Father
Professional
- Messages
- 2,602
- Reaction score
- 761
- Points
- 113
Navigation
0. Introduction1. And what benefit can it give me?
2. Proxy service
2.1 Server proxies
2.1.1 IPv4 and IPv6 - what is it and what is the difference?
2.2 Resident proxies
2.3 Mobile proxies
2.4* Checking the proxy
3. Logged-in sites
4. WebRTC
5. Email
6. Timezone
7. UserAgent
8. Flash
9. Geolocation
10. Cache and cookies
11. Google Backup Data
12. Click on links
13. Prints
13.1 WebGL
13.2 Canvas
13.3 Browser Fingerprint
13.4 AudioContext Fingerprint
13.5 Fonts Fingerprint
13.6 ClientRect
13.7 Ubercookies
14. Hypermarketable links
14.1 Useful resources and checkers
14.2 Proxy service
15. Conclusion
0. Introduction
So, anonymization is a key point that helps abuser create multiaccredits without bans and other problems. This is understandable. However, many people do not understand how it works, by what parameters it hides the user, and besides, site developers are also not stupid and therefore try to calculate and block such bots. I can't call myself a "fuck-up, what a PRO abuser", but I have some experience in this. Today we will find out what parameters are responsible for the user's secrecy, how to properly anonymize yourself, what exactly the site can know about you, and I will also provide enough resources to check you for a bot from the site, which you can use to understand what the error is.Despite the fact that for a large number of people, anonymization is limited by the capabilities of anti-detection browsers such as Dolphin Anty, AdsPower, Incogniton, Samara WebLab, etc., in fact, this may not be enough. Also, we will analyze why even an antique can sometimes fail and how to configure it correctly (*optimally).
Plus, I added 2 parameters to each block-section: "danger" and "occurrence": the first is responsible for how easy it is to burn you down because of this feature, and the second is how often sites use this mechanic to detect multi-hackers and the like. The rating will be conducted in both cases on a five-point scale, where, for example, 1 - "light, you can do without this", and 5 - "drugalek, if you do not use this item, then you will be
Okay, let's get to the point.
1. And what benefits can it give me?
This point of the article is purely for beginners, or for those who just want to read
Of course, knowledge in the field of anonymization and understanding how a site can track a user can be used to create multiaccounts (multiple accounts by one person), from which a person can later benefit in some way for themselves. If you just create profiles in Chrome, then any site will be able to see and block such accounts, because it does not need bots. Well, if we protect ourselves by applying the basic rules, then we will safely own these several accounts, without fear that the site will block them.
OK, let's take a look at specific examples where this really helped and came in handy:
- Personally, in my experience, multiacking helped me raise the first bank from Gleam's Impossible Finance abuz in the summer of 2021. Then I registered 400 accounts and as a result it turned out to earn ~$ 10k from this, i.e. ~$ 25 per account on average (since the whole thing worked like a lottery for earned tickets).
- Approximately the same, but already Gleam Highstreet together with Impossible Finance, where I drove ~1200 accounts, receiving ~$ 15k from 39 winning accounts.
- Just Gleams? Well, yes, because these are my most successful movies. For example, the same Gleam once hosted an imb whitelist draw on Genopets together with Impossible Finance. There, due to my incorrect approach to anonymization, none of the 36k akks (!) won, because they were sent to the shadow ban and as a result I lost about ~$5k on this. There are many other such examples, but this is the most striking one. It proves that this topic needs to be understood.
2. Proxy service
Yes, let's start with the platitudes. To begin with, a proxy is like an intermediate server between the user and the site, i.e. a proxy "contacts" the site, while hiding our true IP address and substituting its own IP instead, which the site sees.Well, now we'll go through the terminology a bit, so that I don't have to make interspersions in parentheses in the main text.
Dynamic proxies-proxies whose IP address can be changed either on a timer or on request (usually by clicking on a special link), depending on the rental service.
Static proxies-proxies whose IP address is constant and does not change.
External IP - IP proxy that sees the site
Connection IP - IP'shnik, i.e. the address by which we connect to the proxy via a PC, either through an antik, or through something else.
Individual proxies-proxies that are used only by you and cannot be accessed by an outsider.
Shared proxies - proxies that several other people use in parallel with you. Sometimes it can burn down your abuz (depending on what you abuzite), but, as a rule, they are several times cheaper than individual proxies.
Well, now, after the terminology, I would like to talk about proxy protocols. If you have ever rented a proxy, you may have noticed that you were given several ports: HTTP(S) and SOCKS(4/5). So, these are the protocols for connecting to a proxy. Let's go through them briefly...
HTTP(S) - when using this protocol, proxy servers pass only HTTP traffic through themselves, but at the same time, they add data about proxy usage to this traffic. This type of proxy may also disclose information about your real IP address. However, there are several types of such proxies:
- Transparent - they do not hide your real address, but they are not intended for complete anonymity.
- Distorting - based on the name ("distorting"), they tell the site that proxies are used, but they write random addresses in the headers.
- Anonymous-they report that a proxy is being used, but they don't give out your real IP address.
- High anonymous(sometimes "Elite") - the most anonymizing type of HTTP (S) proxy. They hide both the fact of using a proxy and your real IP address.
Everything, of course, is now about the most important thing in choosing a proxy for abuz, i.e. about their type and what each of them represents...
2.1 Server proxies
Server proxies are simple proxies that everyone is used to, they are sold on every corner. Their essence is that this is just a dedicated server that was raised by a hosting company with its own individual connection IP, which sees the site.Here everything seems to be fine, but there is one nuance:
Nuanced approach
Any site sees that you came in from the server proxy, i.e. "hosting". You can check this yourself on Pixelscan. Everything would be fine, but some sites popular with abusers block the entry of such IP'shnikov to them. Among them, there is a site that can steal the heart of any abuser: Gleam. When you try to go to any Gleam form, you will encounter such a page that says that you are using an IP from the data center and says that "you may be using a VPN" - here I will explain a little that any VPN takes such IP addresses from data centers, so if you encounter a "VPN error'a" still on some site, know that this is because of the proxy type you use.
It is also worth noting that any site can block a subnet of IP'shniks that it does not like, and then the entire pack of proxies that is related to this subnet will not be able to visit this site. Gleam also did this. Server proxies also have a definite advantage: they can be used simultaneously (in parallel) with each other.
"I'll put your dirty IP address on the site"
However, despite this, most sites do not care about this and they are happy to accept these proxies, so this is a very situational matter, but still not as situational as the next subclause.
To buy simple server proxies for 30+ rubles. I use proxy. house (usually, nothing more is needed), and "high-quality" (i.e. expensive) proxies on Proxy6 (~100 rubles), or on Proxys.io (110-170 rubles), but it's really sooo expensive, so I rarely go there
2.1.1 IPv4 and IPv6 - what is it and what is the difference?
In general, IPv4 and IPv6 are just different versions of the Internet protocol. I won't go into details, so it's just important to know that IPv6 is an older and improved version of the Internet protocol, it's newer and better than IPv4. However, only ~40% of Internet users use IPv6, as opposed to ~100% of IPv4 (these versions of the Internet protocol work in a compatible format, where one user can have both IPv4 and IPv6 simultaneously, or one user can have these versions separately, depending on the scope of application). and as a result, all sites support IPv4, but not all of them support IPv6. I think that the problem here is clear, and it consists in adoption.You can check whether the desired site supports the IPv6 protocol version on DNSChecker in the "IPv6 Fully Compatible" field.
You can buy IPv6 proxies on every corner + they are much cheaper than IPv4. I don't use them often, but you can get them all on the same sites: proxy. house (2.55-5.1 rubles), Proxys.io (6-18 rubles)
2.2 Resident proxies
Resident proxies are IP addresses that are issued by Internet service providers individually for each of their private users. So the proxy is individual. This is exactly what we use with you through our home PC. I.e. these proxies are absolutely not defined by sites as proxies, and therefore are safe for multi-hackers. In general, resident proxies are mostly static, but here, unlike server proxies, you can also find dynamic resident proxies. By the way, these proxies are already defined as "residential"by websites:
I wanted to know my ipishnik, but nooooo
However, despite all these advantages, such proxies also have a drawback: the price for them is usually much higher than for server ones. The difference can be from 2 to 10 times, depending on the service. Also, such proxies cannot be used in multithreading (i.e., when using proxies from multiple browser profiles for the same purpose at the same time), because it will be the same IP, respectively, the feature with a dynamic IP will simply be useless.
As a result, resident-something in between imba and "budget basic solution". Now let's talk about "imba": 3
Resident proxies for bourgeoisie (i.e. static ones) can be taken on Proxys.io (230-250 rubles), but I take adequate+ quality dynamic proxies on AstroProxy (~715 rubles/1 GB; any country, but payment is made for a certain amount of traffic).
2.3 Mobile proxies
Mobile proxies-proxies that are raised on modems and specialized equipment. Here is our imba within the framework of a proxy, I would say "IMBA". The funny thing is that mobile proxies, wherever you take them (but it's better to specify), you can change the IP on request, or on a timer (unfortunately, the first option is as top-end as possible, the second one can be applied very little). And another "most fun" is that they are unkillable. In general, the operator (MTS, Megafon, Beeline, etc., etc.) has a rather limited number of IP addresses available, usually several thousand or tens of thousands of IP'shnikov. At the same time, this operator has millions or, in some cases, tens of millions of subscribers. In other words, it turns out that hundreds of people can actually sit on one IP address. Thus, even if the site finds actions from any IP questionable, then when it is banned, the site will lose hundreds of people of traffic, i.e. hundreds of users. It turns out that it is simply unprofitable for the site to ban mobile IP addresses. This is their unkillability. Well, of course, they are also determined by sites in their own way:
What an imba, weewee...
Well, now about the existing disadvantages... First of all, this is, of course, the price, which is often much more than server proxies and ~2-3 times (depending on the service) more than resident ones. Also, depending on the quality of the proxy, they may be quite slow compared to others, but this is all from case to case, or from service to service.
I use only 2 platforms for renting mobile proxies: Mobileproxy (490 rubles/1 day | 990 rubles/7 days | 2490 rubles/30 days; Russia, Ukraine, Belarus, Kazakhstan, Poland, Thailand and several others are available from countries, but you need to look at availability), as well as AstroProxy (~850 rubles/1 GB of traffic). You can also try mobile phones on Proxys.io (4,300 rubles for Russia | 5,400 rubles for Ukraine | 7,500 rubles for Italy at the moment), but this is already very expensive (+I didn't test them myself).
Don't take it anywhere else, I've tried a lot of places and most of it is a mess. On the same Frigate-proxy that I used to use, mobile phones are just so-so... they change the IP whenever they want (+IP dirty, more details in the next paragraph), despite the timer, or clicking on the link.
2.4 * Proxy verification
Now it would be possible to check the IP in spam lists. Being in them can really harm the" image " of our IP and some sites may send it to a shadow or regular ban. You can check your proxy on this site. Just keep in mind that if you use resident or mobile proxies, you should check exactly the external IP that the sites see (the IP that you can see on 2ip.ru).Well, finalochka... You can check the proxy's IP address for "trust in the network", how strongly it is associated with the proxy, or the VPN. You can do this by entering the external IP address on this wonderful site. The ideal score is 0, but if it's more than that, then, in general, it's not terrible. The main thing is that the number of your points should be green - this indicates a high level of trust in this IP.
So, here we are and dealt with proxies - the first whale in the world of anonymization (that's what I came up with, yeah). I am often under large abuzas, or in cases where you just need to zab the acc and forget (since IP'shniki are constantly changing, then server or resident proxies are best suited for long-term use, but most likely mobile ones can also be used in this regard), I use mobile proxies.
Hazard: 5/5
Occurrence: 5/5
3. Logged-in sites
Okay, for many people this may be something surprising, but absolutely any site can check where you are logged in (only purposefully check a specific site). No actions are required from you. The site itself will perform the necessary operations in the background to check everything.Let me now leave a link to the site that can check it out and show you, you will go and be surprised, they say, " what .uya, how does it work in general?", and then go back here and read how it works...
So, let's say that you have already done the above, now it's time to explain. Any site1 can send a request to any other site2, and this very same site2, if the requested page is available only to logged-in people, can transfer you to the login page. It is this transfer to the login page that site 1 tracks, and if we were transferred (I remind you, this happens in the background on site 1 and we don't see it) to the login page, then, accordingly, we are not logged in to the account.
Let's look at the example of VK (sorry for those who have it blocked, this is the easiest way for me):
1. When we visit a website, it sends a request to the page in the background https://vk.com/im.
2. When you click on it, either everything will go fine, just open the "Messenger" and the URL will not change, or...
3. The request will be redirected to another page https://vk.com/login?u=2&to=D2gSz2BtKnvoPO--. This redirect will be sent to the original site that we visited. Therefore, this way they will understand that if we are asked to log in, we haven't done it yet. Vooot...
But figs to you, not the login, come on in
Of course, it is possible that the site uses such tracking, but the average user will not notice this without analyzing requests, etc. The fact is that this practice is insanely rare, and to be honest, it is difficult for me to name specific examples of sites using this tracking, but you need to keep in mind that this is possible.
Hazard: 2/5
Occurrence: 1/5
4. WebRTC
WebRTC - web real-time communication. I will not go into the concept itself, because we are not here for this and its knowledge will not play into our hands in any way. Here we come to the deeper part of anonymization. In short, WebRTC is one of the most dangerous parameters, because with its help, any site can reveal our real IP address, even if we use a proxy. WebRTC itself provides sites with information about what our real IP address is, bypassing the proxy. All adequate anti-detection browsers have detailed profile settings and you will most likely see this parameter there. I will consider everything on the example of the anti-AdsPower, because I use it myself, however, in terms of anonymization, this browser can be quite kosyachny, but more on that later.Ahem, so, in antic you can find such a parameter:
Here it is, right
In AdsPower, WebRTC is disabled by default, and this can sometimes have a very negative impact on your reputation in front of the site, as it will be visible that you have disabled it.
This is what disabled WebRTC looks like in the eyes of sites
If we switch WebRTC to "Real", i.e. use it without masking, we see the following picture even when using a proxy with an external address of 92.195.169.25:
They found me out, in short
Now I will try to make a "Replace" (replacement) WebRTC, so WebRTC is automatically substituted for the IP address that is currently external to the proxy you are using. Now for a proxy with an external address of 92.195.169.25 we have the following picture:
"Badge, well, normal person, immediately visible, aha"
That is, ideally, it is best to replace WebRTC with the external IP of the current proxy. The site to check out the whole thing here is tut. However, for mobile proxies, it is a natural phenomenon when the IP and WebRTC address are different, but it is safest to replace WebRTC with IP.
As I said in paragraph 1 of the article, I once abuzil Gleam Genopets x Impossible Finance for 36k akkov. Then Gleam from the zero antifraud system made a little more than a zero system. At that time, I didn't know about all the points, so I didn't steam up and just either turned it off or substituted the real WebRTC computer. That is why I was burned and all akki went to the shadow ban. This is tough, my biggest rectum. In order not to repeat such garbage, really, better understand all the embarrassing questions.
Hazard: 5/5
Occurrence: 4.5 / 5
5. Email
Again, based on the experience of Gleam's abuse, I can say that sites can check the IP you entered for existence. I.e., if this mail is no longer used by the site after registration, this is no reason to enter random slag (previously Gleam was abuzili). It checks exactly whether the service is able to send an email to your email address, because if it is not able to, then your address does not exist... Also, I want to add that if a Gmail account was created, there was mail, but then the acc flew to the SMS confirmation or when you log in, it says that mail is blocked due to suspicious activity, then such mail can no longer (temporarily) accept letters and will be considered fake by the site, but this already implies and shadow ban.There is even a mail checker for the ability to send messages to it (for validity).
This is what the results of this action might look like:
The email can't be delivered because the domain doesn't exist @master.com
The message can't be delivered because there is no such mail
All in beauty, that's how you can Register
Hazard: 3.5 / 5
Occurrence: 4/5
6. Timezone
Timezone - time zone, I think this is clear. So, any site, knowing our IP, can use it to determine the country and city of our location, and therefore the time zone. If you don't use a proxy, but only use your IP address, you won't have any problems with this. However, if you sit through a proxy, then you may have a "timezone conflict", i.e. the site can read two user times:- Local - time zone based on your IP address.
- System time - the time that the site reads using JavaScript from the time set on your PC.
- Show a real Timezone without masking it, so the site will see a discrepancy in local and system time, which means it will understand that you are using a proxy and "this person is as suspicious as possible". If there is such a discrepancy, the site will see the following inconsistency:
- Disable JavaScript, so no site can simply count our system time. Some anti-detection browsers use this method. This is a crutch, but it doesn't reveal our real timezone. However, disabled JavaScript will directly affect the operation of sites and they will not fully function, and possibly will not allow you to access their pages at all.
The most appropriate solution is the following point.
- Adjust the timezone based on the IP address. This parameter is used by most antiks, however, this is a case-by-case approach. In general, if you have the opportunity to do so-do it so that there is the same greenery as below
So, I think that we have dealt with timezones.
Hazard: 5/5
Occurrence: 4.5 / 5
7. UserAgent
UserAgent - identification string of the client application. Let's talk about something simpler now... To begin with, it is worth saying that these UserAgents will be different for different browsers: Firefox, Chrome, Safari, Edge, Internet Explorer, etc. I will not go into the methods of their formation in "unpopular browsers", so let's look at how it works on the example of Chrome.So, the UserAgent for the Chrome browser looks like this:
Mozilla/5.0 ([Platform]) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/[ChromeVer] Safari/537.36
- "Mozilla/5.0" is the main token that indicates the compatibility version. It is shared by each browser and each useragent.
- [Platform] - no matter how hard it is to guess, this parameter indicates the platform on which the browser is running. This parameter can take the following values: Windows, Mac, Linux, Android, etc.
- "AppleWebKit/537.36 (KHTML, like Gecko)" - parameter indicating that the browser is based on Webkit. This is an engine developed by Apple in 2001, as a fork of KHTML-in fact, this parameter contains the name of this brand. "537.36" is the current version of the engine for more than 8 years.
- "Chrome/[ChromeVer]" - well, this is the name of the browser and through " / " - its version that is used.
This point is quite important for understanding, but for anonymization via antic , it is quite useless due to the already adequate generation. To be sure that everything is fine, you can go to Pixelscan and check the left block.
Green is good, red is bad, yeah
Hazard: 2/5
Occurrence: 4/5
8. Flash
Flash is the same thing that used to be used to create all sorts of toys in the browser, etc. Now this is mostly a vestige, because Chrome has already stopped supporting its work, but in some antiki (in AdsPower for sure) there is such a setup:
Here it is, an element of pure evil
Its main danger lies in the fact that it can lead to a leak of our real IP address, just like with WebRTC. You don't even need to bother here: just disable it and that's it. The sites will not have any questions about this and you will remain clean.
Hazard: 5/5
Occurrence: 3/5
9. Geolocation
Geolocation is another rather useless point in anonymization. In antiki, of course, there is a setting for this parameter, but if you do not use the phone, it should not burn you.
Meh, even chet write here nihachu :3
I usually just leave the "Ask" option so that the site doesn't know anything for sure without my knowledge, just in case, so to speak. But in fact, you can simply block geolocation, but I'm not too sure how this will affect the attitude of the site to the user. In general, this is such an amorphous and useless parameter, but we still touched on it a little.
Hazard: 4/5
Occurrence: 2/5
10. Cache and cookies
The browser cache is a folder with copies of some data from the pages you visited. The cache usually stores data that is unlikely to change in time (images, scripts, styles, etc.).Cookies are small text files that store information about you for each site, which helps them identify you as a user. Thanks to cookies, for example, you don't need to log in to the site with your username and password every time.Instead, cookies will keep your active session on the site for a while.
Here, in fact, everyone understands how this can interfere with the abuser. On the other hand, just creating a new profile will get rid of this problem. However, if you look at the situation within a single profile, then simply clearing cookies sometimes may not help.
This is due to the existence of Evercookies-a technology that uses all existing repositories, as well as many tricky mechanics, thanks to which even when clearing cookies and cache, the user can still be "caught" by the site using this parameter. The trick is that cookies are restored automatically even after they are cleared, if they were not deleted at least once from the storage.
Ideally, so that no information about you remains, you need to close all browser tabs and clear the cache along with cookies, but at a minimum, be sure to close the tab with the desired site and then delete the data of cookies and cache of this site. Otherwise, you will not achieve anything and still any site will be able to recognize you by this parameter.
As a test, you can try to experiment with this mechanic here. It's very simple: by clicking on the "Click to create an evercookie" button, the site generates a random number from 1 to 1000. If you try to clear cookies and cache without closing the page, and then refresh it (you don't have to), then when you click on the "Click to rediscover cookies" button, you will see the same number that was generated earlier.
*there is a gray text here*
Hazard: 5/5
Occurrence: 5/5
11. Google Backup data
I think that almost 100% of those present here have GMail. A huge number of people use GMail for abuse. So, this item will be useful for both ordinary users and multi-hackers. A very clever feature that kept me busy for a couple of months. In general, if you use GMail to register on any site, regardless of whether you log in directly through your Google account, or just enter it in the "Email" field, the site is able to see at least 2 things:- phone number linked to your Google account
- backup mail linked to your Google account
This feature, of course, is used by a very small number of sites, but you can try this option out of desperation. I came across this conclusion completely by accident, and, as practice has shown, an insanely small number of people know about this thing in a % ratio, even in the circles of those other multi-hackers.
So, if you want to try using this option, you need to untie the backup email and phone number that you could have entered during registration from your account. To do this, go to this page and do the following::
By clicking on the link, you will be taken to the "Personal information"tab
In the "Contact Information" block, go to "Email"
If you have any mail in the "Reserve email address" block, just unlink it
Okay, the mail was unlinked, now you need to get rid of the phone number:
Go back a couple of steps and in the "Contact information" section go to the "Phone number"item
If there is a phone number here, then click on the line with it
Next, just click on the trash can, enter the password, and then click on the trash can again to delete the number
That's all. We have erased all unnecessary information. Soryan for such a "guide" on screenshots (+check small signatures), but you never know who has the account language is Chinese: 3
Hazard: 5/5
Occurrence: 1/5
12. Click on links
The most situational topic. I met her quite a long time ago on some site with frishnymi shields.In general, the bottom line is that if you click on any link, the site can track some details of your click, for example, the country, referrer (where the click was made, i.e. the source), the exact time, the browser (including its version) and many other default chips that I'm talking about in the article I've already mentioned it/I'll mention it again.
So, that site with frishny wrappers, found fault with the referrer. Initially, I did this: I copied the URL from my phone, sent it to VK on my PC, and opened it. The site saw that I was going through VK and therefore froze, not letting me go. When I went directly from Yandex. Mail, everything worked. Also, if the transition was made directly through the address bar, this is also visible ("Direct"). In general, it is rare to find such a thing somewhere, but the article is about everything: 3
As an example for demonstration, I used poor, but + - working u.to:
Here's a tuta we can obe ... otpi... calculate
About "Other" after these screenshots...
To check countries, it needs Flash Player...
So, one more very important thing I want to emphasize. In the second screenshot, transitions from VK and Telegram (testil) were included in "Other". In general, if you try in these social networks.if you send a confirmation link to your favorites or somewhere else, it will automatically be clicked. This is due to the fact that to load the "preview" link, Telegram and VK make a request for it. Due to this, the following picture is obtained:
Therefore, if you want to take this point into account for your abuser purposes, do not send links to your social network.social networks or something else. I noticed this feature only in VK and Telegram, but it is possible that it works with other messengers.
Hazard: 2/5
Occurrence: 2/5
13. Fingerprints
Fingerprint - it is worth considering, as well as a fingerprint of a human finger, because with the help of it, any Internet resource can identify a user "among thousands". This level of recognition is achieved due to certain characteristics of the user's session that the site can view, but more about this in each individual fingerprint type.13.1 WebGL
WebGL is a software library for the JavaScript language designed for rendering interactive three-dimensional graphics and two-dimensional graphics within the limits of web browser compatibility without using plug-ins.If you do not go into details, then, roughly speaking, a certain image is drawn using the graphics processor. Its type directly depends on which graph. processor is used (the same task will produce different results on different platforms), which driver version is installed, which OpenGL standard (a specification that defines a platform-independent software interface for writing applications using two-dimensional and three-dimensional computer graphics) is used in the system, etc. etc.
After drawing the image and converting it to a byte array, this data will be unique.
It is also interesting that in antics (at least in them) it is impossible to fully emulate WebGL (since it is technically the same device). There are several ways to circumvent this" hole " in the multi-hacker security: either add noise, disable WebGL, or disable JavaScript, or, alternatively, you can leave your native WebGL without touching it in any way (in my experience with Gleam, this worked because of their flawed protection against abusers, but, I would not use this option, because several hundred users with the same WebGL is suspicious).
WebGL emulation in AdsPower
As we found out earlier, the latter option is the least suitable, since most sites will simply stop functioning adequately. Disabling WebGL is generally an adequate option, which sites usually don't cling to very much, although they can see it: for the most part, they won't care about it and you'll still switch to it without any problems. I tried abusing Gleam with both disabling WebGL and adding noise - the result is one (positive). But adding noise is worthy of a little more explanation...
When creating a new profile in antic, your "picture-drawing" is taken and noise is superimposed on it. Due to the" randomness " of this noise, each time an absolutely unique WebGL fingerprint is obtained, copies of which will not be found during random generation. Also, the name of the vendor and renderer are added as a plus. I.e., the vendor is the hardware manufacturer, and the renderer is the name of the graphics core.
For example, here are my "vendor" and "renderer"options:
Like Google, but Nvidia, interesting...
You can check your characteristics and your WebGL fingerprint on the corresponding section in Browserleaks.
By the way, WebGL is directly linked to Canvas, which is described in more detail in the next paragraph...
Hazard: 5/5
Occurrence: 4/5
13.2 Canvas
Canvas-this identification method consists in drawing a certain text with certain effects superimposed on it, which are set in the JS script on the side of the requested server, on a Canvas-hidden canvas. After that, as in the case of WebGL, the resulting result is converted to a byte array.As in the case of WebGL, full-fledged Canvas emulation is not possible, since it is directly connected to the graphics platform. However, you can still disable it, use your original fingerprint without changing it, or add noise.
Modest setup, unlike Canvas (all also from AdsPower)
I would not disable Canvas, because it is too pale, depending on which site you need to use it on.
You can use the original Canvas fingerprint, of course, but then weigh all the risks based on the number of your accounts and the site itself.
Well, the imposition of noise (noise) on the fingerprint, definitely has a place to be, and probably the most preferable, although there is one small caveat here...
Canvas, unlike WebGL , is a less thoroughbred animal, so if WebGL is unique, then a certain Canvas fingerprint will already have a certain percentage of users of the same site. For example, a Canvas fingerprint like mine is owned by about 1 person out of 200:
So I'm not unique?: c
However, if you apply noise, then your Canvas will be completely unique, i.e. no one else will have it.:
"Hmm, but this person stands out..."
It would seem that uniqueness is a good quality, but in fact it is like a black swan among whites. Such recognition is used only by some straight-up tough antiabuzovye sites and it is rare, but we are developing here tipoao... Gleam also distinguished itself here with its idiocy, so he finally doesn't care about everything, in my opinion
The same Browserleaks is used to check your Canvas fingerprint. By the way, I recommend checking the fingerprint via Chrome and without ADBLOCK, because this may interfere with scanning your real fingerprint (otherwise, you will have 100% uniqueness even if you did not add noise).
Hazard: 5/5
Occurrence: 4/5
13.3 Browser Fingerprint
Browser Fingerprint is a unique browser fingerprint that is created based on browser parameters and various other components (up to the screen resolution), so neither a proxy nor anything else will help here.This type of fingerprint changes depending on what is described above in the article, + add the screen resolution, AdBlock, language, OS version and platform, plugins and fonts.
You can find out your browser fingerprint ("Your browser fingerprint") on Hidester (it may not work without a VPN, but sometimes it does).
Hazard: 4/5
Occurrence: 2/5
13.4 AudioContext Fingerprint
AudioContext Fingerprint-based on checking the audio subsystem of your browser, sending low-frequency sounds using the AudioContext API.An extremely dangerous and effective thing in the right hands (but there are so few of them that I can't even name them). However, this case can be emulated and there will be no problems.
For example, I tested it on a website and this is what kind of visualized fingerprint I originally had at " 24 bit 48000 Hz (studio recording):
In mathematics, we build something like this
However, if you change the settings to " 24 bit 44100 Hz (studio recording)", it will be a completely different picture:
But here the math teacher slightly thumped and everything swam for her
I gave these examples purely for understanding the principle of operation. There are 2 ways to solve the problem with these fingerprints: disabling JavaScript (I won't even repeat how bespontovo it is) or simple emulation, which any antique will provide us with:
Dada, again AdsPower
Emulation of this fingerprint, by the way, is more than reliable. No site will have any questions for the user with this emulation.
You can build the same beautiful graphs as my matematichka tuta by clicking on one button.
Hazard: 4/5
Occurrence: 1/5
13.5 Fonts Fingerprint
Fonts Fingerprint (fonts) - cleanly scans your system fonts and gives you a small jar. Didn't expect that there will be fonts here? Ah, I mentioned them myself in the previous paragraph... Oh, well.This option is just for the most desperate people, whose akki ban "just because". In general, using Flash and / or JavaScript, the site can get a list of your fonts installed on the system. You can avoid this by disabling JavaScript, but we have already realized that this is not an option. Ahem, in general, all users have this set, of course, can be different, so the chances of surviving in this carnage, without taking any action, tends to zero.
So, this point is usually ignored in the antics and by default just the system fonts are used:
Why is AdsPower doing this to me?..
However, despite this, there is an option for random generation of this list and it would be better for you to use it, you never know what frostbitten people can fight abusers...
You can check your "font" fingerprint in the good old Browserleaks.
Hazard: 4.5 / 5
Occurrence: 1.5 / 5
13.6 ClientRect
getClientRects lets you get the exact pixel position and size of a DOM element. Each piece of hardware is individual. This is reflected in the smallest details, such as the size of elements, when applying different styles to them.Due to this, depending on the resolution, font configuration, and many other parameters, the results of getClientRects will be unique, which means that they can be used to very accurately determine the user.
This is how this case looks when tested
Here I will not be wise and just say that emulation of this parameter should always be enabled, otherwise it will be very easy to set you on fire:
Shummm (noisssse)
You can find out your fingerprint... you'll never guess where... on Browserleaks.
Hazard: 3/5
Occurrence: 1/5
13.7 Ubercookies
Ubercookies - something like an analogue of Evercookie, which we have already discussed, but they work on a completely different principle. They don't save anything anywhere. They use the Javascript API to create a fingerprint based on AudioContext Fingerprint and ClientRect.In other words, to bypass ubercookies, you just need to simulate one or two of these parameters at once. We discussed them earlier, so I don't think you need any additional explanation here
I drew this pixel boat, do you like it?
No, well, right now you can't exactly guess where you can check your fingerprint... Uberkooks, of course.Robinlinus.Com! When (if) you go to check your fingerprint, there will be a big "Tap to start" button:
I'm like, yeah
I thought it was some kind of rofl, but no, you can't just push it... To click on it, you need to "View code":
The red arrow shows where nada make a poke, and before that you need to make a poke RMB, well, you pon
Next, you need to activate the mobile device mode to "be able" to tap on the button:
o_0
Hazard: 4/5
Occurrence: ? / 5
14. Hyper-useful links
Here I will give you a few sooooo good and useful sites that I have already mentioned, as well as those that I have not yet touched in the article.14.1 Useful resources and checkers
Pixelscan is something like imba for those who don't want to bother. I recommend that you start checking with it. Shows browser and OS compatibility, checks the location (timezone+IP), checks the IP for proxies (server ones are not kenselit), checks for a fake fingerprint, and checks the browser for automation software (some extensions can be taken as such, even koleshki).Sannysoft-checks quite a large number of parameters, but I use it only to make sure that WebGL is adequate. Don't pay attention to the Hairline Feature and Webdriver parameters - they are always red.
Panoptickick-shows how protected you are from tracking by "Blocking tracking ads", "Blocking invisible trackers", and "Fingerprint".
AmIUnique - topoveyshy top, checks just everything that can be checked and shows the percentage of your uniqueness. The most interesting and bomb-proof thing.
IPQualityScore-checks the quality of your IP based on spam reports, proxy/VPN detection, as well as bot and abuz activity. The lower the number, the better. Green - excellent, yellow-good, red or orange-even with the IP'shnikom is not the same.
UniqueMachine-checks many parameters and outputs fingerprints. I don't use it, but xs, mb will be convenient for someone.
AudioFingerprint-scans and outputs an "audio fingerprint".
Antcpt-gives the user's score (score per bot) for passing reCAPTCHA 3. By points: 0.9 - most likely a person, and 0.1-a bot. Check with blockers disabled. It is based on IP and "anonymizing parameters".
Browserleaks - as we found out in the article, this is imba, which has 80%+ of all the necessary functionality for checking.
Whoer is a smooth, convenient service for quickly checking timezones, IP'shnik, scripts, and some other small things. There is a convenient indicator of "your disguise".
Fake.Vision - good old fake vision. Checks all possible parameters of the system, immediately shows where the defect is and sets the overall anonymity score in %. To view the detailed information I'm talking about, you need to wait for the full download and click "Start advanced tests".
2ip - check the IP address, and that's it.
Hidester - view the browser's fingerprint.
Ubercookie. Robinlinus - view your ubercookies. To click on the button, you need to enable mobile device mode via the sidebar when you click "View code".
Samy.pl -test how evercookie works.
Verifalia - check the availability (existence) of email.
Robinlinus - view the sites where you are logged in (what the sites see).
Spamhaus - check for IP addresses in spam databases.
DNSChecker - check whether the site supports IPv6 protocol.
14.2 Proxy:
Proxys.io -high-quality server and resident proxies + there are mobile phones if other services are not suitable for some reason, but this is all expensive: 6-18 rubles for individual IPv6, 110-170 rubles for individual server proxies, 230-250 rubles for individual static resident ones, and 4300+ rubles for mobile proxies.proxy. house - the cheapest IPv6 (2.55-5.1 rubles) and IPv4 (30-60 rubles) proxies, but not bad. I always buy here myself.
AstroProxy - good mobile and resident proxies + a very large selection by country (as well as cities and operators), I haven't seen this anywhere else. However, if you need a proxy for tasks that require a lot of Internet traffic, it will be a bit expensive: 715 rubles/1 GB for resident proxies and 850 rubles/1 GB for mobile proxies.
Mobileproxy - very top mobile proxies. I use it constantly. Some of the countries are Russia, Ukraine, Belarus, Kazakhstan, Poland, Thailand, Bulgaria, Kyrgyzstan and Moldova, but some of these countries are generally available under a lucky star, and sometimes there is a shortage. A big plus is that after renting a proxy, you can change the GEO every few minutes and / or change the equipment if there are any problems, but this can only be done once a day. However, if changing the hardware didn't help, you can contact support via the Telegram bot (they usually respond quickly enough and solve the problem immediately).
15. Withdrawal
As a result, I want to say that anonymization is ahfig, what an important part of the "abuser art" (that's what I came up with, yesaa). I had a lot of situations when some site broke me off because of its failed anti-fraud and I didn't know what to do with it, but over time I kind of got a little more trained and now I understand how to circumvent this. There were many opportunities to get a penny for abuzh, but it was not always possible. There were also hard rects (yes, the Genopets are torn?), but over time you realize your mistakes and shortcomings, so that later you can learn something even cooler and get even moreAhem, off topic... in general, just watch your anonymity if you hear something (or if you are paranoid). If you do everything right, then you will not catch any ban, you will only have to connect all your enthusiasm.
Thank you to everyone who made it or didn't make it to this point!
I love you all, I embrace you.
