AntiDetect under the Microscope: Setup, Tests, and Leaks

[Good Carder]

Introduction: Why a proxy and a card won't save you if your antidetect is leaking​

You've bought the perfect residential proxy, a fresh card with the appropriate BIN, and completed all the checklists from the previous articles. You launch your profile, carding the payment, and suddenly you get a fraudulent alert.

The problem is, you checked the proxy but didn't check the antifraud system itself. Modern antifraud systems collect hundreds of parameters from your browser: how Canvas is rendered, which fonts are installed, how WebGL works, what APIs are available. If your antifraud system doesn't correctly replace these parameters, it "leaks," and the site immediately realizes you're not a regular user.

In this article, I'll cover:

• 5 key parameters that 99% of newbies miss.
• How to test antidetect – from quick tests to writing your own scripts.
• Comparison of the best antidetect browsers for carding in 2026.
• Step-by-step scenarios for creating profiles for Shopify, Amazon, and Walmart.

Part 1: What is a fingerprint and why antidetect is more than just "IP change"​

Many beginners think, "I just set up a proxy and that's it, no one can see me." This is a fatal mistake.

A fingerprint is a combination of dozens of parameters about your browser and device that a website collects without your knowledge: Canvas, WebGL, AudioContext, font list, Navigator parameters, screen resolution, time zone, language, and much more. Modern systems like Stripe Radar collect and analyze hundreds of these attributes to generate a unique device identifier.

An antidetect browser is a specialized browser that replaces these parameters, creating a unique fingerprint for each profile. It hides your activity from antifraud systems because it can create multiple fingerprints on a single device.

But if the antidetect is configured incorrectly or uses outdated methods of substitution, the antifraud system detects this and blocks the payment.

Part 2. Parameters that 99% of newbies miss​

2.1. Canvas Fingerprint is the most popular method of identification​

What it is. When you visit a website, a JavaScript script "invisibly" draws a small image (usually text or a geometric shape) using the Canvas API. It then converts this image into a hash. Different computers with different graphics cards, drivers, and operating systems render the image with microscopic differences, creating a unique fingerprint.

Why does this catch out newbies? Cheap antidetect solutions either don't spoof the canvas at all or spoof it crudely — always in the same way. If an antifraud system sees that the canvas fingerprint is always identical across different profiles or looks "unnatural" (for example, lacking normal rendering noise), it recognizes spoofing.

How proper canvas spoofing should work:

• Adding controlled noise to an image.
• Change the rendering result for each profile.
• Maintaining realism - the print should not be "too clean".

What to check: Go to browserleaks.com/canvas. The service will show the hash of your canvas fingerprint and compare it to the "reference" values. If the hash is the same for different profiles, there's a problem.

2.2. WebGL Fingerprint – The GPU Doesn't Lie​

What is it? WebGL is an API for rendering 3D graphics in the browser. Each graphics card, driver, and operating system renders 3D scenes with unique characteristics (renderer, vendor, shader parameters, supported extensions). These parameters are collected via the WebGL and WebGL2 APIs and form another layer of the fingerprint.

Why does this catch out newbies? Many antidetection tools simply insert fake vendor and renderer values (for example, "Google Inc. (Intel)"). But the antifraud system checks not only these strings but also how the GPU actually renders scenes. If the vendor is declared as "NVIDIA" but the rendering behaves like a software renderer (for example, using SwiftShader), this immediately reveals the substitution.

What needs to be configured correctly:

• WebGL Vendor (e.g., "Google Inc. (Intel)" or "NVIDIA Corporation")
• WebGL Renderer (e.g., "Intel Iris OpenGL Engine" or "GeForce GTX 1060")
• Shader settings and supported extensions must match the selected GPU.
• When using antidetect on a virtual machine, it is necessary to mask the absence of a GPU.

What to check: Go to browserleaks.com/webgl. The service will display all WebGL parameters, including the vendor, renderer, and supported extensions. If any parameters are missing or look suspicious (for example, VMware, Inc. in the vendor), this is a problem.

2.3. AudioContext Fingerprint – an invisible fingerprint of the sound card​

What is it? AudioContext is an API for processing audio in the browser. A website can send a short audio signal through this API and analyze how the sound card and drivers process it. Differences in signal processing (even microscopic ones) create a unique device fingerprint.

Why does this catch out newbies? AudioContext is one of the most difficult parameters to spoof. Many antidetection tools either ignore it entirely or spoof it in a crude manner. An antifraud system can analyze not only the final result but also the dynamics of signal processing — and if something doesn't match the real device, you're exposed.

How to check: Go to browserleaks.com/audio or use specialized tests as part of Pixelscan. The service will show how your browser processes the audio signal and whether there are any anomalies.

2.4. Fonts Fingerprint – a font library as a passport​

What is it? A website can use JavaScript to obtain a list of all fonts installed on your system. Different operating systems, different OS versions, and different language packs have different font sets. This combination creates a unique fingerprint.

Why does this catch out newbies? If you use antidetect on Windows but change the User-Agent on macOS, the Windows font list will not match the default macOS font set. This discrepancy is immediately detected by antifraud systems.

What needs to be configured:

• The list of fonts must match the operating system you are simulating.
• Antidetect should correctly replace both standard and extended fonts.

How to check: Go to browserleaks.com/fonts. The service will show a complete list of fonts available in your browser. Compare it to the typical set for your selected OS.

2.5. Navigator Properties – the browser's "passport"​

What is it? The JavaScript navigator object contains many properties describing the browser and environment: userAgent, platform, language, webdriver, plugins, mimeTypes, hardwareConcurrency, deviceMemory, and others.

Why does this catch out newbies? The most common pitfall is the navigator.webdriver flag. If you use automation (Puppeteer, Selenium), this flag is often left enabled. The antifraud system sees it and immediately understands that the browser is being controlled by a script.

Other signs of automation:

• Lack of standard plugins (e.g. Chrome PDF Viewer).
• Invalid userAgent value (does not match the actual browser).
• Missing or incorrectly filled in Client Hints - a new system for transmitting browser data that is gradually replacing User-Agent.

How to check: Go to browserleaks.com/javascript. The service will show all navigator properties, including the webdriver flag. If webdriver is true, you've been exposed.

Part 3. How to check that the antidetect is actually working​

Antidetect testing isn't a matter of "running one service and calling it a day." It's a systematic, multi-step process.

3.1. Five Best Fingerprint Checking Services​

Service	What does it check?	Peculiarity	Link
BrowserLeaks	IP, DNS, WebRTC, Canvas, WebGL, Audio, Fonts, WebRTC	The most complete set of unit tests	browserleaks.com
Pixelscan	WebGL, Canvas, AudioContext, Touch API, screen, timezone	Provides a consolidated score for anonymity and consistency	pixelscan.net
BrowserScan	50+ attributes, including Canvas, WebGL, Audio, WebRTC, DNS, HTTP headers	Supports antidetect testing	browserscan.net
CreepJS	Canvas, WebGL, system data	Shows how unique your device is	creepjs.com
Whoer.net	IP, DNS, WebRTC, time, language, anonymity	Simple interface, clear anonymity percentage	whoer.net

3.2. Step-by-step verification protocol (must be completed before each hit)​

Step 1: Check your network layer. Go to ipleak.net or browserleaks.com/ip. Make sure:

• The public IP corresponds to your proxy.
• WebRTC does not leak (does not show your real IP).
• DNS servers correspond to the proxy country.

Step 2: Check the parameters for consistency. Go to pixelscan.net or whoer.net. Check:

• The time zone corresponds to the IP country.
• The browser language corresponds to the IP country or is neutral (en-US).
• The screen resolution is realistic for the selected device.

Step 3. Check high-entropy signals. Visit browserleaks.com/canvas, /webgl, /audio, /fonts. Make sure:

• Canvas print is not the same for different profiles.
• The WebGL vendor and renderer look real (not "VMware" or "SwiftShader").
• AudioContext does not produce any anomalies.
• The list of fonts corresponds to the OS.

Step 4. Test the automation. Go to browserleaks.com/javascript. Check:

• navigator.webdriver must be false (or undefined).
• There are no extra properties indicating automation.

Step 5. Run a comprehensive test. Use BrowserScan to get a final assessment. The service will display a detailed report on all 50+ parameters and determine whether your browser is vulnerable to blocking.

3.3. Writing Your Own Fingerprint Test (Advanced)​

If you want to test antidetect as thoroughly as possible, write your own test in JavaScript. It will collect key parameters and show exactly what's going on.

// Bookmark this code or run it in the console
(async function() {
const results = {};

// 1. Canvas fingerprint
const canvas = document.createElement('canvas');
canvas.width = 200;
canvas.height = 50;
const ctx = canvas.getContext('2d');
ctx.textBaseline = 'top';
ctx.font = '14px Arial';
ctx.fillStyle = '#f60';
ctx.fillRect(0, 0, 100, 50);
ctx.fillStyle = '#069';
ctx.fillText('BrowserLeaks', 2, 15);
results.canvas_hash = await crypto.subtle.digest('SHA-256',
new TextEncoder().encode(canvas.toDataURL()));

// 2. WebGL info
const canvas3d = document.createElement('canvas');
const gl = canvas3d.getContext('webgl');
if (gl) {
results.webgl_vendor = gl.getParameter(gl.VENDOR);
results.webgl_renderer = gl.getParameter(gl.RENDERER);
}

// 3. Navigator properties
results.userAgent = navigator.userAgent;
results.platform = navigator.platform;
results.language = navigator.language;
results.webdriver = navigator.webdriver;
results.hardwareConcurrency = navigator.hardwareConcurrency;

// 4. Audio fingerprint
const audioCtx = new (window.AudioContext || window.webkitAudioContext)();
const analyzer = audioCtx.createAnalyser();
// ... additional logic for AudioContext

// 5. Fonts (via CSS method)
const testString = 'mmmmmmmmmmlli';
const baseFonts = ['monospace', 'sans-serif', 'serif'];
const testFonts = ['Arial', 'Verdana', 'Times New Roman', 'Courier New'];
// ... font detection logic

console.table(results);
})();

Save this script as a bookmarklet or run it in the developer console on test sites. It will display all the key parameters of your fingerprint.

Part 4. Comparison of antidetect browsers for carding: Dolphin Anty, GoLogin, Octo, Indigo​

The antidetect market is saturated in 2026. Here's a detailed comparison of the four browsers most commonly used for mapping and multi-account management.

4.1. Comparison table​

Characteristic	Dolphin Anty	GoLogin	Octo Browser	Indigo Browser
Engine	Chromium	Orbita (Chromium)	Chromium	Mimic (Chromium) + Stealthfox (Firefox)
Fingerprint parameters	Basic	50+	Deep	50+
Free plan	10 profiles	3 profiles forever	Trial	Trial
Price for 100 profiles	$89/month	$49/month	€79/month	~$40-80/month
API for automation	Yes	Yes	Yes	Yes
Cloud profiles	No (local)	Yes	Yes	Yes
Mobile profile support	Limited	There is a mobile application	No	Yes (via Stealthfox)
Main niche	Traffic arbitrage, social networks	Multi-accounting, automation	Stealth, long-term projects	Crypto, marketplaces

4.2. Dolphin Anty - Best for Starting Out​

Why: Dolphin Anty offers 10 free profiles — the most generous free plan among all antidetection solutions. It's designed specifically for affiliate marketers and media buyers and features built-in integrations with popular proxy services.

Advantages for carding:

• Simple interface, understandable even for a beginner.
• Regular updates to the Chromium core.
• Good support for manual fingerprint configuration.
• Built-in proxy checker.

Cons:

• Limited options for deep fingerprint customization.
• When scaling (more than 300 profiles) it may be unstable.
• In cloud solution tests, it showed 5 warnings and an account survival rate of about 50% (versus 100% for the leaders).

Verdict: An ideal choice for a beginner who wants to learn and understand how antidetects work for free.

4.3. GoLogin – the best balance of price and functionality​

Why: GoLogin offers three free profiles forever — the best free plan for serious work. Their Orbita engine provides kernel-level control, and cloud profiles conserve local machine resources.

Pros for carding:

• Nuclear fingerprint control is a more profound substitution of parameters.
• Built-in free proxy for each profile (low quality, but good for testing).
• Mobile application for Android.
• API is compatible with Puppeteer, Playwright.

Cons:

• The price is higher than Dolphin (from $49/month for 100 profiles).
• Free low quality proxies.
• In stability tests, it is inferior to Octo in long-term projects.

Verdict: A good choice for those willing to pay $50 per month for stable performance and cloud profiles.

4.4 Octo Browser – Ultimate Stealth​

Why: Octo Browser specializes in deep fingerprint masking using a database of real devices. Their unique fingerprints are as close as possible to real browsers, and the built-in cookie bot and bulk operations make it ideal for long-term projects.

Advantages for carding:

• Highest level of stealth capability according to 2026 tests.
• Deep fingerprint control at the code level.
• High stability when scaling.
• Excellent automation via API.

Cons:

• There is no free plan, only a trial.
• The cost is about €79/month for 100 profiles.
• More complex interface for a beginner.

Verdict: A choice for experienced users who require maximum stealth and long-term stability.

4.5. Indigo Browser – Two Engines in One​

Why: Indigo's unique feature is its compatibility with two browser types: Mimic (based on Chromium) and Stealthfox (based on Mozilla Firefox). This provides flexibility unmatched by other antidetects.

Advantages for carding:

• Two engines - you can choose the optimal one for a specific site.
• Specializes in niche tasks - crypto, marketplaces.
• Deep masking at the level of Firefox (a rarity for antidetects).

Cons:

• Less known than Dolphin and GoLogin.
• More difficult to set up for a beginner.
• Limited community support.

Verdict: A good choice for specific tasks where the Chromium engine is not suitable.

4.6. What to choose for a beginner: a step-by-step strategy​

1. Month 1 (budget $0): Dolphin Anty with 10 free profiles. Get comfortable, understand the setup mechanics, and learn how to verify a fingerprint.
2. Months 2-3 (budget $10-30): Stay on Dolphin or switch to GoLogin ($49/month). Practice the technique on real stores.
3. Month 3+ (budget $50+): If you need maximum privacy, switch to Octo Browser. If you need flexibility, switch to Indigo.

Part 5. Scenarios for creating a profile for specific stores​

5.1 Shopify - Multi-layered security​

Shopify tracks dozens of parameters: IP address, browser fingerprint, time zone, language settings, screen resolution, and even behavioral patterns. The platform monitors stores especially closely during the first 90 days of operation — any suspicious activity can lead to immediate blocking.

Shopify profile parameters:

Parameter	Setting	Why
Proxy	Static Residential IP, Country = Map BIN	Shopify Bans Data Centers and Dynamic IPs
User-Agent	Windows 11 + Chrome (the most popular)	Realism
Canvas/WebGL	Substitution with noise, unique for each profile	To prevent different profiles from intersecting
Time zone	Matches IP (e.g. America/New_York)	Coherence
Language	en-US	Country Compliance
Screen resolution	1920x1080 or 1366x768 (top 2 most popular)	Realism
WebRTC	Completely disabled or goes through a proxy	Without this, the real IP will leak

Important nuances for Shopify:

• Shopify is particularly sensitive to geolocation mismatches — if a store is registered in the US but accessed from a Russian IP address, it will be blocked.
• Use separate payment information for each store (card, PayPal, address).
• Be sure to warm up your profile: visit the site 1-2 days before carding, add the product to your cart, and read the description.

5.2. Amazon — Device Intelligence 2.0​

In 2026, Amazon implemented Device Intelligence 2.0 — a system that collects not only basic parameters but also the device's "digital DNA," including screen characteristics, audio drivers, color gamut, and other deep signals. According to Amazon, the system detects 94% of abuse attempts within 72 hours.

Amazon profile parameters:

Parameter	Setting	Why
Proxy	Static residential, better from different ISPs for different accounts	Amazon analyzes ASN and IPv6
Canvas/WebGL	The most realistic substitution, without “artificial” patterns	Device Intelligence 2.0 detects anomalies
AudioContext	Must be replaced correctly	Amazon analyzes audio fingerprint
Plugins	Must be present (e.g. Chrome PDF Viewer)	Realism
Opening hours	Activity at different times of the day, not at the same time	Behavioral analysis
MAC address (not transmitted by the browser)	Not required	—

Critical requirements for Amazon:

• Each account has its own payment information (different cards, different names, different addresses).
• Don't use AWS proxies — Amazon sees its own data centers and bans you.
• Profile warm-up is essential: viewing products, adding to cart, reading reviews.

5.3. Walmart – a strict antifraud system​

Walmart is known for its strict compliance system — according to statistics, over 50% of merchants were banned in 2024 due to account linking. Walmart checks seven key parameters, with browser fingerprinting accounting for 35% of the decision-making weight.

The seven parameters of Walmart compliance are:

1. Browser fingerprinting (35%): WebGL, AudioContext, Canvas
2. Network environment (25%): IP, ASN, DNS leaks
3. Hardware information (20%): screen resolution, color gamut, GPU
4. Behavioral patterns (15%): mouse movement, time on page
5. Payment chain (5%): BIN cards, payment accounts
6. Cookie/LocalStorage
7. Login history

Walmart Profile Options:

Parameter	Setting	Why
Proxy	Static residential or 4G/5G mobile. Data centers (AWS, Google Cloud) — instant ban	Walmart detects data centers
WebGL	A thorough substitution, unique to each account	Walmart tests consistency
Canvas	Substitution with noise, unique hash	Like WebGL - a key parameter
AudioContext	Complete substitution	Walmart analyzes audio fingerprint
Behavior	Different mouse patterns, different time on page for different accounts	Walmart is tracking behavioral anomalies.

Critical requirements for Walmart:

• Never use one payment account for multiple stores - in 2024, this resulted in 60-180 day freezes for 52.7% of banned merchants.
• Walmart requires IP to be consistent with registration data (if the account is registered in California, the IP must be Californian).
• Don't use AWS or Google Cloud proxies — Walmart detects and bans them en masse.

Part 6. Antidetect settings checklist before the first hit​

Print and complete before each new profile:

Basic profile settings:

• Proxy: static residential, country = map BIN, not data center.
• User-Agent: matches the selected OS and browser (Windows 11 + Chrome is the most secure).
• Screen resolution: 1920x1080 or 1366x768.
• Time zone: same as IP country.
• Language: en-US or IP country language.
• WebRTC: disabled or going through a proxy.

Advanced fingerprint settings:

• Canvas: substitution enabled, noise added.
• WebGL: The vendor and renderer look real (not VMware, not SwiftShader).
• AudioContext: substitution enabled.
• Fonts: The list of fonts corresponds to the OS.
• Navigator.webdriver: false (or undefined).
• Plugins: standard ones are present (Chrome PDF Viewer, etc.).

Check (after settings):

• browserleaks.com/webrtc - no real IP leak.
• browserleaks.com/dns — DNS servers correspond to the proxy country.
• browserleaks.com/canvas - the hash is unique and does not look "artificial".
• browserleaks.com/webgl — vendor and renderer are realistic.
• pixelscan.net — anonymity score > 85%.
• browserscan.net - no red flags.

Conclusion: Antidetect is not magic, but systemic work.​

Antidetect Browser won't make you invisible "with a click of a button." It's a tool that requires configuration, testing, and understanding which parameters are critical on which websites. But without it, you won't even get past the first antifraud detection.

Key findings:

1. Parameters that catch newbies off guard: Canvas (incorrect substitution), WebGL (VMware vendor), AudioContext (no substitution), Fonts (OS mismatch), Navigator.webdriver (automation flag).
2. Check antidetect before every hit. BrowserLeaks, Pixelscan, and BrowserScan are your best friends.
3. To get started, choose Dolphin Anty — it offers 10 free profiles and a simple interface. For more serious work, try Octo Browser or GoLogin.
4. Customization for a specific store is a must. Shopify loves consistency, Amazon loves fingerprint depth, and Walmart loves the 7 dimensions of control.

A quick one-line reminder:
"Antidetect isn't just a proxy. Check Canvas, WebGL, Audio, fonts, and webdriver. If even one parameter is leaking, the payment will fail, even with a perfect card."