Saltearse al contenido
ALTCHA ALTCHA ALTCHA

Esta página aún no está disponible en tu idioma.

IP Resolution

A user’s IP address can reveal important details that help Sentinel determine whether the traffic is legitimate or malicious.

Resources

Feature Highlights

  • Supports multiple IP Resolvers
  • Detects geolocation based on IP address
  • Identifies indicators such as hosting providers, proxies, TOR exit nodes, and mobile networks

Use Cases

  • Geo-fencing: Restrict or allow access based on the user’s geographic location derived from their IP address.
  • Bot Detection: Identify suspicious traffic originating from proxies, TOR nodes, or known hosting providers often used by bots.
  • Attacker Detection: Flag potentially malicious IPs by cross-referencing threat intelligence and open-source blacklists to prevent abuse or attacks.
  • Fraud Prevention: Detect and block fraudulent activity by identifying IPs linked to known fraudsters or risky regions.
  • Compliance & Regulatory Enforcement: Ensure access restrictions comply with legal or corporate policies based on geographic or network attributes.
  • Traffic Analytics: Gain insights into user demographics, such as location distribution or network types (mobile vs. broadband).
  • Rate Limiting & Throttling: Apply different traffic limits based on IP classifications, e.g., stricter limits for suspicious or high-risk IPs.
  • Access Control: Enforce security policies by allowing or blocking IP ranges associated with corporate networks or trusted partners.

Data Sources

To improve detection of whether an IP address is malicious, Sentinel integrates with multiple open-source data sources and automatically updates its lists with the latest information.

For more details, see Data Sources.

Implementation Guide

IP Resolution is integrated into the Classifier to aid in detecting potential spam.

To use IP resolution directly in your applications or services, call the POST /v1/ip endpoint with the IP address you want to analyze:

POST /v1/ip
Content-Type: application/json


{
  "ip": "143.231.249.0"
}

Example response:

{
  "city": "Washington",
  "countryCode": "us",
  "hosting": null,
  "lat": 38.906898498535156,
  "lon": -77.02839660644531,
  "malicious": false,
  "mobile": false,
  "proxy": false,
  "region": "Washington",
  "tor": false,
  "time": 28.52
}