1,000 free credits per day — no credit card required

Decide before
you render.

Crytify helps developers decide whether to allow, challenge, or block a request — before protected content is ever rendered.

Live decision stream

Visitor requests classified before render

Requests

18,420

Blocked

1,284

Latency

42 ms

ALLOW

checkout.crytify.demo

Singapore edge / normal_request

91

now

CHALLENGE

login.crytify.demo

Frankfurt edge / identity_risk

54

now

BLOCK

signup.crytify.demo

Virginia edge / automation_risk

8

now

ALLOW

docs.crytify.demo

Tokyo edge / trusted_session

88

now

Edge status

healthy
Allow rate 82%
Challenge rate 11%
Block rate 7%

Mode

pre-render

Regions

global edge

POST /v1/trust
{
"ip": "185.220.101.47",
"user_agent": "Mozilla/5.0 ...",
"path": "/login",
"method": "POST",
"headers": { ... },
}
Response block
{
"decision": "block",
"trust_score": 4,
"risk_score": 96,
"reasons": ["network_risk", "automation_risk"],
"network": { "country": "US", "network_type": "unknown" }
}

Detects and decides on

Bots & crawlers AI bots Anonymized traffic Network risk Automation risk Reputation risk Identity risk Fingerprint risk Request consistency Suspicious traffic

Built for production paths

Drop Crytify into the flows attackers actually target.

Use request decisions in middleware, server routes, and backend checks before sensitive content or actions are exposed.

Login and signup

Challenge risky sessions before account creation or credential attempts.

Checkout

Review suspicious payment attempts before rendering payment steps.

API endpoints

Gate expensive or private endpoints with one trust decision.

Member-only pages

Protect dashboards, documents, and account pages pre-render.

Next.js Express Laravel CodeIgniter Cloudflare Workers WordPress Shopify Custom APIs

One API call. Three possible decisions.

Crytify evaluates the request and returns a decision you act on immediately — before your app renders anything.

allow

Request passes all checks for the configured mode. Proceed normally.

challenge

Signals are uncertain. Gate the request with a challenge before rendering.

block

Request exceeds the configured protection policy. Deny immediately.

POST /v1/ip

IP Intelligence

Send an IP address, get back structured intelligence. No decision is made — this is raw signal you can use however you want.

  • Geo (country, region, city)
  • ASN & ISP / organization
  • User type & connection type
  • Connection category
  • Network context
  • Public risk category
  • Country and region
  • API-ready metadata

1 credit per call. Returns intelligence only.

POST /v1/ip 1 credit
// Request
{ "ip": "8.8.8.8" }
// Response (abridged)
{
"country": "US",
"asn": "AS15169",
"org": "Google LLC",
"network_type": "business",
"risk_category": "network_risk"
}
POST /v1/trust 2 / 4 / 8 cr
// Request
{
"ip": "203.0.113.5",
"user_agent": "Mozilla/5.0 ...",
"path": "/checkout",
"method": "POST",
"headers": { ... },
"api_key": "cry_live_••••"
}
// Response
{
"decision": "challenge",
"trust_score": 42,
"risk_score": 61,
"reasons": ["identity_risk", "request_risk"],
"network": { "country": "US", "network_type": "unknown" }
}
POST /v1/trust

Trust Decision

Send the full request context — IP, user agent, headers, path, method. Crytify evaluates request, network, reputation, and consistency context, then returns a single decision with scores and broad reason categories.

trust_score 0 – 100

0–30 Low trust
31–70 Uncertain — challenge zone
71–100 Higher trust

risk_score 0 – 100

Higher = more suspicious. Raised by private internal evidence from network, reputation, automation, identity, fingerprint, and request consistency categories.

confidence 0 – 100

How certain Crytify is about this decision. Lower confidence means less available signal.

reasons & evidence

Broad public categories behind every decision, without exposing proprietary internal checks.

Three protection modes

Match strictness to the sensitivity of the page. Use Easy for content pages, Hard for login and checkout.

Easy

2 credits

Goal: low friction.

  • Network risk
  • Anonymization risk
  • Automation risk
  • Identity risk
  • Reputation risk

Best for: content pages, marketing, general traffic.

Default

Medium

4 credits

Goal: balanced protection.

All Easy checks, plus

  • Header consistency
  • Session & cookie signal
  • Basic identity signal
  • Basic reputation

Best for: dashboards, account areas, forms.

Hard

8 credits

Goal: strict protection.

All Medium checks, plus

  • Pre-render gate / challenge
  • Stronger identity checks
  • Device & browser consistency
  • Stronger automation analysis
  • Stronger identity analysis
  • Stronger reputation analysis
  • Stronger fingerprint analysis
  • Strict high-priority policy

Best for: login, admin, checkout, API, high-risk pages.

High-priority policy

High-priority policy can return a firm decision when internal evidence exceeds the configured mode. The exact matching logic remains private and is not exposed in public responses.

Every decision includes public reason categories.

You always know why a request was blocked, challenged, or allowed. Public responses expose broad categories while internal details stay private.

This makes it straightforward to audit decisions, tune your rules, and explain outcomes to your team — without opening a black box.

reasons [ ]
"category": "network_risk"
"category": "identity_risk"
"category": "automation_risk"

Credits-based pricing

Credits represent compute — deeper checks cost more. You control spend by choosing the right mode per page.

Free

Free /day

1,000 credits/day

Promo: 10,000 credits/day until Jan 1, 2027

Start now
  • All endpoints
  • All protection modes
  • Dashboard & request logs

Starter

$10 /month

10,000 credits/day

Start now
  • All endpoints
  • All protection modes
  • Dashboard & request logs

Growth

$29 /month

100,000 credits/day

Start now
  • All endpoints
  • All protection modes
  • Dashboard & request logs

Business

$99 /month

1,000,000 credits/day

Start now
  • All endpoints
  • All protection modes
  • Dashboard & request logs

Credit cost per call

Endpoint Easy Medium Hard
POST /v1/trust 2 4 8
POST /v1/ip 1
GET /v1/usage & /v1/me free — no credits consumed

Decide before you render.

1,000 free credits a day. No credit card. No commitment.