ChronicBot Posted February 10, 2021 Share Posted February 10, 2021 I'm having an issue with my accounts getting locked after doing tutorial island. Is this caused by me creating the accounts with a different ip address than the proxy I'm using to bot on? If so how can I use my proxy to create the new accounts? Or is this issue caused by something else altogether? Do I need to link the accounts to actual emails so I can later unlock them? My plan is ultimately to sell these accounts, so I'm trying to learn the workaround for having an email set on account. Any help or advice will be greatly appreciated, thankyou in advance. Quote Link to comment Share on other sites More sharing options...
OSBOTRutger Posted February 10, 2021 Share Posted February 10, 2021 The proxy that the account is played on should also be the proxy the account is created on. That should help alot for locked accounts Quote Link to comment Share on other sites More sharing options...
Czar Posted February 10, 2021 Share Posted February 10, 2021 (edited) EDIT: Yes I've been getting a lot of these lately, due to IP issues I'll try find a good workaround for these. Usually automatically logs me out and says go to the support centre to unlock accounts. Having a consistent IP as mentioned above ^ works best. There is no need to link emails, I don't think anybody does that these days, and selling accounts without an email is much easier ^^ Edited February 10, 2021 by Czar Quote Link to comment Share on other sites More sharing options...
ChronicBot Posted February 10, 2021 Author Share Posted February 10, 2021 9 minutes ago, OSBOTRutger said: The proxy that the account is played on should also be the proxy the account is created on. That should help alot for locked accounts When I try to create an account while using my proxy it gives me " Access Denied Error 15 secure.runescape.com 2021-02-10 23:01:13 UTC What happened? This request was blocked by the security rules" Quote Link to comment Share on other sites More sharing options...
OSBOTRutger Posted February 10, 2021 Share Posted February 10, 2021 4 minutes ago, ChronicBot said: When I try to create an account while using my proxy it gives me " Access Denied Error 15 secure.runescape.com 2021-02-10 23:01:13 UTC What happened? This request was blocked by the security rules" What browser u using? Quote Link to comment Share on other sites More sharing options...
ChronicBot Posted February 10, 2021 Author Share Posted February 10, 2021 12 minutes ago, OSBOTRutger said: What browser u using? I downloaded firefox and picked up the foxyproxy extension to use my proxy with. Quote Link to comment Share on other sites More sharing options...
BoostedMMO Posted February 10, 2021 Share Posted February 10, 2021 31 minutes ago, ChronicBot said: When I try to create an account while using my proxy it gives me " Access Denied Error 15 secure.runescape.com 2021-02-10 23:01:13 UTC What happened? This request was blocked by the security rules" This is a typical error message as a result of Incapsula (now known as Imperva); they're a third-party group hired by Jagex to help prevent mass account creations, DDOS, and other areas that were common targets on the website. You might be wondering, why not just cloudflare? The answer goes much deeper; Imperva is able to provide a full on audit specific to a clients need and no one has really been able to decipher which traffic is flagged by them and which isn't, I believe Farmaton was close to cracking it but I never kept up. The best open source attempt I've seen at mitigation against Imperva's (current) security implemented on the OSRS website is this: https://github.com/ziplokk1/incapsula-cracker 5 years old, and outdated. If anyone has better insights, do share! Quote Link to comment Share on other sites More sharing options...
ChronicBot Posted February 10, 2021 Author Share Posted February 10, 2021 6 minutes ago, BoostedMMO said: This is a typical error message as a result of Incapsula (now known as Imperva); they're a third-party group hired by Jagex to help prevent mass account creations, DDOS, and other areas that were common targets on the website. You might be wondering, why not just cloudflare? The answer goes much deeper; Imperva is able to provide a full on audit specific to a clients need and no one has really been able to decipher which traffic is flagged by them and which isn't, I believe Farmaton was close to cracking it but I never kept up. The best open source attempt I've seen at mitigation against Imperva's (current) security implemented on the OSRS website is this: https://github.com/ziplokk1/incapsula-cracker 5 years old, and outdated. If anyone has better insights, do share! Would making the accounts on my home ip then botting on them using the proxy get the same results? Quote Link to comment Share on other sites More sharing options...
BoostedMMO Posted February 10, 2021 Share Posted February 10, 2021 7 minutes ago, ChronicBot said: Would making the accounts on my home ip then botting on them using the proxy get the same results? From what I have seen, the problematic portion is the account creation itself on the website. You need to be using a clean, residential proxy that won't randomly change after 5 minutes. Typically, if you stay within the same region with residential proxies and even datacenter proxies it should be fine. Some have said that linking email helps to prevent these arbitrary lockings. I would also maybe try using bluestacks android emulator, download OSRS on the Google Play store, and link / create an account via a gmail. Something I haven't seen anyone try (I think). Maybe that could help with the locks! GL 1 Quote Link to comment Share on other sites More sharing options...
Gunman Posted February 11, 2021 Share Posted February 11, 2021 1 hour ago, ChronicBot said: I downloaded firefox and picked up the foxyproxy extension to use my proxy with. With the new changes mentioned above with incapsula, you can't use Firefox to make accounts anymore as it seems it's forever stuck with the error 15 message no matter what you do. Quote Link to comment Share on other sites More sharing options...
ChronicBot Posted February 11, 2021 Author Share Posted February 11, 2021 25 minutes ago, Gunman said: With the new changes mentioned above with incapsula, you can't use Firefox to make accounts anymore as it seems it's forever stuck with the error 15 message no matter what you do. I'm currently making the accounts with Bluestacks emulator. I just created 30 new accounts and I'm running them through tut island now. Hopefully this workaround does the trick. 1 Quote Link to comment Share on other sites More sharing options...
BoostedMMO Posted February 11, 2021 Share Posted February 11, 2021 (edited) 1 hour ago, ChronicBot said: I'm currently making the accounts with Bluestacks emulator. I just created 30 new accounts and I'm running them through tut island now. Hopefully this workaround does the trick. Keep us posted. Sometimes the default bluestacks might be hardcode flagged by Jagex so if that doesn't work, there is a way to alter the default settings to make the phone that is emulated completely different versus the 7 that are included with Bluestacks. (Example: Emulating as a Samsung Galaxy S21, which isn't in the BS profiles and therefore less likely to be a hardcoded flag). I mention hardcode flag multiple times because after the notorious "Sir Pugger" video, only then did we realize Jagex had been profiling BS users extensively and mass banned nearly everyone that was online. It was rather odd, as if you had been botting 2 weeks straight before that, logged out 30 minutes before the massbanning occurred, you would be "safe". One of the more bizarre events I recall for sure. To anyone reading this, please do your own due diligence, I'm personally not a fan of such anecdotal evidence (yes, even my own). Take it for what it's worth. It might also be important to reset your advertising ID (unique to your Google Play account), this is the main way they will flag multiple accounts of yours- by linking each to the same ID. There are a number of rather easy metrics that they can use for fingerprinting and it might be cumbersome to dodge them in the long run. I do not believe this ID updates upon simply switching Gmails, so another method has to be utilized. But for now, good news. GL. Edited February 11, 2021 by BoostedMMO Quote Link to comment Share on other sites More sharing options...
ChronicBot Posted February 11, 2021 Author Share Posted February 11, 2021 5 hours ago, BoostedMMO said: Keep us posted. Sometimes the default bluestacks might be hardcode flagged by Jagex so if that doesn't work, there is a way to alter the default settings to make the phone that is emulated completely different versus the 7 that are included with Bluestacks. (Example: Emulating as a Samsung Galaxy S21, which isn't in the BS profiles and therefore less likely to be a hardcoded flag). I mention hardcode flag multiple times because after the notorious "Sir Pugger" video, only then did we realize Jagex had been profiling BS users extensively and mass banned nearly everyone that was online. It was rather odd, as if you had been botting 2 weeks straight before that, logged out 30 minutes before the massbanning occurred, you would be "safe". One of the more bizarre events I recall for sure. To anyone reading this, please do your own due diligence, I'm personally not a fan of such anecdotal evidence (yes, even my own). Take it for what it's worth. It might also be important to reset your advertising ID (unique to your Google Play account), this is the main way they will flag multiple accounts of yours- by linking each to the same ID. There are a number of rather easy metrics that they can use for fingerprinting and it might be cumbersome to dodge them in the long run. I do not believe this ID updates upon simply switching Gmails, so another method has to be utilized. But for now, good news. GL. Out of the 38 accounts I made by signing up with the help of BlueStacks only 3 ended up locked after tut island. Quote Link to comment Share on other sites More sharing options...
ChronicBot Posted February 11, 2021 Author Share Posted February 11, 2021 15 hours ago, BoostedMMO said: Keep us posted. Sometimes the default bluestacks might be hardcode flagged by Jagex so if that doesn't work, there is a way to alter the default settings to make the phone that is emulated completely different versus the 7 that are included with Bluestacks. (Example: Emulating as a Samsung Galaxy S21, which isn't in the BS profiles and therefore less likely to be a hardcoded flag). I mention hardcode flag multiple times because after the notorious "Sir Pugger" video, only then did we realize Jagex had been profiling BS users extensively and mass banned nearly everyone that was online. It was rather odd, as if you had been botting 2 weeks straight before that, logged out 30 minutes before the massbanning occurred, you would be "safe". One of the more bizarre events I recall for sure. To anyone reading this, please do your own due diligence, I'm personally not a fan of such anecdotal evidence (yes, even my own). Take it for what it's worth. It might also be important to reset your advertising ID (unique to your Google Play account), this is the main way they will flag multiple accounts of yours- by linking each to the same ID. There are a number of rather easy metrics that they can use for fingerprinting and it might be cumbersome to dodge them in the long run. I do not believe this ID updates upon simply switching Gmails, so another method has to be utilized. But for now, good news. GL. Update, woke up this morning an all the accounts are locked. RIP. I've seen people say that the only real way to make accounts now without it getting locked is to make it off your own home ip? Is that safe? Could I just reset my home IP make like 50 accounts, then use my proxy to bot them? Quote Link to comment Share on other sites More sharing options...
Thea Posted February 25, 2021 Share Posted February 25, 2021 I tried that shit it won't work death to betting apparently. Quote Link to comment Share on other sites More sharing options...
