Research
·
Episode 3: Bought the wrong proxies again, did an unboxing anyway
If you have been following this series (post 1 and post 2), you know the ritual by now. I buy
Latest — page 2
![Investigating tinyhost[.]shop: a disposable email API used for large-scale fake account creation](https://storage.ghost.io/c/30/2d/302db284-6a98-4af6-9641-fe1ecf757b23/content/images/size/w960/format/webp/2025/12/image--15-.webp)
Research
·
Investigating tinyhost[.]shop: a disposable email API used for large-scale fake account creation
While working on a new customer, we identified a burst of automated activity linked to accounts created before Castle protections
Research
·
Once again, I bought the wrong proxies, better do science with my bandwidth
A few months ago, I accidentally bought sneaker proxies. Instead of crying over my mistake, I did what any reasonable
Research
·
Because fraud detection deserves better than another AI-written SEO page
If you landed here after searching for something like “browser fingerprint test”, “bot detection API”, or “Kameleo anti-detect browser”
Research
·
Fraudulent email domain tracker: November 2025
Every month, we publish a snapshot of the email domains most actively used in fake account creation and related abuse
Research
·
330 custom email domains, and what this tells us about how attackers build infrastructure for fake account creation
We recently detected and blocked a large-scale fake account creation campaign. The attacker attempted to register tens of thousands
Research
·
When canvas lies: handling randomized fingerprints in fraud detection
Why canvas fingerprinting matters in fraud detection Canvas fingerprinting is often presented as a textbook example of browser fingerprinting. The
Research
·
Is Puppeteer stealth dead? Not yet, but its best days are over
A few years ago, Puppeteer stealth was one of the most popular tools in the automation and scraping ecosystem. Built
Research
·
Fraudulent email domain tracker: October 2025
This is the seventh edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in September&
Research
·
How to detect disposable email domains without relying on 3rd party APIs and lists
To scale a fraud or bot attack, adversaries need more than just realistic automation. They need infrastructure. A convincing browser
Research
·
Roll your own bot detection: server-side detection (part 2)
This is the second part of our series on building a lightweight, vendor-free anti-bot system to protect your
Research
·
Roll your own bot detection: fingerprinting/JavaScript (part 1)
This is the first article in a two-part series (new: 2nd article was published) where we show how to