Changelog
April 2026
New: Behavior Patterns
Multi-session behavioral patterns are now available in the dashboard and API. Patterns trackdevice_id, visitor_id, user_hid, and webrtc_ip across sessions to detect coordinated fraud.
- New endpoint:
GET /api/domains/{id}/patterns - New endpoint:
GET /api/domains/{id}/patterns/{name} - Pattern levels:
suspiciousanddangerous
New: noscript Beacon
The noscript beacon (https://rest.shieldlabs.ai/noscript?publicKey=...) now triggers a webhook with Score: 90 and Details: [{"Value": 90, "Description": "JavaScript disabled"}].
Improvement: Override Rule 3
Override Rule 3 (VPN + STUN OK + OS mismatch) now correctly collapses all OS mismatch signals when a VPN is detected with a passing STUN check, reducing false positives for legitimate VPN users.January 2026
Launch: ShieldLabs v1.0
Initial release:- JS snippet with
checkAnonymous()andcheckAuthenticatedUser() - REST fingerprint pipeline
- WebRTC STUN-based IP detection
- TCP OS fingerprinting via Shield.Tcp
- IP Intelligence via ipapi.is
- Trust Score (0–999) with 12+ detection signals
- Webhook delivery with HMAC-SHA256 signature
- Dashboard: domains, analytics, session history
- Public API: debug and history endpoints