I've received a handful of questions asking the following:
How does ProxyNet detect VPN's?
What happens if there are false positives?
How often is the database updated?
I'd like to answer these questions in going through the entire workings of ProxyNet.
This will check your lookup if it is whitelisted. If it is whitelisted it will result in an automatic "No Proxy Detected" and the lookup will stop. This is to handle false positives and can come in the form of an ASN, IP range, or IP address. If no whitelist is found, it moves on to it's next step.
The IP cache is a temporary storage of lookups (about 1-2 hours), this helps against repeated lookups with the same IP to check. If a proxy was detected, the cache will return Proxy Detected. If it is not a proxy, No Proxy Detected will be returned. If the IP has not been cached, it moves on to the next step.
Next, the IP that is looked up will go through a check of the provider's ASN (Autonomous System Number), an ASN is essentially the provider's unique identifier. If the ASN is flagged as known for hosting/colocation/spam/proxy usage or masking, it will return Proxy Detected. If not, it will move on to the final stage.
ProxyNet will now contact a large and forever growing collection of IP addresses, ranges, and more to detect proxy usage on a particular IP address. This collection is maintained and updated frequently by several contributors and providers. If the IP address is listed in the database as belonging to a proxy/VPN, it will return Proxy Detected and cache the result. If not, it will return No Proxy Detected and cache the result.
With all of this combined, ProxyNet is able to detect proxy/VPN usage, stay resource efficient, and have a short API response time.
There may be a time where ProxyNet messes up and flags a legitimate IP address. If that is the case, if you report it with proper data for me to investigate I will whitelist as necessary.
Hope this answers your questions about ProxyNet!