IP Intelligence playbook
Enforce regional content locks with confidence
Streaming platforms, live-sports rights holders, and academic publishers all face the same problem: licensed content has territorial rules, and viewers know how to use a VPN. A pure country lookup is not enough. The country flag has to combine with a VPN or proxy signal so that a bypass attempt fails closed.
This playbook combines two checks: country membership in the licensed list, plus a deny rule against any VPN, datacenter, or commercial-proxy egress. Legitimate CDN traffic (Akamai, Cloudflare, Fastly) is identified by service name and stays on the fast path so the geo check does not break content delivery.
Try it now
Free tier returns the same shape. Sign in for a key, replace the placeholder, watch the response.
curl -H "Authorization: Bearer dk_live_..." \ "https://dnschkr.com/api/v1/ip?address=$VIEWER_IP" # Geo-licensing logic: const ALLOWED = new Set(["US", "CA", "GB"]); if (!ALLOWED.has(data.country)) blockGeo(); if (data.is_vpn || data.asn.type === "hosting") blockBypass(); // Service identification keeps legitimate CDNs unblocked: if (data.service.kind === "cdn") allow();
What this catches
Country accuracy on the IP Intelligence response combines the MaxMind GeoLite2 baseline with overrides drawn from DNS Checker zone observations. ASN classification catches hosting / VPN / proxy bypasses. The service field identifies CDNs and known cloud-egress ranges so legitimate infrastructure is not mis-blocked.
The honest gap: SDK-residential pools where the egress IP is a real consumer ISP IP in the licensed country cannot be detected. That is a small fraction of total bypass traffic and disproportionately expensive to acquire, so the leak is bounded. For strict territorial-rights work where any leak matters, layered defenses (account geofencing, payment-method country, device attestation) close the remaining gap.