- Joined
- 26.12.23
- Messages
- 223
- Reaction score
- 3,558
- Points
- 93
Understanding Antidetection: A Beginners Guide to Antidetects Pt 1
Ever wondered how big players stay under the radar? It's all about antidetect software, dipshits.
Look, if you're still raw-dogging the internet from a single browser profile, you might as well hand over your fucking identity to the fraud algorithms on a silver platter. Antidetect is not a just a privacy tool. It's a way to have multiple running identities and not have your ass caught in the crossfire.
To you, my fellow carding disciples, antidetects are like Harry Potter's Invisibility Cloak over your carding sessions. One minute you are buying dildos in Ohio; the next, you are hitting designer shit in Miami. All that is without setting those fraud alarms off. It's almost like having a new digital face with every transaction.
This guide is gonna break down why antidetects are a must if you don't want your online purchases to be put together like some neat little package for the feds. More so, understanding which antidetect to use in the next installment will help you then slip past AI antifraud systems like a digital ninja—making those Amazon algorithms give you a backstage pass. No fancy jargon, just straight talk on keeping your keeping your ass out of the fire.. Now go get a drink and let your FBI agent take a coffee break as we get started.
Why Antidetect?
Back in the day, e-commerce sites thought they were so hip with their IP-based fraud detection and neat little rule sets.
The digital world moves fast, and those primeval fraud detection methods started failing miserably. It was like watching a grandpa trying to use Snapchat: amusing at first, and then just sad.
Enter the era of browser fingerprinting. This wasn't some master plan to catch fraudsters—oh no. It was a happy little accident born from the relentless pursuit of shoving more ads in your face.
Because, while these same tech giants were beating their heads to find any other way to shove some crap down your throat that you neither wanted nor needed, they stumbled upon a goldmine of sorts with fingerprints. No longer is your browser an ordinary window to the web—it's now your digital fingerprint, as unique as the skidmarks in your underwear.
And just like that the game changed. These fingerprints werent just for tailoring ads anymore. They became the new sherif in fraud town, making life a living hell for anyone trying to pull a fast one online. And that my friends, is exactly why we need to up our game with antidetect software.
Which Signals Form a Fingerprint, and How Important are They?
Now that we understand why these are such a big fucking deal, lets dissect what actually goes into making them. Spoiler alert: its a lot more than you think.
Heres the full lineup of snitches in your browser:
User Agent: Your browsers ID card, spilling details on browser type, version and OS.
Screen Resolution and Color Depth: Your monitors specs on display.
Installed Fonts: Even that weird font you downloaded once is tattling.
Installed Plugins: Every add-on is another breadcrumb.
Time Zone: Your local time, served up on a silver platter.
Language Settings: Your linguistic preferences are now public knowledge.
Do Not Track Setting: Ironically, even your privacy preferences are part of your fingerprint.
Canvas Fingerprinting: How your browser renders graphics can be unique as fuck.
WebGL Fingerprinting: Your GPUs rendering quirks are now identifiers.
Audio Context: Even how your system processes audio can be a telltale sign.
Hardware Concurrency: Your CPU core count is apparently everyones business.
Battery Status: Yes, even your battery life is part of this digital striptease.
TLS Fingerprint: Your browsers secure connection handshake is like a digital signature.
HTTP/2 Fingerprint: Yet another identifier on how your browser implements this protocol.
Here's a sample FP response by a popular fingerprinting library, FingerprintJS:
JSON:
{
"products": {
"identification": {
"data": {
"visitorId": "R7hFv3Xzj9Pl2Kopw8YqM",
"requestId": "27302839kg348947.jbLomu",
"browserDetails": {
"browserName": "Firefox",
"browserMajorVersion": "89",
"browserFullVersion": "89.0.2",
"os": "Windows",
"osVersion": "10.0",
"device": "Desktop",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0"
},
"incognito": false,
"ip": "192.168.1.1",
"ipLocation": {
"accuracyRadius": 30,
"latitude": 40.7128,
"longitude": -74.0060,
"postalCode": "10001",
"timezone": "America/New_York",
"city": {
"name": "New York"
},
"country": {
"code": "US",
"name": "United States"
},
"continent": {
"code": "NA",
"name": "North America"
}
},
"timestamp": 2730283947823,
"time": "2024-07-28T20:15:30Z",
"url": "https://example.com/demo",
"tag": {},
"confidence": {
"score": 0.9
},
"visitorFound": false,
"firstSeenAt": {
"global": "2024-07-28T20:12:45.123Z",
"subscription": "2024-07-28T20:12:45.123Z"
},
"lastSeenAt": {
"global": "2024-07-28T20:15:27.987Z",
"subscription": "2024-07-28T20:15:27.987Z"
}
}
},
"botd": {
"data": {
"bot": {
"result": "notDetected"
},
"url": "https://example.com/demo",
"ip": "192.168.1.1",
"time": "2024-07-28T20:15:30.456Z",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0",
"requestId": "2730283947823.jbLomu"
}
},
"rootApps": {
"data": {
"result": false
}
},
"emulator": {
"data": {
"result": false
}
},
"ipInfo": {
"data": {
"v4": {
"address": "192.168.1.1",
"geolocation": {
"accuracyRadius": 30,
"latitude": 40.7128,
"longitude": -74.0060,
"postalCode": "10001",
"timezone": "America/New_York",
"city": {
"name": "New York"
},
"country": {
"code": "US",
"name": "United States"
},
"continent": {
"code": "NA",
"name": "North America"
}
},
"asn": {
"asn": "12345",
"name": "Example ISP",
"network": "192.168.1.0/24"
},
"datacenter": {
"result": false,
"name": ""
}
}
}
},
"ipBlocklist": {
"data": {
"result": false,
"details": {
"emailSpam": false,
"attackSource": false
}
}
},
"tor": {
"data": {
"result": false
}
},
"vpn": {
"data": {
"result": true,
"originTimezone": "America/New_York",
"originCountry": "unknown",
"methods": {
"timezoneMismatch": true,
"publicVPN": true,
"auxiliaryMobile": false,
"osMismatch": false
}
}
},
"proxy": {
"data": {
"result": false
}
},
"incognito": {
"data": {
"result": false
}
},
"tampering": {
"data": {
"result": false,
"anomalyScore": 0
}
},
"clonedApp": {
"data": {
"result": false
}
},
"factoryReset": {
"data": {
"time": "1970-01-01T00:00:00Z",
"timestamp": 0
}
},
"jailbroken": {
"data": {
"result": false
}
},
"frida": {
"data": {
"result": false
}
},
"privacySettings": {
"data": {
"result": false
}
},
"virtualMachine": {
"data": {
"result": false
}
},
"rawDeviceAttributes": {
"data": {
"applePay": {},
"architecture": {
"value": 64
},
"audio": {
"value": 123.45678901234567
},
"canvas": {
"value": {
"Geometry": "a1b2c3d4e5f67890abcdef1234567890",
"Text": "1234567890abcdef1234567890abcdef",
"Winding": true
}
},
"colorDepth": {
"value": 24
},
"colorGamut": {
"value": "srgb"
},
"contrast": {
"value": 0
},
"cookiesEnabled": {
"value": true
},
"cpuClass": {},
"deviceMemory": {},
"domBlockers": {
"value": []
},
"emoji": {
"value": {
"bottom": 32,
"font": "-webkit-standard",
"height": 18,
"left": 8,
"right": 1688,
"top": 14,
"width": 1680,
"x": 8,
"y": 14
}
},
"fontPreferences": {
"value": {
"apple": 121.72265625,
"default": 147.5625,
"min": 9.22265625,
"mono": 132.62158203125,
"sans": 144.0078125,
"serif": 147.5625,
"system": 146.09375
}
},
"fonts": {
"value": [
"Arial",
"Courier New",
"Times New Roman",
"Verdana"
]
},
"forcedColors": {
"value": false
},
"hardwareConcurrency": {
"value": 4
},
"hdr": {
"value": false
},
"indexedDB": {
"value": true
},
"invertedColors": {
"value": false
},
"languages": {
"value": [
[
"en-US"
],
[
"en-GB"
]
]
},
"localStorage": {
"value": true
},
"math": {
"value": "abcdefghijk1234567890lmnopqrstuv"
},
"mathML": {
"value": {
"bottom": 26,
"font": "-webkit-standard",
"height": 18,
"left": 8,
"right": 294.949462890625,
"top": 8,
"width": 286.949462890625,
"x": 8,
"y": 8
}
},
"monochrome": {
"value": 0
},
"openDatabase": {
"value": false
},
"osCpu": {},
"pdfViewerEnabled": {
"value": true
},
"platform": {
"value": "Win32"
},
"plugins": {
"value": [{
"description": "Portable Document Format",
"mimeTypes": [{
"suffixes": "pdf",
"type": "application/pdf"
},
{
"suffixes": "pdf",
"type": "text/pdf"
}
],
"name": "PDF Viewer"
},
{
"description": "Portable Document Format",
"mimeTypes": [{
"suffixes": "pdf",
"type": "application/pdf"
},
{
"suffixes": "pdf",
"type": "text/pdf"
}
],
"name": "Chrome PDF Viewer"
},
{
"description": "Portable Document Format",
"mimeTypes": [{
"suffixes": "pdf",
"type": "application/pdf"
},
{
"suffixes": "pdf",
"type": "text/pdf"
}
],
"name": "Chromium PDF Viewer"
},
{
"description": "Portable Document Format",
"mimeTypes": [{
"suffixes": "pdf",
"type": "application/pdf"
},
{
"suffixes": "pdf",
"type": "text/pdf"
}
],
"name": "Microsoft Edge PDF Viewer"
},
{
"description": "Portable Document Format",
"mimeTypes": [{
"suffixes": "pdf",
"type": "application/pdf"
},
{
"suffixes": "pdf",
"type": "text/pdf"
}
],
"name": "WebKit built-in PDF"
}
]
},
"privateClickMeasurement": {
"value": "1"
},
"reducedMotion": {
"value": false
},
"screenFrame": {
"value": [
0,
0,
1920,
1080
]
},
"screenResolution": {
"value": [
1920,
1080
]
},
"sessionStorage": {
"value": true
},
"timezone": {
"value": "America/New_York"
},
"touchSupport": {
"value": {
"maxTouchPoints": 0,
"touchEvent": false,
"touchStart": false
}
},
"vendor": {
"value": "Google Inc."
},
"vendorFlavors": {
"value": [
"chrome"
]
},
"webGlBasics": {
"value": {
"renderer": "ANGLE (NVIDIA GeForce GTX 1060 6GB Direct3D11 vs_5_0 ps_5_0)",
"rendererUnmasked": "NVIDIA GeForce GTX 1060 6GB",
"shadingLanguageVersion": "WebGL GLSL ES 1.0 (1.0)",
"vendor": "Google Inc.",
"vendorUnmasked": "NVIDIA Corporation",
"version": "WebGL 1.0"
}
},
"webGlExtensions": {
"value": {
"contextAttributes": "46e830ae802ba2dca7ed36e8728edf4fc",
"extensionParameters": "ad3c5e18ff8aad8749c171c688ca10b0a",
"extensions": "31dde29caef2090e69bdae13889774fa",
"parameters": "b4d458f59193d4badfzb2417418dfd37b",
"shaderPrecisions": "f223dfbcd58v0cf142da156d93790eb83"
}
}
}
},
"highActivity": {
"data": {
"result": false
}
},
"locationSpoofing": {
"data": {
"result": false
}
},
"suspectScore": {
"data": {
"result": 5
}
},
"remoteControl": {
"data": {
"result": false
}
},
"velocity": {
"data": {
"distinctIp": {
"intervals": {
"5m": 1,
"1h": 1,
"24h": 1
}
},
"distinctLinkedId": {},
"distinctCountry": {
"intervals": {
"5m": 1,
"1h": 1,
"24h": 1
}
},
"events": {
"intervals": {
"5m": 5,
"1h": 5,
"24h": 5
}
}
}
},
"developerTools": {
"data": {
"result": false
}
}
}
Now, don't crap your pants just by seeing that list. Each of these signals isn't of equal weight when it comes to actually identifying you. Which is why it will mainly depend on where you end up on entropy, which is just a measure of how unique and identifying each of these factors is.
High entropy means that a signal is more unique and, therefore, more useful for identification. Low entropy? It's as common as dirt and pretty useless to help pin you down specifically. Take screen resolution—if you're running a bog-standard 1920x1080, you're just another fish in the sea. But with some weird-ass ultrawide setup? You're sticking out like a sore thumb, and the vacuum you carded from months ago will haunt your forever as you keep getting declined on Amazon.
Here's where it gets interesting: context matters. Certain high-entropy signals become much less valuable under particular conditions. Canvas fingerprinting, for example, can be very identifying if you are using some kind of unique device. But if it turns out you are spoofing an iPhone browser? Well, all of a sudden, you are just another one in a crowd of millions of iPhone users.
So which ones should you focus on? Target these high-entropy signals, which are hardest to duplicate en masse (except for Apple, because Apple is the fucking gigachad of privacy and fraud tools):
Canvas and WebGL Fingerprinting
Font and Plugin Combinations
Audio Context
Fraud detection systems correlates all this fingerprint soup with purchases and activities. They look for patterns, anomalies, and sudden changes. If you usually buy crap in Ohio using a certain type of fingerprint, but then that fingerprint is used to make high-value purchases from Miami, well, now you have problems.
Such systems use statistical models and machine learning algorithms to take decisions about which transactions to flag or reject. This is not merely based on individual signals but all of them taken together. You might say it's a kind of digital polygraph, where every slight deviation from your "normal" pattern is enough to trigger suspicion.
That's why simply changing your IP or flushing cookies no longer works. These fingerprinters weave a sophisticated tapestry of data points. When combined, they create a picture as unique as your drunk selfies.
That is why you need antidetect browsers. They do not mask an IP address only; they form completely new, meaningful prints for all these signals. This is a digital face transplant every session.
The rub, though, is this: not all antidetecs are created equal. Some are precision tools, finely tuned for specific sites. Others are about as useful as a snow shovel in the desert. An antidetect may differ radically in terms of efficacy when dealing with different target sites and applied fingerprinting techniques.
Now that we have the lowdown on the basics, let's see this in a bit more detail.
How do Antidetects work?
Before we start comparing antidetects like they're fucking Pokemon cards, let's break down how these bad boys actually function.
At the very core, the most antidetect browsers use Chromium; the open-source fucker that powers Google Chrome and a ton of other browsers. Think of Chromium as the skeleton that antidetects flesh out with their own special sauce. But why Chromium? Because it's hugely popular, under constant update, and comes with a shit load of customization options.
Now, here is where things get interesting: usually, antidetects fall into one of three categories.
Source-level modifiers: These bad boys dig deep, tweaking Chromium's literal source code. They are changing the browser at its very core and can create unique fingerprints to then fool detection systems of the highest sophistication.
JavaScript injectors: The lazy cousins of the antidetect world. They just run scripts to block and spoof behaviors from the browser. Sure, they can run your local pizza website, but go to Amazon or Walmart, and you've been burned quicker than you cum.
VM-Based antidetects: Such configurations fully simulate OS, hardware, as well as network environments to claim the best fingerprint adaptation, at least according to the fuckers who overhype and overcharge these antidetecs.
The real magic happens in how antidetects manage fingerprints. Top tier antidetects maintain vast databases of realworld browser configurations. When you fire up a new profile, youre essentially putting on a digital mask that perfectly mimics a legitimate user. Were talking screen resolutions, font lists, plugin configurations - everything.
Besides, some of these antidetects go further to imitate particular operating systems and hardware configurations.This isnt just about fooling a website; its about creating a consistent, believable digital persona from the ground up.
Kernel-level modifications are where the real heavy lifting happens. Some top-tier antidetects dont just change what the browser reports; they alter how the entire system interacts with the hardware. This means consistent fingerprints across every aspect - from how audio is processed to how the GPU renders WebGL. A good antidetect also doesnt just spoof a fingerprint; it maintains that fingerprint across the board. If your canvas fingerprint is mismatched with your OS, thats a red flag for fraud detection systems. The best antidetects create a persistent, believable identity that remains consistent which is why some antidetects prevent you from tweaking it too much, as doing that blindly leads to lower efficiency and success rate.
For the sources of FP: You've got your run-of-the-mill antidetects, cooking up random synthetic fingerprints, they just generate random shit combining to an even bigger shit and call it a day. Then you've got the good stuff that uses real-world fingerprints, even tapping into resources like the now closed Genesis Market, which sells actual user profiles - complete with cookies, local storage, and all. Its like identity theft, but for your browser.
Some tips
Popularity is key. Use the most common browsers and OS configurations. Be as basic as possible. Using some weird setup is equivalent to wearing a "Catch Me, Please" T-shirt during a bank robbery.
Avoid free antidetects. They're just like public toilets: overused, smelly, and full of shit. The limited fingerprint pools mean you're more likely to trip off alarms than be hidden.
Match your OS to your fingerprint. If your anti-detect claims that you are running Windows, you should have all the settings—from fonts to canvas and others—properly aligned. Everything must fall into place.
Get familiar with your target: Different sites check different signals. Study your target. Amazon might care more about your TLS fingerprint, whereas some other site would be more interested in canvas data. Tailor accordingly.
Keep consistency: do not change your fingerprint in the course of a session. It's like changing masks in the course of a robbery—something no thief wants.
Geolocation coherence: your IP, time zone, and language settings have to match. Do not be an "American" with a Russian language setting and an Australian IP.
Act like a real user: don't just hit checkout. Browse, add to and remove from your cart. Mimic the behavior of a real shopper.
Mix up your identities: Do not pound too much on the same fingerprint. Change often and especially after successful hits.
Test your setup: Before hitting bigger sites, test your antidetect on less risky websites. You want to make sure that you really are undetectable.
Update your antidetect regularly: Fingerprinting techniques evolve daily, so does the version of browsers. Ensure that your chosen tool keeps up with the race.
Remember, it's not just about having an antidetect; it's about using it smart.
To be continued...
In our next installment, well put these antidetects through the test, comparing them like racehorses at the digital race. We'll see which ones can really go all the way against the web's toughest fraud detection systems.
But for now, check this rough comparison of some popular and not-so-popular antidetects:
Browser | Price minimal | # Profiles in min. plan | Price to run 100 | # Free profiles |
---|---|---|---|---|
BitBrowser | $10 | 50 | $15 | 10 |
Loginways | $35 | 150 | $35 | - |
Hidemium | $25 | 100 | $25 | 5 |
AQUM | $20 | 50 | $60 | 5 |
GoLogin | $49 | 100 | $49 | 3 |
VM Login | $99 | 200 | $99 | - |
Vision | $29 | 50 | $79 | - |
Lalicat | $59 | 100 | $59 | - |
MuLogin | $59 | 100 | $59 | - |
Incognition | $30 | 50 | $80 | 10 |
AdsPower | $9 | 15 | $36 | 5 |
VM Mask | $12 | 20 | $45 | 2 |
Antik | $20 | 30 | $40 | - |
GenLogin | $20 | 30 | $39 | 5 |
Aezakmi | $69 | 100 | $69 | - |
Dolphin | $89 | 100 | $89 | 10 |
Clon Browser | $9 | 10 | $29 | - |
MoreLogin | $9 | 10 | $35 | 2 |
Hidemyacc | $29 | 30 | $49 | - |
Surfinite | $29 | 30 | $89 | - |
Wade | $29 | 30 | $89 | - |
Indigo | $99 | 100 | $99 | - |
Multilogin | $99 | 100 | $99 | - |
AntBrowser | $11 | 10 | $18 | - |
LAuth | $57 | 50 | $110 | - |
Sessionbox | $13 | 10 | $59 | - |
Octobrowser | $29 | 10 | $56 | - |
Iinken Sphere | $30 | 10 | $90 | - |
Remember, this table is just the tip of the iceberg; the real fun comes in the next chapter, when we test all this stuff out against real-world scenarios. Well separate the digital chameleons from the cheapo Halloween costumes.
Stay tuned, and keep your digital disguises ready. Class dismissed... for now. d0ctrine out.
Last edited: