oanor
Sign up free
Marketplace Pricing Features Sign in
Back

#privacy

2 APIs with this tag

Tor Network API

Look up the live Tor network as an API — powered by the Tor Project's official Onionoo service and the canonical bulk exit-node list. Check whether any IPv4 or IPv6 address is a Tor relay (is_tor_relay) and whether it is an exit node that clients leave the network through (is_exit_node, corroborated against the bulk exit list), returning the full matching relay record(s): nickname, fingerprint, flags, country, autonomous system, advertised bandwidth, exit-policy summary and first/last-seen dates. Or search the public relay list by nickname, fingerprint, IP, country or flag (Exit, Guard, Fast, Stable…) with paging. Built for fraud and abuse triage, login-risk scoring, comment- and registration-filtering, and network research — knowing at a glance whether a connection originates from the Tor network. Range data is fetched live from the Tor Project, so it is always current. A Tor-network lookup — distinct from cloud/CDN attribution (cloudips), IP geolocation (ipgeo), ASN/BGP ownership (asn, ripestat) and open-port exposure (internetdb). No upstream key, no cache.

api.oanor.com/tor-api

Password Breach Check API

Check whether a password has appeared in known data breaches — as an API over Have I Been Pwned's Pwned Passwords corpus (800+ million unique compromised passwords). It uses k-anonymity: only the first 5 characters of a password's SHA-1 hash are ever sent upstream, so the password itself never leaves in full. Pass a password (hashed in memory, never stored or logged — send it via POST so it never appears in a URL/log) or a SHA-1 hash to learn whether it has been breached and how many times; or fetch a raw k-anonymity range for a 5-character hash prefix and do the matching entirely on your own side for zero password exposure. Screening sign-ups and password resets against breached-password lists is recommended by NIST 800-63b, and this makes it a one-call check. A breach / credential-security resource — distinct from password generators, cryptographic hashing and bcrypt. Open data from Have I Been Pwned (Troy Hunt), CC BY 4.0.

api.oanor.com/pwned-api