evaluating whether or not the browser is a bot, and detecting disposable/temporary email addresses and phone numbers. We also provide data related to proxy IP addresses used by bots, as well as disposable email addresses and temporary phone numbers used by fraudsters to create fake accounts.

🔥 New: Test our proxy detection database (more than 1M proxy IPs, updated every 2h)

Browser Fingerprinting

A browser fingerprint is the combination of different attributes collected on the server side (HTTP headers, TLS) and on the client side (with JS browser APIs). This fingerprint aims to be quite unique and stable over time. Browser fingerprinting can be used both for tracking purposes as well as for fraud detection, e.g. to detect malicious bots, credential stuffing attacks or payment fraud. A fingerprint is constituted of different attributes linked to the user device and browsers such as its timezone, the number of CPU cores, the GPU version as well as sophisticated challenges like canvas fingerprinting. You can test your browser fingerprint on this page.

Proxy IP Detection

A proxy is a program that enables users to change their IP address by routing traffic through someone else’s infrastructure. While they can be used by legitimate users for privacy purposes, they are often used by malicious bot operators and fraudsters to avoid being blocked. There exist two main types of proxies: Data center proxies are tied to providers, such as Amazon, while residential proxies belong to well-known ISPs like Comcast. Thus, bots using residential proxies are more difficult to block since their IP addresses are the same as legitimate users. Device and browser info provides a curated database of recent proxy IPs. You can see a sample of proxy IPs on this page.

🤖 Bot detection test

Bots are programs that can be used to automate tasks on the web. While certain bots, like Google bots, can be used for positive purposes, the majority of the bots are used by attackers to conduct large-scale attacks. Attackers can use bots to conduct DDoS attacks, create thousands of fake accounts, and to conduct credential stuffing attacks (steal user accounts using leaked credentials). Device and browser info provides a fingerprint-based bot detection test on this page.

Disposable emails

Disposable emails are throwaway anonymous emails that can easily be created without any phone or identity verifications. These emails are often used for malicious purposes by attackers and fraudsters to hide their identity and to create a lot of fake accounts. Device and browser info provides a database and API of disposable email domains. You can use it to detect already created fake accounts on your website.

Temporary phone numbers

Temporary phone numbers are phone numbers that can easily (freely or against a small fee) be accessed without identity verifications. They are often used for malicious purposes by attackers and fraudsters to hide their identity and to create a lot of fake accounts. Indeed, they make it easy to bypass the phone verification steps of most registration processes. Device and browser info provides a database and API of temporary phone numbers.

Device and web-related data

Device and browser info provides different datasets related to the user's browser and OS. You can find the values of several JS APIs commonly used for browser fingerprinting. We also provide a list and an API of bots and human user agents, as well as a list of common HTTP headers linked to different browsers and OS to use in your different projects.