← Back to Blog
RUENZHESARPTDEFRJAKOITTRIDVIFAHI

How to Bypass IP Pooling Detection in Multi-Accounting: Protection Against Chain Bans

IP pooling detection identifies related accounts through shared IP addresses. We discuss protection methods for arbitrageurs and SMM specialists.

πŸ“…February 3, 2026
```html

IP pooling detection is a technology used by Facebook, Google, Instagram, and other platforms to identify linked accounts through shared IP addresses. If you are working with multiple accounts through a single proxy server or IP pool, the algorithms can easily detect the connection between them. The result is a chain ban of all accounts simultaneously. For arbitrage specialists, this means losing advertising budgets, and for SMM professionals, client accounts are at risk.

In this article, we will discuss how IP pooling detection works, why cheap proxies do not protect against bans, and what strategies effectively protect when working with 10-50+ accounts in anti-detect browsers like Dolphin Anty, AdsPower, or Multilogin.

What is IP pooling detection and how does it work

IP pooling detection is an analytical method where platforms track which accounts log in from the same set (pool) of IP addresses. If the system sees that 10 different accounts are using the same IP or a group of IP addresses from the same subnet, it marks them as potentially linked.

The principle is simple: platforms collect statistics on all IP addresses from which each account has logged in. They then build a graph of connections β€” if accounts A, B, and C all logged in from IP 192.168.1.100, they fall into the same cluster. Even if you use different fingerprints in Dolphin Anty or AdsPower, the shared IP reveals the connection.

Important: IP pooling detection works not only at the moment of login but also accumulates data over weeks and months. Even if you are currently using different IPs, if all accounts logged in through one proxy a month ago β€” the connection has already been recorded.

Technically, it looks like this: each platform maintains a database of the type "account β†’ list of IPs for the last 90 days." When suspicious activity occurs on one account (for example, violating Facebook Ads rules), the system checks all accounts that used the same IPs. If it finds matches β€” it triggers a chain ban.

IP pooling detection works especially aggressively on platforms with strict multi-accounting policies: Facebook, Instagram, TikTok, Google Ads. For them, detecting linked accounts is a priority task, and they invest millions in developing these algorithms.

How Facebook, Google, and Instagram detect linked accounts

Platforms use a multi-layered detection system where IP pooling is just one of the factors. However, it often becomes the decisive one because it is the hardest to hide when working with dozens of accounts.

Main methods for detecting linked accounts:

Detection Method How it Works Difficulty of Bypassing
IP pooling Analysis of shared IP addresses between accounts High
Browser fingerprint Canvas, WebGL, fonts, screen resolution Medium (solved by anti-detect)
Cookies and tracking Shared cookies from Facebook Pixel, Google Analytics Low (profile isolation)
Behavioral patterns Similar activity times, click speeds Medium
Account data Shared phone numbers, emails, cards Low (different data)

From the table, it is clear that IP pooling is the most difficult factor to bypass. Why? Because fingerprinting can be handled by an anti-detect browser (Dolphin Anty creates unique fingerprints), cookies are isolated by profiles, but IP is an external resource that needs to be properly organized.

Facebook uses particularly advanced IP pooling detection. Their algorithm analyzes not only direct IP matches but also subnets. If you use proxies from the range 192.168.1.1-192.168.1.255, and other violators are also operating through this range, your accounts will come under suspicion, even if you have different specific IPs.

Real case: An arbitrage specialist bought 20 cheap IPv4 proxies from one provider. All IPs were from the same /24 subnet. After a week of working with Facebook Ads, he received a ban on all 20 accounts simultaneously β€” the system identified them as linked due to subnet pooling.

Google Ads employs a similar approach but adds the analysis of temporal patterns. If all your accounts are active at the same time (for example, from 9:00 AM to 6:00 PM MSK), and all use IPs from the same geographical region, this raises suspicions. Therefore, not only is IP isolation important, but also the diversity of activity times.

Instagram and TikTok focus on mobile IPs. They know that real users log in from mobile operators, so desktop IPs from data centers immediately raise suspicions. If you manage 30 Instagram accounts through regular data center proxies, pooling detection will trigger faster than through mobile proxies.

Why cheap proxies do not protect against pooling detection

The main mistake beginners make in multi-accounting is buying cheap shared proxies in hopes of saving money. Such proxies cost $1-3 per IP per month but create a critical vulnerability for IP pooling detection.

Problems with cheap shared proxies:

  • Shared IP pool: The same IP is used by hundreds of the provider's clients. If someone among them violates Facebook's rules β€” the IP gets blacklisted, and your accounts suffer.
  • Poor subnet reputation: Cheap providers buy IPs in blocks from data centers that are already known to platforms as "proxy subnets." Facebook sees that the IP from the range 45.123.x.x is from a data center, not a home internet connection.
  • No rotation: You receive a static IP that does not change. If you work with one account for months through one IP β€” that’s fine, but for multi-accounting, it creates a clear pattern.
  • Overlap with other violators: Cheap proxies are bought specifically for multi-accounting, scraping, and spamming. Platforms know this and check such IPs for pooling more aggressively.

Imagine a situation: you bought 10 IPv4 proxies for $2 each. The provider issued you IPs from the range 185.220.100.1-185.220.100.10. These IPs are already used by another 50 clients of this provider for their tasks. One of them launched a spam campaign through Facebook β€” IP 185.220.100.5 got blacklisted. Facebook checks the entire subnet 185.220.100.x and sees suspicious activity. The result is that all IPs from this range receive increased scrutiny, and your accounts are at risk of being banned, even if you have not violated any rules.

Advice: If you work with Facebook Ads, Google Ads, or Instagram on serious budgets (from $1000 per month), saving on proxies is a false economy. Losing one advertising account with a history will cost more than a year of quality proxies.

Another problem is that cheap proxy providers often do not control who and how uses their IPs. You may receive an IP that was used yesterday for scraping, the day before for spamming, and today you are trying to log into Facebook Ads through it. The platform sees a sharp change in activity on one IP and marks it as suspicious.

Comparison of proxy types: which protect against IP pooling

Not all proxies are equally effective against IP pooling detection. Let's analyze three main types and their applicability for multi-accounting.

Proxy Type Protection Against Pooling Usage Scenarios Risks
Datacenter Proxies Low Scraping, tasks without strict IP verification Easily detected by ASN, shared subnets
Residential Proxies High Facebook Ads, Google Ads, multi-accounting More expensive, requires proper rotation
Mobile Proxies Very High Instagram, TikTok, mobile applications Most expensive, dynamic IP

Datacenter Proxies

These are IP addresses belonging to server data centers (Amazon AWS, DigitalOcean, OVH, etc.). They are easily identifiable by ASN (Autonomous System Number) β€” each data center has its unique ASN, which is visible to platforms.

The problem for IP pooling detection: all clients of the proxy provider use IPs from one or more ASNs. Facebook sees that 50 accounts log in from IPs in ASN 12345 (for example, OVH) and understands β€” these are not regular users, but a proxy pool. Even if each account has its own IP, the shared ASN reveals the connection.

When datacenter proxies work: scraping websites, automating tasks where real user emulation is not required. For multi-accounting in social networks and advertising accounts β€” they are not recommended.

Residential Proxies

These are IP addresses of real home users who have provided their internet connection for the proxy network (usually through special applications). For platforms, such IPs look like regular users because they actually belong to home internet providers (Rostelecom, MTS, Beeline, etc.).

Protection against pooling detection: residential proxies have a huge variety of ASNs β€” each IP can be from a different provider in a different city. If you use residential proxies with the right setup (different cities, different providers for each account), it is difficult for platforms to build a connection graph through IP pooling.

Critical point: residential proxies should have rotation or sticky sessions (session IPs that last 10-30 minutes). If you constantly change IPs within one account session β€” this will also raise suspicions. The right strategy: one account = one residential IP per session (or per day), but each account uses different IPs from different subnets.

Mobile Proxies

These are IP addresses from mobile operators (MTS, Beeline, MegaFon, Tele2). The feature of mobile IPs is that they are dynamic and change frequently, plus one IP can be used by hundreds of real users of the operator simultaneously (through CGNAT β€” Carrier-Grade NAT).

Why this is the best protection against pooling: platforms cannot aggressively ban mobile IPs because thousands of regular users sit behind one mobile IP. If Facebook bans IP 93.123.45.67 (MTS Moscow), it will block access for all real MTS users in that area β€” this is unacceptable.

For Instagram and TikTok, mobile proxies are the gold standard because 90% of the real audience of these platforms logs in from mobile devices. If you manage 20 Instagram accounts through mobile proxies from different operators and regions, IP pooling detection is practically powerless β€” your IPs are indistinguishable from millions of regular users.

Recommendation for SMM: If you manage client accounts on Instagram or TikTok, use mobile proxies tied to specific client regions. For example, a Moscow restaurant account β€” through MTS Moscow, a St. Petersburg store account β€” through Beeline SPb. This provides maximum naturalness.

Dedicated vs Shared IP Pools: Critical Difference

Even if you choose residential or mobile proxies, the question remains: use a dedicated IP pool or a shared pool? This is critically important for protection against IP pooling detection.

Shared IP Pool

When using a shared pool, you gain access to a large database of IPs (for example, 10 million residential IPs) that all clients of the provider use. When you request a proxy, the system assigns you a random IP from this pool.

The problem: if another client of the provider violated Facebook's rules through IP 123.45.67.89, and a week later this same IP is accidentally assigned to you β€” your account receives a "dirty" IP with a bad history. Moreover, if 100 clients of the provider work with Facebook Ads through the shared pool, the platform may detect a pattern: all these accounts use IPs from one large pool, indicating a proxy provider.

When a shared pool works: for short-term tasks (scraping, one-time checks), where IP history is not critical. For long-term multi-accounting β€” the risk is high.

Dedicated IP Pool

This is when the provider allocates you a personal set of IP addresses that are not used by other clients. For example, you receive 50 residential IPs from different cities in Russia, and only you have access to them.

Advantages for protection against pooling:

  • Clean history: IPs are not "exposed" by other users; you control their reputation.
  • No overlaps: Platforms do not see that your IPs are used in a shared pool with thousands of other accounts.
  • Stability: You can use one IP for one account for months, creating a natural history.
  • Geographical control: You choose cities and providers in advance so that the IPs match the account legends.

Disadvantage: dedicated pools are more expensive. If shared residential proxies cost about $5-10 per GB of traffic, a dedicated pool can cost $50-200 per month for 10-20 IPs. But for serious arbitrage or managing expensive client accounts, this is a justified investment.

Strategy for Arbitrage Specialists: Use dedicated residential proxies for "warm" Facebook Ads accounts with history and budgets. For farming new accounts at the initial stage, you can use a shared pool, but as soon as the account passes moderation and receives its first conversions β€” switch it to a dedicated IP.

IP Rotation Strategy for Safe Multi-Accounting

Even with quality residential proxies, you can fall under IP pooling detection if you incorrectly set up IP rotation. There are two main approaches: sticky IP (static IP per session) and rotating IP (rotation for each request).

Sticky IP (Session IP)

This is when the proxy assigns you one IP for a certain period (usually 10-30 minutes), and all requests during this session go through the same IP. Then the IP automatically changes to a new one.

For multi-accounting in social networks and advertising accounts, sticky IP is the right choice. Why:

  • Platforms expect that a user during one session (for example, 20 minutes of working in Facebook Ads) will log in from one IP.
  • If the IP changes every minute β€” this is a red flag for anti-fraud systems.
  • Sticky IP allows you to pass all platform checks (cookies, fingerprint, IP) within one session without raising suspicions.

Setup in the anti-detect browser: in Dolphin Anty or AdsPower, when creating a profile, specify the proxy with the sticky session parameter. This usually looks like adding a session ID parameter in the proxy URL. For example: http://user-session-12345:pass@proxy.example.com:8080. All requests with this session ID will go through one IP during the session.

Rotating IP (Rotation for Each Request)

This is when each HTTP request goes through a new IP. This approach is used for scraping large volumes of data when you need to bypass rate limits (limits on the number of requests from one IP).

For multi-accounting, rotating IP is a bad idea. Imagine: you log into Facebook, the main page loads (request 1 with IP 1.1.1.1), then images load (request 2 with IP 2.2.2.2), then you click on Ads Manager (request 3 with IP 3.3.3.3). Facebook sees that one user changed three different IPs in 10 seconds β€” this is a clear anomaly that triggers additional checks.

Exception: rotating IP can be used for warming up new accounts at the initial stage when you imitate the activity of a regular user (scrolling the feed, likes, comments). But as soon as you switch to advertising or commercial activity β€” switch to sticky IP.

Optimal Rotation Strategy for Different Tasks

Task Type of Rotation Session Time Recommendation
Facebook Ads (working in the cabinet) Sticky IP 30-60 minutes One IP for the entire working session
Instagram (posting, communication) Sticky IP 10-20 minutes Mobile proxy is preferable
TikTok Ads Sticky IP 20-30 minutes Only mobile IPs
Scraping marketplaces Rotating IP 1-5 minutes Residential proxies with a large pool
Warming up accounts (imitating activity) Sticky IP 5-15 minutes Change IP between sessions (1-2 times a day)

An important point: even when using sticky IP, you should occasionally change IPs for one account to imitate natural behavior. For example, a real user might log into Facebook in the morning from home (one IP), during the day from work (another IP), and in the evening from mobile internet (a third IP). If your account uses only one IP for months β€” this can also raise suspicions.

The recommended frequency for changing IPs for one account: 1-2 times a week for "home" IPs, plus periodic logins from mobile IPs (if you are imitating activity from a phone). This creates a natural pattern of user movement.

Setting Up an Anti-Detect Browser to Protect Against Pooling Detection

Anti-detect browsers (Dolphin Anty, AdsPower, Multilogin, GoLogin) are the main tool for multi-accounting. They create isolated profiles with unique fingerprints, but the correct setup of proxies in them is critically important for protection against IP pooling.

Step-by-Step Setup in Dolphin Anty

Dolphin Anty is one of the most popular anti-detect browsers among arbitrage specialists. Here’s how to properly set up proxies for protection against pooling:

  1. Creating a profile: Open Dolphin Anty β†’ "Create Profile". Give the profile a clear name (for example, "FB_Ads_Account_1_Moscow").
  2. Selecting a proxy: In the "Proxy" section, choose the type: HTTP, HTTPS, or SOCKS5. For residential proxies, HTTP or SOCKS5 is usually used. Enter the proxy details: host:port:username:password.
  3. Sticky session: If your proxy provider supports sticky sessions, add the session ID to the username. For example: user-session-account1. This will ensure that all requests from this profile will go through one IP during the session.
  4. Checking IP: After adding the proxy, click "Check Proxy". Dolphin will show the real IP, geolocation, and timezone. Make sure that the timezone matches the geolocation of the IP β€” if the IP is from Moscow and the timezone is UTC+0, this mismatch may raise suspicions.
  5. Setting up fingerprint: In the "Browser Fingerprint" section, select the operating system and screen resolution that match your legend. If the IP is from Russia, use Windows with a Russian locale and a popular resolution (1920x1080).
  6. WebRTC: MAKE SURE to disable WebRTC or configure it to use the proxy IP. WebRTC can "leak" your real IP even through a proxy β€” this is a common reason for masking failures.
  7. Geolocation: Set the browser's geolocation according to the IP. If the proxy is from Moscow, set the coordinates of Moscow (55.7558, 37.6173). Many websites check the correspondence between the IP and geolocation API.

Critical Error: Many beginners use one proxy for multiple profiles in Dolphin, thinking that different fingerprints will protect against detection. This is not true! If profiles A, B, and C use one proxy (one IP), the platform will see the connection through IP pooling, even if the fingerprints are different. The rule: one profile = one unique IP.

Setup in AdsPower

AdsPower has a similar interface. A feature is the built-in check for the "purity" of the IP through services like IPQualityScore. When adding a proxy, AdsPower shows the fraud score for this IP. If the score is above 75 β€” the IP is already "exposed" and it is better not to use it for expensive accounts.

An additional feature of AdsPower is the "Proxy Manager." You can upload a list of 50-100 proxies, and AdsPower will automatically distribute them across profiles, checking each for functionality and fraud score. This saves time when creating profiles in bulk.

Multilogin and GoLogin

Multilogin is a premium solution with advanced masking capabilities. It supports two browser engines: Mimic (based on Chromium) and Stealthfox (based on Firefox). For Facebook Ads, Mimic is recommended, for Google Ads β€” both can be used.

GoLogin is a more budget-friendly option but with good protection. It has a built-in database of free proxies (not recommended for serious tasks), but it is better to use your residential proxies.

A general recommendation for all anti-detect browsers: keep a table of correspondence "profile β†’ proxy β†’ account". This helps track which IP is used for which account and quickly respond if one of the IPs gets blacklisted.

Real Cases: When IP Pooling Leads to Chain Bans

Theory is good, but let's look at real situations where IP pooling detection has destroyed entire account farms.

Case 1: Chain Ban of 30 Facebook Ads Accounts Due to Shared Proxies

An arbitrage specialist bought 30 cheap IPv4 proxies from a popular provider for $2 per IP. All proxies were from the same /24 subnet (range 185.x.x.1 β€” 185.x.x.255). He created 30 profiles in Dolphin Anty, each with a unique fingerprint and its proxy.

The first two weeks everything worked perfectly β€” the accounts passed moderation, and advertising campaigns were launched. But in the third week, one account received a ban for violating advertising policy (the creative was borderline). Two days later, Facebook banned ALL 30 accounts simultaneously with the wording "linked accounts."

The reason: Facebook analyzed subnet 185.x.x.x and found that all 30 IPs belonged to one data center and were used only for advertising accounts (no regular user activity). One ban triggered a check of the entire subnet, and the IP pooling detection algorithm calculated the connection.

Lesson: never use proxies from the same subnet for multi-accounting. Even if each account has its own IP, the shared subnet reveals the connection.

Case 2: Instagram Ban Due to Shared Pool of Residential Proxies

An SMM agency managed 50 client accounts on Instagram through residential proxies from a large provider (shared pool). They used sticky sessions, different cities, everything according to the rules.

The problem arose after a month: Instagram began to mass block accounts, requiring SMS confirmation. It turned out that other clients of the same proxy provider were using the same IPs for mass following and spamming. Instagram marked the entire pool of the provider's IPs as "suspicious source," and all accounts logging in from these IPs came under additional scrutiny.

Solution: the agency switched to a dedicated pool of residential proxies β€” allocated 50 IPs only for their tasks. The bans ceased because the IPs no longer overlapped with violators.

Lesson: for long-term work with valuable accounts (client accounts, accounts with history), use only dedicated IP pools.

Case 3: Google Ads and Subnet Pooling Detection

A team of arbitrage specialists used 20 residential proxies from different providers for Google Ads. It seemed everything was correct β€” different providers, different cities. But after a month, they received a simultaneous ban on 15 out of 20 accounts.

Analysis showed: although the proxy providers were different, 15 IPs turned out to be from one AS (Autonomous System) β€” a large telecom company that resells channels to small providers. Google uses not only IP pooling but also AS pooling β€” if it sees that many advertising accounts use IPs from one AS, it raises suspicions.

Solution: when choosing proxies, check not only the IP and city but also the ASN (this can be done through services like ipinfo.io). For multi-accounting, it is better to use IPs from different ASs, not just different IPs.

Lesson: advanced platforms (Google, Facebook) analyze not only IPs but also ASNs, subnets, and providers. Diversity at all levels is the key to protection against pooling detection.

Conclusion

IP pooling detection is a serious threat for anyone working with multi-accounting in Facebook Ads, Instagram, TikTok, Google Ads, and other platforms with strict policies. Platforms are constantly improving algorithms for detecting linked accounts through shared IP addresses, subnets, and ASNs.

Key takeaways from the article:

  • Cheap shared proxies from data centers are the worst choice for multi-accounting. They are easily detected and create the risk of chain bans.
  • Residential proxies with a dedicated pool are the optimal balance of price and security for arbitrage and SMM.
  • Mobile proxies are the best protection for Instagram, TikTok, and other mobile platforms.
  • Use sticky IPs (session IPs) for working in advertising accounts and social networks β€” rotation for each request raises suspicions.
  • Check not only IPs but also ASNs and subnets β€” advanced platforms analyze connections at all levels.
```