TRAFFIC INTELLIGENCE · FREE TOOL

Is this IP a fraud risk?

Instant reputation check against our network of billions of scored IPs. Geolocation, network type, VPN/proxy detection, and — the bit no other tool has — live click fraud signals from our detection engine.

Try: · · · paste from google ads
LIVE· recently flagged across the network
  • loading…
NETWORK SIGNALS

ASN · ISP · type

Geolocation, ASN, ISP, and hosting type from industry data providers.

VPN / PROXY

Tor · Datacenter · Residential

Every major anonymiser and commercial proxy network, classified.

CG FIRST-PARTY

Seen 30d · Flag rate

Our detection events across 2,000+ live advertiser campaigns.

API ACCESS

curl -H "Key: …"

Free tier for the browser tool; API keys on the roadmap.

THE DATABASE

Data you can act on, today.

4,218,429,517 IPv4 addresses scored
41,287 Fraudulent clicks blocked today across the network
40+ Detection rules scoring every click
47ms Median lookup response time

Figures refresh daily · last network aggregate pulled from production.

BACKGROUND

Why IP reputation matters for PPC

Every click on a paid ad costs you money. A certain percentage of those clicks won't ever turn into customers — not because the visitor wasn't interested, but because there was never a real visitor in the first place. Bots, click farms, competitors running automated tooling, incentivised traffic from proxy networks: collectively, industry studies put invalid click rates between 10% and 30% across most verticals. In some categories (locksmiths, legal, home services) it runs higher.

IP reputation is the single most useful signal for identifying that bad traffic at the source. The IP is the one identifier a fraudulent click source can't easily change in real time — device fingerprints rotate, user agents spoof trivially, but the network route reveals itself every time. A datacentre IP clicking a residential-service ad at 3am? Almost certainly fraud. A residential IP that's flagged fraud on fourteen other advertisers in the same month? Easy call.

Generic IP reputation tools — AbuseIPDB, IPQS, Fraudlogix — are built off public threat intelligence: compromised hosts, spam sources, abuse reports. That's useful, but it's not enough. Public lists lag real attacks by days to weeks, and almost none of the signal is specific to paid advertising. A host flagged for email abuse isn't necessarily clicking your ads.

Our approach is different. We run a dedicated fraud detection engine across live Google Ads and Microsoft Ads traffic. Every click that touches the network is scored in real time against 40+ detection rules — behavioural patterns, technical signals, geographic anomalies, conversion analysis. When a click is flagged, the source IP accumulates reputation against it. The tool above reveals that reputation to you, aggregated across our entire network.

For a PPC manager, the practical flow is: pull the IP from your Google Ads invalid-click report, paste it here, and see whether it's something we've seen misbehave elsewhere. For an agency, it's evidence to take to a client about what's actually wasting their budget. For a developer, the API returns the same payload — drop it in wherever a reputation check is useful. For security teams, it's a second opinion before you allowlist an address in your WAF or CDN.

The main Click Guardian product doesn't stop at revealing reputation — it acts on it, continuously, across every active campaign. Invalid clicks get blocked at source through Google Ads and Microsoft Ads exclusion lists. Results typically start within hours. If that sounds useful, there's a free trial below. If not, keep using the checker — it's free, it'll stay free, and it exists because we think PPC managers deserve better tooling regardless of who they buy from.

HOW IT WORKS

Three steps.

01

Lookup

Submit an IPv4 or IPv6 address. Instant response from the edge cache. 

GET /v1/ip/203.0.113.42
02

Score

Combined geo, network, anonymiser, and first-party CG network signals. 

risk_score: 87
flagged_30d: 1,102
categories: ["click_farm"]
03

Act

Get a verdict, a risk score, and — if you sign up — automatic blocking across your ad campaigns. 

{
  "action": "block",
  "reason": "click_farm",
  "confidence": 0.94
}
USE CASES

Built for the people who actually run campaigns.

PPC MANAGER

Investigate an IP from your Google Ads invalid-click report before adding it to your exclusion list. Get the evidence, not just a boolean.

AGENCY

Audit a new client's invalid-click report before proposing remediation. Pull receipts for the first client meeting.

SECURITY

Check an IP before allowlisting it in your WAF or CDN. Second opinion, no signup.

DEVELOPER

Integrate into your stack via the API. Drop-in compatible with the field shapes used by IPQS and AbuseIPDB.

COMPARED

vs. generic IP reputation tools.

IP Reputation Bot Detection PPC-specific signal Free tier
Click Guardian ✓ (the moat) Unlimited browser
IPQS 5,000/mo API
AbuseIPDB partial 1,000/day API
Fraudlogix partial 100/day API

Free-tier figures are drawn from each provider's public pricing as of April 2026. Correct us if we're wrong.

FAQ

Questions we hear a lot.

What is an IP reputation checker?

A tool that scores an IP address for risk using a combination of signals — geolocation, network type, VPN/proxy/Tor classification, and, in our case, first-party fraud events from a live ad-traffic network. The score tells you how likely that IP is to be a source of bad traffic: bots, click farms, or invalid clicks.

How do you detect click fraud IPs?

Our detection engine scores live click traffic on Google Ads and Microsoft Ads in real time against a rules engine and a fraud model; flagged clicks are recorded, and the IPs associated with them accumulate a reputation. The more times a given IP shows up on flagged clicks — across campaigns, industries, and countries — the higher its risk score.

Is this really free?

Yes — the browser tool is free and requires no signup. The free anonymous tier is rate-limited to prevent abuse. A higher-quota API is on the roadmap for registered users.

How is this different from IPQS, AbuseIPDB, or Fraudlogix?

Most IP reputation tools rely on generic threat feeds — compromised hosts, known spam sources, abuse reports. We add a signal no generic tool has: first-party click fraud events from live PPC campaigns. If an IP has been clicking ads fraudulently, we have ground-truth data on it that nobody else does.

What does the risk score mean?

The score runs 0–100. 0–19 is clean, 20–39 is low, 40–59 medium, 60–79 high, 80–100 critical. The score combines industry signals (VPN/proxy/datacenter classification, provider reputation) with our first-party flag rate. High scores indicate we have strong evidence the IP shouldn't be seeing your ads.

Can I check my own IP?

Yes — click the "my ip" link under the search box and it will autofill your public IP for you to check.

What data do you store when I check an IP?

We rate-limit by source IP to prevent abuse, but we don't store identifying information beyond that. Lookups are cached (hashed) for an hour to reduce upstream costs. Our warehouse never stores raw IPs — only hashed IPs with no per-event detail exposed to the public tool.

How often is your data updated?

Our first-party flag data updates continuously as our detection engine scores live ad clicks. Aggregate counts are refreshed hourly. Network data (ASN, geolocation) comes from industry data providers and updates on their cadence — typically daily.

Do you offer an API?

Yes. The browser tool itself uses our public /v1/ip/:ip endpoint. API keys with higher rate limits are planned for registered users — sign up for a trial and we'll let you know when they're live.

Can I bulk check IPs?

Not through the browser tool yet. For larger volumes, get in touch and we'll set up early API access. Or start a Click Guardian trial — bulk IP analysis across your campaigns is part of the product.

How do I block these IPs in Google Ads?

Google Ads allows a limited number of IP exclusions per campaign. The right workflow is to import your Click Guardian block list automatically — we do this for you, continuously, across all your campaigns. Manual exclusions are painful at scale; that's the pitch for the full product.

What counts as a "flag" on your network?

A flag is recorded when our detection engine classifies a click as fraudulent under one of our rule categories — click farm, bot, proxy abuse, rapid-fire clicks, and others. Each flag event is associated with the source IP (hashed). The "flagged count" you see is the total across all campaigns in our network over the reporting window.

API

Same data, your stack.

Every lookup on this page is a public API call. The browser tool is free and rate-limited. API keys with higher limits are on the roadmap — drop us your email if you'd like early access.

Request early access →
curl bash 
curl https://lookup.clickguardian.ai/v1/ip/203.0.113.42
response json 
{
  "ip": "203.0.113.42",
  "reputation": {
    "risk_score": 87,
    "risk_level": "high",
    "is_known_threat": true
  },
  "click_guardian": {
    "seen_on_network": true,
    "seen_count_30d": 1247,
    "flagged_count_30d": 1102,
    "flag_rate": 0.884
  }
}

Stop investigating IPs one at a time.

The full Click Guardian product blocks these IPs automatically across Google Ads and Microsoft Ads — before they cost you a cent.

Start 7-day free trial → Or keep using the free checker — no signup required.