svoboda.center Logo svoboda.center

Setting up antidetect environment | Anti-Anti-Fraud Part 1

Private VPN — just $1.2/mo

What are we doing?
What is Javascript Fingerprinting?
And what is IP reputation?
Okay, but what do we do about it?
Where to get a clean IP?
Antidetect browser
Am I good now?
What’s next?

What are we doing?

Lets imagine you want to create a lot of social media accounts like X/Twitter, Facebook or Youtube. Or anonymously sign up to Gmail. Or may be you want to create multiple Amazon or Ebay accounts for some totally not nefarious reason. There are systems we will call “Anti-Fraud”, they detect users who are trying to violate rules. How?
Behold, two best friends of Anti-Fraud: Javascript Fingerprinting and IP reputation.

What is Javascript Fingerprinting?

Your browser has some access to underlying system environment. Fingerprinting is a technique used to identify users by checking browser and device characteristics and combining them into some unique value. This value is now you. No amount of clearing cookies nor changing IPs will help you.

And what is IP reputation?

VPNs and other types of server proxies are easily detected by a simple IP lookup. Try it yourself: ipdata.co, see if your IP is clean. If you are not behind any proxy, your trust score is probably gonna be close to 100. However, if you are using some kind of publicly available anonymizer like public VPN or Tor, your trust score is gonna be 0. If you are labeled as an “Attacker”, forget about using the internet, you will be blocked by every firewall you meet like a second-class citizen.

To prevent being flagged by anti-fraud solutions, you must use residential or mobile proxies. A residential proxy is a type of proxy that uses an IP address provided by an ISP to a household. They are good because no one expects the average Joe to be evil on the internet. Mobile proxies are… mobile, they use mobile IPs. Mobile IPs are really scarce so it’s possible for multiple people to have the same IP in the same city, which makes it ideal for appearing like a well-mannered citizen.

Okay, but what do we do about it?

Lots of smart and curios minds worked on theory of bypassing anti-fraud and they came up with few solutions that, if combined, ensure almost guaranteed success of bypassing anti-fraud detection (at least technical; we will talk about bypassing behavioural/pattern-based detection in another post).

Where to get a clean IP?

Let’s go over my favorite places to buy proxies!
SX.org is a great place to buy proxies by bandwidth. It’s about 5-6$ per 1GB of traffic. They sell mobile, residential and server proxies. You can target by city and internet provider. XMR/Monero is accepted. Second one is PiaProxy. It’s a chinese-owned company with a quadrillion of very cheap clean residential proxies (they are, of course, ethically sourced). If you ever used 911 S5 Proxy, it’s essentially the same thing.

Ok, we bought our proxies, let’s setup the browser.

Antidetect browser

To fight JS fingerprinting we should set up an antidetect browser.
There are multiple products on the market, I prefer to use Dolphin Anty - you should use it too because:

  1. It’s free for up to 5 profiles (that’s generous)
  2. It’s really good at bypassing anti-fraud
  3. Pretty good UI
  4. Easy to automate: browser API (for devs), Scripting (for no-code automation)

Go to the Dolphin Anty website, sign up, download the app, sign in inside of the app. Their system may require an email OTP to confirm the user owns the account, so do not sign up using some one-time email service.

Create a new profile

Create a new profile by clicking on a “plus” button, keep everything unchanged except profile name and proxy settings. If you get lost, here is a guide from Dolphin Anty itself: Guide

The browser profile OS defaults to the host system; ALWAYS LEAVE THIS UNCHANGED. Also, do not change Profile Type, it will only make things worse.

Proxy settings

If you are using SX.org, just paste their full socks5:// string there.
If you are using PiaProxy, go in the PiaProxy app, find a proxy, right click on it and then “Forward Port to Proxy” > Select any port; let’s say it’s 40000. In Dolphin’s profile proxy settings, type socks5://127.0.0.1:40000 (port must match with port in PiaProxy).

Am I good now?

Launch created profile.
Go to https://pixelscan.net, run a check. If something is wrong - fix it.
Go to ipdata.co, check if your trust is good. If it’s not - change IP.

What’s next?

If you want to check out how to create an anonymous GMail account, read part 2.

If you want to support us, you can donate here: Donate