Bots & Security Glossary
Security and threat intelligence terms explained. From bots and proxies to VPN detection and credential stuffing, understand the concepts that matter for protecting your platform.
Privacy & Anonymity
Backconnect Proxy
A backconnect proxy automatically rotates the outgoing IP address on each request or at set intervals, making it extremely difficult to track or block the user by IP.
Read moreDatacenter Proxy
A datacenter proxy uses an IP address from a cloud hosting or colocation provider rather than a residential ISP. They are fast and inexpensive but easier to detect than residential proxies.
Read moreProxy Server
A proxy server acts as an intermediary between a client and a destination server, forwarding requests on the client's behalf. Proxies can mask IP addresses, cache content, or filter traffic.
Read moreResidential IP
An IP address assigned by an Internet Service Provider to a home or mobile user, generally considered more trustworthy than datacenter IPs but increasingly exploited through residential proxy networks.
Read moreResidential Proxy
A residential proxy routes traffic through an IP address assigned by an ISP to a real household, making the traffic appear to come from a genuine home internet connection.
Read moreSOCKS Proxy
A SOCKS proxy operates at the transport layer and can handle any type of network traffic, not just HTTP. SOCKS5, the latest version, also supports UDP traffic and authentication.
Read moreTor Network
The Tor Network routes internet traffic through multiple encrypted relays to anonymize the user's identity and location. It is used for privacy but also abused for malicious activities.
Read moreVPN (Virtual Private Network)
A VPN encrypts internet traffic and routes it through a remote server, masking the user's real IP address and location. VPNs are widely used for privacy, but also exploited to bypass geo-restrictions and evade detection.
Read moreZero-Day Proxy
A proxy server or IP address that is too new to appear in any known blocklist or threat intelligence database, making it temporarily invisible to IP-based detection systems.
Read moreThreats
Account Takeover
Account takeover (ATO) occurs when an attacker gains unauthorized access to a user's account, typically through credential stuffing, phishing, or social engineering, and exploits it for fraud.
Read moreBot
A bot is an automated software program that performs tasks on the internet. Bots can be benign (like search engine crawlers) or malicious (like credential stuffing tools and scraping bots).
Read moreClick Fraud
The practice of artificially inflating ad clicks using bots or coordinated human activity to drain competitors' advertising budgets or generate fraudulent publisher revenue.
Read moreCredential Stuffing
Credential stuffing is an attack where stolen username-password pairs from data breaches are automatically tested against other services, exploiting the fact that many people reuse passwords.
Read moreDDoS (Distributed Denial of Service)
A DDoS attack overwhelms a target server or network with a flood of traffic from many distributed sources, rendering the service unavailable to legitimate users.
Read moreMulti-Accounting
Multi-accounting is the practice of a single person creating and operating multiple accounts on a platform, often to abuse promotions, manipulate reviews, or evade bans.
Read moreWeb Scraping
Web scraping is the automated extraction of data from websites. While it has legitimate uses in research and analytics, it is frequently used to steal content, pricing data, and competitive intelligence.
Read moreDetection & Defense
Browser Fingerprinting
A technique that identifies users by collecting unique characteristics of their browser and device configuration, such as screen resolution, installed fonts, and WebGL rendering.
Read moreCAPTCHA
A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a challenge-response test used to determine whether a user is human, commonly deployed on login pages and forms to block bots.
Read moreDevice Fingerprinting
Device fingerprinting collects attributes of a user's browser and device (screen resolution, installed fonts, WebGL renderer, etc.) to create a unique identifier, enabling tracking and fraud detection without cookies.
Read moreGeoIP
The process of determining the geographic location of a device based on its IP address, used for content localization, access control, and fraud detection.
Read moreHoneypot
A honeypot is a decoy system or hidden form field designed to attract and detect automated attacks. In web security, hidden fields that only bots fill out are used to identify non-human traffic.
Read moreIP Blocklist
A curated list of IP addresses known to be associated with malicious activity, spam, or abuse, used to block or flag traffic from those addresses.
Read moreIP Reputation
IP reputation is a score or classification assigned to an IP address based on its historical behavior, ownership, and association with malicious activity. It helps assess the trustworthiness of incoming connections.
Read moreRate Limiting
Rate limiting restricts the number of requests a client can make to a server within a given time window. It is a fundamental defense against brute-force attacks, scraping, and API abuse.
Read moreThreat Intelligence
Organized, analyzed data about current and emerging cyber threats, used to inform security decisions and proactively defend against attacks.
Read moreDisposable Email
A disposable email address is a temporary, single-use email address that requires no registration. They are commonly used to bypass email verification during sign-up and enable multi-accounting.
Read moreDMARC
Domain-based Message Authentication, Reporting, and Conformance - an email authentication protocol that builds on SPF and DKIM to prevent domain spoofing and phishing.
Read moreEmail Alias
A variation or forwarding address derived from a primary email account, often using plus-addressing (user+tag@gmail.com) or dot tricks, commonly exploited to create multiple accounts from a single inbox.
Read moreEmail Verification
Email verification is the process of confirming that an email address is valid, deliverable, and belongs to the person registering an account. It typically involves sending a confirmation link or code.
Read moreSPF/DKIM
SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are email authentication protocols that verify the sender's identity and prevent email spoofing and phishing.
Read moreWant to see what's in the database?
Download once, query as many times as you need. €99/year for all 22 databases, unlimited servers, and a full year of monthly updates. No usage limits, no per-query fees, no data leaving your servers.