GeoQ
Free API key

Blog

Honest writing on IP intelligence.

Working code, clear explainers, and straight talk about what IP signals can and can't do.

7 June 2026 · 7 min read

Beyond cf.threat_score: when you need structured IP signals

cf.threat_score is great at the edge if you're already behind Cloudflare. Here's when you outgrow an opaque number and need structured, host-agnostic signals in your own code.

Read post →
7 June 2026 · 7 min

More signals, fewer false positives

Three signals that catch more abuse, three that stop you flagging real users on Apple iCloud Private Relay or Starlink, and one breaking change. Every signal is one input, not a verdict.

#signals#false-positives#release
6 June 2026 · 5 min

Sub-30ms IP checks from both US coasts

api.geoq.io now routes to the nearest US region automatically. Same key everywhere, activates globally in about a minute — and an honest note on where EU serving stands.

#latency#infrastructure#performance
6 June 2026 · 8 min

Verified crawlers, evidence labels, and IPv6: signals you can reason about

The bot you must NOT block, an evidence label that tells you how directly we saw a signal (not how likely it is), and IPv6 parity. The honest-by-design release.

#signals#verified-bot#transparency
6 June 2026 · 6 min

Batch lookups: check 100 IPs in one call

One round trip instead of a hundred. How to use POST /v1/check/batch for log enrichment and backfills — with straight talk on quota: a batch is metered per IP.

#batch#API#tutorial
17 February 2026 · 8 min

Using IP signals to slow account-takeover attacks

IP signals won't stop ATO on their own — but as one layer they raise the cost of attacks. Here's a pragmatic, honest pattern with working login code.

#security#ATO#fraud
10 February 2026 · 7 min

Residential vs datacenter proxies, explained

Datacenter proxies are easy to spot; residential proxies route through real consumer devices and are deliberately evasive. Here's how to think about both.

#proxies#detection#explainer
3 February 2026 · 6 min

What is an ASN — and why it matters for IP fraud

The ASN behind an IP tells you whether it's a home ISP, a cloud host or a sketchy network. Here's the concept, how to look it up, and how to use it.

#ASN#networking#explainer
27 January 2026 · 8 min

Handling VPN users at a React signup — step up, don't block

Blocking everyone on a VPN is a bad idea. Here's how to wire an IP risk check into a React signup and respond with friction proportional to risk.

#React#signup#fraud
20 January 2026 · 7 min

How to detect a VPN by IP address in Node.js

A copy-paste Express middleware that flags VPN/proxy/datacenter IPs and steps up verification — with an honest take on what the signal can and can't tell you.

#Node.js#VPN#tutorial

Start with the free tier. No card.

1,000 lookups a day, every signal, the same transparent risk score. Upgrade only when you outgrow it.

Get your free API key Read the quickstart