Hello, guys!

I’m looking for all possible solutions and thoughts regarding those IG-blocks we meet now and I’m trying to read and analyze everything, everywhere accross the Internet.

Yesterday I found very interesting suggestion regarding how Instagram calculates limits for different proxy subnets = accs. I found it very interesting, but I have no chance atm to test it.

I’m very interested in discussing this here, on mpsocial, as I find this forum the most useful and you guys here are the most experienced as fas as I feel it.

So I just copy-paste that post from one well-known forum

Well, some guy hit me up with a blogspot from a worker of IG, I dont remember the link so take what I say with the least serious considerations you can.

Instead of purging settings A, B or C IG found a better way to purge/damage automation users.
What is the same thing we all share in common?

We have different settings
We have different ways to create profiles
We have different niches
We have different automation tools

But we share the commom resource that almost none normal user stay close…

Proxies.

Whatever is your setting, whatever is the tool, whatever account creation method we are share the network trait of using proxies.

Well, what they did?

Now lets say we have the Subnet A of a Provider Called SpartanProxies.
Spartan Proxies sell IPV4/IPV6, but as every proxy need a real device/connection to mirror we can say Spartan Proxies of Bingolingo country share usually the same ranges and subnet.
What IG did?
Now they analyze all the comming traffic and requests of every range/subnet, that in our cases is Spartan Proxies that comes from Bingolingo country.
Lets say we have 10 users connected to that specific subnet/range…
Now we can say that the Average number of Actions PER USER is equal to:
All Actions / (DIVIDED) by 10 = the formula is number of all actions /(divided) by number of users
What they are doing now, they take the 25% of the users that used the lower number of actions on that subnet, that in this case would be 2 user and half, and then they compare.
Action made by 25% of users /(divided) 2.5 users[on this case] and you have the number of actions of the lower percentage of users.

Then they compare that average number of actions of the lowest action users on that subnet to the average number of actions of the subnet and with your specific number of actions.

Lets say 10.000 actions were done by all 10 users combined, 10000/10= 1.000 Actions Per user
Lets say 1000 actions were done by 25% of users, 1000/2.5 (on this case) 400 actions per individual 25% of users

This means that if you did 1500 actions you are considered a high risk user of that subnet, if you did 200 you are considered a safe risk user of that subnet and so on…

What that means?
Now they cross your average number of actions and compare to the subnet number of actions PLUS the average number of that subnet and with the country/state average number and with IG limits.

Lets say your subnet only consist of automation users, the average number of actions is 9000 monthly, who would be something like 30 per day.
If you did less than that you could be considered a safe user of that subnet. but NOT A SAFE IG user because your actions crossed their limits.

This is why the 6k/30 days is flexible and why some user have been able to follow again after some days of no action (that they become part of the lower 25% of that subnet).

Please mention that OP talks about DC proxies, but anyways it interesting.

So I have questions to you, guys:

1. What do you think about this at all? Any proofs or arguments against?
2. What do you think about limits for the LTE proxies? What are they? Any thoughts?

Let’s sort out with that, as untill we don’t understand the rules, we don’t have any chances to win the game.

Thank you

another answer / test from a forum-guy
maybe proxies are useless:

these days I’m doing several tests on my mobile proxy 4g.
I tried to have my ip address analyzed by sites like browserleaks.com and others much more complex like http://www.f.vision
I began to notice that strange inconsistencies were detected.
Analyzing the IP masked with a proxy, you will notice that both web sites are able to read the real IP address to which you are connected, through WebRTC they are able to bypass the proxy and read the real IP.
The result is that the site detects two different IP addresses, the first given by the proxy and the second IP local which is the real IP address from which we are connected.
In particular, http://www.f.vision proves to be able to find many inconsistencies even if you try to disguise your WebRTC, resulting in Fake webrtc detected.
This site is also capable of detecting if we are using proxies and much more.
In the tests that I performed if I access http://www.f.vision by phone (without proxy) the test is passed perfectly with 0 percent of inconsistency!!
If I do the test with PC and proxy the test results with 75 percent of inconsistency, the website also say: FAKE IP DETECTED
This mean that these website can easily detect we are using proxies.
You can easily hide your WebRTC but the site detect that you are hiding your real IP and i think also Instagram can easily detect it.

Now I wonder, if this site is able to detect all this, do we really think that Instagram is not able to detect this inconsistency?
Have any of you tried to run these tests?
Can it be for this reason that using proxies profiles cannot perform all the daily actions that could be performed from inside the app manually?

The problem detected in my tests is unfortunately not at the level of the proxy, the detected IP address is detected through WebRTC which obviously can be easily hidden, but instagram certainly sees that you are hiding something, the average user has nothing to hide.

In any case, the IP address detected by the WebRtc is the one to which my PC is currently connected, or the home line.
Then IP1 address that of Pxoxy4g, IP2 address that of the home line, this obviously without hiding the WebRtc.
Using Hotspots from the phone obviously there is no need to hide the WebRtc as the two IPs are the same.
The problem is that Jarvee automatically hides many fingerprints, and so it forces you to be different from the mass.
And in addition it hides many things but not perfectly, as in my tests there is a difference between the operating system given by the fake user agent (Android) and the real Windows operating system.
I think this is a problem given by Jarvee and not by the proxy.

I didn’t read the whole article as its alot, but from the part I did read, yes it does work like that. For example:

In gmt2, I have 5 accounts on the same ipv6 dc proxy. If I just run 1 account, I can follow and like until my heart desires without getting a block, but as soon as I start doing actions on other accounts on the same subnet shortly after a block will appear.

I can go a little further in depth on this in another post at another time if you would like, as I’ve ran alot or test on a bulk scale trying to figure it out.

Thank you so much for the answer. Very useful information.

Yes, sure. I would like to hear more information regarding this.
I’m pretty sure that it would be useful for everyone.

With all the info I know and all the things I´ve been reading in the last 6 months on several forums and articles, and also with the great insight from @hashtag_flesh , I think IG is attacking automation from multiple different vectors, this maybe only one of them, as I have been reading, the other one, which will be much easier to combine with this method, is WebRTC leaks from your VPS when you are using the proxy, so they can detect all of the accounts that are being automated no matter what kind of proxy you are using (custom or from a 3rd party).

This is a much more complex issue, and they are using a large arsenal of weapons to discover who is automating, and probably the algo also changes and updates detecting patterns of usage, and with every rollout when we wait and test and implement new settings, the algos change again to detect the new behavior, its like fighting against Skynet.

That´s why I opened this thread

https://mpsocial.com/t/a-pledge-for-a-upping-the-game-on-automation-software/77600/52

Not to avoid being detected, but to make the tools harder to detect, smarter and much more random. All the automation tools did very little to change how they behave, we´ve been just turning knobs on the settings, not much else, so, we are a very easy target too.

But they’re allowing automation if you think about it. They’ve already shown us multiple times they’re capable of blocking, and also reversing are actions at a later time if they want. But they don’t… they’re just limiting our actions.

The paper they wrote, gave the impression their goal is to stop the sales of fake likes and followers, more than they are trying to stop people from using automation. With the update they’ve released now, it’s made it so that panels are dysfunctional, and majority of small time or inexperienced people that are automating will stop. Also got rid of alot of people wasting their resources(using thousands of accounts to promote one… Mother/Slave… knew it was only a matter of time before they slowed down/put a stop to that.

But as far as automation on IG being done, I know it’s far from that. Unless they completely block all actions from going thru like they have temporarily, then things will still be a go.

Regarding proxies, it wouldn’t be that hard for Instagram to run a report on non-mobile, non-residential IPv4 C-blocks and see which ones are the worse defenders in terms of HTTP/API requests and block them all. That’ll be 256 proxies and accounts shut down easily for each one.

Yet they haven’t really yet. They usually let them slide and add different criteria to their investigation before blocking. And some of us are getting blocked on our own mobile hotspots and residential IPs. So I believe proxies are pretty low on the totem pole in the determination of who to block/limit.