How to detect data center IP address ranges?

Intro

Data centers function primarily as hosting providers so that individuals or organizations can set up their own servers to serve contents like web servers and email servers. They are flexible enough that you can also run various software and services on them for additional functionalities. One such functionality is anonymizing users’ browsing data via the use of proxy software.

The possibility of a data center IP being a proxy server or VPN means you will occasionally have the need to filter them from accessing your websites. This is why the proxy database includes these data center IP ranges so that you can identify and take action whenever one of these IP addresses visits your website.

Using IP2Proxy to detect data center IP ranges

First of all, you have to download the IP2Proxy PX11 CSV database.

Once you have downloaded the zipped file, you will need to extract the IP2PROXY-IP-PROXYTYPE-COUNTRY-REGION-CITY-ISP-DOMAIN-USAGETYPE-ASN-LASTSEEN-THREAT-RESIDENTIAL-PROVIDER.CSV file and save it somewhere, e.g. C:\mydata\.

For this example, we’ll be using MySQL to store and query the data via PHP.

To create the database and table, use the SQL below:

CREATE DATABASE ip2proxy;
USE ip2proxy;
CREATE TABLE `ip2proxy_px11`(
    `ip_from` INT(10) UNSIGNED,
    `ip_to` INT(10) UNSIGNED,
    `proxy_type` VARCHAR(3),
    `country_code` CHAR(2),
    `country_name` VARCHAR(64),
    `region_name` VARCHAR(128),
    `city_name` VARCHAR(128),
    `isp` VARCHAR(256),
    `domain` VARCHAR(128),
    `usage_type` VARCHAR(11),
    `asn` VARCHAR(6),
    `as` VARCHAR(256),
    `last_seen` INT(10),
    `threat` VARCHAR(128), 
    `provider` VARCHAR(256), 
    PRIMARY KEY (`ip_from`, `ip_to`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;

Next, import the data using the SQL below:

LOAD DATA LOCAL
INFILE 'C:\\mydata\\IP2PROXY-IP-PROXYTYPE-COUNTRY-REGION-CITY-ISP-DOMAIN-USAGETYPE-ASN-LASTSEEN-THREAT-RESIDENTIAL-PROVIDER.CSV'
INTO TABLE `ip2proxy_px11`
FIELDS TERMINATED BY ','
ENCLOSED BY '"'
LINES TERMINATED BY '\n';

In your PHP webpage, you will need the following codes (remember to modify the code for your own MySQL username and password):

<?php
$ipaddress = getenv("REMOTE_ADDR");

$host = "localhost";
$dbname = "ip2proxy";
$user = "your_username";
$pwd = "your_password";

function Dot2LongIP ($IPaddr) {
  if ($IPaddr == "") {
    return 0;
  }
  else {
    $ips = explode(".", "$IPaddr");
    return ($ips[3] + $ips[2] * 256 + $ips[1] * 256 * 256 + $ips[0] * 256 * 256 * 256);
  }
}

try {
  $pdo = new PDO('mysql:host=' . $host . ';dbname=' . $dbname . ';charset=utf8', $user, $pwd);
  $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  
  $sql = "select `ip_from`, `ip_to`, `proxy_type`, `country_code`, `country_name`, `region_name`, `city_name`, `isp`, `domain`, `usage_type`, `asn`, `as`, `last_seen`, `threat`, `provider` ";
  $sql .= "from `ip2proxy_px11` where :ipnum between `ip_from` and `ip_to` limit 1";
  
  $st = $pdo->prepare($sql);
  $ipnum = Dot2LongIP($ipaddress);
  $st->bindParam(':ipnum', $ipnum, PDO::PARAM_STR);
  $st->execute();
  
  $data = $st->fetchAll(PDO::FETCH_ASSOC);
  
  if (($st->rowCount() > 0) && ($data[0]["proxy_type"] == "DCH")) {
    echo "IP: " . $ipaddress . " belongs to a data center<br />\n";
    echo "Proxy Type: " . $data[0]["proxy_type"] . "<br />\n";
    echo "Country Code: " . $data[0]["country_code"] . "<br />\n";
    echo "Country Name: " . $data[0]["country_name"] . "<br />\n";
    echo "Region: " . $data[0]["region_name"] . "<br />\n";
    echo "City: " . $data[0]["city_name"] . "<br />\n";
    echo "ISP: " . $data[0]["isp"] . "<br />\n";
    echo "Domain: " . $data[0]["domain"] . "<br />\n";
    echo "Usage Type: " . $data[0]["usage_type"] . "<br />\n";
    echo "ASN: " . $data[0]["asn"] . "<br />\n";
    echo "AS: " . $data[0]["as"] . "<br />\n";
    echo "Last Seen: " . $data[0]["last_seen"] . "<br />\n";
    echo "Threat: " . $data[0]["threat"] . "<br />\n";
    echo "Provider: " . $data[0]["provider"] . "<br />\n";
  }
  else {
    echo "IP: " . $ipaddress . " does NOT belongs to a data center<br />\n";
  }
}
catch(PDOException $e) {
  echo "Error: " . $e->getMessage() . "<br />\n";
}

?>

What the PHP code above does is get the website visitor’s IP address and then convert it to the equivalent IP number before querying the MySQL server for the results. If the IP address is found in the table and the proxy type is DCH then that IP address belongs to a data center.


THE POWER OF IP GEOLOCATION

Find a solution that fits.


Was this article helpful?

Related Articles