22 categories of cybersecurity data. One price. Complete privacy.
22 categories of curated cybersecurity data - from IP intelligence and bot fingerprints to WAF rules and email blacklists. Self-hosted, so your users' data stays yours.
Six pillars of protection
From IP-level blocking to network fingerprinting - the data you need to identify and reduce fraud, bots, and abuse across your application.
IP Intelligence
Datacenter, VPN, proxy, CDN, serverless, and Tor IP ranges for identifying non-human traffic.
- 75 datacenter providers (AWS, Azure, GCP, Hetzner, etc.)
- 20 VPN providers (NordVPN, ExpressVPN, Mullvad, etc.)
- 10 residential proxy networks (BrightData, Oxylabs, etc.)
- 12 CDN networks, 10 serverless platforms
- Open proxies (HTTP, HTTPS, SOCKS4, SOCKS5)
- Tor exit nodes, relay nodes & proxy list
Threat Intelligence
10 categories of known threat IPs: botnets, brute force, phishing, spam, bulletproof hosting, and more.
- Active attack source IPs
- Botnet C2 command servers
- Brute force attackers (RDP, SSH, SMTP)
- Bulletproof hosting providers
- Compromised hosts & phishing IPs
- Spamhaus DROP list integration
Bot & Crawler Detection
Search engine bots, AI crawlers, user agents, and internet scanners - know exactly what visits your site.
- 10 search engine bots (Google, Bing, Apple, etc.)
- 8 AI crawlers (GPTBot, ClaudeBot, Perplexity, etc.)
- Bad bots, fake browsers & scraper user agents
- Vulnerability scanner signatures
- 5 internet scanners (Shodan, Censys, etc.)
- Good bot vs bad bot classification
Email & Domain Security
Disposable email domains, spam sources, phishing TLDs, bad referrers, and SMTP blacklists.
- Disposable/temporary email domains
- Spam email domains
- University email domains (US & UK)
- SMTP blacklists (open relays, spam, phishing)
- Suspicious newly registered domains (NRD)
- URL shorteners & dynamic DNS domains
TLS/HTTP Fingerprinting
JA3, JA4, and HTTP/2 fingerprints to identify bots by their network signature, not just IP.
- JA3 bot fingerprints (known bot hashes)
- JA3 legitimate browser fingerprints
- JA4 next-gen fingerprints
- HTTP/2 connection fingerprints
- HTTP header order analysis (bots vs browsers)
- Client identification by TLS handshake
WAF Rules & Geo-Blocking
Ready-made WAF regex patterns and country IP ranges for comprehensive application protection.
- SQL Injection patterns (UNION SELECT, OR 1=1, etc.)
- XSS patterns (<script>, onerror=, etc.)
- RCE & LFI/RFI detection patterns
- Scanner signature patterns
- Protocol anomaly detection
- 22 country IP ranges for geo-blocking
All 22 data categories, one price
No feature gating, no tiers. IP intelligence, threat feeds, WAF rules, fingerprints, email blacklists, and more - all included in a single plan.
Datacenters
75 providersIP ranges of datacenter providers (AWS, Azure, GCP, Hetzner, DigitalOcean, OVH, and 69 more)
CDN
12 providersIP ranges of CDN networks (CloudFront, Cloudflare, Fastly, Akamai, and more)
VPN Providers
20 providersIP addresses of VPN servers (NordVPN, ExpressVPN, Surfshark, ProtonVPN, Mullvad, and more)
DNS Providers
8 providersIP addresses of public DNS resolvers (Google DNS, Cloudflare DNS, Quad9, and more)
DNS-over-HTTPS
2 listsDoH domains and endpoints for identifying encrypted DNS traffic
Search Engine Crawlers
10 botsIPs of legitimate search engine bots (GoogleBot, Bingbot, Applebot, and more)
AI Crawlers
8 botsIPs of AI training bots (GPTBot, ClaudeBot, Perplexitybot, ByteSpider, and more)
Serverless Platforms
10 platformsIP ranges of serverless services (AWS Lambda, Cloudflare Workers, Vercel, and more)
Residential Proxies
10 providersIPs of residential proxy networks (BrightData, Oxylabs, SmartProxy, and more)
Open Proxies
6 typesOpen proxy lists by type: HTTP, HTTPS, SOCKS4, SOCKS5, anonymous, and transparent
Tor Network
3 listsTor exit nodes, relay nodes, and combined proxy list
Threats
10 categoriesKnown threat IPs: attack sources, botnets, brute force, phishing, spam, and more
Countries
22 countriesIP ranges by country for geo-blocking (US, DE, GB, FR, RU, CN, BG, and 15 more)
Domains
7 listsSuspicious domains: phishing TLDs, bad referrers, dynamic DNS, URL shorteners, NRD monitoring
User Agents
4 listsBot user agents: bad bots, fake browsers, scrapers & automation tools, vulnerability scanners
Internet Scanners
5 servicesIPs of internet scanning services (Shodan, Censys, BinaryEdge, ShadowServer)
Email Lists
5 listsDisposable email domains, spam domains, and university email domains (US & UK)
SMTP Blacklists
6 listsMail server protection: open relays, spam relays, compromised servers, phishing senders
ASN Data
6 categoriesASN numbers linked to VPNs, residential proxies, bulletproof hosting, cloud abuse, and spam
TLS/HTTP Fingerprints
6 listsJA3/JA4 hashes and HTTP/2 fingerprints for bot identification by network signature
WAF Rules
6 categoriesRegex patterns for SQLi, XSS, RCE, LFI/RFI, scanner signatures, and protocol anomalies
Website DDoS IPs
1 listIP addresses that have participated in DDoS attacks against websites
Why teams add AntiProxies to their stack
AntiProxies isn't meant to replace your WAF, reCAPTCHA, or firewall - it's the threat intelligence layer underneath them. Other API solutions charge per query, gate features behind tiers, and route your user data through their servers. We don't.
| Feature | AntiProxies | IPQualityScore | Fingerprint | SEON | ProxyCheck |
|---|---|---|---|---|---|
| VPN Detection | |||||
| Database covering 1,000+ commercial VPN providers with monthly updates. Identify users hiding behind VPN services in real time. 1,000+ VPN providers tracked | |||||
| Proxy Detection | |||||
| Covers datacenter and residential proxies alike. Our lists include open proxies, SOCKS proxies, and HTTP/HTTPS proxies worldwide. Datacenter + residential coverage | |||||
| Tor Detection | |||||
| Continuously updated list of Tor exit nodes and bridge relays. Detect anonymized traffic before it reaches your application. Exit node monitoring, updated monthly | |||||
| Residential Proxy Detection | |||||
| Residential proxies are the hardest threat to detect because they use real ISP IPs. Our database identifies known residential proxy networks. Hardest threat vector covered | |||||
| Disposable Email Detection | |||||
| Block signups from throwaway email services. Our domain list is one of the largest available, covering mainstream and obscure providers. 148,484 disposable domains tracked | |||||
| Bot Detection | |||||
| Identify automated traffic using datacenter IP ranges and known bot signatures. Distinguish good crawlers from malicious scrapers. Bot fingerprinting via IP intelligence | |||||
| Device Fingerprinting | |||||
| Not our approach. Device fingerprinting requires client-side JavaScript that collects user data - we believe in privacy-first detection. Privacy-first: no client-side tracking | |||||
| Social Media Lookup | |||||
| Not our approach. Social media lookups expose user identities to third parties - incompatible with a privacy-first architecture. Privacy-first: no identity lookups | |||||
| Privacy-First Option | |||||
| Your user data never leaves your servers. Download our databases and query them locally - no API calls, no data sharing, full GDPR compliance. Zero data leaves your infrastructure | |||||
| No Per-Query Fees | |||||
| One flat price for unlimited local queries. No metered billing, no surprise invoices, no throttling - just €99/year for everything. Flat €99/year, unlimited queries | |||||
| No Feature Gating | |||||
| All categories are included in every plan. No tiers, no add-ons, no upsells - IP intelligence, threats, WAF rules, fingerprints, email security, and more. All 22 categories included | |||||
Last 24 hours
Last updated: February 2026. Something wrong? Let us know.
More data, lower cost, complete privacy. 200+ services tracked across 22 categories - all for €99/year. And unlike every competitor, your users' data never touches our servers.
Compare PricingZero data exposure
Your users' data never leaves your servers. No API calls, no third-party sharing. GDPR compliant by design.
€99/year - everything
All 22 categories, unlimited servers, zero per-query fees. 30-day money-back guarantee.
Works everywhere
Ready-made formats for Nginx, Apache, HAProxy, Caddy, iptables, Cloudflare, and more. CSV & JSON for database imports. Custom formats on request.
Why teams choose AntiProxies
No surprises on your invoice
€99/year gets you all 22 categories. No tiers, no add-ons, no hidden fees.
Privacy-first architecture
Every query runs on your servers. No API calls, no data sharing. Built for teams that take GDPR and user privacy seriously.
Updated monthly, not last quarter
Threat data goes stale fast. We refresh every database monthly so you're blocking threats discovered this month, not ones from last quarter.
Tested before every release
Every database is verified against known threats before it ships. No silent regressions, no untested drops - just clean, accurate data on a predictable schedule.
Integrate in minutes, not weeks
Ready-made formats for Nginx, Apache, HAProxy, Caddy, Traefik, iptables, Cloudflare, and more. CSV & JSON for database imports. No SDKs, no vendor lock-in. Custom formats on request.
€99/year - all included
One price for every database, unlimited servers, and a full year of monthly updates. No per-query fees.
Ready to strengthen your defenses?
All 22 categories. €99/year. 30-day money-back guarantee. Ready-made formats for any stack — web servers, firewalls, databases, and more.