Enterprise bot & online-fraud protection

DataDome

DataDome is an enterprise bot and online-fraud protection platform that sits inline in front of websites, mobile apps, and APIs, evaluating every request in real time at the edge. It deploys as modules or integrations at the CDN, web server, or application layer, plus SDKs for native mobile apps, and returns an allow, challenge, or block decision within milliseconds. It is especially common on European e-commerce, classifieds, and marketplace properties - in our registry it appears on sites such as Leboncoin, Allegro, Etsy, Idealista, and Fnac.

How it decides what to block

DataDome scores traffic in layers, and much of the decision happens before any challenge is rendered. The first layer is IP and network reputation: the origin ASN, whether the address belongs to a datacenter or hosting range, and the address's history across DataDome's whole customer network feed a server-side risk score on every request. On top of that it fingerprints the connection and client - TLS handshake characteristics, HTTP header ordering and protocol behavior, and a JavaScript sensor (or mobile SDK) that collects browser and device properties and checks them for internal consistency, which is how mismatches typical of headless browsers and automation frameworks surface. Behavioral signals such as interaction patterns and navigation cadence refine the score over a session, and requests that land in the uncertain middle receive a challenge (DataDome's own CAPTCHA or a proof-of-work style device check) rather than an outright block.

What IP class it takes

Because DataDome weighs IP reputation before anything else, datacenter ranges are typically blocked wholesale, and heavily pooled or previously abused residential ranges are increasingly pre-flagged as well. For legitimate large-scale collection against this class of protection, real mobile-carrier IPs are generally the most durable class: CGNAT means each address is shared with large numbers of genuine phone users, making it the hardest class to blocklist wholesale - which is why proxies.sx runs physically-owned carrier modems plus an opt-in paid peer network with auditable provenance. In all cases, respect robots.txt, the target site's Terms of Service, and applicable law, and collect only data you are permitted to collect.

Sites observed using DataDome

Observed via public response signatures, reviewed July 2026. Read-only reference.

Responsible use. This is a technical reference to how a protection technology works, not a guide to defeating it. Respect each site's robots.txt, Terms of Service and applicable law, and collect only data you are permitted to.

Frequently asked questions

Does DataDome decide before showing a CAPTCHA?

Yes. A large share of its verdicts are made server-side from IP reputation, TLS and HTTP fingerprints, and prior network history, so clearly automated traffic can be blocked outright without any challenge ever rendering. Challenges are reserved for requests whose risk score falls in the uncertain middle.

Does DataDome protect APIs and mobile apps, not just websites?

Yes. Because enforcement happens server-side at the edge, API endpoints and mobile backends are covered even where no JavaScript runs, and native SDKs contribute device-level signals from mobile apps. This is why traffic that skips the browser entirely is still evaluated.

Why do datacenter proxies perform poorly against DataDome?

Datacenter and hosting ASNs carry almost no legitimate consumer browsing, so their ranges are easy to classify and are typically rejected on reputation alone, before fingerprinting or behavior is even considered. Consumer-grade address space - particularly carrier CGNAT ranges shared with many real users - cannot be blocklisted wholesale without heavy collateral damage to legitimate visitors.