Loading...

Updates and Releases

6.1 January 31, 2024
Portal6
Updates include Session Expire configuration (30 minutes up to 8 hours), additional Tag hit filters in Data Reports, and some bug fixes. Portal6 will replace the old portal by the end of February 2024 and viewed at portal.ehawk.net endpoint.
Portal December 11, 2023
New Portal - Preview Mode
Our new portal is in preview mode. Just click on the Show me New Portal in the navigation menu of the current portal to take it for a spin. With over 100 new features, light and dark themes, and many other utilities, we hope it improves your experience and makes working with our service easier and faster.
Please send your feedback to support@ehawk.net or create a ticket in the portal. We will continue to tweak the new portal and plan a full switch over in a few months. Again, please let us know if you would like any features by submitting a support ticket.
The new portal supports SSO (oauth). Contact support to start the SSO setup process.
www.ehawk.net has also been updated with a new look and portal guides.
Dashboard
API 5.21 Aug 28, 2023
Improved IP Traffic Scoring
Updated algorithm for better tracking, especially with IPv6. Traffic Risk scores the quality of data in real time on IP networks:
  • IP Traffic Risk Level 1: Some traffic from this IP is associated with high-risk emails, names, phones, etc. (Default Score -10)
  • IP Traffic Risk Level 2: A high percentage of traffic from this IP is associated with high-risk emails, names, phones, etc. (Default Score -25)
  • IP Traffic Risk Level 3: The majority of traffic from this IP is associated with high-risk emails, names, phones, etc. (Default Score -50)
Risk levels are based on non-IP data and do not include any IP risk factors such as bots or proxies that are scored separately. Scoring for all current clients is set at Zero for all three levels. Please review the results in the portal and adjust your Score Profiles for your API keys to score these results.
API 5.20 May 3, 2023
IP Traffic Scoring

This new test/label scores IP traffic quality with the following results:

  • IP Traffic Risk Level 1: Some traffic from this IP is associated with high-risk emails, names, phones, etc. (Default Score -10)
  • IP Traffic Risk Level 2: A high percentage of traffic from this IP is associated with high-risk emails, names, phones, etc. (Default Score -25)
  • IP Traffic Risk Level 3: The majority of traffic from this IP is associated with high-risk emails, names, phones, etc. (Default Score -50)
Risk levels are based on non-IP data and do not include any IP risk factors such as bots or proxies that are scored separately. Scoring for all current clients is set at Zero for all three levels. Please review the results in the portal and adjust your Score Profiles for your API keys to score these results.

Talon 6.04

The new and improved Talon v 6.04 (improved speed, simplified calling, support for more browsers and plug-ins) is ready. Please email support@ehawk.net for instructions. We will be migrating all clients to use 6.x over the coming months.

API 5.19 September 22, 2022
Version 5.19 includes some bug fixes, additional pattern tests, speed improvements, and infrastructure updates to support end of year product enhancements.
API 5.18 June 13, 2022
New Tag Features
Added two new tag types: Always Bad and ABA as well as support for wildcards
  • Tag Always Bad is a new option that subtracts 5,000 points so the total score will always be -100 or less
  • Tag wildcards: You can now use wildacrd (*) values in tags for email, emaildomain, domains, phone, and name, where '*' = any character or characters. As an example: j*@example.com would tag jim@example.com, jjj@example.com, etc. These wildcard tags must be added using the Tag API.
  • ABA Tags: Bank routing number (ABA) in the US can now be added through the Tag API. These tags will check against API inputs values of 'routing_number'.
Activity: Phone has 2-5+ Names
Added tracking for phones with multiple names in Activity Unique area. For exiting customers, score has been set to zero. But we highly recommend adjusting these scores to meet your risk levels. Phones with multiple names are highy supecious.
Moving Period Search
Emails with moving periods (for example jim.smith@gmail,com, ji.msmith@gmail.com, jimsm.ith@googlemail.com) are all the same email, because several email systems ignore periods. EHAWK currently marks these as Email: Moving Periods. Now when you click on an email link in the Portal Data Reports detail all the emails associated with the moving period are displayed.
High Velocity Phones
Phones that have multiple emails and/or multiple names are added to the High Velocity Phone DB. If you would like to revive alerts on these phones, make sure to set the score in Community: High Velocity Phone to score worse than your Alert Threshold.
Alert Reviewed Tracking
The Alerts page in the portal now includes a new column 'Reviewed' for manually keeping track of portal users acting on the Alerts. When the checkbox is clicked, it will change to a green box and a mouse rollover will show the username name and timestamp.
Please also read Best Practices, Suggestions, Hints.
API 5.17 March 10, 2022
Improved revet=true Reporting
revet=true is used to skip activity tracking and counting when calling our API. Previously the call would not increment any counters as well as skip all activity reporting. With 5.17 the service continues to skip counter increments, but now returns the current activity state in the JSON and scoring. This is a more accurate analysis of the data and should help track activity status.
New DNS in JSON response for domain and emaildomain
Two new areas of information in the JSON response include NS, MX, and MX IP for emaildomain and domains. This data will be incorporated into the Portal views and analysis later this year.
As an example:
{
"domain" : {
    "source":"ehawk.net",
    "ns":"pns104.cloudns.net.",
    "mx":"aspmx3.googlemail.com.",
    "mx_ip":"142.250.150.27"
}
Bug fixes include properly displaying Alert Notice email(s) and correcting filter options for Alerts in portal.
API 5.16 Dec 2, 2021
Release focused on bug fixes, performance, and getting the codebase ready for 2022 features.
API 5.15 Sept 15, 2021
Rotating API Keys
Periodically rotating keys is a good security policy. To make this easier, we added the ability to either relace API keys in the portal and invalidate the old key immediately or generate a new key and keep the old key valid for 24 hours, giving you time to update keys in your code and making the switch to the new key easier.
Apple New OS Information
Apple will release iOS 15 soon. The new OS has two new features that can impact E-HAWK scoring: Private Relay and Hide My Email.
  • Private relay generates a different IP from the end user, like a VPN, that is routed through Apple IP exit points. We have Added a new label/test 'iCloud Private Relay Proxy" to indicate if the IP is part of Apple's iCloud Private Relay network.
  • Because the Private Relay IP can be from a different location, Geo Location Delta can also be impacted. Apple always keeps the same country but our tests have shown the IP can be up to 2,000 miles away from the user address. So we recommend reviewing scoring for Geo Delta 2,000 and below. The Geo location for City and State in our JSON will also be impacted by these private relay IPs.
  • Hide My Email allows users to create an iCloud email that forwards email to the users real and specified account. This will not impact our system, but can cause issues down the line if the temporary email is deleted and users cannot get password resets or any emails from your systems.
New IP Information
We have added ASN, Netblock and RIR information to the JSON response under the IP array. These map the IP Owners, IP ranges and country locations. While not yet shown in the portal, this information will be used in future AI and also might add value to your data analysis.
Security
Based on all the data breaches from other platforms and the increased security challenges, we highly recommend turning on 2FA for your E-HAWK accounts. Admins can require this for all users in Account-> Users and Setting button at the top of the page.
Also fixed some bugs such as searching for Transaction ID and other small issues

For existing clients, both tests will score zero until you have a chance to review the data and adjust the score as you see fit.

API 5.14 May 26, 2021
New Tests and Labels
We have split out some meta labels with email checks. New responses/tests now include:
  • Invalid TLD hits when the emaildomain has an invalid TLD (top-level domain), such as domain.tdi. Default score is -25. We recommend a score that matches Undeliverable for your API keys, as the email is not deliverable, but we skip the deliverable check to save time.
  • Undeliverable Timeout hits when the SMTP server does not respond to our mailbox request call. Default score is -1. On average this represents about .003 of all API calls, so many clients will never see it. But it means we could not test if the email is deliverable.
For existing clients, both tests will score zero until you have a chance to review the data and adjust the score as you see fit.
API 5.13 March 31, 2021
Risk Hit Spike Alarms on Dashboard
Replacing the old Area Activity charts on the Dashboard is a new Spikes area. If our service detects a significant spike for specific risk hit, the alarm is listed on the dashboard with links to easily view the data. As an example, if E-HAWK monitors detect a big increase in Disposable Emails, a Spike Alarm is created. The portal displays current alarms (last 24 hours) and all alarms for the last seven days that have a score profile of -25 or worse.
Report Download Enhancements
Download reports have moved to a background process. Report limits have been increased from 5k to 50k rows. On the Data Reports page in the Portal you will see a new Report Queue table when requesting a report. When the report is ready click on the download link in the queue table. Reports will be listed in the queue for two hours. Large data sets can take several minutes to process.
Campaign IP Blocklist API
This new API is designed for companies driving traffic via web campaigns. The API provides a list of IPs per campaign to block thus reducing click and lead fraud for your campaigns in real-time. When sending campaign_id with Vetting API calls, E-HAWK tracks campaign performance in real-time. If you are using any ad platform that supports IPs blocking per campaign, use this API to get a list of all IPs to add to campaign blocklists in platforms such as Google, Bing, and others. This will block these bad IPs from getting campaign traffic.
Obfuscate API
Use the Obfuscate API to replace all personal data with 'Data Obfuscated'. When calling with a transaction ID the API will replace IP, email, name, street, city, state, postalcode, and phone with 'Data Obfuscated'. Use this API when GDPR and other privacy laws require the obfuscation of personal information for a transaction.
Column Sorting on Data Reports Page
Click on any column name in the Data Reports page to sort. One click for ascending and two clicks for descending sorts. The sorting column will have a sort icon to the right with an order indicator. For example, to sort by IP click the IP column name.
Added Tests for Domains with No Web IP
Some domains just have MX records, but no IP in DNS. In this case the site is not viewable and the new test 'Domain: No Web IP' will hit. Scoring for current clients is set to zero.
API 5.12 February 1, 2021
Added settings to restrict Portal download of data. You can now turn off for all users or only allow admins to download data. Bug fixes include fixing lead source charts counts, timezone charts for our Australian users, and removing scoring data in JSON error responses.
API 5.11 November 30, 2020
With our rapid growth in usage, 5.11 was focused on upgrades to our backend infrastructure, code, and learning engines. We expect improved performance in API response times and the updated code positions us well for the many enhancements planed for 2021.
API 5.9 September 1, 2020
Lead Source Sub IDs
Added full support for sub IDs for lead sources. Just send lead_source=source name plus sub_id=subID when calling the API. Reporting as well as the Lead Source API will now include sub ID information. In addition, on the Lead Source Portal we added a Group button to easily rollup Lead Sources and all their Sub IDs.
Mandate 2FA for Portal Users
On the Users page in the portal, click on Settings and you can require Two Factor Authentication for all users in your account. We recommend turning this on for extra security.
Added Tests for Free Domains
In both emaildomain and domain checks, we added a test for domains from free services such as .ga and .tk. Hits are returned as Email: Free Domains and Domain: Free Domain. Default score is -5, but we recommend cranking that up a bit.
Added Dynamic DNS Checks
Domain checks includes Dynamic DNS tests for DDNS services such as proxydns.com. Default score is -10. These services are often used for home web sites and would typically not be used by corporate systems.
API 5.8 June 18, 2020
New chart view added to the Data Reports area
Click on the Chart Icon to quickly find out what specific risk hits impacted scores. Chart shows Risk Hits, Score Impact, Grouped by Risk Level. This chart can help you quickly identify why filtered lists of data are scoring bad or good. Give it a try and let us know what you think.
Added Campaign and Lead Source Report API
The API empowers users to get real-time reports on performance by Lead Source and Campaign. Easy to connect into Google Sheets or Excel to monitor lead source and campaign results. This replaces any emailed reports on performance. You can get more info using the API and view live data in an excel, gSheet, or any program that parses JSON to create tables.
Security
Enhanced with IP ACLs to limit IPs that can call our APIs. IP ACLs limit inbound traffic to our api and feed-api endpoints. By default, our endpoints accept traffic from most IPs. By adding your IPs to this list, you restrict all endpoint access to only those IPs on ACL list. The ACL supports individual IPv4 entries as well as v4/24 CIDR blocks. To access, click on Account->Settings. If the ACL IPs are set and call from other IPs hit our endpoints, the JSON response code will be -6 with the error description of IP not in ACL.
Other Features
Added new cache times to both repeat and unique from 5 minutes to 12 hours. These settings are per API key.
All portal users will be asked to check their profile data every six months. Please make sure to update any wrong info. Admins can also add a phone number for text alerts on downtown and security issues from E-HAWK.
New Portal page of Account->Settings where you can manage the account main and technical contacts as well as get quick links to security settings. We will be adding Subscription info and credit card payments to the page in a future release.
We updated the look and feel of www.ehawk.net, created a new section for API docs (we now have 8 APIs) and simplified adding a ticket to our support system in the portal.
API 5.7 February 11, 2020

Version 5.7 adds new Email: Suspect Pattern test for emails that have bot like addresses. Default score is -5. Review your results and modify scoring as needed. The release also includes many backend updates for our portal such as updated charting, icons, and JS speed improvements.

Top