IP Intelligence playbook
Stop banned users from rejoining via VPN or datacenter
Banned players in competitive games and banned accounts on streaming platforms try to rejoin under fresh identities. The cheapest version of that bypass uses a VPN or datacenter VPS for the rejoin attempt. Recognising the network signal at session creation is much cheaper than catching it post-hoc through chat moderation or payment-fraud signals.
This playbook hooks the IP Intelligence API into the session-creation handler. Severity-2 traffic (Tor, public proxy) is refused outright. VPN traffic depending on platform policy can be refused or flagged for review. Hosting / datacenter traffic at session creation is almost always a bypass attempt for a consumer game or streaming account.
Try it now
Free tier returns the same shape. Sign in for a key, replace the placeholder, watch the response.
curl -H "Authorization: Bearer dk_live_..." \ "https://dnschkr.com/api/v1/ip?address=$REJOIN_IP" # Ban-evasion gate at session creation: if (banned.has(deviceFingerprint)) refuse(); if (data.recommendation.severity >= 2) refuse(); // Tor, public proxy if (data.is_vpn) refuseOrFlagForReview(); if (data.asn.type === "hosting") refuse(); // datacenter rejoin
What this catches
Major commercial VPN ranges (NordVPN, ExpressVPN, Surfshark, Mullvad, ProtonVPN, plus hundreds of smaller providers) are tracked from published ranges and observed behavior. Tor exit nodes are tracked from the live consensus. Datacenter ASNs cover 800+ hosting providers worldwide. Each detection includes detection_sources[]so an appeal review can replay the decision.
The gap: SDK-residential pools (EarnApp, Honeygain) and a banned user with a fresh consumer ISP connection both look like normal residential traffic. Device-fingerprint anchoring at the client layer plus payment-method history at the account layer close that gap. IP signal is the cheapest and earliest layer; it is not the only one.