Detect VPN, Proxy & Bot Traffic from Turkey
Sentinel scores every visitor's network in real time — flagging VPN exit nodes, residential proxies, datacenter ASNs, and headless browsers originating from Turkey. Free API. Under 40ms. No CAPTCHAs.
Why Turkey traffic needs special scrutiny
Datacenter ASN concentration
Turkey is Türk Telekom and Turkcell consumer ranges fuel a significant share of bypass-driven VPN traffic into the EU.
Residential proxy resale
Consumer ISP ranges in Turkey can appear in commercial or peer-to-peer residential proxy pools. A consumer ISP label is not proof of fraud; combine it with device, session, and routing signals.
VPN exit-node clustering
The same handful of hosting providers dominate VPN exit nodes in Turkey. Sentinel maintains live mappings of these ranges so a new IP from a known VPN ASN is flagged within seconds of going live.
Antidetect browser usage
Multi-accounting fraud against Turkish-targeted SaaS, fintech, and e-commerce increasingly uses Kameleo, GoLogin, or AdsPower to spoof device fingerprints. Sentinel scores these at the device layer, not the IP layer.
What Sentinel detects for Turkey traffic
- Every major VPN provider's Turkish exit nodes (NordVPN, ExpressVPN, ProtonVPN, Mullvad, Surfshark, and 40+ more)
- Commercial or peer-to-peer residential proxy pools using consumer Turkish IPs
- Datacenter ASNs commonly used for automation (AWS, GCP, Azure, OVH, Hetzner, DigitalOcean, Vultr, Linode)
- Tor exit nodes and known anonymous relays advertising Turkish geolocations
- Headless browsers (Puppeteer, Playwright, Selenium) and antidetect tooling driving sessions from Turkey
- Country-spoofing — when a session claims to be in Turkey but the network telemetry says otherwise
VPN use & data rules in Turkey
Turkey's KVKK (Law No. 6698) governs personal data, with controllers registering under VERBIS; fraud-prevention processing fits its legitimate-interest provisions much like the GDPR. The practical nuance for risk teams: Turkey has some of the highest consumer VPN adoption in the world, because residents routinely use VPNs to reach throttled or restricted platforms. A VPN flag from Turkish traffic is therefore a weak fraud signal by itself — hard-blocking VPNs there will reject large numbers of legitimate customers. The pattern that works: treat VPN-only sessions from Turkey as review rather than block, and reserve hard blocks for sessions where device-layer evidence (antidetect tooling, automation, emulators) stacks on top of the network signal.
One API call. Bearer token. Done.
const r = await fetch('https://sntlhq.com/v1/evaluate', {
method: 'POST',
headers: { 'Authorization': 'Bearer sk_live_...' },
body: JSON.stringify({ token: sentinelToken })
});
const { decision, country, network } = await r.json();
if (country === 'TR' && network.vpn) blockOrChallenge();
Stop Turkish VPN, proxy & bot fraud today
Free tier: 1,000 requests/hour. No card, no expiry. Detects VPN, residential proxy, datacenter, and bot traffic from Turkey and 195 other countries.