Identity & Security

Fraud Detection API

Multi-signal fraud risk scoring combining email, IP, phone, and user agent analysis. Returns a risk score (0–100), risk level, actionable recommendation, and detailed signal breakdown. IP intelligence powered by MaxMind GeoIP2.

Endpoint:/api/v1/fraud/check
Method:POST
Latency:~50ms

Try it out

POST/api/v1/fraud/check

Parameters

Code

curl
curl -X POST "https://khaleejiapi.dev/api/v1/fraud/check?email=test%40temp-mail.org&ip=1.2.3.4&phone=%2B971501234567" \
-H "Authorization: Bearer your_api_key"

Request Body

All fields are optional, but at least one must be provided. More signals produce more accurate risk scores.

FieldTypeDescription
emailstringEmail address to analyze (disposable domain + pattern detection)
ipstringIP address for reputation check (Tor, VPN, proxy, hosting)
phonestringPhone number to analyze (length, patterns, premium rate)
userAgentstringUser-Agent string for bot/automation detection

Risk Levels

Low (0–25)

Recommendation: allow — no suspicious signals

Medium (26–50)

Recommendation: review — some risk indicators

High (51–75)

Recommendation: block_or_challenge — significant risk

Critical (76–100)

Recommendation: block — strong fraud indicators

Analysis Capabilities

Email Analysis

500+ disposable domains, auto-generated patterns (excessive digits, random strings), free provider detection, role-based addresses

IP Intelligence (MaxMind GeoIP2)

Tor exit node, VPN, proxy, hosting provider detection. Country, city, ISP, ASN identification. High-risk country flagging.

Phone Analysis

Length validation, repeated/sequential digit detection, premium rate number flagging

Cross-field Correlation

IP country vs phone country mismatch, email TLD vs IP country inconsistency

Rate Limits

PlanRequests/MonthRate Limit
Free5005 req/min
Starter5,00030 req/min
Professional50,000120 req/min
Business250,000500 req/min

Debugging & Support

Include X-Request-ID when contacting support

Every response from KhaleejiAPI includes an X-Request-ID header — a unique identifier that lets our support team pull the exact log entry for your request within seconds. Always share it when reporting an unexpected error or unexpected result.

How to capture it

JavaScript / fetch

const res = await fetch("https://khaleejiapi.dev/api/v1/...", {
  headers: { Authorization: "******" },
});
const requestId = res.headers.get("x-request-id");
console.log("Request ID:", requestId);
// → e.g. "req_01j9xkz4vp8..."

cURL

curl -si "https://khaleejiapi.dev/api/v1/..." \
  -H "Authorization: ******" | grep -i x-request-id
# → x-request-id: req_01j9xkz4vp8...

Browser DevTools

Open DevTools (F12) → Network tab → click the failing request → scroll to the Response Headers section → copy the value next to x-request-id.

For a full list of error codes and guidance on common issues, see the Troubleshooting guide.